Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/8_MkA_mT9KIdkBcNq59qKHbc9ho.roa
File: 8_MkA_mT9KIdkBcNq59qKHbc9ho.roa (raw, json)
Hash identifier: E24Q5XRNZzYhaFekHtHmSqKUrlGX20Uvqt/+tLWhFo4=
Subject key identifier: F3:F3:24:03:F9:93:F4:A2:1D:90:17:0D:AB:9F:6A:28:76:DC:F6:1A
Certificate issuer: /CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Certificate serial: 019C3024543B09BD6F0182E39437E1E50F12
Authority key identifier: 89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/8_MkA_mT9KIdkBcNq59qKHbc9ho.roa
Signing time: Thu 05 Feb 2026 23:30:13 +0000
ROA not before: Thu 05 Feb 2026 23:30:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 47645
IP address blocks: 94.137.64.0/21 maxlen: 21
94.137.80.0/22 maxlen: 22
94.137.84.0/22 maxlen: 22
94.137.88.0/24 maxlen: 24
2a05:c440::/48 maxlen: 48
2a05:c441::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.mft
rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 08:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:30:24:54:3b:09:bd:6f:01:82:e3:94:37:e1:e5:0f:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Validity
Not Before: Feb 5 23:30:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f3f32403f993f4a21d90170dab9f6a2876dcf61a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:de:eb:1e:85:22:ae:46:b0:3c:4f:8a:15:f5:
6e:f5:16:e2:03:d8:b6:d1:ad:58:f2:d6:d4:27:35:
91:26:44:aa:01:6b:17:c3:b9:dd:9a:c8:0c:24:ae:
19:64:49:7d:7b:bd:2c:c8:58:8d:22:84:bd:31:29:
7d:14:2f:d6:0d:99:0d:f3:fc:1c:69:d4:29:eb:40:
7b:8c:fc:53:d9:bc:91:e2:df:fd:c8:dd:03:9b:a9:
2f:28:4c:a3:cf:9d:f7:16:cd:a6:60:1a:9c:35:84:
8a:b8:ec:99:c1:16:bf:9b:9e:ba:9a:ab:75:c5:07:
1e:bb:81:d6:28:94:7e:3e:ad:b5:44:a3:03:39:71:
82:a9:9a:ba:d1:93:a9:f2:7a:33:56:64:66:dd:b0:
b9:de:52:b3:9b:9c:54:8b:ee:95:0d:48:7f:18:93:
5d:b6:48:10:3d:e1:4c:68:92:ec:90:09:15:30:2c:
28:09:85:7f:79:60:ca:ec:39:3d:bc:f0:ee:cd:98:
f7:75:ed:84:72:35:b1:c1:18:6e:e8:29:f6:0a:fd:
ea:89:70:e8:47:d3:51:e8:77:a8:e3:ac:15:6b:f3:
44:fe:a1:81:02:a7:0e:0a:34:19:21:5a:53:83:6b:
b2:78:25:4a:01:83:ca:2f:c6:be:dc:ac:b6:70:95:
d3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:F3:24:03:F9:93:F4:A2:1D:90:17:0D:AB:9F:6A:28:76:DC:F6:1A
X509v3 Authority Key Identifier:
keyid:89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/8_MkA_mT9KIdkBcNq59qKHbc9ho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.137.64.0/21
94.137.80.0-94.137.88.255
IPv6:
2a05:c440::/48
2a05:c441::/32
