Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QI7N_7Sr_3i0lx9gy0P6Y1o8Fs8.roa
File: QI7N_7Sr_3i0lx9gy0P6Y1o8Fs8.roa (raw, json)
Hash identifier: dV7EVn3ni5yFIsnL8ryRumHybL9us9e9JM5GujNvST8=
Subject key identifier: 40:8E:CD:FF:B4:AB:FF:78:B4:97:1F:60:CB:43:FA:63:5A:3C:16:CF
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019CC2BB1A4FFFFB7E336DFB7DAD4AE16EB9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QI7N_7Sr_3i0lx9gy0P6Y1o8Fs8.roa
Signing time: Fri 06 Mar 2026 10:39:27 +0000
ROA not before: Fri 06 Mar 2026 10:39:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42689
IP address blocks: 82.152.7.0/24 maxlen: 24
82.152.107.0/24 maxlen: 24
82.153.52.0/24 maxlen: 24
82.153.227.0/24 maxlen: 24
82.153.228.0/23 maxlen: 24
82.153.231.0/24 maxlen: 24
89.213.69.0/24 maxlen: 24
89.213.72.0/24 maxlen: 24
89.213.75.0/24 maxlen: 24
89.213.76.0/24 maxlen: 24
89.213.78.0/24 maxlen: 24
109.176.212.0/24 maxlen: 24
109.176.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:c2:bb:1a:4f:ff:fb:7e:33:6d:fb:7d:ad:4a:e1:6e:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 6 10:39:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=408ecdffb4abff78b4971f60cb43fa635a3c16cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6f:7c:ab:1a:9d:c6:b6:da:90:8a:a0:c6:53:
6b:39:bd:26:3f:9c:74:fd:16:b7:2d:d7:e0:d4:29:
98:d4:8b:16:ac:e1:df:51:e1:03:5e:42:6c:05:3f:
31:a0:40:e7:7c:29:7a:2c:ad:67:3e:84:c8:46:8f:
0d:1e:e4:8c:e4:58:20:bc:7f:f0:44:26:8f:31:7e:
27:93:1f:0d:a3:35:d8:ba:67:30:c3:6e:23:63:c3:
cf:ac:34:f1:88:92:fe:52:fc:aa:f2:ac:4d:ea:e4:
65:96:f2:76:18:70:9f:a3:44:97:99:d8:4e:98:79:
1e:c7:cd:2c:8e:b7:1f:58:b4:0b:4f:69:b1:4f:d6:
d6:b2:e9:76:e2:56:62:85:3a:47:d3:80:86:ee:56:
66:a9:5f:01:6d:8c:05:8e:2b:57:18:2f:1d:19:4b:
de:9b:26:0f:00:dd:b3:6c:7a:7f:c0:e3:1d:6f:1e:
f5:f8:3e:f1:fb:f2:38:5f:b9:47:18:94:52:83:1f:
cb:65:e4:dd:5a:ed:c5:cf:bc:9e:18:e7:d6:e2:62:
d8:4a:a3:fb:0a:28:2f:45:de:7f:aa:27:9b:c8:a5:
4b:ed:4d:8f:14:d3:a6:0b:86:1c:93:ba:fc:4c:11:
de:ec:12:89:4c:48:2c:a2:ff:d7:53:4d:47:a1:45:
30:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:8E:CD:FF:B4:AB:FF:78:B4:97:1F:60:CB:43:FA:63:5A:3C:16:CF
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QI7N_7Sr_3i0lx9gy0P6Y1o8Fs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.7.0/24
82.152.107.0/24
82.153.52.0/24
82.153.227.0-82.153.229.255
82.153.231.0/24
