Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/vAMgDU8Z-8P8Io48tK6o-q3Vk4o.roa
File: vAMgDU8Z-8P8Io48tK6o-q3Vk4o.roa (raw, json)
Hash identifier: f141pk2OIfMxJ4u1uHkiXUoQZdQxb5T1k0IgEmaL5tU=
Subject key identifier: BC:03:20:0D:4F:19:FB:C3:FC:22:8E:3C:B4:AE:A8:FA:AD:D5:93:8A
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 019CE639BE15965A8FF4B87119EA28972188
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/vAMgDU8Z-8P8Io48tK6o-q3Vk4o.roa
Signing time: Fri 13 Mar 2026 08:04:29 +0000
ROA not before: Fri 13 Mar 2026 08:04:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56534
IP address blocks: 82.179.248.0/22 maxlen: 22
85.142.82.0/24 maxlen: 24
85.142.84.0/24 maxlen: 24
85.142.88.0/22 maxlen: 24
85.142.136.0/24 maxlen: 24
85.142.164.0/22 maxlen: 22
85.142.168.0/21 maxlen: 21
85.142.176.0/22 maxlen: 22
85.142.192.0/22 maxlen: 24
85.142.208.0/22 maxlen: 22
85.142.231.0/24 maxlen: 24
85.142.244.0/24 maxlen: 24
85.142.252.0/24 maxlen: 24
85.143.144.0/22 maxlen: 22
85.143.160.0/21 maxlen: 21
85.143.176.0/22 maxlen: 22
85.143.184.0/22 maxlen: 22
85.143.203.0/24 maxlen: 24
85.143.204.0/22 maxlen: 22
85.143.250.0/24 maxlen: 24
85.143.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.mft
rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e6:39:be:15:96:5a:8f:f4:b8:71:19:ea:28:97:21:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Mar 13 08:04:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bc03200d4f19fbc3fc228e3cb4aea8faadd5938a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c4:c7:2c:44:37:c0:80:ef:1c:46:31:ac:59:
38:27:96:e8:8c:9f:0f:c4:d4:00:63:44:5c:d9:6e:
81:57:3d:2f:f7:99:0a:a2:cf:3d:17:50:3b:ca:24:
c9:ad:21:a9:72:33:0f:53:36:a7:d6:15:b4:46:41:
2a:b4:ae:18:2d:76:aa:8e:f1:63:2b:40:88:de:ac:
c0:e6:58:94:41:77:7c:7e:0d:7b:00:56:ed:ac:68:
7d:b7:01:61:90:d7:3c:d2:07:5d:8d:fd:eb:00:eb:
3a:cd:ef:3d:c5:9a:82:c9:e0:1e:68:74:a2:e0:3d:
4f:36:78:47:1e:c1:bf:7a:f4:05:ca:33:51:d3:6f:
02:45:39:36:8c:95:e8:c1:4c:c3:38:59:9a:d1:65:
40:8c:05:fa:7e:7b:21:c8:e3:6c:f8:9f:59:f5:7a:
2c:ed:71:3a:a4:ee:d7:88:70:e8:f8:dc:f4:d3:d3:
3a:8f:c9:c9:1e:6b:ef:95:a0:0c:5f:d0:e0:1d:86:
3b:a9:f4:b2:59:fa:6d:f0:07:35:c4:7a:83:d6:1e:
5f:0f:cf:e4:eb:5c:8a:47:8a:ab:a9:1e:d8:86:90:
fc:81:29:c7:84:e9:80:65:87:e0:03:bd:5b:5b:52:
4c:b3:55:d1:da:e7:e9:88:d4:1a:5f:2d:f9:c7:00:
bc:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:03:20:0D:4F:19:FB:C3:FC:22:8E:3C:B4:AE:A8:FA:AD:D5:93:8A
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/vAMgDU8Z-8P8Io48tK6o-q3Vk4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.179.248.0/22
85.142.82.0/24
