Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/de5411-4da9-4c86-a629-a44987accecc/1/8zHxjb_mmV0JsMrNprnGTu9CPmU.roa
File: 8zHxjb_mmV0JsMrNprnGTu9CPmU.roa (raw, json)
Hash identifier: xguh2vgCy/zW4Ej9WmgnSI8V8ugA63OiLSYijedgqr0=
Subject key identifier: F3:31:F1:8D:BF:E6:99:5D:09:B0:CA:CD:A6:B9:C6:4E:EF:42:3E:65
Certificate issuer: /CN=a3e62dfb95c8ee3058eab085fc50f45aab7a03ef
Certificate serial: 019CD7B0363AF1817994A508372A20BEA2BE
Authority key identifier: A3:E6:2D:FB:95:C8:EE:30:58:EA:B0:85:FC:50:F4:5A:AB:7A:03:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o-Yt-5XI7jBY6rCF_FD0Wqt6A-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/de5411-4da9-4c86-a629-a44987accecc/1/8zHxjb_mmV0JsMrNprnGTu9CPmU.roa
Signing time: Tue 10 Mar 2026 12:19:35 +0000
ROA not before: Tue 10 Mar 2026 12:19:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49718
IP address blocks: 176.100.64.0/18 maxlen: 18
176.100.64.0/22 maxlen: 22
176.100.68.0/22 maxlen: 22
176.100.72.0/22 maxlen: 22
176.100.76.0/22 maxlen: 22
176.100.80.0/22 maxlen: 22
176.100.84.0/22 maxlen: 22
176.100.88.0/22 maxlen: 22
176.100.92.0/22 maxlen: 22
176.100.96.0/22 maxlen: 22
176.100.100.0/22 maxlen: 22
176.100.104.0/22 maxlen: 22
176.100.108.0/22 maxlen: 22
176.100.112.0/22 maxlen: 22
176.100.116.0/22 maxlen: 22
176.100.120.0/22 maxlen: 22
176.100.124.0/22 maxlen: 22
213.108.168.0/24 maxlen: 24
213.108.169.0/24 maxlen: 24
213.108.170.0/24 maxlen: 24
213.108.171.0/24 maxlen: 24
213.108.172.0/24 maxlen: 24
213.108.173.0/24 maxlen: 24
213.108.174.0/24 maxlen: 24
213.108.175.0/24 maxlen: 24
2a12:b780::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/de5411-4da9-4c86-a629-a44987accecc/1/o-Yt-5XI7jBY6rCF_FD0Wqt6A-8.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/de5411-4da9-4c86-a629-a44987accecc/1/o-Yt-5XI7jBY6rCF_FD0Wqt6A-8.mft
rsync://rpki.ripe.net/repository/DEFAULT/o-Yt-5XI7jBY6rCF_FD0Wqt6A-8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d7:b0:36:3a:f1:81:79:94:a5:08:37:2a:20:be:a2:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3e62dfb95c8ee3058eab085fc50f45aab7a03ef
Validity
Not Before: Mar 10 12:19:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f331f18dbfe6995d09b0cacda6b9c64eef423e65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:46:d2:cf:50:a1:32:89:ed:87:3a:be:48:f6:
ff:e2:53:b2:18:b0:5e:6a:22:01:2c:ba:51:37:38:
55:29:9f:e6:3d:b5:e1:71:89:de:7d:77:24:2e:ec:
1d:b2:c8:e8:40:a7:12:7d:9b:f2:6d:9b:3b:83:d3:
1f:e8:d3:2b:e5:d6:dc:68:c7:e7:57:5f:40:6b:2c:
f6:36:bb:29:40:b7:9c:a1:87:eb:6f:9c:c5:ed:9a:
d1:e2:24:9d:0e:75:48:8a:30:92:34:a6:46:7f:87:
ad:1c:a5:b9:6e:8d:d4:63:f7:12:ca:69:b1:7d:c0:
59:e1:ed:c0:90:c0:48:63:22:2b:bd:45:1f:d2:48:
a1:bf:70:34:45:96:88:d8:48:aa:f5:32:1e:01:f4:
95:dc:b5:b7:a9:53:5b:58:8b:7b:aa:94:e1:4b:61:
76:86:2d:e9:f3:4e:34:b5:bf:ab:3c:6e:0d:26:7b:
d4:46:eb:0e:8f:34:22:3b:e7:18:ea:3e:8f:d0:51:
dd:63:a0:ab:24:7a:65:76:2e:76:0f:c9:23:7a:89:
88:fc:ba:21:bb:e3:cb:95:4b:3e:b4:39:16:4e:2f:
b3:7d:0d:92:24:4c:c8:23:71:82:98:e4:70:de:b6:
ea:8a:24:3a:c5:2a:6e:59:bf:13:26:ca:d4:20:51:
9a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:31:F1:8D:BF:E6:99:5D:09:B0:CA:CD:A6:B9:C6:4E:EF:42:3E:65
