Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/T8RpbOMhHEQDHfF2dUfVcXdvxvY.roa
File: T8RpbOMhHEQDHfF2dUfVcXdvxvY.roa (raw, json)
Hash identifier: TQSYcZIIck4VBZbQSRsD/cgVUwlLdvF+hNZjGbNMAH0=
Subject key identifier: 4F:C4:69:6C:E3:21:1C:44:03:1D:F1:76:75:47:D5:71:77:6F:C6:F6
Certificate issuer: /CN=1027a8a61299b80a3e71d1a981427ec00b849d17
Certificate serial: 019D763CF7235C4F475C95AEFF6FCB0264D3
Authority key identifier: 10:27:A8:A6:12:99:B8:0A:3E:71:D1:A9:81:42:7E:C0:0B:84:9D:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/T8RpbOMhHEQDHfF2dUfVcXdvxvY.roa
Signing time: Fri 10 Apr 2026 07:13:20 +0000
ROA not before: Fri 10 Apr 2026 07:13:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8455
IP address blocks: 31.22.80.0/21 maxlen: 21
31.22.84.0/24 maxlen: 24
45.148.184.0/22 maxlen: 22
45.148.187.0/24 maxlen: 24
95.142.96.0/20 maxlen: 20
130.193.4.0/24 maxlen: 24
178.237.32.0/20 maxlen: 20
178.237.34.0/24 maxlen: 24
178.237.42.0/24 maxlen: 24
178.237.43.0/24 maxlen: 24
185.27.16.0/22 maxlen: 22
193.22.161.0/24 maxlen: 24
2a00:1188::/29 maxlen: 29
2a00:1188:8::/48 maxlen: 48
2a00:1188:9::/48 maxlen: 48
2a00:1188:a::/48 maxlen: 48
2a00:1188:b::/48 maxlen: 48
2a00:1188:c::/48 maxlen: 48
2a00:1188:d::/48 maxlen: 48
2a00:1188:e::/48 maxlen: 48
2a00:1188:13::/48 maxlen: 48
2a00:1188:19::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:76:3c:f7:23:5c:4f:47:5c:95:ae:ff:6f:cb:02:64:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1027a8a61299b80a3e71d1a981427ec00b849d17
Validity
Not Before: Apr 10 07:13:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4fc4696ce3211c44031df1767547d571776fc6f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6c:42:c4:ea:c1:52:ca:80:25:17:81:10:0f:
07:39:ce:f6:30:fa:bb:c1:a5:77:fb:40:22:4e:29:
90:11:7c:76:cf:ee:da:30:80:16:d8:53:b0:89:cd:
00:53:75:d5:0c:87:48:20:32:7e:a6:c4:c2:8d:79:
da:9a:dd:d1:22:9d:6e:71:f5:94:27:91:43:d6:a9:
3a:69:f5:83:6c:eb:cf:4e:63:32:76:55:c2:89:d8:
39:80:62:e9:a9:69:5d:05:d2:ca:61:a4:42:5b:6d:
b4:d2:ec:cd:e3:cd:d3:0c:3e:d5:d7:14:f0:81:60:
72:b7:3c:0d:d6:4c:85:70:03:32:85:35:a7:bb:c7:
ae:2c:99:1f:ad:d4:79:44:bc:53:09:51:19:aa:69:
9a:9c:33:d9:78:1d:6a:05:01:b1:f9:58:a7:1b:dd:
e3:9a:22:fb:16:41:e3:5d:e1:0c:83:a2:74:f1:23:
82:65:8e:93:cc:52:c1:7c:c4:34:2f:a1:58:63:6e:
ff:30:6f:8d:35:1f:74:d9:48:c3:66:59:b6:ec:6d:
8d:40:de:cd:49:f4:fb:35:6a:24:4b:c4:c5:64:34:
82:5b:1f:b4:ec:56:b1:47:20:57:3b:3b:42:9a:5a:
92:4c:34:3b:64:9c:95:d2:e4:0d:8e:f8:6a:2e:0f:
42:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:C4:69:6C:E3:21:1C:44:03:1D:F1:76:75:47:D5:71:77:6F:C6:F6
X509v3 Authority Key Identifier:
keyid:10:27:A8:A6:12:99:B8:0A:3E:71:D1:A9:81:42:7E:C0:0B:84:9D:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/T8RpbOMhHEQDHfF2dUfVcXdvxvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.80.0/21
