Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/8Et4wRl7tgB_17L9jG6Mdek6xDg.roa
File: 8Et4wRl7tgB_17L9jG6Mdek6xDg.roa (raw, json)
Hash identifier: lw3WqGSEoZrvxn7wZkoN4525cvxLItsQZGDX6ZhkS8I=
Subject key identifier: F0:4B:78:C1:19:7B:B6:00:7F:D7:B2:FD:8C:6E:8C:75:E9:3A:C4:38
Certificate issuer: /CN=1bf268175c5a09a7afd0d87851824e1db73f7e7b
Certificate serial: 019C767741AB254B694682C6432DBA9E98EF
Authority key identifier: 1B:F2:68:17:5C:5A:09:A7:AF:D0:D8:78:51:82:4E:1D:B7:3F:7E:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/8Et4wRl7tgB_17L9jG6Mdek6xDg.roa
Signing time: Thu 19 Feb 2026 15:14:12 +0000
ROA not before: Thu 19 Feb 2026 15:14:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212706
IP address blocks: 91.211.115.0/24 maxlen: 24
2a11:1940::/32 maxlen: 32
2a13:a502::/32 maxlen: 32
2a13:a503::/32 maxlen: 32
2a13:a504::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/G_JoF1xaCaev0Nh4UYJOHbc_fns.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/G_JoF1xaCaev0Nh4UYJOHbc_fns.mft
rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 12:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:76:77:41:ab:25:4b:69:46:82:c6:43:2d:ba:9e:98:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bf268175c5a09a7afd0d87851824e1db73f7e7b
Validity
Not Before: Feb 19 15:14:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f04b78c1197bb6007fd7b2fd8c6e8c75e93ac438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:32:b7:22:d7:af:9d:b7:22:2e:ba:b3:ca:f4:
62:02:c7:09:4e:62:ab:9c:08:18:69:2d:11:11:c9:
f7:8b:da:90:dc:99:8d:1f:6a:cb:6e:b9:82:88:1e:
f4:e0:0d:85:30:0d:b0:26:ed:fc:d9:02:2c:75:d5:
da:6c:b3:30:62:5e:18:50:cc:eb:9b:ce:05:ad:ea:
f5:10:f7:b0:68:e4:41:d8:82:ca:f0:6d:34:41:3a:
f1:b4:8a:19:e2:c0:8e:79:cb:b4:9b:b2:5d:a0:ed:
1a:01:94:00:47:72:15:4c:74:83:1d:a8:cc:a9:2a:
ae:70:ab:b2:fd:85:8f:cb:76:7e:2e:a1:17:76:2e:
a2:ef:d7:e0:6d:20:f9:4f:3b:96:66:0d:79:89:31:
70:70:b7:b9:36:15:af:0a:01:7f:5d:1b:3b:85:9c:
80:84:f2:95:b6:02:3d:4b:46:76:ff:10:bb:66:07:
fd:36:86:12:a4:15:b7:f2:9c:86:0a:11:9b:13:1a:
66:34:78:42:66:a6:69:e1:52:04:49:9a:63:ab:b7:
af:c4:f9:78:38:48:c9:84:5b:11:60:8f:f5:4f:b1:
a7:90:76:f7:11:e8:56:0c:1e:13:4a:48:fb:f8:cb:
1f:d1:2e:81:de:7e:b9:fd:93:92:a3:7b:c9:8b:d9:
24:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:4B:78:C1:19:7B:B6:00:7F:D7:B2:FD:8C:6E:8C:75:E9:3A:C4:38
X509v3 Authority Key Identifier:
keyid:1B:F2:68:17:5C:5A:09:A7:AF:D0:D8:78:51:82:4E:1D:B7:3F:7E:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/8Et4wRl7tgB_17L9jG6Mdek6xDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/G_JoF1xaCaev0Nh4UYJOHbc_fns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.115.0/24
