Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/32024d-d3e7-4ad0-8a91-3318504c7750/1/10MlIdaB7FNbLaMDGR2pTyUhDNM.roa
File: 10MlIdaB7FNbLaMDGR2pTyUhDNM.roa (raw, json)
Hash identifier: uJVs0I5nGDm0fMwDeKlKvP2NDCYTHKgILZ0u68qw/qM=
Subject key identifier: D7:43:25:21:D6:81:EC:53:5B:2D:A3:03:19:1D:A9:4F:25:21:0C:D3
Certificate issuer: /CN=2c8ff3614fd0c8a8b7e963ccf20c3af085e2bace
Certificate serial: 019D967C1F9C826346E8E9F13B5FD671E2F3
Authority key identifier: 2C:8F:F3:61:4F:D0:C8:A8:B7:E9:63:CC:F2:0C:3A:F0:85:E2:BA:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LI_zYU_QyKi36WPM8gw68IXius4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/32024d-d3e7-4ad0-8a91-3318504c7750/1/10MlIdaB7FNbLaMDGR2pTyUhDNM.roa
Signing time: Thu 16 Apr 2026 13:30:10 +0000
ROA not before: Thu 16 Apr 2026 13:30:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198614
IP address blocks: 87.238.248.0/21 maxlen: 21
185.200.72.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/32024d-d3e7-4ad0-8a91-3318504c7750/1/LI_zYU_QyKi36WPM8gw68IXius4.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/32024d-d3e7-4ad0-8a91-3318504c7750/1/LI_zYU_QyKi36WPM8gw68IXius4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LI_zYU_QyKi36WPM8gw68IXius4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:96:7c:1f:9c:82:63:46:e8:e9:f1:3b:5f:d6:71:e2:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c8ff3614fd0c8a8b7e963ccf20c3af085e2bace
Validity
Not Before: Apr 16 13:30:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d7432521d681ec535b2da303191da94f25210cd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a9:03:8e:96:62:b7:0a:da:bb:08:6c:cf:0e:
b4:b8:07:a6:4f:e6:ca:66:38:7b:91:ed:fe:d1:13:
7f:3c:fb:5b:f3:f3:09:f8:a8:6c:fa:03:67:df:37:
d8:5c:cf:9c:9f:78:09:52:db:e0:8b:f8:1b:de:dd:
81:63:c0:5e:9d:3d:a6:e0:29:f9:fd:e5:f4:c5:71:
8c:d8:67:ba:34:2d:f6:2a:ac:2b:d2:70:8f:5e:86:
09:18:d2:d3:cb:12:bf:ae:c2:a2:15:15:bb:5d:fe:
fd:da:ea:59:53:d2:26:e0:44:f0:3f:96:86:30:c6:
43:7b:17:59:41:99:4f:2a:fb:5b:9b:05:c5:db:9b:
a2:8d:d8:e0:49:57:c6:c3:a1:02:92:3c:c4:f2:e2:
bd:16:21:5d:bd:23:a0:57:4e:42:4e:9f:7a:a2:4c:
50:bf:d0:b8:df:4a:cc:a4:0b:01:7b:5d:95:8b:98:
6c:cb:e3:be:07:68:0a:92:60:4a:af:3a:10:0d:dd:
32:0a:84:45:35:d5:89:c9:3c:96:cb:58:04:ea:37:
d7:d3:20:5a:c6:ce:98:b0:0b:da:57:47:30:c7:f1:
17:52:fc:97:4d:b0:f3:a4:d0:12:86:43:2f:5c:64:
f1:1d:12:7b:a5:12:bb:e9:86:cc:d4:86:02:03:4e:
37:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:43:25:21:D6:81:EC:53:5B:2D:A3:03:19:1D:A9:4F:25:21:0C:D3
X509v3 Authority Key Identifier:
keyid:2C:8F:F3:61:4F:D0:C8:A8:B7:E9:63:CC:F2:0C:3A:F0:85:E2:BA:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LI_zYU_QyKi36WPM8gw68IXius4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/32024d-d3e7-4ad0-8a91-3318504c7750/1/10MlIdaB7FNbLaMDGR2pTyUhDNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/32024d-d3e7-4ad0-8a91-3318504c7750/1/LI_zYU_QyKi36WPM8gw68IXius4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.248.0/21
