Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/8wUaPB0WMMIH-HfrLZ9Xj7JHPSU.roa
File: 8wUaPB0WMMIH-HfrLZ9Xj7JHPSU.roa (raw, json)
Hash identifier: tbvw4SX+xk2sDQk81uJa12/9t00Q5IvpxQLluuXTLCc=
Subject key identifier: F3:05:1A:3C:1D:16:30:C2:07:F8:77:EB:2D:9F:57:8F:B2:47:3D:25
Certificate issuer: /CN=7229b039cf8aaf141d6e6d616e7c169089cbcb32
Certificate serial: 019B7C7F187A0A8DC251C089AD6B45D32DC2
Authority key identifier: 72:29:B0:39:CF:8A:AF:14:1D:6E:6D:61:6E:7C:16:90:89:CB:CB:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cimwOc-KrxQdbm1hbnwWkInLyzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/8wUaPB0WMMIH-HfrLZ9Xj7JHPSU.roa
Signing time: Fri 02 Jan 2026 02:17:42 +0000
ROA not before: Fri 02 Jan 2026 02:17:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60805
IP address blocks: 91.240.240.0/24 maxlen: 24
2001:67c:1734::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/cimwOc-KrxQdbm1hbnwWkInLyzI.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/cimwOc-KrxQdbm1hbnwWkInLyzI.mft
rsync://rpki.ripe.net/repository/DEFAULT/cimwOc-KrxQdbm1hbnwWkInLyzI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:7f:18:7a:0a:8d:c2:51:c0:89:ad:6b:45:d3:2d:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7229b039cf8aaf141d6e6d616e7c169089cbcb32
Validity
Not Before: Jan 2 02:17:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f3051a3c1d1630c207f877eb2d9f578fb2473d25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:15:a1:69:dc:f0:e3:5a:e6:15:3d:52:9c:3a:
fe:b2:3c:2c:d1:3b:6e:cd:37:a8:90:d0:91:2a:03:
0d:20:3f:95:a9:47:62:45:e3:37:41:2c:e6:11:da:
e3:5c:98:99:04:f9:16:06:65:48:26:3e:1c:85:22:
13:83:37:94:9a:ce:da:70:a1:4b:fb:ee:aa:2e:d6:
38:6c:0b:4c:35:aa:98:f7:13:3f:ee:c5:0c:fa:b6:
ae:97:bd:ef:ca:92:8e:06:d4:66:34:6d:ec:6b:d1:
01:7c:ee:e5:f2:a5:d6:26:50:c3:85:15:d2:7b:a4:
39:02:6c:e5:10:ce:b9:a6:d8:7a:48:71:5a:d3:36:
f5:4c:16:71:31:5a:90:c6:0b:4c:56:c1:c7:c8:8f:
88:97:32:a2:b1:3c:f5:cd:bf:1d:46:8e:96:87:5e:
45:07:4f:23:9a:72:57:a2:36:31:b6:f2:6f:6f:99:
68:26:73:f4:26:96:22:6f:83:e2:8f:7c:6a:02:43:
42:b8:29:8f:c3:e9:75:7e:16:6f:3d:26:b8:13:97:
c6:6c:d0:02:6c:06:ae:7c:90:50:60:e5:39:88:7b:
4f:7c:e2:04:03:02:ba:e1:d8:64:76:bf:88:6d:88:
6b:57:61:7a:ad:e5:4a:3f:cb:f8:c5:d8:1a:6a:c5:
6e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:05:1A:3C:1D:16:30:C2:07:F8:77:EB:2D:9F:57:8F:B2:47:3D:25
X509v3 Authority Key Identifier:
keyid:72:29:B0:39:CF:8A:AF:14:1D:6E:6D:61:6E:7C:16:90:89:CB:CB:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cimwOc-KrxQdbm1hbnwWkInLyzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/8wUaPB0WMMIH-HfrLZ9Xj7JHPSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/cimwOc-KrxQdbm1hbnwWkInLyzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.240.0/24
