Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Bg7Nj7r2n8NG4E6MFe5lR0demjs.roa
File: Bg7Nj7r2n8NG4E6MFe5lR0demjs.roa (raw, json)
Hash identifier: EkF5QO6hOCgeEApmmMqh5QbKE8Kvxbu/jTdqKCDfThA=
Subject key identifier: 06:0E:CD:8F:BA:F6:9F:C3:46:E0:4E:8C:15:EE:65:47:47:5E:9A:3B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019DF762F8B7F1A3DFE0CE8D7A226D176205
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Bg7Nj7r2n8NG4E6MFe5lR0demjs.roa
Signing time: Tue 05 May 2026 09:05:51 +0000
ROA not before: Tue 05 May 2026 09:05:51 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 402044
IP address blocks: 82.153.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f7:62:f8:b7:f1:a3:df:e0:ce:8d:7a:22:6d:17:62:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 5 09:05:51 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=060ecd8fbaf69fc346e04e8c15ee6547475e9a3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:9e:0e:a1:88:38:0b:6b:4a:dc:88:40:de:aa:
7c:8c:99:14:d5:f5:39:04:7f:94:b7:4d:d8:75:8e:
43:c6:e9:30:fe:b9:bb:24:2d:f7:02:45:95:ae:aa:
de:21:42:db:0a:1c:0b:0e:85:56:07:98:b4:93:b1:
09:23:1f:bb:7f:a9:e5:b7:eb:21:16:d0:5d:de:90:
b5:5d:66:76:da:5c:0e:2d:db:26:04:0e:79:07:7b:
8c:ea:d5:8a:68:aa:fa:89:66:86:2d:41:6f:f9:ec:
2c:d7:ed:15:ba:6d:7a:84:e0:24:63:c6:3b:4d:2c:
92:9f:d0:86:89:39:7d:6c:a0:c2:2d:6e:d3:c7:a9:
b3:f1:12:e6:37:ae:f7:fe:d4:14:ca:fd:1c:c8:2f:
fd:41:11:f7:dc:d8:f5:da:ca:b8:58:84:f2:4b:57:
d3:04:bc:e7:79:92:82:8e:c4:8c:22:29:5c:5e:b2:
0b:01:9d:03:0c:06:71:ab:f0:bf:a2:06:31:3e:6b:
70:35:44:6e:26:29:ac:a8:a6:ba:ea:2a:aa:05:35:
7c:c4:d3:37:cb:d2:4c:58:78:c2:ed:f2:69:3f:69:
b6:a3:8e:cd:95:aa:12:a3:f0:81:46:41:7f:ff:3b:
8e:21:af:dd:d6:62:66:88:3d:d8:25:f7:8a:bb:f9:
77:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:0E:CD:8F:BA:F6:9F:C3:46:E0:4E:8C:15:EE:65:47:47:5E:9A:3B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Bg7Nj7r2n8NG4E6MFe5lR0demjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.54.0/24
Signature Algorithm: sha256WithRSAEncryption
01:be:d9:46:c8:f9:56:0a:ef:54:78:3a:6c:a5:af:d0:99:6b:
bb:01:91:ab:c5:c3:50:e6:71:83:cc:10:a7:fa:c1:a0:69:dc:
98:50:be:ab:af:74:d2:58:8e:bc:2b:89:8b:ae:7b:33:2e:b9:
a5:0f:29:35:f1:5c:9c:71:cd:a7:72:8a:53:84:82:9d:b5:38:
b2:42:4b:bb:05:5e:02:60:39:f8:08:ea:37:cd:02:22:5c:cd:
c8:d1:41:b3:a2:ea:58:44:cf:27:36:39:dd:02:f8:28:77:dd:
28:36:ea:73:f6:6f:46:70:36:43:d3:70:be:aa:39:c4:25:e3:
01:2c:6c:f7:22:25:1c:9e:aa:64:7e:e6:1a:e8:ef:de:15:4a:
cd:1d:42:50:8b:95:19:07:09:16:33:0b:54:4c:a2:52:64:36:
5c:74:a4:4c:50:d7:8d:7c:cf:ea:9a:06:4e:0a:ed:7b:4e:0d:
ca:c8:b1:b4:74:76:fd:90:e0:d9:38:c3:ff:db:f6:7a:e4:71:
ad:a7:e4:06:16:62:bb:41:48:ca:cc:f2:c6:a0:88:02:c4:00:
fa:cb:54:a0:b3:3f:11:e3:e9:f7:28:9b:1b:96:3b:c2:34:be:
5a:61:40:f9:00:58:10:43:0a:3f:40:3a:80:a9:2b:cd:27:57:
9c:2d:14:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ33Yvi38aPf4M6NeiJtF2IFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwNTA1MDkwNTUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjBlY2Q4ZmJhZjY5ZmMzNDZlMDRlOGMxNWVlNjU0NzQ3NWU5YTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3J4OoYg4C2tK3IhA3qp8jJkU1fU5
BH+Ut03YdY5Dxukw/rm7JC33AkWVrqreIULbChwLDoVWB5i0k7EJIx+7f6nlt+sh
FtBd3pC1XWZ22lwOLdsmBA55B3uM6tWKaKr6iWaGLUFv+ews1+0Vum16hOAkY8Y7
TSySn9CGiTl9bKDCLW7Tx6mz8RLmN673/tQUyv0cyC/9QRH33Nj12sq4WITyS1fT
BLzneZKCjsSMIilcXrILAZ0DDAZxq/C/ogYxPmtwNURuJimsqKa66iqqBTV8xNM3
y9JMWHjC7fJpP2m2o47NlaoSo/CBRkF//zuOIa/d1mJmiD3YJfeKu/l3xwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAYOzY+69p/DRuBOjBXuZUdHXpo7MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQmc3Tmo3cjJuOE5HNEU2TUZlNWxSMGRlbWpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpk2MA0G
CSqGSIb3DQEBCwUAA4IBAQABvtlGyPlWCu9UeDpspa/QmWu7AZGrxcNQ5nGDzBCn
+sGgadyYUL6rr3TSWI68K4mLrnszLrmlDyk18Vyccc2ncopThIKdtTiyQku7BV4C
YDn4COo3zQIiXM3I0UGzoupYRM8nNjndAvgod90oNupz9m9GcDZD03C+qjnEJeMB
LGz3IiUcnqpkfuYa6O/eFUrNHUJQi5UZBwkWMwtUTKJSZDZcdKRMUNeNfM/qmgZO
Cu17Tg3KyLG0dHb9kODZOMP/2/Z65HGtp+QGFmK7QUjKzPLGoIgCxAD6y1Sgsz8R
4+n3KJsbljvCNL5aYUD5AFgQQwo/QDqAqSvNJ1ecLRTs
-----END CERTIFICATE-----
Generated at Wed May 13 02:37:10 2026 by rpki-client