Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/0BO7Qdwz27n2_KQ3UWwFaifbI4U.roa
File: 0BO7Qdwz27n2_KQ3UWwFaifbI4U.roa (raw, json)
Hash identifier: ySd/2T8uWDeqpMyFGIs7aCT8IwZbW87LbSfPPcVdUwI=
Subject key identifier: D0:13:BB:41:DC:33:DB:B9:F6:FC:A4:37:51:6C:05:6A:27:DB:23:85
Certificate issuer: /CN=17dbd5acf1f9c75d18a1f75031114c48f0b23363
Certificate serial: 019D8B0B80C02B2C2606F40F215D9BEAD667
Authority key identifier: 17:DB:D5:AC:F1:F9:C7:5D:18:A1:F7:50:31:11:4C:48:F0:B2:33:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9vVrPH5x10YofdQMRFMSPCyM2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/0BO7Qdwz27n2_KQ3UWwFaifbI4U.roa
Signing time: Tue 14 Apr 2026 08:11:20 +0000
ROA not before: Tue 14 Apr 2026 08:11:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203594
IP address blocks: 85.116.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/F9vVrPH5x10YofdQMRFMSPCyM2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/F9vVrPH5x10YofdQMRFMSPCyM2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/F9vVrPH5x10YofdQMRFMSPCyM2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8b:0b:80:c0:2b:2c:26:06:f4:0f:21:5d:9b:ea:d6:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17dbd5acf1f9c75d18a1f75031114c48f0b23363
Validity
Not Before: Apr 14 08:11:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d013bb41dc33dbb9f6fca437516c056a27db2385
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:97:87:c0:d7:3a:1e:c4:77:f5:6c:ae:31:5c:
d6:2b:56:1b:04:8b:a3:f0:e2:29:ec:89:ac:b0:68:
23:60:0f:bb:87:7c:43:4f:85:27:6a:df:7f:d7:65:
ec:d8:ee:7e:1e:38:0b:db:2d:6c:2e:a1:37:d1:80:
d9:12:e9:43:ea:2a:73:2f:7a:b9:1e:34:00:4f:8d:
2a:a3:4d:19:59:cf:b2:3f:78:da:f7:81:af:f0:30:
8b:cd:e5:b0:0c:cd:9e:93:95:8a:11:c2:d4:a5:23:
74:ac:ee:54:b3:81:c4:70:9e:f4:45:da:a2:c5:1c:
c7:fb:da:32:e9:06:fe:12:3b:6f:d8:79:11:94:2f:
7b:64:07:56:a4:94:5d:ac:73:ad:8f:8e:ea:88:2a:
1a:19:e7:11:31:53:ff:f0:27:33:d3:24:6a:5c:56:
1b:90:7e:e2:63:03:95:d9:78:c6:39:d9:b5:f8:b5:
61:38:57:61:d0:c6:01:08:9c:23:d3:b7:9b:3a:94:
fb:b5:d3:84:5b:65:6b:8d:a9:b4:10:0b:24:3b:c2:
10:4b:46:da:13:5e:3d:02:4a:dc:9a:11:7d:fd:86:
23:a1:5c:3f:71:80:57:30:8f:6e:e8:60:fd:1a:c1:
fc:e8:5a:a8:6e:aa:5c:3d:5c:70:7d:3c:9f:51:01:
ca:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:13:BB:41:DC:33:DB:B9:F6:FC:A4:37:51:6C:05:6A:27:DB:23:85
X509v3 Authority Key Identifier:
keyid:17:DB:D5:AC:F1:F9:C7:5D:18:A1:F7:50:31:11:4C:48:F0:B2:33:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9vVrPH5x10YofdQMRFMSPCyM2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/0BO7Qdwz27n2_KQ3UWwFaifbI4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/F9vVrPH5x10YofdQMRFMSPCyM2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.254.0/24