89.213.69.0/24
89.213.72.0/24
89.213.75.0-89.213.76.255
89.213.78.0/24
109.176.212.0/24
109.176.214.0/24
Signature Algorithm: sha256WithRSAEncryption
40:ea:6d:82:6a:b4:5d:51:e8:ec:2e:3f:6e:77:6e:7c:ae:4a:
0c:ee:c1:a4:14:eb:8b:7e:87:da:af:d4:05:b2:59:9b:2c:5e:
08:d3:10:50:fd:07:fd:00:d2:02:90:40:75:1b:56:81:bc:a3:
e5:8e:48:76:9f:7c:ac:9d:59:c7:88:90:3d:dc:35:ce:57:f7:
9b:8d:3e:eb:17:6d:7a:d5:34:9a:99:d1:bf:ba:f6:80:fc:0b:
4e:b9:f1:c5:f5:ee:28:55:d3:f3:ad:75:23:c5:68:84:1b:33:
45:7f:ad:2f:5a:7d:09:b1:56:73:2e:3a:27:d0:03:e4:56:74:
bd:9c:3b:ce:48:c0:32:ba:a0:a5:da:19:2d:29:e7:9d:3c:65:
73:70:50:54:30:60:c6:08:51:dc:f2:ea:b5:9d:5a:45:6c:1d:
c9:1a:78:48:eb:ad:9f:22:4b:01:51:31:e8:a5:5e:11:bd:a1:
d6:ad:a3:68:06:ad:3a:80:ca:04:51:43:4d:fc:2d:6b:e0:38:
cc:2d:47:8b:11:8e:b2:9f:95:95:61:d3:32:38:fa:01:58:40:
2b:9d:cb:5a:ec:3a:d6:df:91:fd:9e:e1:a4:32:84:39:7c:bd:
70:e6:57:49:6f:7d:06:92:08:a3:d6:f3:6f:20:d2:af:af:2e:
9c:31:ed:88
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZzCuxpP//t+M237fa1K4W65MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwMzA2MTAzOTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDhlY2RmZmI0YWJmZjc4YjQ5NzFmNjBjYjQzZmE2MzVhM2MxNmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0W98qxqdxrbakIqgxlNrOb0mP5x0
/Ra3Ldfg1CmY1IsWrOHfUeEDXkJsBT8xoEDnfCl6LK1nPoTIRo8NHuSM5FggvH/w
RCaPMX4nkx8NozXYumcww24jY8PPrDTxiJL+Uvyq8qxN6uRllvJ2GHCfo0SXmdhO
mHkex80sjrcfWLQLT2mxT9bWsul24lZihTpH04CG7lZmqV8BbYwFjitXGC8dGUve
myYPAN2zbHp/wOMdbx71+D7x+/I4X7lHGJRSgx/LZeTdWu3Fz7yeGOfW4mLYSqP7
CigvRd5/qiebyKVL7U2PFNOmC4Yck7r8TBHe7BKJTEgsov/XU01HoUUwiQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFECOzf+0q/94tJcfYMtD+mNaPBbPMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUUk3Tl83U3JfM2kwbHg5Z3kwUDZZMW84RnM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAUpgHAwQA
UphrAwQAUpk0MAwDBABSmeMDBAFSmeQDBABSmecDBABZ1UUDBABZ1UgwDAMEAFnV
SwMEAFnVTAMEAFnVTgMEAG2w1AMEAG2w1jANBgkqhkiG9w0BAQsFAAOCAQEAQOpt
gmq0XVHo7C4/bndufK5KDO7BpBTri36H2q/UBbJZmyxeCNMQUP0H/QDSApBAdRtW
gbyj5Y5Idp98rJ1Zx4iQPdw1zlf3m40+6xdtetU0mpnRv7r2gPwLTrnxxfXuKFXT
8611I8VohBszRX+tL1p9CbFWcy46J9AD5FZ0vZw7zkjAMrqgpdoZLSnnnTxlc3BQ
VDBgxghR3PLqtZ1aRWwdyRp4SOutnyJLAVEx6KVeEb2h1q2jaAatOoDKBFFDTfwt
a+A4zC1HixGOsp+VlWHTMjj6AVhAK53LWuw61t+R/Z7hpDKEOXy9cOZXSW99BpII
o9bzbyDSr68unDHtiA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:07:07 2026 by rpki-client