Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dqtWXfSFNV60vMQ75bGMdUa-8EU.roa
File: dqtWXfSFNV60vMQ75bGMdUa-8EU.roa (raw, json)
Hash identifier: V0k1Kywifr9ahqEulnKaQXEmJEN6sTNs51MIyX1Momg=
Subject key identifier: 76:AB:56:5D:F4:85:35:5E:B4:BC:C4:3B:E5:B1:8C:75:46:BE:F0:45
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019DE2BF726E7400A68B4B6AAE4C9A368E67
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dqtWXfSFNV60vMQ75bGMdUa-8EU.roa
Signing time: Fri 01 May 2026 08:54:50 +0000
ROA not before: Fri 01 May 2026 08:54:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202736
IP address blocks: 82.152.114.0/24 maxlen: 24
82.152.143.0/24 maxlen: 24
82.152.186.0/24 maxlen: 24
82.153.114.0/24 maxlen: 24
82.153.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e2:bf:72:6e:74:00:a6:8b:4b:6a:ae:4c:9a:36:8e:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 1 08:54:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=76ab565df485355eb4bcc43be5b18c7546bef045
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:72:45:b5:b8:2b:5a:26:0d:00:83:b4:89:da:
a8:ae:68:5f:1c:90:ba:c8:7e:7e:48:7a:38:d3:72:
42:f9:3d:0b:b4:3f:bf:59:3e:c6:86:33:0d:ab:1a:
1a:c9:a5:16:3c:a8:48:44:75:3b:9c:70:d3:a5:ff:
de:89:9b:99:39:9e:67:8e:28:53:eb:aa:33:f8:47:
59:b6:2d:fd:81:b0:b2:78:e8:1b:c5:0e:cc:3e:b8:
29:53:b2:f5:82:8a:43:06:ab:7f:00:35:eb:6f:87:
3b:65:d2:1f:50:ee:e8:22:3d:6d:93:78:4f:a4:2d:
1f:00:22:42:3f:5d:aa:b6:1e:2e:32:78:1e:54:18:
22:e0:f7:6f:07:ca:d9:9c:bd:c8:7a:f4:0e:cf:51:
bb:bb:fb:d0:24:6f:3b:56:96:84:82:f6:54:09:b3:
c4:2e:5f:9a:06:30:d0:c2:82:16:a4:23:30:4b:4c:
96:e8:b5:67:6b:17:2c:b1:ef:0b:76:de:05:6b:b3:
6a:ab:3d:0f:a0:1a:a3:1a:db:16:a7:5e:a7:1f:de:
fe:59:42:06:12:ba:85:a0:6c:b1:51:79:50:bb:aa:
49:02:84:52:49:61:ef:b8:6e:a3:2e:01:d2:16:61:
84:2e:bb:f9:12:44:ab:3b:41:16:f1:02:94:9d:36:
3a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:AB:56:5D:F4:85:35:5E:B4:BC:C4:3B:E5:B1:8C:75:46:BE:F0:45
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dqtWXfSFNV60vMQ75bGMdUa-8EU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.114.0/24
82.152.143.0/24
82.152.186.0/24
82.153.114.0/24
82.153.212.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:37:27:7d:8a:4d:25:94:bd:e0:67:54:90:f2:1b:d0:18:86:
b2:6c:c6:25:f3:79:ec:96:87:a2:af:3e:39:52:ff:46:4e:6d:
7f:46:fa:2f:c7:d5:68:eb:04:af:3a:76:09:6c:63:0d:d5:79:
d4:18:45:93:a9:fc:9e:c6:bf:23:e7:d1:5f:b4:1f:16:64:ff:
85:b6:13:b5:d2:5a:af:5b:0b:71:5b:f4:db:69:2f:74:b5:08:
ca:c7:49:fe:6f:06:98:0c:73:f7:60:5b:ca:c8:73:ed:a3:d9:
7b:f8:7f:a9:b7:fd:ef:b5:2e:ab:f7:d0:38:6c:b3:f5:7f:ad:
f6:f2:47:6e:18:e8:dd:32:e2:a3:78:9a:e1:06:4b:22:7c:58:
88:d5:e9:25:f5:76:c2:4f:dc:86:3a:3f:50:5d:79:40:74:ec:
2c:83:2e:a9:d3:24:53:b3:cc:1a:74:23:e5:62:36:fb:10:a2:
af:aa:c4:70:1d:a3:9b:6f:8e:cc:5b:bb:32:a8:9e:2e:a1:63:
7b:45:c7:16:93:f0:51:78:30:db:61:6f:c4:06:0a:59:0c:ea:
eb:72:3c:84:28:54:dc:a2:2c:83:13:eb:54:56:51:37:42:c6:
3f:fe:eb:eb:89:10:b1:94:f6:87:1e:e9:e4:c8:d2:54:15:66:
8a:e1:72:b8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ3iv3JudACmi0tqrkyaNo5nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwNTAxMDg1NDUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmFiNTY1ZGY0ODUzNTVlYjRiY2M0M2JlNWIxOGM3NTQ2YmVmMDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnJFtbgrWiYNAIO0idqormhfHJC6
yH5+SHo403JC+T0LtD+/WT7GhjMNqxoayaUWPKhIRHU7nHDTpf/eiZuZOZ5njihT
66oz+EdZti39gbCyeOgbxQ7MPrgpU7L1gopDBqt/ADXrb4c7ZdIfUO7oIj1tk3hP
pC0fACJCP12qth4uMngeVBgi4PdvB8rZnL3IevQOz1G7u/vQJG87VpaEgvZUCbPE
Ll+aBjDQwoIWpCMwS0yW6LVnaxcsse8Ldt4Fa7Nqqz0PoBqjGtsWp16nH97+WUIG
ErqFoGyxUXlQu6pJAoRSSWHvuG6jLgHSFmGELrv5EkSrO0EW8QKUnTY68QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHarVl30hTVetLzEO+WxjHVGvvBFMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZHF0V1hmU0ZOVjYwdk1RNzViR01kVWEtOEVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUphyAwQA
UpiPAwQAUpi6AwQAUplyAwQAUpnUMA0GCSqGSIb3DQEBCwUAA4IBAQANNyd9ik0l
lL3gZ1SQ8hvQGIaybMYl83nsloeirz45Uv9GTm1/Rvovx9Vo6wSvOnYJbGMN1XnU
GEWTqfyexr8j59FftB8WZP+FthO10lqvWwtxW/TbaS90tQjKx0n+bwaYDHP3YFvK
yHPto9l7+H+pt/3vtS6r99A4bLP1f6328kduGOjdMuKjeJrhBksifFiI1ekl9XbC
T9yGOj9QXXlAdOwsgy6p0yRTs8wadCPlYjb7EKKvqsRwHaObb47MW7syqJ4uoWN7
RccWk/BReDDbYW/EBgpZDOrrcjyEKFTcoiyDE+tUVlE3QsY//uvriRCxlPaHHunk
yNJUFWaK4XK4
-----END CERTIFICATE-----
Generated at Tue May 12 23:46:01 2026 by rpki-client