Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LoYl3UGwFOo9h6GGK_YehICRwd4.roa
File: LoYl3UGwFOo9h6GGK_YehICRwd4.roa (raw, json)
Hash identifier: YUCTRbVKGxiVTW4qA7qfdMyxslp7i83pp4fKAfOgY/Y=
Subject key identifier: 2E:86:25:DD:41:B0:14:EA:3D:87:A1:86:2B:F6:1E:84:80:91:C1:DE
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019D1B624BF641D6298EA4436B58E8D7CB24
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LoYl3UGwFOo9h6GGK_YehICRwd4.roa
Signing time: Mon 23 Mar 2026 15:48:39 +0000
ROA not before: Mon 23 Mar 2026 15:48:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16276
IP address blocks: 77.107.88.0/24 maxlen: 24
80.240.94.0/24 maxlen: 24
82.152.8.0/24 maxlen: 24
82.152.57.0/24 maxlen: 24
82.152.58.0/24 maxlen: 24
82.152.73.0/24 maxlen: 24
82.152.75.0/24 maxlen: 24
82.152.98.0/24 maxlen: 24
82.152.109.0/24 maxlen: 24
82.152.226.0/24 maxlen: 24
82.152.240.0/24 maxlen: 24
82.152.243.0/24 maxlen: 24
82.153.66.0/24 maxlen: 24
82.153.205.0/24 maxlen: 24
109.176.40.0/21 maxlen: 24
109.176.48.0/21 maxlen: 24
109.176.153.0/24 maxlen: 24
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.218.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1b:62:4b:f6:41:d6:29:8e:a4:43:6b:58:e8:d7:cb:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 23 15:48:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2e8625dd41b014ea3d87a1862bf61e848091c1de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:bc:8b:b0:cb:a6:43:35:1a:a3:cf:d3:73:ba:
23:50:54:53:5e:53:11:20:ea:73:9b:91:cb:fc:84:
8c:0d:37:e4:dc:23:4b:1a:c6:57:1f:0a:b4:4f:51:
73:f0:7e:17:25:b0:06:07:3d:6e:61:f2:bb:0d:e9:
0c:d0:6e:f8:09:3f:e6:ec:c9:0b:8b:fb:67:55:e2:
a7:cb:96:8b:45:c4:2a:6e:50:13:f4:81:a5:6c:d6:
db:84:53:19:c7:bd:02:57:da:28:72:99:55:bb:42:
9b:da:7f:26:f0:1a:57:2d:47:e1:02:47:e9:7a:51:
20:b8:38:cb:3f:45:bd:df:2d:32:58:c1:14:a3:4f:
76:02:3f:11:9e:97:ee:be:b2:64:35:85:ab:73:b0:
c0:fa:80:4b:ac:87:be:6d:92:b8:a7:13:92:2d:93:
7b:85:4f:e5:52:86:d1:db:2a:3b:63:96:56:9c:51:
73:6e:73:24:66:35:59:a2:5f:ee:de:34:0e:f5:db:
90:ca:2f:ee:c1:52:9e:5b:27:bb:2f:38:a2:a8:07:
f9:52:44:03:d5:64:24:dd:0b:01:80:4c:77:39:44:
1c:56:a5:3a:32:50:bf:39:88:57:c8:e4:bf:80:6b:
5a:a1:8b:aa:df:90:8f:e5:e3:77:f4:8f:b2:cd:33:
8a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:86:25:DD:41:B0:14:EA:3D:87:A1:86:2B:F6:1E:84:80:91:C1:DE
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LoYl3UGwFOo9h6GGK_YehICRwd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.107.88.0/24
80.240.94.0/24
82.152.8.0/24
82.152.57.0-82.152.58.255
82.152.73.0/24
