Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-Woet1sYF8U6ZBLQOymEZJBDRo8.roa
File: 1-Woet1sYF8U6ZBLQOymEZJBDRo8.roa (raw, json)
Hash identifier: uiyKp5FIMYK/daklzmZlLb5yoDHRJriZo2fCiopgPm0=
Subject key identifier: F9:6A:1E:B7:5B:18:17:C5:3A:64:12:D0:3B:29:84:64:90:43:46:8F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019D292C911D6F6C15A5DEC6805EEDDBC211
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-Woet1sYF8U6ZBLQOymEZJBDRo8.roa
Signing time: Thu 26 Mar 2026 08:04:39 +0000
ROA not before: Thu 26 Mar 2026 08:04:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 17497
IP address blocks: 82.152.249.0/24 maxlen: 24
89.213.3.0/24 maxlen: 24
89.213.67.0/24 maxlen: 24
109.176.25.0/24 maxlen: 24
185.49.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:2c:91:1d:6f:6c:15:a5:de:c6:80:5e:ed:db:c2:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 26 08:04:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f96a1eb75b1817c53a6412d03b2984649043468f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c3:a1:da:94:e4:d9:9e:8e:44:34:be:a8:54:
42:56:c5:c6:3b:ac:26:ba:df:e0:15:39:41:d9:8e:
b9:a1:49:70:dd:8f:c2:a6:d3:51:de:ff:03:f7:3c:
ae:17:ea:43:0f:97:81:f5:c0:66:b1:f5:a7:f0:f6:
91:e4:fc:64:85:5a:52:90:f6:02:a0:57:fe:5c:cb:
35:94:1c:ee:84:76:f3:b3:bf:3b:7e:a3:79:8a:e9:
e1:92:ee:4f:4f:64:80:48:14:e1:ce:a9:52:31:42:
cd:68:1f:91:c7:b1:14:ec:97:23:44:c8:d1:be:bc:
79:2d:64:b8:24:b3:6b:df:5e:12:89:24:56:6e:fe:
6b:6f:8f:5a:60:ab:11:1e:22:9f:5b:b1:1c:00:c4:
59:69:fc:88:20:96:55:3f:f4:90:49:c4:19:30:6a:
31:d7:59:98:b1:2c:b4:c9:8a:0a:e3:73:67:a4:cd:
68:2e:c7:65:58:2e:27:fc:e2:0f:cb:80:59:f9:8c:
e4:5d:42:e7:1d:52:3b:94:ca:60:65:28:23:db:74:
0c:a9:c4:cd:dc:77:c3:d8:21:f7:d4:1e:41:96:db:
97:8f:7f:a1:86:0f:a2:b6:ff:3b:eb:93:c0:67:bf:
c2:8b:18:53:50:25:d5:7a:4f:cd:42:cb:a0:3f:16:
f3:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:6A:1E:B7:5B:18:17:C5:3A:64:12:D0:3B:29:84:64:90:43:46:8F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-Woet1sYF8U6ZBLQOymEZJBDRo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.249.0/24
89.213.3.0/24
89.213.67.0/24
109.176.25.0/24
185.49.127.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:b3:52:50:c6:e2:ed:5f:eb:38:d3:90:16:75:a2:00:ec:9c:
b3:f6:47:47:04:d8:a5:7d:6a:07:92:30:f2:4c:97:8a:d6:e4:
12:bc:c4:39:ca:8c:7b:46:a4:82:26:e2:b1:6a:3a:5d:23:0c:
b1:86:bb:dd:0f:24:d7:fa:58:39:ce:a6:60:6e:c4:06:ab:7d:
d6:33:3d:7a:12:c2:c2:42:dd:f5:01:f3:c5:6c:d4:3d:5d:59:
ae:b8:4d:d5:5f:50:4f:3e:9d:91:5d:03:1f:ed:90:4b:93:f5:
7f:2c:25:d9:63:30:2e:88:00:fa:29:07:9f:72:c0:f3:18:6e:
ec:60:09:88:85:f7:80:96:0d:44:fa:47:e9:a0:c4:d9:09:ff:
60:57:0c:4f:3e:c5:b0:ec:c2:1e:cf:7e:e0:60:9e:a3:ab:1d:
c7:2e:29:6f:f6:82:da:2a:51:d6:b8:97:10:2e:f2:e8:85:00:
35:e5:84:27:38:bc:ea:90:34:6e:a7:83:46:d0:83:46:f8:61:
e4:71:f8:9a:fe:99:2b:b6:a0:7b:a4:0a:20:5a:bc:ac:cc:cd:
ec:c6:aa:f8:dd:26:40:54:09:84:b4:e2:2b:25:3c:f0:18:0c:
54:2b:8a:84:ef:4f:ee:ae:29:72:6a:2e:e4:57:59:c4:b0:e6:
1d:6d:a7:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pLJEdb2wVpd7GgF7t28IRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwMzI2MDgwNDM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTZhMWViNzViMTgxN2M1M2E2NDEyZDAzYjI5ODQ2NDkwNDM0NjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8Oh2pTk2Z6ORDS+qFRCVsXGO6wm
ut/gFTlB2Y65oUlw3Y/CptNR3v8D9zyuF+pDD5eB9cBmsfWn8PaR5PxkhVpSkPYC
oFf+XMs1lBzuhHbzs787fqN5iunhku5PT2SASBThzqlSMULNaB+Rx7EU7JcjRMjR
vrx5LWS4JLNr314SiSRWbv5rb49aYKsRHiKfW7EcAMRZafyIIJZVP/SQScQZMGox
11mYsSy0yYoK43NnpM1oLsdlWC4n/OIPy4BZ+YzkXULnHVI7lMpgZSgj23QMqcTN
3HfD2CH31B5BltuXj3+hhg+itv8765PAZ7/CixhTUCXVek/NQsugPxbz1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPlqHrdbGBfFOmQS0DsphGSQQ0aPMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMS1Xb2V0MXNZRjhVNlpCTFFPeW1FWkpCRFJvOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGEvNDlkYzAwLTk3ZTItNDYyOC1hZTM5LTQxMjI4ZTM5ZmY3
Yy8xL1A5TU5pbjRTX0h2Mkxnd1NIbnpDSnQ2bE81cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFKY+QME
AFnVAwMEAFnVQwMEAG2wGQMEALkxfzANBgkqhkiG9w0BAQsFAAOCAQEAT7NSUMbi
7V/rONOQFnWiAOycs/ZHRwTYpX1qB5Iw8kyXitbkErzEOcqMe0akgibisWo6XSMM
sYa73Q8k1/pYOc6mYG7EBqt91jM9ehLCwkLd9QHzxWzUPV1ZrrhN1V9QTz6dkV0D
H+2QS5P1fywl2WMwLogA+ikHn3LA8xhu7GAJiIX3gJYNRPpH6aDE2Qn/YFcMTz7F
sOzCHs9+4GCeo6sdxy4pb/aC2ipR1riXEC7y6IUANeWEJzi86pA0bqeDRtCDRvhh
5HH4mv6ZK7age6QKIFq8rMzN7Maq+N0mQFQJhLTiKyU88BgMVCuKhO9P7q4pcmou
5FdZxLDmHW2nEg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 22:16:30 2026 by rpki-client