Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/AtDFD7_qKk4jrpKjelR8svE01P0.roa
File: AtDFD7_qKk4jrpKjelR8svE01P0.roa (raw, json)
Hash identifier: gTykOYo+tU9/XQ+/e23jrH05kkPYVNgaKARt/D3c+C8=
Subject key identifier: 02:D0:C5:0F:BF:EA:2A:4E:23:AE:92:A3:7A:54:7C:B2:F1:34:D4:FD
Certificate issuer: /CN=8b7f81a6e782e211189c4f34e459b4226c75f4a6
Certificate serial: 019D298D98A1D2A1BB8D8FE7293B0F297D1E
Authority key identifier: 8B:7F:81:A6:E7:82:E2:11:18:9C:4F:34:E4:59:B4:22:6C:75:F4:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i3-BpueC4hEYnE805Fm0Imx19KY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/AtDFD7_qKk4jrpKjelR8svE01P0.roa
Signing time: Thu 26 Mar 2026 09:50:38 +0000
ROA not before: Thu 26 Mar 2026 09:50:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203501
IP address blocks: 45.86.116.0/22 maxlen: 24
45.87.196.0/24 maxlen: 24
45.87.197.0/24 maxlen: 24
45.87.198.0/24 maxlen: 24
45.87.199.0/24 maxlen: 24
45.91.44.0/22 maxlen: 24
45.91.44.0/24 maxlen: 24
45.91.45.0/24 maxlen: 24
83.68.134.0/24 maxlen: 24
83.68.135.0/24 maxlen: 24
89.37.88.0/22 maxlen: 24
185.90.20.0/24 maxlen: 24
185.90.21.0/24 maxlen: 24
185.90.22.0/24 maxlen: 24
185.90.23.0/24 maxlen: 24
194.113.26.0/23 maxlen: 23
194.113.26.0/24 maxlen: 24
194.113.27.0/24 maxlen: 24
2a02:7040:ff00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/i3-BpueC4hEYnE805Fm0Imx19KY.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/i3-BpueC4hEYnE805Fm0Imx19KY.mft
rsync://rpki.ripe.net/repository/DEFAULT/i3-BpueC4hEYnE805Fm0Imx19KY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:8d:98:a1:d2:a1:bb:8d:8f:e7:29:3b:0f:29:7d:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b7f81a6e782e211189c4f34e459b4226c75f4a6
Validity
Not Before: Mar 26 09:50:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=02d0c50fbfea2a4e23ae92a37a547cb2f134d4fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:66:f5:d2:fd:ba:78:4f:58:0c:f2:6f:28:f2:
3e:9e:3f:39:52:59:b9:67:29:bc:21:69:07:e4:32:
59:38:5a:d2:15:25:a4:8f:30:69:23:57:b9:a9:55:
46:c1:6e:59:08:4f:4a:14:c9:8c:10:1e:7e:3a:3d:
a3:9d:e0:58:63:8f:a0:a1:2c:27:8f:b4:75:4f:b6:
26:53:bc:a4:28:d8:8a:18:7c:21:b4:f8:2d:0a:ba:
b7:2d:39:e7:ad:fa:76:1e:ff:74:36:21:1b:1d:ec:
87:fc:83:40:82:c9:81:d2:ad:b5:39:58:68:95:da:
f0:14:f2:53:5a:13:19:4f:42:8c:9f:88:42:13:bc:
39:3a:35:0a:7c:78:16:b4:c8:9a:03:97:08:f5:64:
ce:49:3c:f7:68:46:40:c1:8f:df:64:86:2a:f0:75:
aa:5f:ee:13:8a:ac:2e:59:29:cd:a8:c8:31:4e:96:
46:48:ba:94:53:8a:ac:e6:e0:06:79:a3:0c:33:a6:
c1:0c:8b:71:42:0e:67:31:9c:48:94:d9:db:e8:50:
f1:29:3a:04:94:03:a0:99:d0:85:9a:ae:a1:aa:a9:
6f:9c:c1:ac:35:f5:7e:b7:25:03:b1:ac:e0:bd:f3:
89:f8:21:12:4f:f5:09:b1:ce:a4:1e:84:07:a9:f7:
98:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:D0:C5:0F:BF:EA:2A:4E:23:AE:92:A3:7A:54:7C:B2:F1:34:D4:FD
X509v3 Authority Key Identifier:
keyid:8B:7F:81:A6:E7:82:E2:11:18:9C:4F:34:E4:59:B4:22:6C:75:F4:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i3-BpueC4hEYnE805Fm0Imx19KY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/AtDFD7_qKk4jrpKjelR8svE01P0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/i3-BpueC4hEYnE805Fm0Imx19KY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.116.0/22
45.87.196.0/22
45.91.44.0/22
83.68.134.0/23
89.37.88.0/22
185.90.20.0/22
194.113.26.0/23
IPv6:
2a02:7040:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
a4:be:37:42:f8:2c:71:05:93:3a:75:9e:95:53:9d:e4:70:ab:
6b:e8:5b:e9:3b:9d:39:19:34:74:f7:a8:c5:28:35:58:c9:1b:
50:c5:d2:63:f5:17:8b:93:2f:b9:eb:22:93:fc:02:41:7a:1a:
00:8c:1d:06:cc:46:6b:2e:ed:65:be:76:cf:f2:c3:df:5e:23:
ae:4c:84:5a:fc:26:b4:9d:69:89:3a:a5:6b:93:9b:2a:32:28:
35:ea:58:51:26:76:e6:9a:ab:59:26:bf:55:b1:a6:d1:e5:6a:
b0:eb:7d:47:9d:62:1b:7c:c0:ff:da:2e:93:2d:f9:fe:b8:f3:
4c:d5:da:c6:9e:28:67:29:aa:12:df:c0:89:7f:e7:b6:13:10:
9b:5b:e1:70:40:85:d2:53:1a:b5:b5:ab:2b:d7:5c:f4:bb:ae:
43:2b:6a:42:8a:15:00:17:e9:1a:1a:07:0b:30:c2:e6:70:bf:
92:6f:bb:5c:7b:28:0e:29:b6:dc:06:61:93:14:ee:e6:69:13:
6c:b5:2a:56:70:03:4e:b2:e4:ba:a0:ee:37:1f:80:48:92:cb:
78:14:50:e6:75:5b:58:40:cb:91:65:4c:47:91:a5:aa:61:36:
61:0c:02:d8:4f:c9:4d:9c:b8:ca:dc:4a:f3:36:12:9f:1d:5c:
3b:6b:2f:5b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZ0pjZih0qG7jY/nKTsPKX0eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiN2Y4MWE2ZTc4MmUyMTExODljNGYzNGU0NTliNDIyNmM3
NWY0YTYwHhcNMjYwMzI2MDk1MDM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmQwYzUwZmJmZWEyYTRlMjNhZTkyYTM3YTU0N2NiMmYxMzRkNGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWb10v26eE9YDPJvKPI+nj85Ulm5
Zym8IWkH5DJZOFrSFSWkjzBpI1e5qVVGwW5ZCE9KFMmMEB5+Oj2jneBYY4+goSwn
j7R1T7YmU7ykKNiKGHwhtPgtCrq3LTnnrfp2Hv90NiEbHeyH/INAgsmB0q21OVho
ldrwFPJTWhMZT0KMn4hCE7w5OjUKfHgWtMiaA5cI9WTOSTz3aEZAwY/fZIYq8HWq
X+4TiqwuWSnNqMgxTpZGSLqUU4qs5uAGeaMMM6bBDItxQg5nMZxIlNnb6FDxKToE
lAOgmdCFmq6hqqlvnMGsNfV+tyUDsazgvfOJ+CEST/UJsc6kHoQHqfeYoQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFALQxQ+/6ipOI66So3pUfLLxNNT9MB8GA1UdIwQY
MBaAFIt/gabnguIRGJxPNORZtCJsdfSmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTMtQnB1ZUM0aEVZbkU4MDVGbTBJbXgxOUtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi85YjYwZTUtZjk4Zi00YWM2LTk4YTUt
ZjJmNDI2ZWZlMDM5LzEvQXRERkQ3X3FLazRqcnBLamVsUjhzdkUwMVAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi85YjYwZTUtZjk4Zi00YWM2LTk4YTUtZjJmNDI2ZWZlMDM5
LzEvaTMtQnB1ZUM0aEVZbkU4MDVGbTBJbXgxOUtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAwBAIAATAqAwQCLVZ0AwQC
LVfEAwQCLVssAwQBU0SGAwQCWSVYAwQCuVoUAwQBwnEaMA4EAgACMAgDBgAqAnBA
/zANBgkqhkiG9w0BAQsFAAOCAQEApL43QvgscQWTOnWelVOd5HCra+hb6TudORk0
dPeoxSg1WMkbUMXSY/UXi5Mvuesik/wCQXoaAIwdBsxGay7tZb52z/LD314jrkyE
WvwmtJ1piTqla5ObKjIoNepYUSZ25pqrWSa/VbGm0eVqsOt9R51iG3zA/9ouky35
/rjzTNXaxp4oZymqEt/AiX/nthMQm1vhcECF0lMatbWrK9dc9LuuQytqQooVABfp
GhoHCzDC5nC/km+7XHsoDim23AZhkxTu5mkTbLUqVnADTrLkuqDuNx+ASJLLeBRQ
5nVbWEDLkWVMR5GlqmE2YQwC2E/JTZy4ytxK8zYSnx1cO2svWw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 22:18:55 2026 by rpki-client