Signature Algorithm: sha256WithRSAEncryption
90:1e:ab:37:f4:c1:c2:48:84:83:f4:ab:73:db:7f:9a:38:f4:
af:df:a2:54:3f:f4:97:c6:ab:1c:62:62:41:fe:2c:75:9d:e5:
01:cb:4c:7a:47:6f:4b:68:4c:37:5b:30:af:32:e1:82:2b:90:
2d:26:6a:b1:63:9d:cf:32:77:3e:15:82:9c:42:e4:80:83:6f:
f4:09:c3:5f:c2:50:d2:fe:1d:40:43:40:b5:0c:5a:eb:0c:3d:
19:f8:2f:87:25:b0:15:c0:2d:b4:39:e8:44:f3:d7:da:35:a1:
89:07:86:91:b7:63:df:1d:ea:7d:2e:9c:2d:68:a9:bb:b5:ba:
40:45:8a:3f:07:8f:a3:4f:d9:5d:c8:c5:92:d1:4a:f0:35:72:
2a:cc:06:6e:5e:87:e3:c2:48:75:e1:0a:6e:a6:e2:43:23:53:
77:23:42:73:d2:ef:4a:e3:dd:6a:43:83:20:14:95:9a:c5:e5:
e8:9b:78:c7:3b:36:e9:61:33:53:b6:2c:ac:5f:99:72:70:d4:
96:75:0c:47:cd:0b:87:ae:e4:a7:8e:d2:a3:97:05:c7:b4:68:
0a:9a:14:6d:61:41:a0:79:18:60:fb:79:52:3a:7e:a3:b8:6b:
ad:9a:84:2c:a0:ce:4b:39:7a:2a:fe:73:f2:6e:b0:83:b2:eb:
64:50:b7:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ2LC4DAKywmBvQPIV2b6tZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZGJkNWFjZjFmOWM3NWQxOGExZjc1MDMxMTE0YzQ4ZjBi
MjMzNjMwHhcNMjYwNDE0MDgxMTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDEzYmI0MWRjMzNkYmI5ZjZmY2E0Mzc1MTZjMDU2YTI3ZGIyMzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5eHwNc6HsR39WyuMVzWK1YbBIuj
8OIp7ImssGgjYA+7h3xDT4Unat9/12Xs2O5+HjgL2y1sLqE30YDZEulD6ipzL3q5
HjQAT40qo00ZWc+yP3ja94Gv8DCLzeWwDM2ek5WKEcLUpSN0rO5Us4HEcJ70Rdqi
xRzH+9oy6Qb+Ejtv2HkRlC97ZAdWpJRdrHOtj47qiCoaGecRMVP/8Ccz0yRqXFYb
kH7iYwOV2XjGOdm1+LVhOFdh0MYBCJwj07ebOpT7tdOEW2Vrjam0EAskO8IQS0ba
E149AkrcmhF9/YYjoVw/cYBXMI9u6GD9GsH86FqobqpcPVxwfTyfUQHKrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNATu0HcM9u59vykN1FsBWon2yOFMB8GA1UdIwQY
MBaAFBfb1azx+cddGKH3UDERTEjwsjNjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjl2VnJQSDV4MTBZb2ZkUU1SRk1TUEN5TTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8yOTE5OWYtZjZjYy00NDhhLWJmZDQt
NTgxZGI4N2M4MjFlLzEvMEJPN1Fkd3oyN24yX0tRM1VXd0ZhaWZiSTRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8yOTE5OWYtZjZjYy00NDhhLWJmZDQtNTgxZGI4N2M4MjFl
LzEvRjl2VnJQSDV4MTBZb2ZkUU1SRk1TUEN5TTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVXT+MA0G
CSqGSIb3DQEBCwUAA4IBAQCQHqs39MHCSISD9Ktz23+aOPSv36JUP/SXxqscYmJB
/ix1neUBy0x6R29LaEw3WzCvMuGCK5AtJmqxY53PMnc+FYKcQuSAg2/0CcNfwlDS
/h1AQ0C1DFrrDD0Z+C+HJbAVwC20OehE89faNaGJB4aRt2PfHep9LpwtaKm7tbpA
RYo/B4+jT9ldyMWS0UrwNXIqzAZuXofjwkh14QpupuJDI1N3I0Jz0u9K491qQ4Mg
FJWaxeXom3jHOzbpYTNTtiysX5lycNSWdQxHzQuHruSnjtKjlwXHtGgKmhRtYUGg
eRhg+3lSOn6juGutmoQsoM5LOXoq/nPybrCDsutkULe3
-----END CERTIFICATE-----
Generated at Wed May 13 04:09:09 2026 by rpki-client