Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/IIKBJ5F-ZYfDiLk7t6WJRQ2nV4E.roa
File: IIKBJ5F-ZYfDiLk7t6WJRQ2nV4E.roa (raw, json)
Hash identifier: S9KRzMh8QRY1YXASzZ2F1vNcK2llA+Uzs+Q5mhLfjRo=
Subject key identifier: 20:82:81:27:91:7E:65:87:C3:88:B9:3B:B7:A5:89:45:0D:A7:57:81
Certificate issuer: /CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Certificate serial: 019E0670337770A5B7297ED8C15337C4787A
Authority key identifier: 09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/IIKBJ5F-ZYfDiLk7t6WJRQ2nV4E.roa
Signing time: Fri 08 May 2026 07:14:36 +0000
ROA not before: Fri 08 May 2026 07:14:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 80.93.194.0/24 maxlen: 24
80.93.195.0/24 maxlen: 24
80.93.196.0/24 maxlen: 24
80.93.198.0/24 maxlen: 24
80.93.199.0/24 maxlen: 24
80.93.204.0/24 maxlen: 24
80.93.205.0/24 maxlen: 24
80.93.206.0/24 maxlen: 24
80.93.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:06:70:33:77:70:a5:b7:29:7e:d8:c1:53:37:c4:78:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Validity
Not Before: May 8 07:14:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=20828127917e6587c388b93bb7a589450da75781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:5c:43:70:10:eb:3d:0a:97:f5:d3:d8:c5:31:
14:5a:23:aa:59:0e:0f:49:be:d6:11:da:61:cd:63:
6e:22:e9:24:bc:e3:69:a3:05:d2:05:54:70:dd:3d:
ad:6a:1b:9d:1c:13:f9:6d:c1:ab:87:1e:66:c1:a7:
5b:b3:5b:03:c8:02:5d:57:b8:00:eb:26:1d:fc:8a:
2c:48:56:9c:3f:dc:36:7a:48:f3:3d:f2:e5:20:02:
ca:dc:60:c8:9f:bb:10:f5:b1:80:88:ae:87:d5:a9:
85:c6:b4:dd:c6:2a:00:12:a7:a3:b4:9e:32:40:73:
40:0b:48:61:00:0a:8f:5f:17:dc:23:e6:69:e8:a0:
a6:4a:f1:69:7b:1e:fa:80:80:38:8b:25:46:9f:69:
f8:25:fa:fb:c3:d7:ac:5e:08:93:a4:7b:af:75:25:
b7:88:dd:da:14:5a:30:b1:24:55:5e:ac:09:b2:f9:
eb:4c:9f:24:89:5c:13:b0:18:35:e9:80:cb:eb:c9:
74:09:41:30:4b:c1:43:31:07:ee:5d:6b:e3:8e:5b:
13:ae:22:3b:b2:3d:13:28:30:e9:fc:62:a2:bc:ee:
52:3e:3e:32:98:86:41:65:f7:5c:ec:78:ce:7c:62:
db:a9:a7:68:97:3b:d3:1a:7c:bd:9a:5e:b2:fd:c5:
cd:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:82:81:27:91:7E:65:87:C3:88:B9:3B:B7:A5:89:45:0D:A7:57:81
X509v3 Authority Key Identifier:
keyid:09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/IIKBJ5F-ZYfDiLk7t6WJRQ2nV4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.93.194.0-80.93.196.255
80.93.198.0/23