Signature Algorithm: sha256WithRSAEncryption
82:46:85:1c:72:4f:63:ee:cd:58:d5:9c:0d:94:e1:12:91:89:
c5:9a:10:b8:6c:34:be:e5:4e:5c:38:54:15:34:55:c0:bf:3d:
9f:9c:f6:b7:2b:44:00:78:50:37:05:0f:0c:ed:67:bf:d5:96:
a8:a0:30:36:95:3c:f4:8b:88:3d:4e:7a:cb:5a:21:4d:65:47:
15:94:31:17:40:6e:22:e0:86:4f:07:ef:fd:c1:8c:30:b4:19:
97:be:16:52:93:42:f4:52:7b:af:13:22:10:f9:30:b1:00:38:
b6:fb:60:40:fb:23:b8:20:c3:f3:62:c0:da:cd:ff:30:81:10:
50:3e:5b:ea:ca:5c:14:2c:b1:b1:57:92:41:96:c5:a1:81:dd:
94:df:c0:85:5b:4f:94:40:fa:50:1a:ba:bf:ec:a9:97:6e:a5:
7e:16:96:00:a5:2d:54:c1:8a:95:2b:83:00:71:22:be:9e:49:
32:29:9f:16:52:17:61:bf:ed:1e:a0:23:c5:63:24:40:6c:7a:
cf:0f:2a:c7:5f:ee:b5:48:ce:78:df:bf:c3:52:80:4d:88:44:
42:52:f0:a0:d8:78:61:e6:69:80:c4:a8:01:2f:4b:d2:2f:c1:
68:15:41:61:e0:96:9b:f4:94:09:76:0c:d4:b8:eb:a0:2f:53:
42:2a:41:6b
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZwwJFQ7Cb1vAYLjlDfh5Q8SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWMwYWNiZmRiN2EyNzRlZjM2YzE2ZjU4NjBhZGEyYTI0
NzA2OTcwHhcNMjYwMjA1MjMzMDEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2YzMjQwM2Y5OTNmNGEyMWQ5MDE3MGRhYjlmNmEyODc2ZGNmNjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkN7rHoUirkawPE+KFfVu9RbiA9i2
0a1Y8tbUJzWRJkSqAWsXw7ndmsgMJK4ZZEl9e70syFiNIoS9MSl9FC/WDZkN8/wc
adQp60B7jPxT2byR4t/9yN0Dm6kvKEyjz533Fs2mYBqcNYSKuOyZwRa/m566mqt1
xQceu4HWKJR+Pq21RKMDOXGCqZq60ZOp8nozVmRm3bC53lKzm5xUi+6VDUh/GJNd
tkgQPeFMaJLskAkVMCwoCYV/eWDK7Dk9vPDuzZj3de2EcjWxwRhu6Cn2Cv3qiXDo
R9NR6Heo46wVa/NE/qGBAqcOCjQZIVpTg2uyeCVKAYPKL8a+3Ky2cJXTuwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFPPzJAP5k/SiHZAXDaufaih23PYaMB8GA1UdIwQY
MBaAFImsCsv9t6J07zbBb1hgraKiRwaXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMt
ZDRkYmY3MDY2ZmQzLzEvOF9Na0FfbVQ5S0lka0JjTnE1OXFLSGJjOWhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMtZDRkYmY3MDY2ZmQz
LzEvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAaBAIAATAUAwQDXolAMAwD
BAReiVADBABeiVgwFgQCAAIwEAMHACoFxEAAAAMFACoFxEEwDQYJKoZIhvcNAQEL
BQADggEBAIJGhRxyT2PuzVjVnA2U4RKRicWaELhsNL7lTlw4VBU0VcC/PZ+c9rcr
RAB4UDcFDwztZ7/VlqigMDaVPPSLiD1OestaIU1lRxWUMRdAbiLghk8H7/3BjDC0
GZe+FlKTQvRSe68TIhD5MLEAOLb7YED7I7ggw/NiwNrN/zCBEFA+W+rKXBQssbFX
kkGWxaGB3ZTfwIVbT5RA+lAaur/sqZdupX4WlgClLVTBipUrgwBxIr6eSTIpnxZS
F2G/7R6gI8VjJEBses8PKsdf7rVIznjfv8NSgE2IREJS8KDYeGHmaYDEqAEvS9Iv
wWgVQWHglpv0lAl2DNS466AvU0IqQWs=
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:21:15 2026 by rpki-client