Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/6d777b-08c7-4150-8c37-cba55729f1ee/1/p-im3QVnalbsusM3ZnGz60SJPow.roa
File: p-im3QVnalbsusM3ZnGz60SJPow.roa (raw, json)
Hash identifier: Ldo09DRRNUU18hQdQ2aHYFadGWK1+VYL8twJrEqztGs=
Subject key identifier: A7:E8:A6:DD:05:67:6A:56:EC:BA:C3:37:66:71:B3:EB:44:89:3E:8C
Certificate issuer: /CN=f2aac82e161ac80aa0aa8eea9f0884e3738d927f
Certificate serial: 019D1C15B8E37631027AE2AC34BA9632A6DD
Authority key identifier: F2:AA:C8:2E:16:1A:C8:0A:A0:AA:8E:EA:9F:08:84:E3:73:8D:92:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8qrILhYayAqgqo7qnwiE43ONkn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/6d777b-08c7-4150-8c37-cba55729f1ee/1/p-im3QVnalbsusM3ZnGz60SJPow.roa
Signing time: Mon 23 Mar 2026 19:04:38 +0000
ROA not before: Mon 23 Mar 2026 19:04:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206979
IP address blocks: 185.169.208.0/22 maxlen: 22
185.169.208.0/23 maxlen: 23
185.169.208.0/24 maxlen: 24
185.169.209.0/24 maxlen: 24
185.169.210.0/23 maxlen: 23
185.169.210.0/24 maxlen: 24
185.169.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/6d777b-08c7-4150-8c37-cba55729f1ee/1/8qrILhYayAqgqo7qnwiE43ONkn8.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/6d777b-08c7-4150-8c37-cba55729f1ee/1/8qrILhYayAqgqo7qnwiE43ONkn8.mft
rsync://rpki.ripe.net/repository/DEFAULT/8qrILhYayAqgqo7qnwiE43ONkn8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1c:15:b8:e3:76:31:02:7a:e2:ac:34:ba:96:32:a6:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2aac82e161ac80aa0aa8eea9f0884e3738d927f
Validity
Not Before: Mar 23 19:04:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a7e8a6dd05676a56ecbac3376671b3eb44893e8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:60:52:42:41:e8:3c:2c:07:3e:08:56:37:85:
14:47:a7:04:c9:76:8a:83:50:63:a6:f7:50:e2:2b:
11:6b:90:de:82:41:22:87:b0:2e:51:6a:0d:88:99:
6b:13:87:45:76:2e:59:4f:8e:13:df:ce:38:7c:95:
cb:40:39:01:21:99:6b:40:26:e0:28:35:bd:82:81:
e7:6c:e9:8d:85:6a:ed:d8:39:c7:cb:93:fe:8f:bb:
22:5b:68:b2:3c:86:de:1a:51:be:93:a8:14:9e:67:
cb:a4:85:36:de:61:5c:f2:66:05:db:db:a7:97:21:
20:10:ba:cc:44:65:03:28:f0:86:76:4b:a6:42:ad:
07:45:0a:7b:ad:42:bd:bf:98:5e:0d:1d:4e:15:2d:
2c:1a:a4:e6:30:64:d2:d7:bd:a6:26:d7:50:58:42:
9c:d8:79:8a:6b:dc:e1:46:08:21:1e:80:3c:03:e0:
c0:70:dc:55:d1:e8:26:7e:c9:07:f0:43:b5:01:8c:
8f:a5:44:7c:d8:52:83:8c:5e:b4:49:08:62:9b:1a:
79:b9:19:18:8c:41:21:c9:2e:62:6b:d9:f5:b7:41:
cc:a4:1f:01:04:c1:69:c9:14:27:4c:f3:f0:b9:9a:
5f:53:a7:21:97:98:17:c4:cf:73:e3:3a:15:45:5a:
15:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:E8:A6:DD:05:67:6A:56:EC:BA:C3:37:66:71:B3:EB:44:89:3E:8C
X509v3 Authority Key Identifier:
keyid:F2:AA:C8:2E:16:1A:C8:0A:A0:AA:8E:EA:9F:08:84:E3:73:8D:92:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8qrILhYayAqgqo7qnwiE43ONkn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/6d777b-08c7-4150-8c37-cba55729f1ee/1/p-im3QVnalbsusM3ZnGz60SJPow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/6d777b-08c7-4150-8c37-cba55729f1ee/1/8qrILhYayAqgqo7qnwiE43ONkn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.208.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:cf:49:fb:9b:cf:80:2b:b2:f9:8d:1e:f0:c5:2e:a6:c3:cc:
38:be:19:c6:8d:3f:c1:1a:d9:ed:94:33:b3:29:7d:bf:d1:4f:
8a:46:59:88:b0:63:c0:66:6d:14:5d:1b:73:96:b3:ee:91:df:
a8:37:82:c8:74:5e:2b:18:ad:ee:1f:7f:2b:07:52:a1:2e:33:
b9:82:c5:9e:ac:64:2a:95:34:81:16:ab:d2:b9:d7:30:8f:00:
eb:c3:e7:26:a1:20:09:31:35:79:8d:85:f7:38:3a:6f:3b:c2:
6c:35:6d:04:28:f0:8d:41:e1:90:72:09:08:f4:90:89:18:ed:
ac:6c:21:a3:c7:aa:68:e3:37:af:19:3e:c9:28:b9:8d:bc:65:
8a:4a:51:4f:23:2a:10:7a:49:ae:2c:b7:89:7c:98:d5:d5:9a:
16:01:cb:c5:1e:11:01:9a:88:e9:e3:5e:7d:47:b8:54:90:bb:
83:e2:17:df:0b:c7:29:f5:cb:f1:f7:9d:7d:0b:a2:a3:9c:65:
32:68:ad:8c:85:60:c0:84:bd:95:3b:ba:98:b0:46:e2:8e:3b:
a0:c6:ef:11:ca:7c:07:9f:6e:21:06:a3:ff:99:3c:72:cf:23:
3f:5b:58:dc:8a:9f:34:3c:64:f4:7f:19:ba:2d:47:e1:b8:28:
a1:06:5f:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ0cFbjjdjECeuKsNLqWMqbdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyYWFjODJlMTYxYWM4MGFhMGFhOGVlYTlmMDg4NGUzNzM4
ZDkyN2YwHhcNMjYwMzIzMTkwNDM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2U4YTZkZDA1Njc2YTU2ZWNiYWMzMzc2NjcxYjNlYjQ0ODkzZThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGBSQkHoPCwHPghWN4UUR6cEyXaK
g1BjpvdQ4isRa5DegkEih7AuUWoNiJlrE4dFdi5ZT44T3844fJXLQDkBIZlrQCbg
KDW9goHnbOmNhWrt2DnHy5P+j7siW2iyPIbeGlG+k6gUnmfLpIU23mFc8mYF29un
lyEgELrMRGUDKPCGdkumQq0HRQp7rUK9v5heDR1OFS0sGqTmMGTS172mJtdQWEKc
2HmKa9zhRgghHoA8A+DAcNxV0egmfskH8EO1AYyPpUR82FKDjF60SQhimxp5uRkY
jEEhyS5ia9n1t0HMpB8BBMFpyRQnTPPwuZpfU6chl5gXxM9z4zoVRVoV8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKfopt0FZ2pW7LrDN2Zxs+tEiT6MMB8GA1UdIwQY
MBaAFPKqyC4WGsgKoKqO6p8IhONzjZJ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHFySUxoWWF5QXFncW83cW53aUU0M09Oa244LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi82ZDc3N2ItMDhjNy00MTUwLThjMzct
Y2JhNTU3MjlmMWVlLzEvcC1pbTNRVm5hbGJzdXNNM1puR3o2MFNKUG93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi82ZDc3N2ItMDhjNy00MTUwLThjMzctY2JhNTU3MjlmMWVl
LzEvOHFySUxoWWF5QXFncW83cW53aUU0M09Oa244LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuanQMA0G
CSqGSIb3DQEBCwUAA4IBAQCiz0n7m8+AK7L5jR7wxS6mw8w4vhnGjT/BGtntlDOz
KX2/0U+KRlmIsGPAZm0UXRtzlrPukd+oN4LIdF4rGK3uH38rB1KhLjO5gsWerGQq
lTSBFqvSudcwjwDrw+cmoSAJMTV5jYX3ODpvO8JsNW0EKPCNQeGQcgkI9JCJGO2s
bCGjx6po4zevGT7JKLmNvGWKSlFPIyoQekmuLLeJfJjV1ZoWAcvFHhEBmojp4159
R7hUkLuD4hffC8cp9cvx9519C6KjnGUyaK2MhWDAhL2VO7qYsEbijjugxu8RynwH
n24hBqP/mTxyzyM/W1jcip80PGT0fxm6LUfhuCihBl9G
-----END CERTIFICATE-----
Generated at Sat Mar 28 13:08:17 2026 by rpki-client