80.93.204.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:c5:69:63:cb:8f:4c:f4:e5:cd:ed:05:96:48:7c:59:49:4d:
87:37:52:e0:3c:79:0c:d3:1b:a3:be:9f:b8:fb:64:95:20:9f:
af:b3:a8:46:ca:8a:b9:6e:91:c6:3c:1f:1a:b8:ef:af:0e:c5:
6c:24:65:18:87:32:f2:e8:cd:d7:10:47:82:bf:dc:a2:69:96:
34:4e:27:a1:47:86:a5:84:eb:30:ce:e6:f0:07:02:ce:75:bc:
e3:8e:3e:75:19:d0:ca:6e:bc:08:ae:7f:85:30:24:ed:35:c4:
43:55:b2:06:f8:11:83:e3:ca:42:00:6c:ce:8d:69:ae:6b:65:
9b:00:a4:93:78:ae:61:2b:22:62:6f:cc:92:fa:38:8d:43:66:
b8:0e:15:e9:69:59:11:f8:50:ec:1a:fa:2a:9a:76:10:7c:7f:
90:91:a7:1b:11:43:7c:6d:69:6a:9a:be:b0:0c:13:38:79:8f:
eb:4f:19:04:72:b4:08:36:e7:27:d1:93:9e:50:54:64:f4:d3:
7a:2c:6d:44:e6:30:af:bb:2e:43:57:15:98:62:42:20:10:95:
19:5e:0d:5f:b6:a7:4b:58:bc:73:92:9c:e4:b1:f5:67:fe:6a:
05:37:8b:57:cf:9d:13:da:88:d3:b0:d1:f8:f8:36:57:ff:a2:
32:af:9c:5d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ4GcDN3cKW3KX7YwVM3xHh6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGY3YmEzNGJjNjU2N2JkMzYxNmQ1NzRmNzI4NWRkNzU1
NmRiZmQwHhcNMjYwNTA4MDcxNDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDgyODEyNzkxN2U2NTg3YzM4OGI5M2JiN2E1ODk0NTBkYTc1NzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFxDcBDrPQqX9dPYxTEUWiOqWQ4P
Sb7WEdphzWNuIukkvONpowXSBVRw3T2tahudHBP5bcGrhx5mwadbs1sDyAJdV7gA
6yYd/IosSFacP9w2ekjzPfLlIALK3GDIn7sQ9bGAiK6H1amFxrTdxioAEqejtJ4y
QHNAC0hhAAqPXxfcI+Zp6KCmSvFpex76gIA4iyVGn2n4Jfr7w9esXgiTpHuvdSW3
iN3aFFowsSRVXqwJsvnrTJ8kiVwTsBg16YDL68l0CUEwS8FDMQfuXWvjjlsTriI7
sj0TKDDp/GKivO5SPj4ymIZBZfdc7HjOfGLbqadolzvTGny9ml6y/cXN/QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCCCgSeRfmWHw4i5O7eliUUNp1eBMB8GA1UdIwQY
MBaAFAmPe6NLxlZ702FtV09yhd11Vtv9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMt
ZTIxNjZhZDc0ZTNmLzEvSUlLQko1Ri1aWWZEaUxrN3Q2V0pSUTJuVjRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMtZTIxNjZhZDc0ZTNm
LzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAFQXcID
BABQXcQDBAFQXcYDBAJQXcwwDQYJKoZIhvcNAQELBQADggEBAFzFaWPLj0z05c3t
BZZIfFlJTYc3UuA8eQzTG6O+n7j7ZJUgn6+zqEbKirlukcY8Hxq4768OxWwkZRiH
MvLozdcQR4K/3KJpljROJ6FHhqWE6zDO5vAHAs51vOOOPnUZ0MpuvAiuf4UwJO01
xENVsgb4EYPjykIAbM6Naa5rZZsApJN4rmErImJvzJL6OI1DZrgOFelpWRH4UOwa
+iqadhB8f5CRpxsRQ3xtaWqavrAMEzh5j+tPGQRytAg25yfRk55QVGT003osbUTm
MK+7LkNXFZhiQiAQlRleDV+2p0tYvHOSnOSx9Wf+agU3i1fPnRPaiNOw0fj4Nlf/
ojKvnF0=
-----END CERTIFICATE-----
Generated at Tue May 12 22:05:53 2026 by rpki-client