Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/i8n3YizDTkgFxVASqyS8ZPJsVfg.roa
File: i8n3YizDTkgFxVASqyS8ZPJsVfg.roa (raw, json)
Hash identifier: /m3u1Nf1anGXv3pKUQlkR2HIRXawKYF3R+CRy7SIBkg=
Subject key identifier: 8B:C9:F7:62:2C:C3:4E:48:05:C5:50:12:AB:24:BC:64:F2:6C:55:F8
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 019BFAF7A30BBED74DCA23C9865BE4CD4A45
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/i8n3YizDTkgFxVASqyS8ZPJsVfg.roa
Signing time: Mon 26 Jan 2026 15:41:31 +0000
ROA not before: Mon 26 Jan 2026 15:41:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60777
IP address blocks: 93.170.0.0/24 maxlen: 24
93.170.25.0/24 maxlen: 24
93.171.232.0/23 maxlen: 24
95.46.108.0/24 maxlen: 24
95.46.124.0/24 maxlen: 24
95.47.136.0/24 maxlen: 24
2a02:128:4200::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:fa:f7:a3:0b:be:d7:4d:ca:23:c9:86:5b:e4:cd:4a:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 26 15:41:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8bc9f7622cc34e4805c55012ab24bc64f26c55f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:63:61:8f:13:d9:54:fe:fd:c5:3b:d0:33:70:
7a:27:84:12:49:b9:5c:bd:52:68:c4:08:cf:b4:6a:
31:80:c0:8f:45:17:fe:c3:b7:a1:e9:7f:a4:2c:5a:
a1:43:1a:6b:4a:dd:95:12:46:34:25:94:17:f6:5b:
26:67:32:cb:3f:57:e7:7a:18:cb:59:40:84:de:e8:
c9:52:ee:4d:0b:2a:b3:32:91:9f:13:e2:0a:51:c5:
2d:cd:9c:dc:6f:1d:13:4b:fb:de:16:10:ba:83:8c:
ca:6a:b9:5b:e4:89:42:6b:e9:1a:8a:0d:3c:ad:cd:
62:12:78:cf:1c:ad:ba:ae:93:3f:d1:b5:fc:ce:97:
2a:65:09:ee:5d:34:18:5f:dc:6a:97:4f:ce:db:41:
43:10:ae:89:e3:4c:62:a5:f1:72:51:6f:91:3a:09:
8c:71:75:cc:f2:b2:27:bb:56:16:c3:08:7a:9a:34:
93:cc:91:a0:17:cc:85:d7:23:84:cd:58:f2:13:2e:
54:e9:f1:90:ad:f6:5f:ff:2c:fe:1b:a4:7c:96:e8:
a0:88:9f:82:87:7e:be:8e:6d:75:a7:0d:a7:50:97:
bb:e6:85:7d:21:45:43:26:b1:7d:66:c0:3a:80:f2:
6e:31:8c:48:dc:03:ed:77:9c:cb:e7:a5:49:80:6b:
a3:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:C9:F7:62:2C:C3:4E:48:05:C5:50:12:AB:24:BC:64:F2:6C:55:F8
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/i8n3YizDTkgFxVASqyS8ZPJsVfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.0.0/24
93.170.25.0/24
93.171.232.0/23
95.46.108.0/24
95.46.124.0/24
95.47.136.0/24
IPv6:
2a02:128:4200::/44
Signature Algorithm: sha256WithRSAEncryption
ab:1d:14:69:df:4a:72:1f:77:6a:3a:f1:7c:f3:8e:03:7a:b7:
5b:08:a3:a8:72:7e:e8:de:d3:0f:47:b5:f0:20:20:b0:7b:36:
f4:dc:74:f9:c9:22:0b:58:f0:03:29:c0:44:3a:53:09:68:22:
96:87:ef:77:d6:45:13:2a:12:55:ff:37:23:80:a2:56:c8:aa:
03:2e:bd:03:08:f9:6f:3e:51:46:e0:67:3b:29:5d:3d:49:72:
97:9e:58:5a:f8:ff:e5:32:ed:b0:53:df:3b:86:08:61:cd:be:
d4:06:50:f9:f4:8e:b6:51:7d:95:6e:43:2f:6d:0e:63:db:6d:
e9:04:02:43:b8:bd:69:59:4e:9d:62:9b:23:10:6a:d0:24:56:
51:78:0c:fb:03:94:80:43:28:00:36:3f:f7:32:75:af:28:ae:
74:c3:80:28:30:c8:99:db:83:b3:9e:57:f5:a5:58:75:9d:87:
d4:52:66:c4:3f:07:45:7f:90:fb:65:71:de:a4:c3:d2:78:05:
16:8a:ad:52:b3:f0:e4:cf:bd:27:28:1b:72:1b:fc:44:27:ec:
b0:ca:19:cc:e1:75:11:b0:5f:d3:78:31:5b:b7:be:8a:1d:53:
70:95:1c:85:d2:c9:00:e1:6c:43:39:41:a2:dd:ad:72:61:bc:
10:b6:2b:59
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZv696MLvtdNyiPJhlvkzUpFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjYwMTI2MTU0MTMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmM5Zjc2MjJjYzM0ZTQ4MDVjNTUwMTJhYjI0YmM2NGYyNmM1NWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGNhjxPZVP79xTvQM3B6J4QSSblc
vVJoxAjPtGoxgMCPRRf+w7eh6X+kLFqhQxprSt2VEkY0JZQX9lsmZzLLP1fnehjL
WUCE3ujJUu5NCyqzMpGfE+IKUcUtzZzcbx0TS/veFhC6g4zKarlb5IlCa+kaig08
rc1iEnjPHK26rpM/0bX8zpcqZQnuXTQYX9xql0/O20FDEK6J40xipfFyUW+ROgmM
cXXM8rInu1YWwwh6mjSTzJGgF8yF1yOEzVjyEy5U6fGQrfZf/yz+G6R8luigiJ+C
h36+jm11pw2nUJe75oV9IUVDJrF9ZsA6gPJuMYxI3APtd5zL56VJgGuj/wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFIvJ92Isw05IBcVQEqskvGTybFX4MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvaThuM1lpekRUa2dGeFZBU3F5UzhaUEpzVmZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQAXaoAAwQA
XaoZAwQBXavoAwQAXy5sAwQAXy58AwQAXy+IMA8EAgACMAkDBwQqAgEoQgAwDQYJ
KoZIhvcNAQELBQADggEBAKsdFGnfSnIfd2o68XzzjgN6t1sIo6hyfuje0w9HtfAg
ILB7NvTcdPnJIgtY8AMpwEQ6UwloIpaH73fWRRMqElX/NyOAolbIqgMuvQMI+W8+
UUbgZzspXT1JcpeeWFr4/+Uy7bBT3zuGCGHNvtQGUPn0jrZRfZVuQy9tDmPbbekE
AkO4vWlZTp1imyMQatAkVlF4DPsDlIBDKAA2P/cyda8ornTDgCgwyJnbg7OeV/Wl
WHWdh9RSZsQ/B0V/kPtlcd6kw9J4BRaKrVKz8OTPvScoG3Ib/EQn7LDKGczhdRGw
X9N4MVu3voodU3CVHIXSyQDhbEM5QaLdrXJhvBC2K1k=
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:03:07 2026 by rpki-client