X509v3 Authority Key Identifier:
keyid:A3:E6:2D:FB:95:C8:EE:30:58:EA:B0:85:FC:50:F4:5A:AB:7A:03:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o-Yt-5XI7jBY6rCF_FD0Wqt6A-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/de5411-4da9-4c86-a629-a44987accecc/1/8zHxjb_mmV0JsMrNprnGTu9CPmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/de5411-4da9-4c86-a629-a44987accecc/1/o-Yt-5XI7jBY6rCF_FD0Wqt6A-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.100.64.0/18
213.108.168.0/21
IPv6:
2a12:b780::/29
Signature Algorithm: sha256WithRSAEncryption
87:83:59:06:02:56:b3:b2:e2:85:92:d0:c8:ad:35:03:d0:34:
4c:43:94:25:bf:93:c5:3b:ae:13:1e:8b:3d:45:79:d1:49:cf:
ee:ac:b0:e6:99:62:3b:cd:1e:f1:0b:14:16:f7:f0:c6:00:43:
46:0d:72:82:44:27:8a:1b:bc:74:45:91:09:d5:66:6c:05:ec:
a0:58:9a:29:43:68:78:3d:dd:98:e4:7c:3c:a4:95:a2:d1:02:
e7:dd:d8:9c:2e:aa:14:d2:00:27:81:37:c5:dd:ca:58:cd:80:
e1:fc:49:f4:66:c3:0e:01:97:7f:17:a0:04:d6:7c:c7:cc:d0:
e5:3a:26:ea:98:62:3b:08:cd:84:0d:7f:ba:8b:05:6c:d8:08:
ea:08:d6:eb:58:01:e8:96:ba:7a:77:7d:be:bb:d3:a2:a9:fd:
d7:3f:65:fa:b9:4d:fe:6f:42:f8:d0:a3:20:ef:94:b3:a5:01:
ec:39:15:9c:8d:ca:eb:40:09:65:c7:e2:3f:2f:cf:87:bd:b8:
16:61:b7:51:fc:d9:4b:0b:13:29:ef:89:52:3f:b5:02:57:c2:
25:40:95:e4:c5:38:b9:af:d9:27:a7:c7:7f:54:e9:24:68:15:
17:61:71:44:b5:91:fb:a5:c6:24:ee:b6:84:a0:ae:a4:3d:51:
d4:0f:58:e3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZzXsDY68YF5lKUINyogvqK+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZTYyZGZiOTVjOGVlMzA1OGVhYjA4NWZjNTBmNDVhYWI3
YTAzZWYwHhcNMjYwMzEwMTIxOTM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzMxZjE4ZGJmZTY5OTVkMDliMGNhY2RhNmI5YzY0ZWVmNDIzZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUbSz1ChMonthzq+SPb/4lOyGLBe
aiIBLLpRNzhVKZ/mPbXhcYnefXckLuwdssjoQKcSfZvybZs7g9Mf6NMr5dbcaMfn
V19Aayz2NrspQLecoYfrb5zF7ZrR4iSdDnVIijCSNKZGf4etHKW5bo3UY/cSymmx
fcBZ4e3AkMBIYyIrvUUf0kihv3A0RZaI2Eiq9TIeAfSV3LW3qVNbWIt7qpThS2F2
hi3p8040tb+rPG4NJnvURusOjzQiO+cY6j6P0FHdY6CrJHpldi52D8kjeomI/Loh
u+PLlUs+tDkWTi+zfQ2SJEzII3GCmORw3rbqiiQ6xSpuWb8TJsrUIFGaywIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPMx8Y2/5pldCbDKzaa5xk7vQj5lMB8GA1UdIwQY
MBaAFKPmLfuVyO4wWOqwhfxQ9FqregPvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvby1ZdC01WEk3akJZNnJDRl9GRDBXcXQ2QS04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kZTU0MTEtNGRhOS00Yzg2LWE2Mjkt
YTQ0OTg3YWNjZWNjLzEvOHpIeGpiX21tVjBKc01yTnBybkdUdTlDUG1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kZTU0MTEtNGRhOS00Yzg2LWE2MjktYTQ0OTg3YWNjZWNj
LzEvby1ZdC01WEk3akJZNnJDRl9GRDBXcXQ2QS04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGsGRAAwQD
1WyoMA0EAgACMAcDBQMqEreAMA0GCSqGSIb3DQEBCwUAA4IBAQCHg1kGAlazsuKF
ktDIrTUD0DRMQ5Qlv5PFO64THos9RXnRSc/urLDmmWI7zR7xCxQW9/DGAENGDXKC
RCeKG7x0RZEJ1WZsBeygWJopQ2h4Pd2Y5Hw8pJWi0QLn3dicLqoU0gAngTfF3cpY
zYDh/En0ZsMOAZd/F6AE1nzHzNDlOibqmGI7CM2EDX+6iwVs2AjqCNbrWAHolrp6
d32+u9Oiqf3XP2X6uU3+b0L40KMg75SzpQHsORWcjcrrQAllx+I/L8+HvbgWYbdR
/NlLCxMp74lSP7UCV8IlQJXkxTi5r9knp8d/VOkkaBUXYXFEtZH7pcYk7raEoK6k
PVHUD1jj
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:13:02 2026 by rpki-client