Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/85fd6c-d1ca-484a-82d9-ea62ce310e74/1/8jdCqTVjHLso8RGRhYig24As6Hw.roa
File: 8jdCqTVjHLso8RGRhYig24As6Hw.roa (raw, json)
Hash identifier: 3D37NyFExPQXRihgpk761P7gkxTDxts0n/acpzT0qdo=
Subject key identifier: F2:37:42:A9:35:63:1C:BB:28:F1:11:91:85:88:A0:DB:80:2C:E8:7C
Certificate issuer: /CN=0f4eaa7b157d4c2575101d2ae22eee85c22e5842
Certificate serial: 019DBA1CDCA17A71DD0E1CFFF61CF2A2A611
Authority key identifier: 0F:4E:AA:7B:15:7D:4C:25:75:10:1D:2A:E2:2E:EE:85:C2:2E:58:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D06qexV9TCV1EB0q4i7uhcIuWEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/85fd6c-d1ca-484a-82d9-ea62ce310e74/1/8jdCqTVjHLso8RGRhYig24As6Hw.roa
Signing time: Thu 23 Apr 2026 11:32:26 +0000
ROA not before: Thu 23 Apr 2026 11:32:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203479
IP address blocks: 185.88.88.0/24 maxlen: 24
185.88.88.0/25 maxlen: 25
185.88.88.128/25 maxlen: 25
185.88.89.0/24 maxlen: 24
185.88.90.0/24 maxlen: 24
185.88.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/85fd6c-d1ca-484a-82d9-ea62ce310e74/1/D06qexV9TCV1EB0q4i7uhcIuWEI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/85fd6c-d1ca-484a-82d9-ea62ce310e74/1/D06qexV9TCV1EB0q4i7uhcIuWEI.mft
rsync://rpki.ripe.net/repository/DEFAULT/D06qexV9TCV1EB0q4i7uhcIuWEI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ba:1c:dc:a1:7a:71:dd:0e:1c:ff:f6:1c:f2:a2:a6:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f4eaa7b157d4c2575101d2ae22eee85c22e5842
Validity
Not Before: Apr 23 11:32:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f23742a935631cbb28f111918588a0db802ce87c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:2f:e7:03:53:43:a7:6f:e6:fe:fc:19:15:9a:
61:4e:36:01:6c:b1:31:02:5a:5a:22:a8:05:5f:eb:
ac:6b:11:34:e4:6e:f6:23:1c:be:5d:49:51:8c:30:
7d:48:c0:a2:83:89:63:fb:08:1b:fa:43:ca:1f:34:
d1:12:93:1a:40:7d:fb:e4:48:15:0c:6f:1e:04:a9:
49:88:a5:4f:f2:ef:bc:36:eb:e2:13:ae:26:5c:78:
57:68:bb:70:39:98:95:a3:8b:8e:24:e1:65:51:7c:
df:c9:15:d5:77:4f:6a:22:b9:96:17:72:a5:a8:6c:
a7:75:20:6b:4e:5d:95:c6:60:81:a9:4a:b1:ee:ae:
fb:fc:c5:27:93:91:1d:11:bb:7c:13:13:59:c8:10:
d3:dd:e9:15:4f:34:6b:0e:bd:2e:9f:be:84:d0:fb:
31:d2:b2:87:d5:a4:58:de:06:48:9c:f2:d1:e1:4b:
90:53:3a:99:5e:e8:68:49:6e:6e:dd:27:1f:31:cd:
a3:28:6a:ea:68:8a:c2:44:69:2a:61:2a:eb:93:b1:
75:e0:af:e6:f8:0d:02:3d:a7:02:a3:a9:b1:1d:cd:
32:ca:39:d0:ab:21:b1:3e:87:1b:97:98:82:c0:1b:
78:0a:1b:5d:6e:bb:38:73:60:87:b3:7a:e7:08:98:
e3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:37:42:A9:35:63:1C:BB:28:F1:11:91:85:88:A0:DB:80:2C:E8:7C
X509v3 Authority Key Identifier:
