Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/8HRtjmmv1nDcg-zPBJplz_vOwqc.roa
File: 8HRtjmmv1nDcg-zPBJplz_vOwqc.roa (raw, json)
Hash identifier: 3HY51n2t0RpNiZG82ENQMjuu8R/pZJLXWUmCoGSFs3k=
Subject key identifier: F0:74:6D:8E:69:AF:D6:70:DC:83:EC:CF:04:9A:65:CF:FB:CE:C2:A7
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 019EB2DB37CBE0E68059A9AADDFCCA2B9E9B
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/8HRtjmmv1nDcg-zPBJplz_vOwqc.roa
Signing time: Wed 10 Jun 2026 18:46:11 +0000
ROA not before: Wed 10 Jun 2026 18:46:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197170
IP address blocks: 91.92.40.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 12:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b2:db:37:cb:e0:e6:80:59:a9:aa:dd:fc:ca:2b:9e:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jun 10 18:46:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f0746d8e69afd670dc83eccf049a65cffbcec2a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:82:46:db:09:3d:af:c1:a5:e2:29:9d:ee:4f:
5f:04:ba:54:27:06:18:e6:4c:23:1e:6a:9e:21:e7:
a8:19:5f:0d:f9:92:29:db:e2:50:aa:3d:19:b2:02:
f0:9b:c6:df:b7:aa:37:c7:22:3f:35:80:6e:71:4d:
6e:e9:1f:aa:6b:70:a8:7f:86:91:dd:6d:3b:75:0e:
7c:af:db:5b:29:2a:79:4e:f9:b5:d5:c4:75:93:6e:
84:bc:e3:08:c8:8c:d1:b2:e4:f7:07:25:f7:df:24:
95:3e:27:54:92:f0:6f:b1:16:b1:6c:11:37:1c:a0:
5a:9d:22:d4:03:f0:db:29:87:05:54:b7:7c:44:15:
23:27:c0:88:b8:1f:5b:7e:42:26:5f:e5:62:b1:a8:
c1:f8:ca:5c:e3:c9:92:d2:15:52:a8:0f:fe:fd:4e:
ec:75:f2:06:bc:ab:01:6f:ca:8f:07:5a:76:91:13:
d5:bd:7f:20:ec:10:75:41:05:61:7b:5e:7d:b7:99:
59:34:76:8a:73:6d:df:d1:c6:b0:08:a8:a0:cd:c1:
4c:a5:aa:2a:7f:7a:41:65:35:b2:a1:bf:88:4a:ad:
1f:ba:8e:93:de:b5:b6:a9:a2:89:48:18:87:b0:38:
fc:be:ed:7d:bc:24:20:bd:d8:f4:f7:fa:1c:f4:7e:
78:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:74:6D:8E:69:AF:D6:70:DC:83:EC:CF:04:9A:65:CF:FB:CE:C2:A7
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/8HRtjmmv1nDcg-zPBJplz_vOwqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.40.0/24
91.92.42.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:73:f1:76:97:8e:e9:e7:18:dc:72:c8:c2:a8:63:ce:1c:8d:
9f:26:48:17:ed:85:68:bf:a1:e3:31:99:1b:06:24:25:0a:42:
fd:d9:14:82:0e:8e:32:52:05:df:94:52:18:13:12:bf:8b:e4:
25:1a:b1:2f:de:0d:f7:f4:ba:1e:ce:58:4e:44:c7:09:0c:c9:
77:dd:23:23:13:fc:b5:64:81:7b:5b:88:dc:ef:27:02:fc:7b:
97:f8:00:bd:09:23:86:eb:55:90:84:ef:d0:ff:24:e6:38:8b:
89:83:fe:59:41:df:43:31:8f:28:2e:d0:1e:b5:a2:f5:18:c6:
42:9d:05:a1:51:e4:66:e6:a4:1f:4f:18:7d:6f:9d:6d:64:c3:
98:bd:9c:c2:b7:37:d3:ff:09:74:f1:61:3b:ac:a5:0d:b5:f1:
55:2f:29:33:a7:fd:04:8f:2f:a0:ef:3e:26:71:62:f1:cb:24:
e5:6a:e7:0c:6a:23:74:bd:7a:c5:00:60:48:50:08:51:4d:11:
2d:09:64:af:07:c7:80:4f:79:ba:57:ea:db:d0:87:85:b1:c3:
66:bc:76:a1:9c:f0:89:0e:22:09:78:a3:5f:f7:c5:33:d5:6b:
2b:06:1c:e2:d6:57:b7:b5:e1:42:09:5f:d8:d4:a4:ae:2f:6c:
17:bb:d8:83
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ6y2zfL4OaAWamq3fzKK56bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjYwNjEwMTg0NjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDc0NmQ4ZTY5YWZkNjcwZGM4M2VjY2YwNDlhNjVjZmZiY2VjMmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4JG2wk9r8Gl4imd7k9fBLpUJwYY
5kwjHmqeIeeoGV8N+ZIp2+JQqj0ZsgLwm8bft6o3xyI/NYBucU1u6R+qa3Cof4aR
3W07dQ58r9tbKSp5Tvm11cR1k26EvOMIyIzRsuT3ByX33ySVPidUkvBvsRaxbBE3
HKBanSLUA/DbKYcFVLd8RBUjJ8CIuB9bfkImX+VisajB+Mpc48mS0hVSqA/+/U7s
dfIGvKsBb8qPB1p2kRPVvX8g7BB1QQVhe159t5lZNHaKc23f0cawCKigzcFMpaoq
f3pBZTWyob+ISq0fuo6T3rW2qaKJSBiHsDj8vu19vCQgvdj09/oc9H54xQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPB0bY5pr9Zw3IPszwSaZc/7zsKnMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvOEhSdGptbXYxbkRjZy16UEJKcGx6X3ZPd3FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW1woAwQA
W1wqMA0GCSqGSIb3DQEBCwUAA4IBAQAcc/F2l47p5xjccsjCqGPOHI2fJkgX7YVo
v6HjMZkbBiQlCkL92RSCDo4yUgXflFIYExK/i+QlGrEv3g339LoezlhORMcJDMl3
3SMjE/y1ZIF7W4jc7ycC/HuX+AC9CSOG61WQhO/Q/yTmOIuJg/5ZQd9DMY8oLtAe
taL1GMZCnQWhUeRm5qQfTxh9b51tZMOYvZzCtzfT/wl08WE7rKUNtfFVLykzp/0E
jy+g7z4mcWLxyyTlaucMaiN0vXrFAGBIUAhRTREtCWSvB8eAT3m6V+rb0IeFscNm
vHahnPCJDiIJeKNf98Uz1WsrBhzi1le3teFCCV/Y1KSuL2wXu9iD
-----END CERTIFICATE-----
Generated at Thu Jun 11 20:07:34 2026 by rpki-client