Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/8KT6v4LVA-vQeV-Gp5UEk8gGLd4.roa
File: 8KT6v4LVA-vQeV-Gp5UEk8gGLd4.roa (raw, json)
Hash identifier: HDCqeA5UYA+s3eOLu1EG9gk71L2zB4pr/4jjPJR+5As=
Subject key identifier: F0:A4:FA:BF:82:D5:03:EB:D0:79:5F:86:A7:95:04:93:C8:06:2D:DE
Certificate issuer: /CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
Certificate serial: 019C98D86F6EAC3470481A6ADD0264D3E10C
Authority key identifier: 34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/8KT6v4LVA-vQeV-Gp5UEk8gGLd4.roa
Signing time: Thu 26 Feb 2026 07:27:26 +0000
ROA not before: Thu 26 Feb 2026 07:27:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16125
IP address blocks: 5.199.160.0/20 maxlen: 32
5.199.165.0/24 maxlen: 32
46.166.160.0/20 maxlen: 32
87.232.136.0/21 maxlen: 21
93.115.24.0/21 maxlen: 32
185.8.104.0/22 maxlen: 32
185.150.116.0/22 maxlen: 32
188.214.128.0/21 maxlen: 32
2a02:ae00::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/NDOuHGBnLHWRqPl9aPefsqXujac.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/NDOuHGBnLHWRqPl9aPefsqXujac.mft
rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:98:d8:6f:6e:ac:34:70:48:1a:6a:dd:02:64:d3:e1:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
Validity
Not Before: Feb 26 07:27:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f0a4fabf82d503ebd0795f86a7950493c8062dde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:6c:40:f1:09:65:3e:64:c7:10:cd:fa:17:a5:
04:13:2f:cb:4c:7e:fb:8b:67:be:9b:8c:a6:cb:ca:
f6:b1:ba:af:c2:68:fa:2f:eb:97:df:4a:1d:32:9a:
39:07:6b:06:01:4d:26:f6:63:98:6d:61:6b:31:99:
ac:69:6e:54:db:e2:60:59:15:1d:d8:58:4f:04:09:
b8:3b:b1:8a:bf:4b:6a:74:b6:c6:c6:44:3f:5c:85:
3d:32:b5:d6:92:70:0a:81:64:97:c2:f5:71:0c:1d:
c5:0d:35:de:ec:cc:7b:a9:c6:05:17:85:73:bb:9e:
52:48:5f:41:62:22:1f:31:58:f2:b3:6e:ff:20:d7:
c9:b5:f4:11:79:83:40:05:87:72:59:fc:20:4e:3f:
14:fe:f8:a6:9e:f4:c6:72:c5:94:75:54:bc:5a:1d:
46:76:3e:8c:85:55:56:23:74:63:fd:ea:37:cd:b9:
14:74:0c:85:f0:16:2d:f6:ab:a7:48:3b:4a:fd:bc:
e7:73:94:0f:bc:70:42:f9:d4:fe:6d:11:54:f4:62:
58:81:b9:a9:57:ac:9f:2f:2a:92:6c:1b:fb:f3:83:
b7:d6:78:c8:22:15:00:cb:fc:9b:a7:12:19:ac:2e:
63:7c:a0:5e:ea:69:3b:31:83:7f:94:81:8c:8a:04:
88:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:A4:FA:BF:82:D5:03:EB:D0:79:5F:86:A7:95:04:93:C8:06:2D:DE
X509v3 Authority Key Identifier:
keyid:34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/8KT6v4LVA-vQeV-Gp5UEk8gGLd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/NDOuHGBnLHWRqPl9aPefsqXujac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.160.0/20
