Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/Kf9QvVgVrtl0XM8frEpJ_fd4yfM.roa
File: Kf9QvVgVrtl0XM8frEpJ_fd4yfM.roa (raw, json)
Hash identifier: fg4f8lm5urIblTtWM6P0oF5ZkLFnBYAOFc4g9paZJZw=
Subject key identifier: 29:FF:50:BD:58:15:AE:D9:74:5C:CF:1F:AC:4A:49:FD:F7:78:C9:F3
Certificate issuer: /CN=f88b443e992c665658942e6890d298d68cde6425
Certificate serial: 019E1026C499C72817D258CA1E619EA12F13
Authority key identifier: F8:8B:44:3E:99:2C:66:56:58:94:2E:68:90:D2:98:D6:8C:DE:64:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-ItEPpksZlZYlC5okNKY1ozeZCU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/Kf9QvVgVrtl0XM8frEpJ_fd4yfM.roa
Signing time: Sun 10 May 2026 04:30:36 +0000
ROA not before: Sun 10 May 2026 04:30:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200882
IP address blocks: 80.248.141.0/24 maxlen: 24
80.248.142.0/24 maxlen: 24
80.248.143.0/24 maxlen: 24
2a12:fdc0::/44 maxlen: 44
2a12:fdc0:1::/48 maxlen: 48
2a12:fdc0:2::/48 maxlen: 48
2a12:fdc0:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/1-ItEPpksZlZYlC5okNKY1ozeZCU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/1-ItEPpksZlZYlC5okNKY1ozeZCU.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-ItEPpksZlZYlC5okNKY1ozeZCU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:10:26:c4:99:c7:28:17:d2:58:ca:1e:61:9e:a1:2f:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f88b443e992c665658942e6890d298d68cde6425
Validity
Not Before: May 10 04:30:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=29ff50bd5815aed9745ccf1fac4a49fdf778c9f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:fc:a2:1a:d2:cf:73:eb:85:d5:5c:57:a6:0a:
17:5e:c8:5f:3f:5f:c3:ad:1b:f5:81:a3:ae:34:09:
52:0b:8e:fd:41:e4:01:18:7c:92:91:89:db:53:49:
73:d4:02:cc:74:77:5f:36:ad:79:f5:3f:62:85:dd:
4f:65:f0:97:ab:32:7a:34:8d:96:3c:79:06:b9:5c:
e6:15:f4:88:75:81:54:de:8e:28:5b:49:76:b0:7e:
0a:18:4e:fe:8f:a0:85:25:a5:f4:ba:ca:e2:dd:79:
1e:e1:6a:e8:b5:1b:3c:ed:c5:59:6a:65:e6:9c:50:
74:a1:73:7f:bd:21:13:44:64:e6:5e:6c:7a:f6:2a:
96:d4:9d:56:00:73:25:d3:f1:7e:21:46:a5:29:6e:
91:ac:61:d5:47:fe:cd:1d:6e:1b:d3:98:1e:6d:ee:
9a:41:af:ba:80:01:a9:c0:9d:e2:7a:86:25:cd:4c:
4a:1e:89:40:e2:78:f8:68:15:92:68:01:75:c3:1f:
df:23:b7:c6:31:d4:11:3e:6b:2b:52:eb:82:c0:51:
b5:fc:05:eb:43:44:7e:5d:48:c1:9a:a5:da:4c:69:
8f:01:75:10:80:3b:3e:e7:a3:a0:1b:bc:a7:30:c5:
0f:83:cc:8a:84:d5:95:a7:db:89:42:68:53:60:dc:
7f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:FF:50:BD:58:15:AE:D9:74:5C:CF:1F:AC:4A:49:FD:F7:78:C9:F3
X509v3 Authority Key Identifier:
keyid:F8:8B:44:3E:99:2C:66:56:58:94:2E:68:90:D2:98:D6:8C:DE:64:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-ItEPpksZlZYlC5okNKY1ozeZCU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/Kf9QvVgVrtl0XM8frEpJ_fd4yfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/1-ItEPpksZlZYlC5okNKY1ozeZCU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.248.141.0-80.248.143.255
