Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/8fmxK6LF9MX8mlzLvJzPb3lwyq4.roa
File: 8fmxK6LF9MX8mlzLvJzPb3lwyq4.roa (raw, json)
Hash identifier: lnbSbHDlzcCF1UdKQEvhwPmFBnI+lDfvuGvBg5ZwLKg=
Subject key identifier: F1:F9:B1:2B:A2:C5:F4:C5:FC:9A:5C:CB:BC:9C:CF:6F:79:70:CA:AE
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 019D0599115632DA45F1CC3C73886A0CEA78
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/8fmxK6LF9MX8mlzLvJzPb3lwyq4.roa
Signing time: Thu 19 Mar 2026 10:16:50 +0000
ROA not before: Thu 19 Mar 2026 10:16:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63199
IP address blocks: 81.18.48.0/24 maxlen: 24
109.121.37.0/24 maxlen: 24
178.219.1.0/24 maxlen: 24
188.255.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:05:99:11:56:32:da:45:f1:cc:3c:73:88:6a:0c:ea:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Mar 19 10:16:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f1f9b12ba2c5f4c5fc9a5ccbbc9ccf6f7970caae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:1d:06:71:8b:04:bd:8c:9a:28:21:3e:61:c9:
51:d5:7a:43:2e:28:e8:03:ad:94:c4:ca:75:d9:ca:
77:b0:cf:a3:1f:e9:80:e8:97:da:77:7c:91:35:59:
b7:7d:78:d2:91:04:54:12:15:4d:43:fe:08:2b:56:
4f:1e:96:28:74:ae:09:c5:2e:0e:0b:61:c6:13:60:
d2:5c:e3:3e:ec:2b:cf:69:e0:9f:f2:64:ba:23:0e:
bd:70:ab:b1:a8:6c:31:5c:58:a4:18:91:d2:8d:fd:
50:0a:9d:74:78:69:45:2f:30:ff:54:26:6b:9a:35:
66:7e:01:ae:6b:76:77:e7:7d:10:d6:06:85:c5:48:
30:ae:43:a8:3f:29:b2:02:9e:ff:a4:38:2e:87:15:
a2:04:40:ee:47:47:7c:d4:3f:c1:ec:ad:b4:8f:76:
76:f7:f9:42:4f:88:60:2f:d5:cb:3c:5b:9e:74:e1:
31:f2:c7:18:39:a3:eb:aa:b6:c5:91:c9:8a:ce:48:
b1:e0:63:9e:c5:50:59:74:c7:39:96:c3:d7:e7:3d:
f3:19:e5:6f:1e:51:9a:2a:08:da:af:fd:f7:d5:7c:
99:c0:54:d2:b6:aa:3d:f8:5a:21:04:ca:fa:11:0d:
33:d7:8e:3c:72:36:e9:d6:0d:d5:37:ad:e7:89:c7:
16:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:F9:B1:2B:A2:C5:F4:C5:FC:9A:5C:CB:BC:9C:CF:6F:79:70:CA:AE
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/8fmxK6LF9MX8mlzLvJzPb3lwyq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.18.48.0/24
109.121.37.0/24
178.219.1.0/24
188.255.164.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:5b:f2:a5:f1:cf:fb:29:dc:7d:5e:71:c1:07:c6:c6:ac:fb:
90:8b:b5:71:cc:05:6e:bf:af:44:cb:21:21:d8:27:f4:ec:f9:
72:f7:e3:37:52:29:9b:16:73:73:02:a1:24:58:f8:d7:ec:7d:
20:b2:fb:30:74:0d:32:8f:4f:3b:bd:70:8e:dc:89:c4:be:b2:
3c:58:e6:1b:67:21:0a:c8:7c:b7:e5:75:5e:04:f7:38:03:89:
4e:b7:3e:9f:1f:fd:ca:88:05:50:75:8e:1b:65:5a:09:3c:d3:
c0:55:2a:bc:32:39:ac:46:b2:a5:d7:76:94:14:c2:20:a6:fc:
dc:af:1f:da:31:f5:97:58:3c:97:e3:e0:96:b2:a6:f1:c0:f4:
7d:4b:01:a6:d5:8d:ed:bb:fb:58:9f:3b:30:18:43:f6:ab:cb:
8b:88:fd:66:f2:52:d1:6d:98:a7:78:73:e6:ca:2d:81:48:8f:
d6:bd:d6:a4:b9:27:7c:b2:c1:13:b2:2f:9a:2c:98:16:f0:9a:
79:f1:45:55:04:70:9b:a9:77:b3:12:20:89:78:33:c9:7b:7f:
cf:5a:c0:3f:d6:09:42:37:2f:b5:20:b3:ed:77:fe:6e:8a:25:
93:d0:27:fb:53:ba:2e:96:9e:3b:fa:d9:cd:4e:ae:a9:72:28:
b3:4c:ac:d6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ0FmRFWMtpF8cw8c4hqDOp4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjYwMzE5MTAxNjUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWY5YjEyYmEyYzVmNGM1ZmM5YTVjY2JiYzljY2Y2Zjc5NzBjYWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2R0GcYsEvYyaKCE+YclR1XpDLijo
A62UxMp12cp3sM+jH+mA6Jfad3yRNVm3fXjSkQRUEhVNQ/4IK1ZPHpYodK4JxS4O
C2HGE2DSXOM+7CvPaeCf8mS6Iw69cKuxqGwxXFikGJHSjf1QCp10eGlFLzD/VCZr
mjVmfgGua3Z3530Q1gaFxUgwrkOoPymyAp7/pDguhxWiBEDuR0d81D/B7K20j3Z2
9/lCT4hgL9XLPFuedOEx8scYOaPrqrbFkcmKzkix4GOexVBZdMc5lsPX5z3zGeVv
HlGaKgjar/331XyZwFTStqo9+FohBMr6EQ0z1448cjbp1g3VN63niccWGwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPH5sSuixfTF/Jpcy7ycz295cMquMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvOGZteEs2TEY5TVg4bWx6THZKelBiM2x3eXE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAURIwAwQA
bXklAwQAstsBAwQAvP+kMA0GCSqGSIb3DQEBCwUAA4IBAQChW/Kl8c/7Kdx9XnHB
B8bGrPuQi7VxzAVuv69EyyEh2Cf07Ply9+M3UimbFnNzAqEkWPjX7H0gsvswdA0y
j087vXCO3InEvrI8WOYbZyEKyHy35XVeBPc4A4lOtz6fH/3KiAVQdY4bZVoJPNPA
VSq8MjmsRrKl13aUFMIgpvzcrx/aMfWXWDyX4+CWsqbxwPR9SwGm1Y3tu/tYnzsw
GEP2q8uLiP1m8lLRbZineHPmyi2BSI/WvdakuSd8ssETsi+aLJgW8Jp58UVVBHCb
qXezEiCJeDPJe3/PWsA/1glCNy+1ILPtd/5uiiWT0Cf7U7oulp47+tnNTq6pciiz
TKzW
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:21:42 2026 by rpki-client