Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pOXMYXKnxjrUs-RCQ9fU5moHW9M.roa
File: pOXMYXKnxjrUs-RCQ9fU5moHW9M.roa (raw, json)
Hash identifier: 6Bzf5s/XcviWGZ6wYfxbDxIfulJTovkfU1IW24nSW3Q=
Subject key identifier: A4:E5:CC:61:72:A7:C6:3A:D4:B3:E4:42:43:D7:D4:E6:6A:07:5B:D3
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019E014BC58E76272D27B76F98DE12779229
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pOXMYXKnxjrUs-RCQ9fU5moHW9M.roa
Signing time: Thu 07 May 2026 07:16:43 +0000
ROA not before: Thu 07 May 2026 07:16:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 5065
IP address blocks: 82.152.52.0/23 maxlen: 24
82.152.89.0/24 maxlen: 24
82.153.44.0/24 maxlen: 24
82.153.46.0/24 maxlen: 24
109.176.75.0/24 maxlen: 24
213.130.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:01:4b:c5:8e:76:27:2d:27:b7:6f:98:de:12:77:92:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 7 07:16:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a4e5cc6172a7c63ad4b3e44243d7d4e66a075bd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:1c:c5:93:df:fd:45:40:65:9b:f6:a4:7e:20:
8c:08:9b:23:08:15:7a:7f:00:38:fb:c5:88:fc:3d:
9e:e1:1a:77:23:93:31:ef:18:e7:ea:1b:6c:e7:86:
43:48:bb:84:b1:e1:d3:4d:92:82:3d:45:cd:70:25:
b3:dd:5d:e0:67:4c:04:75:96:8b:57:38:54:97:5d:
12:65:af:7f:33:32:48:7e:bf:73:57:cd:18:47:fe:
e0:e1:4d:ad:bd:b1:19:49:1b:a8:6d:80:13:7a:d1:
5a:8f:2f:61:bc:54:c6:23:6d:26:45:d0:31:41:51:
f0:d7:89:a2:f3:00:3c:12:02:86:b0:1b:31:2f:10:
69:3d:2e:b4:54:88:24:1a:ba:38:6e:aa:ae:8e:0a:
52:9d:8c:90:25:d1:1b:cb:c4:7f:78:44:c5:00:7c:
4c:e9:25:fb:c4:ad:d9:9d:dd:9c:f4:de:4a:71:7a:
f1:7c:b8:dd:4f:ca:0c:1b:a3:96:92:de:42:e6:83:
59:cd:38:fd:5f:79:30:a5:17:52:54:18:60:d2:64:
ec:c5:93:fd:db:63:c9:38:2c:2d:ca:a4:ed:eb:c8:
1f:f4:9d:c3:66:48:34:dc:5b:b0:9b:7d:b6:cf:3c:
41:c1:be:58:42:81:9a:8e:59:69:47:fd:6c:b8:5e:
08:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:E5:CC:61:72:A7:C6:3A:D4:B3:E4:42:43:D7:D4:E6:6A:07:5B:D3
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pOXMYXKnxjrUs-RCQ9fU5moHW9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.52.0/23
82.152.89.0/24
82.153.44.0/24
82.153.46.0/24
109.176.75.0/24
213.130.150.0/24
Signature Algorithm: sha256WithRSAEncryption
71:80:60:48:6a:dc:9b:e2:47:77:92:46:09:44:95:67:74:3b:
36:02:c1:29:9b:4d:38:eb:82:40:6e:0b:e9:00:77:7f:c0:e8:
52:d6:48:c0:e6:0d:f8:e3:03:42:8e:8e:9c:c9:c0:e5:28:28:
a6:46:2b:5d:b8:5f:94:c8:a0:52:18:63:9c:25:6a:2f:1a:49:
d2:91:ea:a3:94:f7:f4:4e:e7:21:b1:5d:cc:27:c5:b6:66:ed:
6f:b9:8d:36:54:fd:8b:bb:0f:96:a6:b7:e5:09:d2:5f:5b:01:
b3:a1:7e:6f:28:e4:5b:ce:74:a7:a6:21:f2:0d:de:78:38:26:
65:5a:a4:ce:4a:b0:dd:34:02:51:7a:d9:e5:d1:a6:2e:0f:f6:
b4:95:18:bd:64:57:85:67:45:56:2e:17:d9:6e:97:8b:b1:b4:
4d:ea:af:99:f8:9a:e9:55:6a:00:8d:01:05:98:a0:bc:69:48:
9d:76:89:df:f4:c6:9e:b0:0e:74:77:f2:09:79:b9:44:7c:da:
92:8a:5d:9e:8b:0b:b6:60:d8:7b:cb:19:bc:34:94:e9:1f:70:
25:5c:14:82:a5:7f:9d:26:e0:cd:aa:5f:f7:c1:ae:a1:da:2f:
46:fb:80:86:98:6c:b6:ff:9d:64:b9:ff:2b:ac:c9:34:25:f8:
10:41:b7:2b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ4BS8WOdictJ7dvmN4Sd5IpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwNTA3MDcxNjQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGU1Y2M2MTcyYTdjNjNhZDRiM2U0NDI0M2Q3ZDRlNjZhMDc1YmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxzFk9/9RUBlm/akfiCMCJsjCBV6
fwA4+8WI/D2e4Rp3I5Mx7xjn6hts54ZDSLuEseHTTZKCPUXNcCWz3V3gZ0wEdZaL
VzhUl10SZa9/MzJIfr9zV80YR/7g4U2tvbEZSRuobYATetFajy9hvFTGI20mRdAx
QVHw14mi8wA8EgKGsBsxLxBpPS60VIgkGro4bqqujgpSnYyQJdEby8R/eETFAHxM
6SX7xK3Znd2c9N5KcXrxfLjdT8oMG6OWkt5C5oNZzTj9X3kwpRdSVBhg0mTsxZP9
22PJOCwtyqTt68gf9J3DZkg03Fuwm322zzxBwb5YQoGajllpR/1suF4InwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKTlzGFyp8Y61LPkQkPX1OZqB1vTMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcE9YTVlYS254anJVcy1SQ1E5ZlU1bW9IVzlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBUpg0AwQA
UphZAwQAUpksAwQAUpkuAwQAbbBLAwQA1YKWMA0GCSqGSIb3DQEBCwUAA4IBAQBx
gGBIatyb4kd3kkYJRJVndDs2AsEpm00464JAbgvpAHd/wOhS1kjA5g344wNCjo6c
ycDlKCimRitduF+UyKBSGGOcJWovGknSkeqjlPf0TuchsV3MJ8W2Zu1vuY02VP2L
uw+WprflCdJfWwGzoX5vKORbznSnpiHyDd54OCZlWqTOSrDdNAJRetnl0aYuD/a0
lRi9ZFeFZ0VWLhfZbpeLsbRN6q+Z+JrpVWoAjQEFmKC8aUiddonf9MaesA50d/IJ
eblEfNqSil2eiwu2YNh7yxm8NJTpH3AlXBSCpX+dJuDNql/3wa6h2i9G+4CGmGy2
/51kuf8rrMk0JfgQQbcr
-----END CERTIFICATE-----
Generated at Tue May 12 22:32:33 2026 by rpki-client