Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/w0c0Lc0lgAkKuvUiKHu6TufeG9U.roa
File: w0c0Lc0lgAkKuvUiKHu6TufeG9U.roa (raw, json)
Hash identifier: mPu5yb7kiIZasvCnTGbIcdC0xpS+hFYXfYdWgUfbffI=
Subject key identifier: C3:47:34:2D:CD:25:80:09:0A:BA:F5:22:28:7B:BA:4E:E7:DE:1B:D5
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019CBD69B5C9ABBEEE6F1173E130E7002FFC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/w0c0Lc0lgAkKuvUiKHu6TufeG9U.roa
Signing time: Thu 05 Mar 2026 09:52:27 +0000
ROA not before: Thu 05 Mar 2026 09:52:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202736
IP address blocks: 82.152.114.0/24 maxlen: 24
82.152.115.0/24 maxlen: 24
82.152.143.0/24 maxlen: 24
82.152.186.0/24 maxlen: 24
82.153.114.0/24 maxlen: 24
82.153.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:bd:69:b5:c9:ab:be:ee:6f:11:73:e1:30:e7:00:2f:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 5 09:52:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c347342dcd2580090abaf522287bba4ee7de1bd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a8:4e:32:60:35:b1:aa:f6:89:c9:b1:de:3a:
f5:7c:50:5c:f8:cc:4e:10:65:97:b6:46:74:b0:14:
73:c9:4b:c6:73:8f:36:98:19:da:c8:be:ec:ac:62:
90:57:2d:f4:6d:81:be:d7:b1:00:67:07:94:6f:32:
8e:a2:13:bb:76:52:8a:f2:e9:8f:d4:6f:77:92:2a:
ba:99:dd:58:61:ec:da:0f:b7:4d:ce:6f:df:0c:8f:
7f:a5:07:e9:cf:f0:50:e2:6e:60:f5:fe:d2:07:97:
68:5e:dc:92:f1:31:1a:a8:04:e4:24:64:76:52:74:
a2:7f:51:9c:73:7f:00:6e:fc:ec:cb:0c:82:db:ec:
a1:3e:d4:5b:b7:77:26:a8:42:2d:9f:dd:f9:f6:f4:
66:66:54:d3:d9:59:ce:f7:1a:27:2b:9f:4b:01:4a:
c4:39:53:5e:7b:3d:d5:9f:b8:6b:54:75:e6:a5:b9:
02:4d:ff:39:46:18:77:f8:0f:ba:3b:e2:55:5a:af:
5c:8f:31:fb:3d:49:84:63:fd:5a:88:6d:85:e3:ab:
f0:cb:a6:cd:b4:91:b3:e7:aa:90:f0:5f:7a:c2:31:
e3:fc:a5:6d:ea:cf:d8:61:c9:5e:da:be:4a:43:d8:
99:97:62:3c:e3:65:81:64:26:16:8c:c1:4c:4d:6b:
fe:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:47:34:2D:CD:25:80:09:0A:BA:F5:22:28:7B:BA:4E:E7:DE:1B:D5
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/w0c0Lc0lgAkKuvUiKHu6TufeG9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.114.0/23
82.152.143.0/24
82.152.186.0/24
82.153.114.0/24
82.153.212.0/24
Signature Algorithm: sha256WithRSAEncryption
40:8f:b6:23:91:de:82:d6:b5:3f:0a:43:37:c8:3b:2d:9a:19:
34:0d:fd:48:7a:b4:c9:3f:5b:22:f2:4d:32:57:7b:4f:ac:75:
90:6d:8c:e5:f2:29:b4:d0:48:5c:f0:39:c6:a5:50:b2:4c:d3:
fb:f0:15:a3:55:52:f0:d9:d3:16:e8:92:ca:4c:0d:fc:4a:6e:
4f:e3:a9:7b:d5:11:b7:eb:97:d7:b7:be:2f:29:9b:88:dd:71:
76:3c:07:07:7e:2f:52:50:9f:54:40:8b:e0:d0:3f:82:29:94:
7b:3f:da:7c:6d:47:a9:23:b2:a8:99:13:72:d5:7d:9c:14:85:
ac:55:20:23:49:10:6b:1a:3e:69:c8:0c:88:0a:30:60:11:f9:
19:3f:82:3f:c2:9e:9b:41:19:d6:fb:7c:ff:64:5b:c6:01:f7:
b8:e0:ab:cc:f9:f6:df:70:56:e4:51:b2:b1:51:46:47:50:d1:
9e:22:8a:50:12:da:d4:b9:67:cd:d9:4a:76:4f:d0:a1:52:78:
9c:4e:32:60:68:5a:8f:f9:dd:03:e5:c8:91:54:01:39:ff:52:
73:d5:ab:bb:74:30:d0:b0:16:7a:2c:29:7e:ef:cd:3c:38:a0:
48:9f:7f:55:a1:7d:fe:1e:f8:6a:0d:79:46:a0:33:d2:eb:50:
49:e2:27:a1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZy9abXJq77ubxFz4TDnAC/8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwMzA1MDk1MjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzQ3MzQyZGNkMjU4MDA5MGFiYWY1MjIyODdiYmE0ZWU3ZGUxYmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqhOMmA1sar2icmx3jr1fFBc+MxO
EGWXtkZ0sBRzyUvGc482mBnayL7srGKQVy30bYG+17EAZweUbzKOohO7dlKK8umP
1G93kiq6md1YYezaD7dNzm/fDI9/pQfpz/BQ4m5g9f7SB5doXtyS8TEaqATkJGR2
UnSif1Gcc38AbvzsywyC2+yhPtRbt3cmqEItn9359vRmZlTT2VnO9xonK59LAUrE
OVNeez3Vn7hrVHXmpbkCTf85Rhh3+A+6O+JVWq9cjzH7PUmEY/1aiG2F46vwy6bN
tJGz56qQ8F96wjHj/KVt6s/YYcle2r5KQ9iZl2I842WBZCYWjMFMTWv+hwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMNHNC3NJYAJCrr1Iih7uk7n3hvVMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdzBjMExjMGxnQWtLdXZVaUtIdTZUdWZlRzlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBUphyAwQA
UpiPAwQAUpi6AwQAUplyAwQAUpnUMA0GCSqGSIb3DQEBCwUAA4IBAQBAj7Yjkd6C
1rU/CkM3yDstmhk0Df1IerTJP1si8k0yV3tPrHWQbYzl8im00Ehc8DnGpVCyTNP7
8BWjVVLw2dMW6JLKTA38Sm5P46l71RG365fXt74vKZuI3XF2PAcHfi9SUJ9UQIvg
0D+CKZR7P9p8bUepI7KomRNy1X2cFIWsVSAjSRBrGj5pyAyICjBgEfkZP4I/wp6b
QRnW+3z/ZFvGAfe44KvM+fbfcFbkUbKxUUZHUNGeIopQEtrUuWfN2Up2T9ChUnic
TjJgaFqP+d0D5ciRVAE5/1Jz1au7dDDQsBZ6LCl+7808OKBIn39VoX3+HvhqDXlG
oDPS61BJ4ieh
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:49:52 2026 by rpki-client