185.200.72.0/22
Signature Algorithm: sha256WithRSAEncryption
00:46:97:a6:ec:13:92:37:63:5e:ff:07:8b:e4:45:44:64:12:
3c:a1:81:c6:a5:de:9f:ff:be:a5:73:d2:b7:6f:f8:a5:0b:1d:
81:8b:ee:4a:45:de:7c:f8:87:3f:8f:46:07:5e:5a:93:8a:d0:
5d:4d:2c:02:42:35:c4:82:0d:1e:e5:85:94:02:62:9f:1d:ee:
31:5b:ee:50:7e:fa:c9:03:73:f9:68:94:5f:ad:4d:70:70:e9:
ff:cb:f4:f2:65:81:c5:c6:e4:6c:83:73:0b:13:7e:36:99:3c:
51:40:b2:47:2e:d0:74:fc:a2:71:96:b7:1e:ef:54:3a:94:74:
0b:33:cf:2a:3c:0d:78:74:b6:0a:8b:a2:b2:ba:c5:e9:e1:b7:
9a:3c:b5:06:fd:4c:d7:d8:6f:64:4e:69:72:3a:42:e9:eb:34:
b2:80:4d:fa:5c:da:c3:19:8d:55:b4:04:12:e8:6d:db:ab:80:
bc:1e:70:e6:07:74:64:52:f6:21:fa:20:3e:9a:41:00:c2:14:
ff:70:ac:37:af:34:6d:de:3b:f0:f7:18:6c:fc:76:79:e0:3f:
38:b6:ba:f2:69:0c:c3:1b:45:35:0b:da:05:a8:05:82:9b:5e:
00:27:6d:cd:81:c7:1a:0a:c6:32:4a:65:c6:21:bc:4f:1e:b5:
c5:5d:53:c7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ2WfB+cgmNG6OnxO1/WceLzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOGZmMzYxNGZkMGM4YThiN2U5NjNjY2YyMGMzYWYwODVl
MmJhY2UwHhcNMjYwNDE2MTMzMDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzQzMjUyMWQ2ODFlYzUzNWIyZGEzMDMxOTFkYTk0ZjI1MjEwY2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqkDjpZitwrauwhszw60uAemT+bK
Zjh7ke3+0RN/PPtb8/MJ+Khs+gNn3zfYXM+cn3gJUtvgi/gb3t2BY8BenT2m4Cn5
/eX0xXGM2Ge6NC32Kqwr0nCPXoYJGNLTyxK/rsKiFRW7Xf792upZU9Im4ETwP5aG
MMZDexdZQZlPKvtbmwXF25uijdjgSVfGw6ECkjzE8uK9FiFdvSOgV05CTp96okxQ
v9C430rMpAsBe12Vi5hsy+O+B2gKkmBKrzoQDd0yCoRFNdWJyTyWy1gE6jfX0yBa
xs6YsAvaV0cwx/EXUvyXTbDzpNAShkMvXGTxHRJ7pRK76YbM1IYCA0431wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNdDJSHWgexTWy2jAxkdqU8lIQzTMB8GA1UdIwQY
MBaAFCyP82FP0Miot+ljzPIMOvCF4rrOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTElfellVX1F5S2kzNldQTThndzY4SVhpdXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8zMjAyNGQtZDNlNy00YWQwLThhOTEt
MzMxODUwNGM3NzUwLzEvMTBNbElkYUI3Rk5iTGFNREdSMnBUeVVoRE5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8zMjAyNGQtZDNlNy00YWQwLThhOTEtMzMxODUwNGM3NzUw
LzEvTElfellVX1F5S2kzNldQTThndzY4SVhpdXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDV+74AwQC
uchIMA0GCSqGSIb3DQEBCwUAA4IBAQAARpem7BOSN2Ne/weL5EVEZBI8oYHGpd6f
/76lc9K3b/ilCx2Bi+5KRd58+Ic/j0YHXlqTitBdTSwCQjXEgg0e5YWUAmKfHe4x
W+5QfvrJA3P5aJRfrU1wcOn/y/TyZYHFxuRsg3MLE342mTxRQLJHLtB0/KJxlrce
71Q6lHQLM88qPA14dLYKi6KyusXp4beaPLUG/UzX2G9kTmlyOkLp6zSygE36XNrD
GY1VtAQS6G3bq4C8HnDmB3RkUvYh+iA+mkEAwhT/cKw3rzRt3jvw9xhs/HZ54D84
trryaQzDG0U1C9oFqAWCm14AJ23NgccaCsYySmXGIbxPHrXFXVPH
-----END CERTIFICATE-----
Generated at Fri Apr 17 21:19:37 2026 by rpki-client