IPv6:
2001:67c:1734::/48
Signature Algorithm: sha256WithRSAEncryption
0d:e8:41:af:66:5a:e2:57:80:41:8d:17:9f:e5:04:b8:8e:b5:
13:31:73:fa:04:a3:c2:0c:6f:9e:60:73:f8:ed:5e:93:2a:d3:
32:a7:e9:d9:17:c2:9c:e1:f6:a0:78:c0:af:63:6c:00:7f:9d:
b5:ba:98:d2:50:c8:51:bd:9f:5c:72:b5:dd:59:a7:64:bb:9d:
a0:49:af:13:a6:fe:36:86:6c:8c:70:69:21:5b:f9:c4:b9:fc:
02:2a:13:5a:40:ec:d5:5a:f9:12:0e:7f:d3:d0:b5:fa:c5:f8:
bb:11:5e:3c:f6:9c:5e:a3:de:73:8b:ac:f8:58:c7:7c:97:46:
58:04:a6:e2:8f:87:7a:12:14:cb:fb:ba:09:e1:bb:f3:be:5b:
8e:d2:46:35:f6:87:4b:a1:30:a8:ad:fe:7e:a8:8c:d8:39:4a:
c2:aa:f3:b3:06:bc:44:fe:85:8a:8c:49:15:74:ee:ed:0d:67:
8d:b6:41:31:12:94:2e:e2:6c:63:b0:0e:93:d1:bb:a5:ec:72:
6c:9e:16:09:5b:dd:b5:ca:a0:49:ea:fe:b9:62:b4:cf:aa:36:
c2:cd:47:76:8e:9e:23:34:4a:e8:b1:45:68:b4:13:19:fe:ac:
10:ba:e7:a4:01:ca:5a:b0:0c:df:38:cb:c4:9c:ff:42:86:18:
73:40:80:72
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZt8fxh6Co3CUcCJrWtF0y3CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjliMDM5Y2Y4YWFmMTQxZDZlNmQ2MTZlN2MxNjkwODlj
YmNiMzIwHhcNMjYwMTAyMDIxNzQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzA1MWEzYzFkMTYzMGMyMDdmODc3ZWIyZDlmNTc4ZmIyNDczZDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxWhadzw41rmFT1SnDr+sjws0Ttu
zTeokNCRKgMNID+VqUdiReM3QSzmEdrjXJiZBPkWBmVIJj4chSITgzeUms7acKFL
++6qLtY4bAtMNaqY9xM/7sUM+raul73vypKOBtRmNG3sa9EBfO7l8qXWJlDDhRXS
e6Q5AmzlEM65pth6SHFa0zb1TBZxMVqQxgtMVsHHyI+IlzKisTz1zb8dRo6Wh15F
B08jmnJXojYxtvJvb5loJnP0JpYib4Pij3xqAkNCuCmPw+l1fhZvPSa4E5fGbNAC
bAaufJBQYOU5iHtPfOIEAwK64dhkdr+IbYhrV2F6reVKP8v4xdgaasVukQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPMFGjwdFjDCB/h36y2fV4+yRz0lMB8GA1UdIwQY
MBaAFHIpsDnPiq8UHW5tYW58FpCJy8syMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2ltd09jLUtyeFFkYm0xaGJud1drSW5MeXpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9jNDA4NzUtMDYxYS00MmRmLTljNmQt
ODdhNjg0NWY2NmY5LzEvOHdVYVBCMFdNTUlILUhmckxaOVhqN0pIUFNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9jNDA4NzUtMDYxYS00MmRmLTljNmQtODdhNjg0NWY2NmY5
LzEvY2ltd09jLUtyeFFkYm0xaGJud1drSW5MeXpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW/DwMA8E
AgACMAkDBwAgAQZ8FzQwDQYJKoZIhvcNAQELBQADggEBAA3oQa9mWuJXgEGNF5/l
BLiOtRMxc/oEo8IMb55gc/jtXpMq0zKn6dkXwpzh9qB4wK9jbAB/nbW6mNJQyFG9
n1xytd1Zp2S7naBJrxOm/jaGbIxwaSFb+cS5/AIqE1pA7NVa+RIOf9PQtfrF+LsR
Xjz2nF6j3nOLrPhYx3yXRlgEpuKPh3oSFMv7ugnhu/O+W47SRjX2h0uhMKit/n6o
jNg5SsKq87MGvET+hYqMSRV07u0NZ422QTESlC7ibGOwDpPRu6XscmyeFglb3bXK
oEnq/rlitM+qNsLNR3aOniM0SuixRWi0Exn+rBC656QBylqwDN84y8Sc/0KGGHNA
gHI=
-----END CERTIFICATE-----
Generated at Mon Mar 2 22:45:22 2026 by rpki-client