Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/2IRQ2tg7AckZC-qaAHhGpj_YvX0.roa
File: 2IRQ2tg7AckZC-qaAHhGpj_YvX0.roa (raw, json)
Hash identifier: E5vcK/Kzq3X0ZU3ua0SSHujRQ2xDF2dauEaV4Vglvqc=
Subject key identifier: D8:84:50:DA:D8:3B:01:C9:19:0B:EA:9A:00:78:46:A6:3F:D8:BD:7D
Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial: 019DD4A7558246B21144B4FE8337DCFBAE79
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/2IRQ2tg7AckZC-qaAHhGpj_YvX0.roa
Signing time: Tue 28 Apr 2026 15:13:49 +0000
ROA not before: Tue 28 Apr 2026 15:13:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210546
IP address blocks: 89.107.10.0/24 maxlen: 24
146.19.207.0/24 maxlen: 24
176.126.103.0/24 maxlen: 24
178.250.186.0/24 maxlen: 24
178.250.191.0/24 maxlen: 24
217.114.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.mft
rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d4:a7:55:82:46:b2:11:44:b4:fe:83:37:dc:fb:ae:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Validity
Not Before: Apr 28 15:13:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d88450dad83b01c9190bea9a007846a63fd8bd7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:1a:0a:ec:0a:26:7e:52:d5:3d:ae:9b:94:66:
c3:a5:ac:4d:1e:a4:94:e5:34:be:75:9e:92:d7:51:
6f:39:64:77:4a:3e:53:98:9b:8b:dd:1e:eb:59:9d:
e0:46:49:32:ef:d5:22:24:12:4d:1a:5e:2e:fb:28:
7d:d5:12:26:63:23:7d:b9:e1:59:f3:b8:1a:9f:61:
8a:1a:34:77:95:cd:cd:ec:bf:13:43:03:0a:2f:3e:
a2:c1:1d:76:bf:5f:47:b0:3d:f9:71:3c:c4:b5:a1:
bd:dc:1a:8a:27:d8:0a:0f:56:e9:41:aa:4c:06:62:
2d:88:3a:1e:ed:47:53:97:ca:8f:89:25:ef:29:70:
51:0b:51:b8:ee:84:1f:d0:fe:4d:6e:bd:3c:07:e9:
5b:61:93:94:3e:7c:6f:25:b9:99:4e:e4:99:e2:8d:
5c:66:77:f2:c2:75:b1:af:c8:a2:d5:0f:9b:92:1e:
17:ff:20:ea:ed:98:ee:0c:8a:e9:c2:a7:c5:58:94:
1a:c0:31:86:b6:fb:ed:65:e6:fe:06:c9:df:0d:3f:
f3:75:f2:a6:ca:80:a4:7d:8e:f2:7e:32:25:a9:72:
70:0d:ec:98:ec:5b:1a:58:0b:5f:1e:4e:80:fb:a2:
fa:8f:d7:18:59:53:fc:49:87:fe:ed:69:1e:81:21:
77:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:84:50:DA:D8:3B:01:C9:19:0B:EA:9A:00:78:46:A6:3F:D8:BD:7D
X509v3 Authority Key Identifier:
keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/2IRQ2tg7AckZC-qaAHhGpj_YvX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.10.0/24
146.19.207.0/24
176.126.103.0/24
178.250.186.0/24
178.250.191.0/24
217.114.43.0/24
Signature Algorithm: sha256WithRSAEncryption
05:d6:fd:fa:aa:ad:bf:09:56:79:de:14:6d:6f:73:fc:99:db:
9e:48:bd:1e:3a:e0:57:9f:65:db:3b:0f:c4:58:80:a1:ad:31:
cc:13:46:06:1b:e5:01:08:e4:5d:6f:18:73:25:c9:91:60:6f:
b2:75:21:47:99:c2:2b:34:3f:44:90:c9:24:93:33:a5:b2:71:
6b:d0:0a:f4:74:98:7f:d1:cd:a8:18:4e:77:a3:f9:74:0c:ae:
ee:ae:33:3c:e8:50:81:0a:f7:fc:b8:be:63:0e:41:20:63:44:
ef:ac:fc:e6:ba:d0:62:fd:55:94:06:7b:d8:ac:a9:58:a2:18:
98:a2:4c:3b:1f:3e:0a:08:67:b9:eb:16:10:a2:fe:ca:44:50:
2c:f4:bb:c0:d9:19:a3:ac:40:b3:62:af:fe:a4:0a:1e:bd:08:
57:a8:e8:5d:8f:0e:bb:54:31:58:a9:49:0d:27:87:e6:7e:b7:
70:11:73:5f:e4:cb:77:91:c7:15:45:d0:ab:e8:2e:cb:50:90:
01:e5:f8:38:32:af:c0:11:3e:b0:be:2b:4b:91:7c:0f:95:9a:
5a:33:ed:7c:cc:90:60:d4:c5:66:4b:e7:66:34:03:f2:21:f9:
86:d4:f3:73:7b:a1:3f:74:47:17:55:41:55:7c:5e:e6:1f:70:
a9:6d:30:0f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ3Up1WCRrIRRLT+gzfc+655MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi
ZjA2OTIwHhcNMjYwNDI4MTUxMzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODg0NTBkYWQ4M2IwMWM5MTkwYmVhOWEwMDc4NDZhNjNmZDhiZDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxoK7AomflLVPa6blGbDpaxNHqSU
5TS+dZ6S11FvOWR3Sj5TmJuL3R7rWZ3gRkky79UiJBJNGl4u+yh91RImYyN9ueFZ
87gan2GKGjR3lc3N7L8TQwMKLz6iwR12v19HsD35cTzEtaG93BqKJ9gKD1bpQapM
BmItiDoe7UdTl8qPiSXvKXBRC1G47oQf0P5Nbr08B+lbYZOUPnxvJbmZTuSZ4o1c
ZnfywnWxr8ii1Q+bkh4X/yDq7ZjuDIrpwqfFWJQawDGGtvvtZeb+BsnfDT/zdfKm
yoCkfY7yfjIlqXJwDeyY7FsaWAtfHk6A+6L6j9cYWVP8SYf+7WkegSF3RwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNiEUNrYOwHJGQvqmgB4RqY/2L19MB8GA1UdIwQY
MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt
YWE5ZDY5MTgxMWU3LzEvMklSUTJ0ZzdBY2taQy1xYUFIaEdwal9ZdlgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3
LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAWWsKAwQA
khPPAwQAsH5nAwQAsvq6AwQAsvq/AwQA2XIrMA0GCSqGSIb3DQEBCwUAA4IBAQAF
1v36qq2/CVZ53hRtb3P8mdueSL0eOuBXn2XbOw/EWIChrTHME0YGG+UBCORdbxhz
JcmRYG+ydSFHmcIrND9EkMkkkzOlsnFr0Ar0dJh/0c2oGE53o/l0DK7urjM86FCB
Cvf8uL5jDkEgY0TvrPzmutBi/VWUBnvYrKlYohiYokw7Hz4KCGe56xYQov7KRFAs
9LvA2RmjrECzYq/+pAoevQhXqOhdjw67VDFYqUkNJ4fmfrdwEXNf5Mt3kccVRdCr
6C7LUJAB5fg4Mq/AET6wvitLkXwPlZpaM+18zJBg1MVmS+dmNAPyIfmG1PNze6E/
dEcXVUFVfF7mH3CpbTAP
-----END CERTIFICATE-----
Generated at Wed May 13 02:26:47 2026 by rpki-client