Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/64dabb-7a01-40d5-a587-ee27cbca747e/1/8ndDa5rRng5A6n53ieZF5n0zI7s.roa
File: 8ndDa5rRng5A6n53ieZF5n0zI7s.roa (raw, json)
Hash identifier: KtGt0NdlDvyNnvEnoJfeg2xWBfVSAuPvOu/PVmj7YGM=
Subject key identifier: F2:77:43:6B:9A:D1:9E:0E:40:EA:7E:77:89:E6:45:E6:7D:33:23:BB
Certificate issuer: /CN=66306e3acf3eb903cc73973fb62860b663516c93
Certificate serial: 019CDC00E124E1C49E14DF48BA765218620B
Authority key identifier: 66:30:6E:3A:CF:3E:B9:03:CC:73:97:3F:B6:28:60:B6:63:51:6C:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZjBuOs8-uQPMc5c_tihgtmNRbJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/64dabb-7a01-40d5-a587-ee27cbca747e/1/8ndDa5rRng5A6n53ieZF5n0zI7s.roa
Signing time: Wed 11 Mar 2026 08:26:10 +0000
ROA not before: Wed 11 Mar 2026 08:26:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48779
IP address blocks: 80.173.205.0/24 maxlen: 24
80.173.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/64dabb-7a01-40d5-a587-ee27cbca747e/1/ZjBuOs8-uQPMc5c_tihgtmNRbJM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/64dabb-7a01-40d5-a587-ee27cbca747e/1/ZjBuOs8-uQPMc5c_tihgtmNRbJM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZjBuOs8-uQPMc5c_tihgtmNRbJM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:dc:00:e1:24:e1:c4:9e:14:df:48:ba:76:52:18:62:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66306e3acf3eb903cc73973fb62860b663516c93
Validity
Not Before: Mar 11 08:26:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f277436b9ad19e0e40ea7e7789e645e67d3323bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:40:b7:c2:81:ff:02:df:65:d2:37:83:51:ea:
0c:a0:b4:f5:7a:2a:74:96:25:11:3a:a0:5a:1b:da:
40:18:26:8d:66:c1:05:9c:ff:71:cb:af:d5:da:10:
73:1c:8d:5b:24:6d:98:04:9e:c1:5d:a1:d7:a9:37:
a7:ad:2b:19:a6:01:a2:60:bf:30:1b:a3:00:94:2e:
c4:c1:c4:c3:ec:91:77:a2:7d:9e:4b:62:89:de:44:
52:62:97:c7:95:09:bb:6c:68:18:84:18:45:33:fe:
1a:d7:ce:d7:98:a6:2d:81:af:66:f5:41:00:e0:df:
6c:3a:ef:60:56:25:e1:7d:94:98:99:3a:63:0e:41:
ba:c3:1e:c4:5c:01:a2:8e:34:2a:2d:55:4d:e1:9b:
6e:92:dc:5c:b8:4a:bb:43:4c:ff:eb:58:b9:c4:74:
6c:b2:d9:ad:06:62:e8:13:da:2b:95:6f:69:e7:a8:
7e:80:ee:3b:6f:64:35:0c:d2:a6:12:d6:00:ff:38:
1d:10:27:68:bb:d5:e9:71:8d:2f:09:75:24:21:0b:
6b:1f:a8:23:30:4b:37:e0:6c:bd:09:fc:ff:13:2f:
d9:dc:ff:07:a9:44:70:b4:3e:db:75:2f:8f:55:81:
f3:2a:10:fd:23:b6:49:b8:5d:0f:4a:a1:a4:8a:61:
35:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:77:43:6B:9A:D1:9E:0E:40:EA:7E:77:89:E6:45:E6:7D:33:23:BB
X509v3 Authority Key Identifier:
keyid:66:30:6E:3A:CF:3E:B9:03:CC:73:97:3F:B6:28:60:B6:63:51:6C:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZjBuOs8-uQPMc5c_tihgtmNRbJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/64dabb-7a01-40d5-a587-ee27cbca747e/1/8ndDa5rRng5A6n53ieZF5n0zI7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/64dabb-7a01-40d5-a587-ee27cbca747e/1/ZjBuOs8-uQPMc5c_tihgtmNRbJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.173.205.0/24
