Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/A0RBy4hT1Tm3LyPmWsz2TYBSbwY.roa
File: A0RBy4hT1Tm3LyPmWsz2TYBSbwY.roa (raw, json)
Hash identifier: PLkZZ0GuSMye45XrVwSIqGiVR7kpHdkyh+Mn9WCsZS8=
Subject key identifier: 03:44:41:CB:88:53:D5:39:B7:2F:23:E6:5A:CC:F6:4D:80:52:6F:06
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019E07A77F4CD531C58B53DAAE76515AC116
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/A0RBy4hT1Tm3LyPmWsz2TYBSbwY.roa
Signing time: Fri 08 May 2026 12:54:38 +0000
ROA not before: Fri 08 May 2026 12:54:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 402214
IP address blocks: 80.240.91.0/24 maxlen: 24
82.152.9.0/24 maxlen: 24
82.152.129.0/24 maxlen: 24
82.153.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:07:a7:7f:4c:d5:31:c5:8b:53:da:ae:76:51:5a:c1:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 8 12:54:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=034441cb8853d539b72f23e65accf64d80526f06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a0:e9:e8:45:d3:52:82:4f:17:d6:10:73:68:
8c:5d:f4:cb:f9:94:e4:eb:9c:6d:5f:57:91:02:4c:
75:ec:09:5d:97:67:9e:11:f2:0f:92:43:74:34:95:
68:2b:2f:3d:77:c5:7f:ef:bb:a4:59:35:bc:6b:f6:
b5:d0:6e:16:33:72:3f:05:f0:2a:d8:3d:f7:6a:7c:
65:ac:85:42:ee:a5:d8:16:54:e4:9b:f8:51:24:40:
22:2b:9e:4c:b5:b5:31:47:5b:e7:d0:36:55:d0:9c:
79:30:29:35:96:1e:39:2a:db:d1:14:7a:29:10:6e:
f7:7f:8e:51:66:ac:08:9b:cc:70:e5:52:65:51:42:
e5:d6:87:5d:9c:7e:83:d5:ab:a4:15:34:71:70:4f:
b4:e3:5e:cb:77:57:aa:5b:28:1d:22:19:b1:b0:85:
c8:42:36:ad:86:80:12:53:b6:f3:9c:f0:2e:7a:1b:
2b:1f:e4:01:7b:d4:7e:99:cf:a2:db:13:0d:81:a2:
64:6a:5f:70:83:0e:72:b1:24:fe:3d:29:87:7d:88:
ec:86:f3:e6:f0:c0:e9:0a:d7:61:94:c6:ae:c2:fa:
94:05:b1:98:b2:9d:76:87:4c:44:1a:49:3c:52:08:
0e:a6:70:4e:3d:af:da:69:2f:3c:34:3c:68:85:f6:
9c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:44:41:CB:88:53:D5:39:B7:2F:23:E6:5A:CC:F6:4D:80:52:6F:06
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/A0RBy4hT1Tm3LyPmWsz2TYBSbwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.91.0/24
82.152.9.0/24
82.152.129.0/24
82.153.243.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:0e:9f:33:ad:4c:d1:e6:27:0e:4a:af:a5:0f:57:9d:b8:fb:
f8:a1:bf:e8:4f:bf:5a:b9:06:66:2e:04:46:8f:46:e9:c8:ad:
24:65:94:be:46:d7:3b:19:fe:7b:74:91:5c:be:ae:e7:bd:88:
6c:72:97:bc:9c:04:64:6c:87:2c:55:c5:f3:fe:5b:c4:85:62:
6e:f9:39:12:7c:33:9a:df:20:f5:a0:5c:50:2c:7a:f5:b9:06:
99:17:7f:ac:e3:db:da:a2:6e:fe:a6:2e:3c:33:da:d8:7f:e7:
fe:e7:c5:a8:a2:20:d1:0c:fc:69:16:b0:da:81:92:22:ba:9a:
f3:f6:c4:80:6d:ef:7b:85:44:08:09:f0:21:1a:74:40:a0:69:
d9:00:b8:75:23:fd:48:2c:8c:b3:2c:99:a1:2e:f6:75:00:50:
2e:8a:a5:18:36:64:44:2d:7a:08:ea:76:1b:43:8d:05:7c:e1:
fa:67:65:80:c9:5d:67:a0:00:f0:75:5b:8a:13:fb:94:b4:c6:
65:04:3d:b9:47:2f:30:58:8d:b8:26:bd:71:07:bc:9a:2b:5c:
40:60:40:99:37:59:02:94:a6:59:22:64:e2:bb:bc:23:49:52:
b0:d0:02:75:b0:0a:7e:42:68:cc:5d:72:41:38:0a:28:d3:c7:
b1:2a:10:1e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ4Hp39M1THFi1ParnZRWsEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwNTA4MTI1NDM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzQ0NDFjYjg4NTNkNTM5YjcyZjIzZTY1YWNjZjY0ZDgwNTI2ZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6Dp6EXTUoJPF9YQc2iMXfTL+ZTk
65xtX1eRAkx17Aldl2eeEfIPkkN0NJVoKy89d8V/77ukWTW8a/a10G4WM3I/BfAq
2D33anxlrIVC7qXYFlTkm/hRJEAiK55MtbUxR1vn0DZV0Jx5MCk1lh45KtvRFHop
EG73f45RZqwIm8xw5VJlUULl1oddnH6D1aukFTRxcE+0417Ld1eqWygdIhmxsIXI
QjathoASU7bznPAuehsrH+QBe9R+mc+i2xMNgaJkal9wgw5ysST+PSmHfYjshvPm
8MDpCtdhlMauwvqUBbGYsp12h0xEGkk8UggOpnBOPa/aaS88NDxohfacmQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFANEQcuIU9U5ty8j5lrM9k2AUm8GMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQTBSQnk0aFQxVG0zTHlQbVdzejJUWUJTYndZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUPBbAwQA
UpgJAwQAUpiBAwQAUpnzMA0GCSqGSIb3DQEBCwUAA4IBAQAeDp8zrUzR5icOSq+l
D1eduPv4ob/oT79auQZmLgRGj0bpyK0kZZS+Rtc7Gf57dJFcvq7nvYhscpe8nARk
bIcsVcXz/lvEhWJu+TkSfDOa3yD1oFxQLHr1uQaZF3+s49vaom7+pi48M9rYf+f+
58WooiDRDPxpFrDagZIiuprz9sSAbe97hUQICfAhGnRAoGnZALh1I/1ILIyzLJmh
LvZ1AFAuiqUYNmRELXoI6nYbQ40FfOH6Z2WAyV1noADwdVuKE/uUtMZlBD25Ry8w
WI24Jr1xB7yaK1xAYECZN1kClKZZImTiu7wjSVKw0AJ1sAp+QmjMXXJBOAoo08ex
KhAe
-----END CERTIFICATE-----
Generated at Wed May 13 01:14:44 2026 by rpki-client