46.166.160.0/20
87.232.136.0/21
93.115.24.0/21
185.8.104.0/22
185.150.116.0/22
188.214.128.0/21
IPv6:
2a02:ae00::/36
Signature Algorithm: sha256WithRSAEncryption
3c:29:5e:1e:c2:07:bc:96:56:69:76:26:c7:1f:49:02:db:bb:
08:28:7b:0a:b4:6e:42:f7:d3:26:d9:ef:b8:f7:9a:df:66:06:
4c:d1:b9:e0:56:a9:46:f6:2e:92:30:c8:cb:80:d0:00:8e:a7:
72:d1:50:01:69:39:72:15:97:65:50:03:3b:bd:79:c8:5b:c0:
5f:32:8d:d6:24:9c:06:94:ff:2e:b9:ed:fc:0f:c5:df:97:07:
6a:ac:24:93:4c:b5:72:86:34:96:ae:2a:7f:90:a4:d9:24:83:
1c:9a:f6:d8:45:41:0a:45:0c:de:49:05:f4:5f:1c:e9:0e:21:
33:a3:a8:83:bb:be:30:74:d7:c8:09:26:c1:87:e5:4a:89:cf:
e0:49:9f:20:f4:8b:c5:d2:37:d4:2f:19:f7:fe:fb:b0:30:77:
90:96:ed:93:6e:30:22:64:1e:4d:38:1d:9a:2c:a8:d7:30:81:
c8:d0:93:d6:20:c7:2d:cc:11:de:e9:61:d0:84:00:e2:79:43:
36:86:2e:16:a2:ba:89:10:05:f2:59:b9:5b:74:fa:79:ed:61:
c9:f8:5c:32:1b:1b:34:c1:28:e2:e7:4f:3a:5e:35:55:02:b8:
82:14:41:a1:b7:8f:d6:42:61:3b:7c:f3:88:0e:a0:95:a2:99:
98:c8:2a:3e
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZyY2G9urDRwSBpq3QJk0+EMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MzNhZTFjNjA2NzJjNzU5MWE4Zjk3ZDY4Zjc5ZmIyYTVl
ZThkYTcwHhcNMjYwMjI2MDcyNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGE0ZmFiZjgyZDUwM2ViZDA3OTVmODZhNzk1MDQ5M2M4MDYyZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmxA8QllPmTHEM36F6UEEy/LTH77
i2e+m4ymy8r2sbqvwmj6L+uX30odMpo5B2sGAU0m9mOYbWFrMZmsaW5U2+JgWRUd
2FhPBAm4O7GKv0tqdLbGxkQ/XIU9MrXWknAKgWSXwvVxDB3FDTXe7Mx7qcYFF4Vz
u55SSF9BYiIfMVjys27/INfJtfQReYNABYdyWfwgTj8U/vimnvTGcsWUdVS8Wh1G
dj6MhVVWI3Rj/eo3zbkUdAyF8BYt9qunSDtK/bznc5QPvHBC+dT+bRFU9GJYgbmp
V6yfLyqSbBv784O31njIIhUAy/ybpxIZrC5jfKBe6mk7MYN/lIGMigSIKQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFPCk+r+C1QPr0HlfhqeVBJPIBi3eMB8GA1UdIwQY
MBaAFDQzrhxgZyx1kaj5fWj3n7Kl7o2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYt
MzBjZTgzNzAxYjM5LzEvOEtUNnY0TFZBLXZRZVYtR3A1VUVrOGdHTGQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYtMzBjZTgzNzAxYjM5
LzEvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAwBAIAATAqAwQEBcegAwQE
LqagAwQDV+iIAwQDXXMYAwQCuQhoAwQCuZZ0AwQDvNaAMA4EAgACMAgDBgQqAq4A
ADANBgkqhkiG9w0BAQsFAAOCAQEAPCleHsIHvJZWaXYmxx9JAtu7CCh7CrRuQvfT
JtnvuPea32YGTNG54FapRvYukjDIy4DQAI6nctFQAWk5chWXZVADO715yFvAXzKN
1iScBpT/Lrnt/A/F35cHaqwkk0y1coY0lq4qf5Ck2SSDHJr22EVBCkUM3kkF9F8c
6Q4hM6Oog7u+MHTXyAkmwYflSonP4EmfIPSLxdI31C8Z9/77sDB3kJbtk24wImQe
TTgdmiyo1zCByNCT1iDHLcwR3ulh0IQA4nlDNoYuFqK6iRAF8lm5W3T6ee1hyfhc
MhsbNMEo4udPOl41VQK4ghRBobeP1kJhO3zziA6glaKZmMgqPg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:42:40 2026 by rpki-client