Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/vIsauWOsfxqTTbQ06TOLbsur63E.roa
File: vIsauWOsfxqTTbQ06TOLbsur63E.roa (raw, json)
Hash identifier: OiR+HaZWXpIGvMqEiFN+EUESjaaNO6/EERQ/VaI82QY=
Subject key identifier: BC:8B:1A:B9:63:AC:7F:1A:93:4D:B4:34:E9:33:8B:6E:CB:AB:EB:71
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019CEC6F391BFE472CEDCA2368FF6393716A
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/vIsauWOsfxqTTbQ06TOLbsur63E.roa
Signing time: Sat 14 Mar 2026 13:00:37 +0000
ROA not before: Sat 14 Mar 2026 13:00:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 398465
IP address blocks: 89.46.2.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
93.114.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ec:6f:39:1b:fe:47:2c:ed:ca:23:68:ff:63:93:71:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Mar 14 13:00:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bc8b1ab963ac7f1a934db434e9338b6ecbabeb71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:43:ec:3f:60:da:44:40:cf:bb:76:80:d2:46:
2a:7a:01:b4:19:35:5f:a3:4f:3e:8d:74:21:f3:07:
e2:5c:26:12:c4:1f:cf:ed:f2:04:4a:64:f5:20:fe:
c9:66:e7:3c:1e:b6:1c:c9:9d:d5:90:e8:64:2a:b2:
db:9c:cd:6b:77:97:56:c3:6b:bc:9e:c7:12:fc:e6:
bc:fd:87:96:21:4f:33:74:3b:d3:55:05:70:e7:e6:
a0:d1:1d:5f:d1:fa:5b:32:55:57:f5:4b:02:c3:4b:
c1:02:99:59:9c:c3:c4:7c:7e:43:27:71:40:d3:88:
92:ad:60:1b:f9:1b:60:61:5b:21:a7:44:f3:fb:ec:
c7:b9:c8:62:92:5f:88:98:c4:0e:cc:27:20:de:d3:
07:4c:9f:34:86:f5:5e:ea:0b:0b:de:b3:6b:36:64:
8f:71:40:8c:39:e2:a5:5e:e6:80:27:fe:9d:27:db:
a1:b3:b4:da:b8:43:7c:7a:23:f7:0a:40:0b:2d:f3:
57:49:a4:0d:9a:ef:79:3b:d8:3e:05:5d:53:59:1f:
f2:ab:73:c1:9b:31:c9:41:d1:83:46:1f:66:60:e0:
79:e4:40:d8:58:d4:86:c1:fd:a1:c2:5f:74:86:25:
fa:95:69:2b:09:b5:1f:56:07:5a:67:9d:4e:31:06:
a4:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:8B:1A:B9:63:AC:7F:1A:93:4D:B4:34:E9:33:8B:6E:CB:AB:EB:71
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/vIsauWOsfxqTTbQ06TOLbsur63E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.2.0/24
89.47.100.0/24
89.47.114.0/24
93.114.73.0/24
Signature Algorithm: sha256WithRSAEncryption
87:89:18:78:5e:06:3d:a6:1f:88:6c:27:22:3e:b1:41:d5:6d:
7e:7e:1e:46:1b:77:9d:07:77:51:a5:b2:4c:c8:46:23:a5:71:
68:52:7d:ce:95:ed:43:d1:4f:98:b4:52:4a:21:98:81:c5:86:
c1:b2:af:c3:b1:d4:18:96:6e:fb:c7:13:58:eb:0a:8b:8d:6c:
fd:54:02:8f:46:38:be:1a:45:33:0a:58:22:e9:f7:b1:91:cd:
27:e3:72:58:86:cd:78:3c:d5:2f:be:f7:f6:b5:e9:76:1f:d7:
b3:4e:95:97:64:86:cf:07:76:d6:e2:d3:c2:19:f4:ac:66:a4:
5c:8c:c0:8e:18:3a:4c:e2:03:b9:c2:16:d2:27:9d:e9:3e:f5:
97:b6:5d:cf:62:71:9e:fe:c0:d4:56:9f:59:60:3d:72:cf:22:
5a:c6:25:b8:b5:36:a3:3c:68:79:33:b9:1d:9b:21:26:33:0f:
63:56:2e:10:29:4c:a4:75:e4:69:09:f0:2d:92:6e:70:8d:6d:
93:ea:a4:be:27:8c:55:5d:2c:32:7c:14:d5:c5:a9:4f:e4:86:
91:14:15:05:64:ba:66:f8:1a:c9:76:60:61:56:ca:bd:37:5f:
25:c6:74:3b:ca:84:93:aa:3a:ae:63:b0:15:2f:77:13:a6:3f:
39:e7:5b:ad
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZzsbzkb/kcs7cojaP9jk3FqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjYwMzE0MTMwMDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzhiMWFiOTYzYWM3ZjFhOTM0ZGI0MzRlOTMzOGI2ZWNiYWJlYjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkPsP2DaREDPu3aA0kYqegG0GTVf
o08+jXQh8wfiXCYSxB/P7fIESmT1IP7JZuc8HrYcyZ3VkOhkKrLbnM1rd5dWw2u8
nscS/Oa8/YeWIU8zdDvTVQVw5+ag0R1f0fpbMlVX9UsCw0vBAplZnMPEfH5DJ3FA
04iSrWAb+RtgYVshp0Tz++zHuchikl+ImMQOzCcg3tMHTJ80hvVe6gsL3rNrNmSP
cUCMOeKlXuaAJ/6dJ9uhs7TauEN8eiP3CkALLfNXSaQNmu95O9g+BV1TWR/yq3PB
mzHJQdGDRh9mYOB55EDYWNSGwf2hwl90hiX6lWkrCbUfVgdaZ51OMQakRQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLyLGrljrH8ak020NOkzi27Lq+txMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvdklzYXVXT3NmeHFUVGJRMDZUT0xic3VyNjNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWS4CAwQA
WS9kAwQAWS9yAwQAXXJJMA0GCSqGSIb3DQEBCwUAA4IBAQCHiRh4XgY9ph+IbCci
PrFB1W1+fh5GG3edB3dRpbJMyEYjpXFoUn3Ole1D0U+YtFJKIZiBxYbBsq/DsdQY
lm77xxNY6wqLjWz9VAKPRji+GkUzClgi6fexkc0n43JYhs14PNUvvvf2tel2H9ez
TpWXZIbPB3bW4tPCGfSsZqRcjMCOGDpM4gO5whbSJ53pPvWXtl3PYnGe/sDUVp9Z
YD1yzyJaxiW4tTajPGh5M7kdmyEmMw9jVi4QKUykdeRpCfAtkm5wjW2T6qS+J4xV
XSwyfBTVxalP5IaRFBUFZLpm+BrJdmBhVsq9N18lxnQ7yoSTqjquY7AVL3cTpj85
51ut
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:36:30 2026 by rpki-client