IPv6:
2a12:fdc0::/44
Signature Algorithm: sha256WithRSAEncryption
48:9e:e3:37:e0:7d:97:65:02:3a:f3:dd:69:87:1a:a2:7d:4a:
97:92:41:ab:79:45:bb:34:d2:a9:a4:da:28:ed:82:b7:2f:9a:
f1:bc:b9:e4:af:77:32:ea:00:07:f2:f2:5c:80:76:54:16:14:
0a:f2:61:a2:64:c9:68:ca:03:53:cc:2b:0a:18:8a:6c:44:0c:
2d:30:8f:c8:a5:ea:c8:1f:f3:0a:ed:b4:d0:57:58:e7:17:c2:
84:48:0c:ba:4a:82:34:45:15:60:22:4d:a2:e2:63:7a:5a:b1:
3b:f5:3d:8c:76:f9:84:53:93:ca:01:33:55:de:a4:11:e0:ad:
3e:7a:87:d8:02:ae:a0:96:21:32:c8:07:80:ef:d4:7d:31:c5:
81:17:3f:74:4c:14:ce:01:62:05:67:77:9d:8b:97:4b:46:28:
1f:80:53:27:28:d5:25:2e:f7:ff:be:eb:ec:1d:7b:3f:51:13:
f4:69:bc:c1:cd:28:fa:80:9e:6c:bf:b1:e1:43:e1:2c:46:79:
15:4c:90:be:e6:00:2f:4a:8e:db:cc:a5:0f:95:75:5d:0b:a6:
ae:34:97:0f:a7:fd:ed:d3:fb:38:43:5b:65:b5:5c:66:c7:ee:
b6:6e:80:d2:c4:87:dd:cf:31:b5:20:ae:16:0a:55:55:2a:67:
1e:b3:87:25
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZ4QJsSZxygX0ljKHmGeoS8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4OGI0NDNlOTkyYzY2NTY1ODk0MmU2ODkwZDI5OGQ2OGNk
ZTY0MjUwHhcNMjYwNTEwMDQzMDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWZmNTBiZDU4MTVhZWQ5NzQ1Y2NmMWZhYzRhNDlmZGY3NzhjOWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fyiGtLPc+uF1VxXpgoXXshfP1/D
rRv1gaOuNAlSC479QeQBGHySkYnbU0lz1ALMdHdfNq159T9ihd1PZfCXqzJ6NI2W
PHkGuVzmFfSIdYFU3o4oW0l2sH4KGE7+j6CFJaX0usri3Xke4WrotRs87cVZamXm
nFB0oXN/vSETRGTmXmx69iqW1J1WAHMl0/F+IUalKW6RrGHVR/7NHW4b05gebe6a
Qa+6gAGpwJ3ieoYlzUxKHolA4nj4aBWSaAF1wx/fI7fGMdQRPmsrUuuCwFG1/AXr
Q0R+XUjBmqXaTGmPAXUQgDs+56OgG7ynMMUPg8yKhNWVp9uJQmhTYNx/owIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCn/UL1YFa7ZdFzPH6xKSf33eMnzMB8GA1UdIwQY
MBaAFPiLRD6ZLGZWWJQuaJDSmNaM3mQlMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1JdEVQcGtzWmxaWWxDNW9rTktZMW96ZVpDVS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIvYmZiNTQyLTRmNjctNDZjNS05NzEw
LTY5NDI1MmYwMjlmMS8xL0tmOVF2VmdWcnRsMFhNOGZyRXBKX2ZkNHlmTS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWIvYmZiNTQyLTRmNjctNDZjNS05NzEwLTY5NDI1MmYwMjlm
MS8xLzEtSXRFUHBrc1psWllsQzVva05LWTFvemVaQ1UuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOAYIKwYBBQUHAQcBAf8EKTAnMBQEAgABMA4wDAMEAFD4
jQMEBFD4gDAPBAIAAjAJAwcEKhL9wAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBInuM3
4H2XZQI6891phxqifUqXkkGreUW7NNKppNoo7YK3L5rxvLnkr3cy6gAH8vJcgHZU
FhQK8mGiZMloygNTzCsKGIpsRAwtMI/IperIH/MK7bTQV1jnF8KESAy6SoI0RRVg
Ik2i4mN6WrE79T2MdvmEU5PKATNV3qQR4K0+eofYAq6gliEyyAeA79R9McWBFz90
TBTOAWIFZ3edi5dLRigfgFMnKNUlLvf/vuvsHXs/URP0abzBzSj6gJ5sv7HhQ+Es
RnkVTJC+5gAvSo7bzKUPlXVdC6auNJcPp/3t0/s4Q1tltVxmx+62boDSxIfdzzG1
IK4WClVVKmces4cl
-----END CERTIFICATE-----
Generated at Tue May 12 21:52:36 2026 by rpki-client