85.142.84.0/24
85.142.88.0/22
85.142.136.0/24
85.142.164.0-85.142.179.255
85.142.192.0/22
85.142.208.0/22
85.142.231.0/24
85.142.244.0/24
85.142.252.0/24
85.143.144.0/22
85.143.160.0/21
85.143.176.0/22
85.143.184.0/22
85.143.203.0-85.143.207.255
85.143.250.0/24
85.143.252.0/22
Signature Algorithm: sha256WithRSAEncryption
20:8e:04:7e:a2:d4:a1:cf:cb:32:d2:2b:b6:5e:0b:19:01:33:
c9:1f:66:ee:c7:6d:c8:b3:8e:b5:78:78:57:e5:24:76:8a:dc:
79:f0:8f:03:00:b3:52:d8:7c:5c:10:2f:f9:d3:39:94:61:c2:
00:56:c6:c9:ed:90:04:48:02:f0:06:33:05:e1:7d:6a:4d:05:
de:f1:29:cb:4b:45:c6:27:a8:1c:23:fd:f3:19:df:fd:a6:7b:
50:da:a9:75:8b:f3:d1:e0:91:5e:3f:79:d3:c3:c7:d0:0a:5a:
77:f5:56:27:b6:c8:f5:68:63:7a:1c:46:5e:54:3b:43:dc:f8:
3b:44:06:87:14:5d:aa:7f:e7:ba:74:0b:d6:a1:b4:76:eb:52:
29:f0:c6:7e:c7:cd:a1:70:a0:59:44:84:3b:2b:4b:6f:71:5c:
b1:41:cd:6d:90:69:de:7f:02:39:cc:23:f0:89:9d:d4:73:38:
f6:90:25:42:87:b6:88:20:4f:fe:72:39:46:47:0d:ba:be:a1:
6c:a3:f1:6d:7b:7e:11:fb:cd:00:62:39:ce:12:5a:c4:e7:81:
1c:4d:4b:16:82:bc:40:fa:88:e0:d3:07:ff:4b:40:49:83:89:
0f:87:97:2d:52:c3:58:cc:79:8f:11:b4:bf:52:db:d4:a5:d5:
f6:aa:36:76
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZzmOb4VllqP9LhxGeoolyGIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjYwMzEzMDgwNDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzAzMjAwZDRmMTlmYmMzZmMyMjhlM2NiNGFlYThmYWFkZDU5MzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8THLEQ3wIDvHEYxrFk4J5bojJ8P
xNQAY0Rc2W6BVz0v95kKos89F1A7yiTJrSGpcjMPUzan1hW0RkEqtK4YLXaqjvFj
K0CI3qzA5liUQXd8fg17AFbtrGh9twFhkNc80gddjf3rAOs6ze89xZqCyeAeaHSi
4D1PNnhHHsG/evQFyjNR028CRTk2jJXowUzDOFma0WVAjAX6fnshyONs+J9Z9Xos
7XE6pO7XiHDo+Nz009M6j8nJHmvvlaAMX9DgHYY7qfSyWfpt8Ac1xHqD1h5fD8/k
61yKR4qrqR7YhpD8gSnHhOmAZYfgA71bW1JMs1XR2ufpiNQaXy35xwC8qQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFLwDIA1PGfvD/CKOPLSuqPqt1ZOKMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvdkFNZ0RVOFotOFA4SW80OHRLNm8tcTNWazRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAlKz
+AMEAFWOUgMEAFWOVAMEAlWOWAMEAFWOiDAMAwQCVY6kAwQCVY6wAwQCVY7AAwQC
VY7QAwQAVY7nAwQAVY70AwQAVY78AwQCVY+QAwQDVY+gAwQCVY+wAwQCVY+4MAwD
BABVj8sDBARVj8ADBABVj/oDBAJVj/wwDQYJKoZIhvcNAQELBQADggEBACCOBH6i
1KHPyzLSK7ZeCxkBM8kfZu7HbcizjrV4eFflJHaK3HnwjwMAs1LYfFwQL/nTOZRh
wgBWxsntkARIAvAGMwXhfWpNBd7xKctLRcYnqBwj/fMZ3/2me1DaqXWL89HgkV4/
edPDx9AKWnf1Vie2yPVoY3ocRl5UO0Pc+DtEBocUXap/57p0C9ahtHbrUinwxn7H
zaFwoFlEhDsrS29xXLFBzW2Qad5/AjnMI/CJndRzOPaQJUKHtoggT/5yOUZHDbq+
oWyj8W17fhH7zQBiOc4SWsTngRxNSxaCvED6iODTB/9LQEmDiQ+Hly1Sw1jMeY8R
tL9S29Sl1faqNnY=
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:42:58 2026 by rpki-client