keyid:0F:4E:AA:7B:15:7D:4C:25:75:10:1D:2A:E2:2E:EE:85:C2:2E:58:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D06qexV9TCV1EB0q4i7uhcIuWEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/85fd6c-d1ca-484a-82d9-ea62ce310e74/1/8jdCqTVjHLso8RGRhYig24As6Hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/85fd6c-d1ca-484a-82d9-ea62ce310e74/1/D06qexV9TCV1EB0q4i7uhcIuWEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.88.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:84:3b:29:3e:90:67:2b:1a:d8:ac:05:e5:07:22:79:cb:7c:
f7:54:32:fe:72:98:5d:00:2e:20:15:62:79:a0:50:25:79:d2:
54:f6:6b:98:62:d7:e4:9c:8e:36:5a:98:f2:cf:e1:d8:82:d5:
c2:78:aa:84:02:94:50:ee:3e:c1:2b:6f:c6:4c:b3:af:4b:9d:
53:57:3f:d9:1f:f6:49:58:56:18:7f:30:ab:8f:49:7c:96:0c:
8a:19:c1:0d:f1:8b:e6:3f:53:4a:86:cc:02:cf:25:c1:38:de:
0f:36:84:e8:a4:3d:79:2b:c9:db:43:5a:0a:7c:0b:c3:6e:59:
4b:74:d0:7f:7b:16:af:a0:c0:19:da:61:d5:4b:09:10:c9:aa:
73:ed:de:d3:98:41:42:d6:e4:c3:77:07:d2:8a:27:36:32:62:
1f:91:59:02:4c:66:71:69:99:38:52:9a:1d:e9:38:df:ec:36:
80:a1:27:d3:31:1b:b6:4f:10:f7:ae:06:84:4a:a5:0b:98:4b:
f8:dd:28:96:4a:29:c4:71:61:c1:1a:32:7c:ce:74:58:8d:fc:
55:4a:01:45:62:44:10:27:52:bd:a0:51:c9:a3:dc:87:10:3f:
14:3f:41:2f:34:d9:6d:49:a0:01:de:48:14:1a:5c:88:6a:b3:
da:c8:7c:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ26HNyhenHdDhz/9hzyoqYRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNGVhYTdiMTU3ZDRjMjU3NTEwMWQyYWUyMmVlZTg1YzIy
ZTU4NDIwHhcNMjYwNDIzMTEzMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjM3NDJhOTM1NjMxY2JiMjhmMTExOTE4NTg4YTBkYjgwMmNlODdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1i/nA1NDp2/m/vwZFZphTjYBbLEx
AlpaIqgFX+usaxE05G72Ixy+XUlRjDB9SMCig4lj+wgb+kPKHzTREpMaQH375EgV
DG8eBKlJiKVP8u+8NuviE64mXHhXaLtwOZiVo4uOJOFlUXzfyRXVd09qIrmWF3Kl
qGyndSBrTl2VxmCBqUqx7q77/MUnk5EdEbt8ExNZyBDT3ekVTzRrDr0un76E0Psx
0rKH1aRY3gZInPLR4UuQUzqZXuhoSW5u3ScfMc2jKGrqaIrCRGkqYSrrk7F14K/m
+A0CPacCo6mxHc0yyjnQqyGxPocbl5iCwBt4Chtdbrs4c2CHs3rnCJjjGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPI3Qqk1Yxy7KPERkYWIoNuALOh8MB8GA1UdIwQY
MBaAFA9OqnsVfUwldRAdKuIu7oXCLlhCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDA2cWV4VjlUQ1YxRUIwcTRpN3VoY0l1V0VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS84NWZkNmMtZDFjYS00ODRhLTgyZDkt
ZWE2MmNlMzEwZTc0LzEvOGpkQ3FUVmpITHNvOFJHUmhZaWcyNEFzNkh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS84NWZkNmMtZDFjYS00ODRhLTgyZDktZWE2MmNlMzEwZTc0
LzEvRDA2cWV4VjlUQ1YxRUIwcTRpN3VoY0l1V0VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVhYMA0G
CSqGSIb3DQEBCwUAA4IBAQB/hDspPpBnKxrYrAXlByJ5y3z3VDL+cphdAC4gFWJ5
oFAledJU9muYYtfknI42Wpjyz+HYgtXCeKqEApRQ7j7BK2/GTLOvS51TVz/ZH/ZJ
WFYYfzCrj0l8lgyKGcEN8YvmP1NKhswCzyXBON4PNoTopD15K8nbQ1oKfAvDbllL
dNB/exavoMAZ2mHVSwkQyapz7d7TmEFC1uTDdwfSiic2MmIfkVkCTGZxaZk4Upod
6Tjf7DaAoSfTMRu2TxD3rgaESqULmEv43SiWSinEcWHBGjJ8znRYjfxVSgFFYkQQ
J1K9oFHJo9yHED8UP0EvNNltSaAB3kgUGlyIarPayHwi
-----END CERTIFICATE-----
Generated at Tue May 12 21:32:56 2026 by rpki-client