80.173.207.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:ca:04:e7:e8:68:21:71:f9:a0:4f:32:e6:4e:23:85:66:b8:
64:fb:64:34:98:a5:e4:29:9d:0a:24:de:5b:f3:b0:85:1c:cf:
ac:42:d9:73:d3:4c:3e:38:fd:07:3a:d8:8d:90:a1:70:3a:b7:
58:4f:29:63:9b:8e:8e:34:52:0a:39:6b:67:bf:2a:59:9a:31:
9e:e6:2e:a1:74:af:d0:6b:61:94:37:7c:8a:8a:da:9c:ac:96:
3d:7a:44:98:7a:52:0b:f9:e4:89:63:f2:18:cc:9f:09:98:a8:
3d:22:91:0e:28:c9:60:74:a2:ec:71:96:93:42:59:5c:05:aa:
31:1c:5e:23:d6:c8:22:bd:d2:24:55:22:9f:a4:1d:99:d8:01:
5d:f9:27:49:2f:7a:bb:be:f2:78:10:8a:6c:1e:1d:2a:41:0b:
71:b4:03:67:c7:c5:b1:98:b1:66:31:aa:8a:34:c4:90:06:1c:
14:41:9d:78:e3:13:b9:ea:0e:0a:63:29:1f:a1:74:a3:87:43:
92:16:e7:dc:b4:68:54:ae:22:0f:d6:ed:4d:62:74:ff:8f:b7:
bb:19:6f:ac:32:a8:23:11:84:36:8c:61:76:66:65:8d:a6:e2:
68:0d:b9:49:ff:10:eb:2e:4d:1b:f7:d1:ba:c8:e9:78:11:52:
7d:1e:60:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZzcAOEk4cSeFN9IunZSGGILMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MzA2ZTNhY2YzZWI5MDNjYzczOTczZmI2Mjg2MGI2NjM1
MTZjOTMwHhcNMjYwMzExMDgyNjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjc3NDM2YjlhZDE5ZTBlNDBlYTdlNzc4OWU2NDVlNjdkMzMyM2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0C3woH/At9l0jeDUeoMoLT1eip0
liUROqBaG9pAGCaNZsEFnP9xy6/V2hBzHI1bJG2YBJ7BXaHXqTenrSsZpgGiYL8w
G6MAlC7EwcTD7JF3on2eS2KJ3kRSYpfHlQm7bGgYhBhFM/4a187XmKYtga9m9UEA
4N9sOu9gViXhfZSYmTpjDkG6wx7EXAGijjQqLVVN4ZtuktxcuEq7Q0z/61i5xHRs
stmtBmLoE9orlW9p56h+gO47b2Q1DNKmEtYA/zgdECdou9XpcY0vCXUkIQtrH6gj
MEs34Gy9Cfz/Ey/Z3P8HqURwtD7bdS+PVYHzKhD9I7ZJuF0PSqGkimE18QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPJ3Q2ua0Z4OQOp+d4nmReZ9MyO7MB8GA1UdIwQY
MBaAFGYwbjrPPrkDzHOXP7YoYLZjUWyTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmpCdU9zOC11UVBNYzVjX3RpaGd0bU5SYkpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82NGRhYmItN2EwMS00MGQ1LWE1ODct
ZWUyN2NiY2E3NDdlLzEvOG5kRGE1clJuZzVBNm41M2llWkY1bjB6STdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82NGRhYmItN2EwMS00MGQ1LWE1ODctZWUyN2NiY2E3NDdl
LzEvWmpCdU9zOC11UVBNYzVjX3RpaGd0bU5SYkpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUK3NAwQA
UK3PMA0GCSqGSIb3DQEBCwUAA4IBAQANygTn6GghcfmgTzLmTiOFZrhk+2Q0mKXk
KZ0KJN5b87CFHM+sQtlz00w+OP0HOtiNkKFwOrdYTyljm46ONFIKOWtnvypZmjGe
5i6hdK/Qa2GUN3yKitqcrJY9ekSYelIL+eSJY/IYzJ8JmKg9IpEOKMlgdKLscZaT
QllcBaoxHF4j1sgivdIkVSKfpB2Z2AFd+SdJL3q7vvJ4EIpsHh0qQQtxtANnx8Wx
mLFmMaqKNMSQBhwUQZ144xO56g4KYykfoXSjh0OSFufctGhUriIP1u1NYnT/j7e7
GW+sMqgjEYQ2jGF2ZmWNpuJoDblJ/xDrLk0b99G6yOl4EVJ9HmDX
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:36:31 2026 by rpki-client