IPv6:
2a11:1940::/32
2a13:a502::-2a13:a504:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
28:82:36:60:63:26:46:87:a6:cd:cc:18:66:c6:54:25:9a:58:
13:17:5f:c7:de:af:a8:65:7a:22:77:1b:cc:1a:3e:26:37:d9:
19:6d:eb:32:a2:92:0d:40:c4:c8:ae:9d:5d:2d:55:f7:0c:aa:
33:ee:cb:d2:ce:d2:76:71:26:c7:13:b5:4d:ca:04:b3:90:06:
70:9e:79:a2:c2:5a:93:34:d6:d3:7f:e4:e9:59:51:ce:c8:37:
5e:af:cf:f9:ff:0e:ff:e4:a6:db:8e:35:04:39:a7:ab:b7:34:
d1:17:5c:b6:62:88:dc:05:3c:d6:75:0c:50:f5:44:e9:ef:92:
c2:b7:dc:dc:ae:f6:7e:84:c2:09:9c:6f:19:bf:14:b3:f3:8b:
a7:67:63:91:88:3c:09:8c:0b:1b:de:19:f3:7a:13:45:ee:9d:
0e:96:e1:24:c0:d6:d6:f8:fd:d9:01:4d:35:4c:ca:0d:ae:11:
41:86:a3:a2:6b:4e:fd:e3:c7:ef:20:f7:f6:c7:b8:f8:29:73:
ba:75:89:70:f7:4b:55:22:f4:15:9e:4d:58:2c:e1:82:51:d3:
b6:57:90:97:69:1f:37:2d:73:03:40:0c:fd:c6:37:9e:02:d6:
c8:ab:8c:3c:a5:c5:fe:92:47:cc:0e:d3:85:8f:a1:df:63:4e:
90:84:8a:0a
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZx2d0GrJUtpRoLGQy26npjvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjI2ODE3NWM1YTA5YTdhZmQwZDg3ODUxODI0ZTFkYjcz
ZjdlN2IwHhcNMjYwMjE5MTUxNDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDRiNzhjMTE5N2JiNjAwN2ZkN2IyZmQ4YzZlOGM3NWU5M2FjNDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDK3ItevnbciLrqzyvRiAscJTmKr
nAgYaS0REcn3i9qQ3JmNH2rLbrmCiB704A2FMA2wJu382QIsddXabLMwYl4YUMzr
m84Frer1EPewaORB2ILK8G00QTrxtIoZ4sCOecu0m7JdoO0aAZQAR3IVTHSDHajM
qSqucKuy/YWPy3Z+LqEXdi6i79fgbSD5TzuWZg15iTFwcLe5NhWvCgF/XRs7hZyA
hPKVtgI9S0Z2/xC7Zgf9NoYSpBW38pyGChGbExpmNHhCZqZp4VIESZpjq7evxPl4
OEjJhFsRYI/1T7GnkHb3EehWDB4TSkj7+Msf0S6B3n65/ZOSo3vJi9kkbQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPBLeMEZe7YAf9ey/YxujHXpOsQ4MB8GA1UdIwQY
MBaAFBvyaBdcWgmnr9DYeFGCTh23P357MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19Kb0YxeGFDYWV2ME5oNFVZSk9IYmNfZm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni82NjY1MGEtNTk4YS00Mzg5LTk0MWYt
NTM0YjhjZDY1MmU5LzEvOEV0NHdSbDd0Z0JfMTdMOWpHNk1kZWs2eERnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni82NjY1MGEtNTk4YS00Mzg5LTk0MWYtNTM0YjhjZDY1MmU5
LzEvR19Kb0YxeGFDYWV2ME5oNFVZSk9IYmNfZm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAMBAIAATAGAwQAW9NzMB0E
AgACMBcDBQAqERlAMA4DBQEqE6UCAwUAKhOlBDANBgkqhkiG9w0BAQsFAAOCAQEA
KII2YGMmRoemzcwYZsZUJZpYExdfx96vqGV6IncbzBo+JjfZGW3rMqKSDUDEyK6d
XS1V9wyqM+7L0s7SdnEmxxO1TcoEs5AGcJ55osJakzTW03/k6VlRzsg3Xq/P+f8O
/+Sm2441BDmnq7c00RdctmKI3AU81nUMUPVE6e+Swrfc3K72foTCCZxvGb8Us/OL
p2djkYg8CYwLG94Z83oTRe6dDpbhJMDW1vj92QFNNUzKDa4RQYajomtO/ePH7yD3
9se4+ClzunWJcPdLVSL0FZ5NWCzhglHTtleQl2kfNy1zA0AM/cY3ngLWyKuMPKXF
/pJHzA7ThY+h32NOkISKCg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:39:50 2026 by rpki-client