Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/uE3jWQT9dlORtjjx1JqO_WClYos.roa
File: uE3jWQT9dlORtjjx1JqO_WClYos.roa (raw, json)
Hash identifier: Fp6pBJJ018Micr6aR/61N3wnoz42uq0yLZwcSuXVO+E=
Subject key identifier: B8:4D:E3:59:04:FD:76:53:91:B6:38:F1:D4:9A:8E:FD:60:A5:62:8B
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019D24388CCACA6DEBCB4C6D1CFE4BC1C1BD
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/uE3jWQT9dlORtjjx1JqO_WClYos.roa
Signing time: Wed 25 Mar 2026 08:59:38 +0000
ROA not before: Wed 25 Mar 2026 08:59:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 89.33.12.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
93.114.72.0/24 maxlen: 24
93.119.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 17:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:24:38:8c:ca:ca:6d:eb:cb:4c:6d:1c:fe:4b:c1:c1:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Mar 25 08:59:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b84de35904fd765391b638f1d49a8efd60a5628b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a3:ab:bf:c6:73:50:be:4f:b3:fa:d0:df:34:
c7:3f:ad:5c:f9:cc:7c:3c:95:27:a8:5e:e9:43:2f:
5b:c2:1c:77:a6:c2:d4:57:0b:d4:8b:4c:f3:e9:85:
fa:d3:a9:c2:75:08:7d:b6:de:a9:b7:6a:26:a6:5c:
2c:44:ba:8b:78:2b:86:30:e6:81:d2:bf:fc:60:a7:
c2:35:a4:0d:2e:49:c3:0a:a7:88:0a:11:36:18:7d:
94:d4:dd:73:0d:10:a9:98:7b:cb:90:18:40:47:f5:
ff:55:26:3b:a6:b0:76:bc:fe:7b:e0:cf:56:ef:70:
ba:26:db:61:bf:76:5a:ba:5f:68:b1:fb:04:5a:bb:
4e:91:6e:8e:29:0d:81:a1:6a:63:7b:e7:1b:b4:3b:
0d:51:84:64:21:6e:3f:02:6a:8f:b7:40:67:7d:12:
50:96:0a:90:5b:d6:21:f0:0c:d3:96:dd:ca:5f:41:
90:44:9a:c0:16:84:17:97:44:12:16:e9:21:87:69:
95:d8:24:70:a0:fe:f0:af:7a:11:e1:00:23:72:c6:
39:ea:8b:5a:7f:db:61:6e:dc:9a:6c:7c:a2:82:ac:
38:81:22:55:1b:ab:f8:5e:ab:38:d9:2c:df:22:f8:
de:92:7b:6d:c9:00:3e:6d:f6:eb:f0:e7:a5:22:71:
d9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:4D:E3:59:04:FD:76:53:91:B6:38:F1:D4:9A:8E:FD:60:A5:62:8B
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/uE3jWQT9dlORtjjx1JqO_WClYos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.12.0/24
89.42.82.0/23
93.114.72.0/24
93.119.107.0/24
Signature Algorithm: sha256WithRSAEncryption
43:a0:15:75:b6:c4:c9:4b:bb:ab:01:f6:5c:62:6e:9e:95:0e:
87:59:0d:05:35:da:f3:ec:5a:17:e9:1e:f1:f2:c2:9e:d9:dd:
0a:95:94:72:cc:3f:75:be:8b:ed:64:f7:c7:1e:3e:ee:5c:2e:
b8:fc:c4:05:2a:7a:04:ea:3f:95:73:b1:dc:61:47:de:77:1a:
d6:d8:2c:35:01:6f:8f:c7:6b:cd:85:42:19:0d:c6:c7:78:9f:
11:71:c4:c3:87:95:6a:91:b0:70:3f:e8:5e:86:19:72:e4:1b:
16:63:c8:6d:7e:50:b2:58:4f:46:d1:0b:a2:9f:9a:1a:28:26:
b7:85:4f:5b:e0:5e:09:69:3f:31:2c:91:b5:8d:48:54:bd:36:
fb:91:5f:4c:92:b0:01:3a:c4:08:19:2f:77:b9:5d:10:97:6c:
80:05:cb:87:e2:99:06:cf:80:f0:39:dd:4d:aa:bd:6d:33:a4:
90:51:f8:d9:a9:b2:e5:78:8c:e6:03:f8:66:fc:c2:a1:ba:28:
58:5a:71:30:14:0b:45:29:7a:82:c9:59:0a:db:94:1f:f5:97:
bf:12:64:62:ba:26:78:1e:a2:af:31:e5:6e:c8:36:26:9d:95:
12:a6:9d:a7:46:89:74:ba:0a:16:b1:39:9b:76:c7:df:6e:aa:
91:e3:92:48
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ0kOIzKym3ry0xtHP5LwcG9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjYwMzI1MDg1OTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODRkZTM1OTA0ZmQ3NjUzOTFiNjM4ZjFkNDlhOGVmZDYwYTU2MjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqOrv8ZzUL5Ps/rQ3zTHP61c+cx8
PJUnqF7pQy9bwhx3psLUVwvUi0zz6YX606nCdQh9tt6pt2omplwsRLqLeCuGMOaB
0r/8YKfCNaQNLknDCqeIChE2GH2U1N1zDRCpmHvLkBhAR/X/VSY7prB2vP574M9W
73C6Jtthv3Zaul9osfsEWrtOkW6OKQ2BoWpje+cbtDsNUYRkIW4/AmqPt0BnfRJQ
lgqQW9Yh8AzTlt3KX0GQRJrAFoQXl0QSFukhh2mV2CRwoP7wr3oR4QAjcsY56ota
f9thbtyabHyigqw4gSJVG6v4Xqs42SzfIvjeknttyQA+bfbr8OelInHZSQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLhN41kE/XZTkbY48dSajv1gpWKLMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvdUUzaldRVDlkbE9SdGpqeDFKcU9fV0NsWW9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSEMAwQB
WSpSAwQAXXJIAwQAXXdrMA0GCSqGSIb3DQEBCwUAA4IBAQBDoBV1tsTJS7urAfZc
Ym6elQ6HWQ0FNdrz7FoX6R7x8sKe2d0KlZRyzD91vovtZPfHHj7uXC64/MQFKnoE
6j+Vc7HcYUfedxrW2Cw1AW+Px2vNhUIZDcbHeJ8RccTDh5VqkbBwP+hehhly5BsW
Y8htflCyWE9G0Quin5oaKCa3hU9b4F4JaT8xLJG1jUhUvTb7kV9MkrABOsQIGS93
uV0Ql2yABcuH4pkGz4DwOd1Nqr1tM6SQUfjZqbLleIzmA/hm/MKhuihYWnEwFAtF
KXqCyVkK25Qf9Ze/EmRiuiZ4HqKvMeVuyDYmnZUSpp2nRol0ugoWsTmbdsffbqqR
45JI
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:51:40 2026 by rpki-client