Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/gY8IXT2n4uioWRJzVBRE6jesY-E.roa
File: gY8IXT2n4uioWRJzVBRE6jesY-E.roa (raw, json)
Hash identifier: hw6V+cL/0CR0Fzf7quaTkcWJL0b9bHJqG6GBOEnnZgQ=
Subject key identifier: 81:8F:08:5D:3D:A7:E2:E8:A8:59:12:73:54:14:44:EA:37:AC:63:E1
Certificate issuer: /CN=ab9aab13427ad8c0072ae08d9bb80abc19d3f984
Certificate serial: 019E02401DD35EE9A146741422A5AE4A970C
Authority key identifier: AB:9A:AB:13:42:7A:D8:C0:07:2A:E0:8D:9B:B8:0A:BC:19:D3:F9:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q5qrE0J62MAHKuCNm7gKvBnT-YQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/gY8IXT2n4uioWRJzVBRE6jesY-E.roa
Signing time: Thu 07 May 2026 11:43:36 +0000
ROA not before: Thu 07 May 2026 11:43:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215783
IP address blocks: 185.141.152.0/22 maxlen: 22
2a07:2440::/34 maxlen: 34
2a07:2440:1000::/36 maxlen: 36
2a07:2446:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/q5qrE0J62MAHKuCNm7gKvBnT-YQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/q5qrE0J62MAHKuCNm7gKvBnT-YQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/q5qrE0J62MAHKuCNm7gKvBnT-YQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:02:40:1d:d3:5e:e9:a1:46:74:14:22:a5:ae:4a:97:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab9aab13427ad8c0072ae08d9bb80abc19d3f984
Validity
Not Before: May 7 11:43:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=818f085d3da7e2e8a8591273541444ea37ac63e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f0:0e:3a:73:1d:20:4f:ca:af:1f:a6:98:b9:
03:a7:17:1d:87:f7:21:cc:69:a8:e3:61:bc:d6:97:
3d:ba:24:e9:26:aa:22:20:65:20:04:d5:2f:fc:f1:
70:49:44:b0:64:d6:14:fb:79:d7:54:85:27:24:19:
68:af:81:93:69:ce:6e:46:54:1a:35:37:3b:d7:09:
72:89:8a:8c:45:71:27:b2:79:e8:41:21:87:ed:a7:
06:3d:f7:b7:2c:e5:c3:e9:81:16:13:75:25:e4:b1:
a7:d1:bd:12:53:a6:c8:92:5a:37:80:2d:05:91:ee:
a4:0e:f8:9c:41:71:9e:12:98:3f:6e:3a:35:9c:2c:
fb:6c:86:09:55:02:71:18:5e:2e:5e:98:73:82:74:
0e:5f:5d:f7:68:fa:bd:8f:a0:07:20:be:86:50:59:
db:84:4b:3a:c0:b1:93:79:9f:5e:2f:03:21:47:28:
da:15:58:35:e7:5c:50:54:8c:be:4a:7f:fc:b3:50:
74:17:a3:48:1d:01:aa:f3:42:11:77:47:72:8d:60:
5f:44:f2:05:bb:62:4c:cd:5a:56:be:1b:f8:38:18:
3e:a7:de:e4:cd:68:6d:55:58:ca:5b:fc:dc:ae:9a:
da:01:5e:fb:8f:4c:e2:67:b5:53:6c:ce:80:78:fa:
32:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:8F:08:5D:3D:A7:E2:E8:A8:59:12:73:54:14:44:EA:37:AC:63:E1
X509v3 Authority Key Identifier:
keyid:AB:9A:AB:13:42:7A:D8:C0:07:2A:E0:8D:9B:B8:0A:BC:19:D3:F9:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q5qrE0J62MAHKuCNm7gKvBnT-YQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/gY8IXT2n4uioWRJzVBRE6jesY-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/q5qrE0J62MAHKuCNm7gKvBnT-YQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.152.0/22