82.152.75.0/24
82.152.98.0/24
82.152.109.0/24
82.152.226.0/24
82.152.240.0/24
82.152.243.0/24
82.153.66.0/24
82.153.205.0/24
109.176.40.0-109.176.55.255
109.176.153.0/24
213.130.130.0/24
213.130.149.0/24
213.218.214.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:2d:ec:76:5c:8d:0e:04:b0:9d:37:1c:4e:52:3b:2c:c2:8e:
d7:52:91:e6:e2:fa:d4:36:a7:8f:be:b9:2f:81:ab:0e:4c:f2:
29:f2:66:8c:c5:33:f2:66:82:6b:82:79:2a:03:fe:75:56:01:
5f:17:c9:1b:7b:70:c3:c1:38:44:74:8a:d6:79:14:45:b1:0f:
25:e6:d4:ea:3a:01:5d:18:0d:6f:fd:db:36:d0:d8:15:61:96:
19:95:9c:b3:97:90:b8:c9:93:c5:01:e6:b2:e5:a4:15:ba:08:
ae:e7:5c:7b:7a:ff:12:3d:fa:46:59:b2:d7:9d:7b:4a:04:f2:
24:a9:a5:ad:4f:71:d8:04:ed:77:f8:74:a8:ce:63:ec:a2:23:
55:14:0c:19:fc:01:95:f4:5b:5d:19:76:53:42:a3:d8:c6:f3:
94:5e:e5:cc:34:3a:80:d4:05:3f:a6:20:d7:c4:20:75:e5:a3:
85:7a:0b:64:bd:74:18:19:7b:e9:38:34:58:59:09:f0:62:4e:
ff:80:3b:e2:ae:f4:82:82:c7:b5:88:85:a9:d6:24:ca:36:de:
65:18:31:a9:41:b9:51:c6:8c:d3:d9:30:e2:b1:b6:1b:8d:60:
97:44:e2:90:32:ea:8c:fa:be:87:83:8e:bc:6c:5e:e1:cc:53:
42:6f:88:7e
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZ0bYkv2QdYpjqRDa1jo18skMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwMzIzMTU0ODM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTg2MjVkZDQxYjAxNGVhM2Q4N2ExODYyYmY2MWU4NDgwOTFjMWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubyLsMumQzUao8/Tc7ojUFRTXlMR
IOpzm5HL/ISMDTfk3CNLGsZXHwq0T1Fz8H4XJbAGBz1uYfK7DekM0G74CT/m7MkL
i/tnVeKny5aLRcQqblAT9IGlbNbbhFMZx70CV9oocplVu0Kb2n8m8BpXLUfhAkfp
elEguDjLP0W93y0yWMEUo092Aj8RnpfuvrJkNYWrc7DA+oBLrIe+bZK4pxOSLZN7
hU/lUobR2yo7Y5ZWnFFzbnMkZjVZol/u3jQO9duQyi/uwVKeWye7LziiqAf5UkQD
1WQk3QsBgEx3OUQcVqU6MlC/OYhXyOS/gGtaoYuq35CP5eN39I+yzTOKZwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFC6GJd1BsBTqPYehhiv2HoSAkcHeMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTG9ZbDNVR3dGT285aDZHR0tfWWVoSUNSd2Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAE1r
WAMEAFDwXgMEAFKYCDAMAwQAUpg5AwQAUpg6AwQAUphJAwQAUphLAwQAUphiAwQA
UphtAwQAUpjiAwQAUpjwAwQAUpjzAwQAUplCAwQAUpnNMAwDBANtsCgDBANtsDAD
BABtsJkDBADVgoIDBADVgpUDBADV2tYwDQYJKoZIhvcNAQELBQADggEBAH4t7HZc
jQ4EsJ03HE5SOyzCjtdSkebi+tQ2p4++uS+Bqw5M8inyZozFM/JmgmuCeSoD/nVW
AV8XyRt7cMPBOER0itZ5FEWxDyXm1Oo6AV0YDW/92zbQ2BVhlhmVnLOXkLjJk8UB
5rLlpBW6CK7nXHt6/xI9+kZZstede0oE8iSppa1PcdgE7Xf4dKjOY+yiI1UUDBn8
AZX0W10ZdlNCo9jG85Re5cw0OoDUBT+mINfEIHXlo4V6C2S9dBgZe+k4NFhZCfBi
Tv+AO+Ku9IKCx7WIhanWJMo23mUYMalBuVHGjNPZMOKxthuNYJdE4pAy6oz6voeD
jrxsXuHMU0JviH4=
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:50:03 2026 by rpki-client