Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-tOIm0KMFhDjBpRrZEbteEqDWuE.roa
File: 1-tOIm0KMFhDjBpRrZEbteEqDWuE.roa (raw, json)
Hash identifier: qs5KHdrJRqNcAAlc4koqaNxZ7I7FMDbLeOJ0YlAzAdU=
Subject key identifier: FA:D3:88:9B:42:8C:16:10:E3:06:94:6B:64:46:ED:78:4A:83:5A:E1
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019DF762F387E648CBD494542716B283695D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-tOIm0KMFhDjBpRrZEbteEqDWuE.roa
Signing time: Tue 05 May 2026 09:05:50 +0000
ROA not before: Tue 05 May 2026 09:05:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 5511
IP address blocks: 82.153.148.0/24 maxlen: 24
89.213.63.0/24 maxlen: 24
89.213.227.0/24 maxlen: 24
213.130.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f7:62:f3:87:e6:48:cb:d4:94:54:27:16:b2:83:69:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 5 09:05:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fad3889b428c1610e306946b6446ed784a835ae1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:0d:09:ee:ba:d5:ce:e5:5a:76:92:60:29:4d:
9d:82:34:2f:05:79:89:69:78:e0:ee:1c:77:58:38:
0d:58:69:ab:dd:87:7b:99:71:36:d7:0c:72:95:25:
f8:c5:ea:7c:b7:1f:61:0f:57:ed:07:60:67:d1:d3:
dd:2f:af:3f:5d:bb:74:4e:16:ce:07:5f:c4:8c:92:
5d:9c:1a:dc:ce:88:65:b1:e5:f8:26:28:7f:08:8b:
45:22:90:58:d3:e5:74:7c:be:37:14:28:6c:79:5c:
55:af:84:ba:d0:5a:47:18:d4:56:1d:85:c4:04:ca:
5d:0a:5d:b2:14:43:d5:9f:69:57:fb:c8:5d:43:17:
d5:17:57:8a:6e:58:f9:e4:91:b6:34:1d:9d:7b:19:
31:4f:53:7d:f8:e8:bc:dd:e5:c6:5f:f8:cf:f0:f5:
79:00:cd:68:3e:5c:4e:5e:95:4c:b6:c3:12:b4:a6:
f1:c3:99:5c:71:d4:76:ea:15:4c:ce:04:68:52:40:
c5:c2:73:4e:72:49:b3:8e:ca:79:b1:9f:9b:0e:76:
15:fe:58:03:1a:8a:1a:4c:e0:0b:81:0e:d7:b2:29:
13:c0:c7:cc:95:61:57:2d:87:22:07:ea:de:21:c8:
c4:ff:72:73:3f:e5:d5:ca:b7:cf:55:4a:b8:02:05:
5d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:D3:88:9B:42:8C:16:10:E3:06:94:6B:64:46:ED:78:4A:83:5A:E1
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-tOIm0KMFhDjBpRrZEbteEqDWuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.148.0/24
89.213.63.0/24
89.213.227.0/24
213.130.137.0/24
Signature Algorithm: sha256WithRSAEncryption
16:3e:13:e9:58:c9:a0:03:8c:7f:ea:21:e4:aa:73:cf:63:db:
59:c8:dd:cb:6a:8f:83:63:ee:82:39:16:10:b2:3d:cb:49:da:
aa:9c:2d:e7:44:6e:76:86:e1:71:b6:69:d4:48:99:cc:ea:cb:
c0:99:45:72:b2:25:9b:3b:9b:08:fc:5a:5a:40:15:eb:43:fc:
b2:9b:35:e6:5e:48:cf:7b:52:26:ed:0f:5a:7b:b3:ed:fd:da:
40:54:9c:12:08:18:92:45:49:42:13:78:2a:04:16:fe:ad:84:
ba:af:8b:33:c5:fc:4e:3a:c5:ed:09:56:52:43:db:ff:d6:4a:
90:0d:c4:da:34:39:e4:a2:bc:ee:60:bf:10:75:3a:b6:16:42:
83:30:a6:a6:06:13:e2:46:b9:f7:e0:40:3f:98:74:ba:09:31:
77:2c:30:ff:ed:b5:21:41:be:29:a5:8c:2f:8c:fa:22:6d:84:
6e:b3:99:3f:38:bd:23:77:0b:29:e9:3c:7e:2a:67:10:8d:76:
87:d0:23:61:c9:47:aa:90:1f:a1:6c:8f:36:a2:cf:1a:90:9c:
52:b8:e5:91:76:a5:ce:2b:21:33:41:e7:69:32:09:fc:49:1e:
1b:3d:d3:f3:f7:94:57:b0:fa:f2:b6:33:0b:cd:8f:43:55:04:
af:07:4c:41
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZ33YvOH5kjL1JRUJxayg2ldMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwNTA1MDkwNTUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWQzODg5YjQyOGMxNjEwZTMwNjk0NmI2NDQ2ZWQ3ODRhODM1YWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQ0J7rrVzuVadpJgKU2dgjQvBXmJ
aXjg7hx3WDgNWGmr3Yd7mXE21wxylSX4xep8tx9hD1ftB2Bn0dPdL68/Xbt0ThbO
B1/EjJJdnBrczohlseX4Jih/CItFIpBY0+V0fL43FChseVxVr4S60FpHGNRWHYXE
BMpdCl2yFEPVn2lX+8hdQxfVF1eKblj55JG2NB2dexkxT1N9+Oi83eXGX/jP8PV5
AM1oPlxOXpVMtsMStKbxw5lccdR26hVMzgRoUkDFwnNOckmzjsp5sZ+bDnYV/lgD
GooaTOALgQ7XsikTwMfMlWFXLYciB+reIcjE/3JzP+XVyrfPVUq4AgVd4QIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPrTiJtCjBYQ4waUa2RG7XhKg1rhMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMS10T0ltMEtNRmhEakJwUnJaRWJ0ZUVxRFd1RS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGEvNDlkYzAwLTk3ZTItNDYyOC1hZTM5LTQxMjI4ZTM5ZmY3
Yy8xL1A5TU5pbjRTX0h2Mkxnd1NIbnpDSnQ2bE81cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFKZlAME
AFnVPwMEAFnV4wMEANWCiTANBgkqhkiG9w0BAQsFAAOCAQEAFj4T6VjJoAOMf+oh
5Kpzz2PbWcjdy2qPg2PugjkWELI9y0naqpwt50RudobhcbZp1EiZzOrLwJlFcrIl
mzubCPxaWkAV60P8sps15l5Iz3tSJu0PWnuz7f3aQFScEggYkkVJQhN4KgQW/q2E
uq+LM8X8TjrF7QlWUkPb/9ZKkA3E2jQ55KK87mC/EHU6thZCgzCmpgYT4ka59+BA
P5h0ugkxdyww/+21IUG+KaWML4z6Im2EbrOZPzi9I3cLKek8fipnEI12h9AjYclH
qpAfoWyPNqLPGpCcUrjlkXalzishM0HnaTIJ/EkeGz3T8/eUV7D68rYzC82PQ1UE
rwdMQQ==
-----END CERTIFICATE-----
Generated at Tue May 12 21:48:08 2026 by rpki-client