IPv6:
2a07:2440::/34
2a07:2446:1000::/36
Signature Algorithm: sha256WithRSAEncryption
2e:c2:84:f6:78:fd:e2:96:f5:11:97:74:1f:60:97:2a:86:fe:
8d:89:ef:e8:3b:83:e8:ff:c6:19:0d:9e:78:33:6e:d4:77:05:
50:7c:26:eb:89:d9:da:65:80:fa:b9:fd:51:06:fa:79:19:b0:
ba:08:24:af:1a:9b:c5:4b:4b:c6:e3:42:dd:18:a1:09:52:ed:
32:95:61:f4:7f:06:54:7e:4a:d2:0d:d7:6c:55:9b:13:f6:34:
ef:56:ad:d0:4d:45:d9:46:4c:09:a1:5b:19:52:00:f0:da:10:
e4:80:e2:5a:71:52:08:c4:b9:13:c3:02:6c:bc:4e:07:c4:bb:
6a:b4:f7:b0:ae:02:64:f3:6a:6d:c2:75:88:71:1a:f0:22:ac:
f7:44:e8:81:2a:f6:ce:bb:a3:5c:cb:57:ba:24:d3:a6:db:96:
88:e6:45:33:fa:cf:45:94:ee:69:33:de:85:25:81:55:b7:34:
37:b3:86:39:6e:9b:1e:8f:6e:d2:35:b4:cc:d0:b2:08:4e:19:
48:89:68:4d:0c:ed:b3:ae:96:d2:a5:65:52:c1:ec:31:79:4a:
70:75:43:df:ab:2c:7c:51:55:12:86:ee:f3:ce:45:1f:6d:1a:
3d:26:42:dc:3c:b7:67:b9:57:28:f3:19:b6:07:bf:f8:ea:44:
34:a3:da:9e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ4CQB3TXumhRnQUIqWuSpcMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOWFhYjEzNDI3YWQ4YzAwNzJhZTA4ZDliYjgwYWJjMTlk
M2Y5ODQwHhcNMjYwNTA3MTE0MzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MThmMDg1ZDNkYTdlMmU4YTg1OTEyNzM1NDE0NDRlYTM3YWM2M2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfAOOnMdIE/Krx+mmLkDpxcdh/ch
zGmo42G81pc9uiTpJqoiIGUgBNUv/PFwSUSwZNYU+3nXVIUnJBlor4GTac5uRlQa
NTc71wlyiYqMRXEnsnnoQSGH7acGPfe3LOXD6YEWE3Ul5LGn0b0SU6bIklo3gC0F
ke6kDvicQXGeEpg/bjo1nCz7bIYJVQJxGF4uXphzgnQOX133aPq9j6AHIL6GUFnb
hEs6wLGTeZ9eLwMhRyjaFVg151xQVIy+Sn/8s1B0F6NIHQGq80IRd0dyjWBfRPIF
u2JMzVpWvhv4OBg+p97kzWhtVVjKW/zcrpraAV77j0ziZ7VTbM6AePoytQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIGPCF09p+LoqFkSc1QUROo3rGPhMB8GA1UdIwQY
MBaAFKuaqxNCetjAByrgjZu4CrwZ0/mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTVxckUwSjYyTUFIS3VDTm03Z0t2Qm5ULVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lYjk1ODItZDI3NS00OTdhLWI2MmIt
MzkyNjAzMTljN2JkLzEvZ1k4SVhUMm40dWlvV1JKelZCUkU2amVzWS1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lYjk1ODItZDI3NS00OTdhLWI2MmItMzkyNjAzMTljN2Jk
LzEvcTVxckUwSjYyTUFIS3VDTm03Z0t2Qm5ULVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCuY2YMBYE
AgACMBADBgYqByRAAAMGBCoHJEYQMA0GCSqGSIb3DQEBCwUAA4IBAQAuwoT2eP3i
lvURl3QfYJcqhv6Nie/oO4Po/8YZDZ54M27UdwVQfCbridnaZYD6uf1RBvp5GbC6
CCSvGpvFS0vG40LdGKEJUu0ylWH0fwZUfkrSDddsVZsT9jTvVq3QTUXZRkwJoVsZ
UgDw2hDkgOJacVIIxLkTwwJsvE4HxLtqtPewrgJk82ptwnWIcRrwIqz3ROiBKvbO
u6Ncy1e6JNOm25aI5kUz+s9FlO5pM96FJYFVtzQ3s4Y5bpsej27SNbTM0LIIThlI
iWhNDO2zrpbSpWVSwewxeUpwdUPfqyx8UVUShu7zzkUfbRo9JkLcPLdnuVco8xm2
B7/46kQ0o9qe
-----END CERTIFICATE-----
Generated at Wed May 13 05:50:17 2026 by rpki-client