45.148.184.0/22
95.142.96.0/20
130.193.4.0/24
178.237.32.0/20
185.27.16.0/22
193.22.161.0/24
IPv6:
2a00:1188::/29
Signature Algorithm: sha256WithRSAEncryption
99:a9:eb:80:7e:2a:1a:b8:e9:9b:26:82:f9:35:89:8c:ca:bb:
32:5c:fb:90:44:4f:62:88:d9:cf:38:22:bb:05:4f:85:d0:3b:
b7:a0:d5:37:f5:79:f4:3e:92:de:e6:01:51:65:02:01:63:7e:
86:92:62:15:84:9d:a1:6b:9d:d8:9c:90:09:73:a6:b0:bd:f9:
8f:df:78:ff:da:4d:49:75:b9:e4:f5:8e:04:58:06:4f:27:86:
93:72:e2:d1:6a:08:63:33:22:47:dc:52:4d:74:0c:4d:21:93:
5e:ee:bc:87:2f:d6:2f:be:f8:20:e8:87:47:64:4e:95:d0:3a:
b3:d2:33:ca:77:42:77:fa:32:0f:f6:e6:0b:17:23:b6:d5:2d:
b1:80:00:4d:02:53:51:c1:e7:30:e2:14:9c:74:4b:eb:d9:d8:
f4:6e:a6:cf:3c:83:42:c2:84:47:e0:d0:86:68:bd:a6:38:db:
32:94:a6:a6:31:23:31:1e:3d:0c:09:e2:e4:f8:d3:03:11:98:
8c:27:35:9b:33:36:8a:a4:af:08:ce:c6:21:65:65:d6:3d:bf:
82:cb:c0:99:b9:50:4c:cf:43:e7:20:dd:1d:aa:48:f3:aa:57:
4f:4a:8e:5a:58:5d:57:97:6a:01:e8:13:bb:eb:fd:cd:8c:91:
86:3a:51:41
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZ12PPcjXE9HXJWu/2/LAmTTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMjdhOGE2MTI5OWI4MGEzZTcxZDFhOTgxNDI3ZWMwMGI4
NDlkMTcwHhcNMjYwNDEwMDcxMzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmM0Njk2Y2UzMjExYzQ0MDMxZGYxNzY3NTQ3ZDU3MTc3NmZjNmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmxCxOrBUsqAJReBEA8HOc72MPq7
waV3+0AiTimQEXx2z+7aMIAW2FOwic0AU3XVDIdIIDJ+psTCjXnamt3RIp1ucfWU
J5FD1qk6afWDbOvPTmMydlXCidg5gGLpqWldBdLKYaRCW2200uzN483TDD7V1xTw
gWBytzwN1kyFcAMyhTWnu8euLJkfrdR5RLxTCVEZqmmanDPZeB1qBQGx+VinG93j
miL7FkHjXeEMg6J08SOCZY6TzFLBfMQ0L6FYY27/MG+NNR902UjDZlm27G2NQN7N
SfT7NWokS8TFZDSCWx+07FaxRyBXOztCmlqSTDQ7ZJyV0uQNjvhqLg9C+QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFE/EaWzjIRxEAx3xdnVH1XF3b8b2MB8GA1UdIwQY
MBaAFBAnqKYSmbgKPnHRqYFCfsALhJ0XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUNlb3BoS1p1QW8tY2RHcGdVSi13QXVFblJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYTlkMTMtOGNhNi00NTc3LWE1OWMt
OWRkOTk3ZWVmNGVmLzEvVDhScGJPTWhIRVFESGZGMmRVZlZjWGR2eHZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYTlkMTMtOGNhNi00NTc3LWE1OWMtOWRkOTk3ZWVmNGVm
LzEvRUNlb3BoS1p1QW8tY2RHcGdVSi13QXVFblJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDHxZQAwQC
LZS4AwQEX45gAwQAgsEEAwQEsu0gAwQCuRsQAwQAwRahMA0EAgACMAcDBQMqABGI
MA0GCSqGSIb3DQEBCwUAA4IBAQCZqeuAfioauOmbJoL5NYmMyrsyXPuQRE9iiNnP
OCK7BU+F0Du3oNU39Xn0PpLe5gFRZQIBY36GkmIVhJ2ha53YnJAJc6awvfmP33j/
2k1Jdbnk9Y4EWAZPJ4aTcuLRaghjMyJH3FJNdAxNIZNe7ryHL9Yvvvgg6IdHZE6V
0Dqz0jPKd0J3+jIP9uYLFyO21S2xgABNAlNRwecw4hScdEvr2dj0bqbPPINCwoRH
4NCGaL2mONsylKamMSMxHj0MCeLk+NMDEZiMJzWbMzaKpK8IzsYhZWXWPb+Cy8CZ
uVBMz0PnIN0dqkjzqldPSo5aWF1Xl2oB6BO76/3NjJGGOlFB
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:02:20 2026 by rpki-client