Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/BRd1dnMvqyeu6Iqyp48WqiI3PX8.roa
File: BRd1dnMvqyeu6Iqyp48WqiI3PX8.roa (raw, json)
Hash identifier: 9SGTzq6aQaLeMxjfPr7d/v/RRLlk3wUeJ/FIxW4XjoM=
Subject key identifier: 05:17:75:76:73:2F:AB:27:AE:E8:8A:B2:A7:8F:16:AA:22:37:3D:7F
Certificate issuer: /CN=adac830ccaa74783dd961fab241a228d7cc6f808
Certificate serial: 019B7EA67181F6468E9F8E707BF94B9715AF
Authority key identifier: AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/BRd1dnMvqyeu6Iqyp48WqiI3PX8.roa
Signing time: Fri 02 Jan 2026 12:19:55 +0000
ROA not before: Fri 02 Jan 2026 12:19:55 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51190
IP address blocks: 82.200.17.0/24 maxlen: 24
82.200.77.0/24 maxlen: 24
82.200.122.0/24 maxlen: 24
82.200.123.0/24 maxlen: 24
94.251.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.mft
rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7e:a6:71:81:f6:46:8e:9f:8e:70:7b:f9:4b:97:15:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adac830ccaa74783dd961fab241a228d7cc6f808
Validity
Not Before: Jan 2 12:19:55 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=05177576732fab27aee88ab2a78f16aa22373d7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c8:8a:80:fb:6f:6c:bf:d6:22:9a:be:28:b0:
95:86:31:4c:3a:3c:77:22:76:29:e9:58:26:21:0f:
31:c1:58:02:b3:b1:a9:fc:1b:32:4d:6c:2b:4c:63:
e9:fd:37:96:17:1f:da:f6:be:56:7e:3a:3d:f6:71:
97:a9:f8:90:2e:cc:17:c4:96:6f:96:2e:c4:e9:4c:
cb:39:1e:96:a0:8f:4e:9b:e7:40:4f:ef:c6:6a:1d:
cc:a9:e7:7a:32:a4:e2:36:f1:93:a2:30:fa:06:ae:
c9:ad:bf:4b:5c:17:bd:f3:ed:56:f2:d1:b3:7f:1e:
39:0a:85:3e:40:3c:68:51:88:4d:e6:89:5c:0f:33:
ca:86:fd:88:8a:c4:19:3a:0a:87:65:6b:5e:aa:c6:
96:15:e6:ba:a5:e3:bc:50:20:d0:21:36:a9:42:d8:
8a:75:c5:b1:94:58:ec:ae:23:e5:64:80:c0:ad:87:
96:9c:cc:81:6e:ba:77:fa:10:e4:40:99:de:16:8c:
bb:8d:2e:7c:fd:61:ad:d1:57:1c:87:09:57:fe:e8:
c1:20:f9:31:bc:91:3e:3b:5d:86:d6:bd:b1:bd:8e:
ee:64:a2:dd:17:da:08:d3:7c:c0:dd:c1:90:a9:20:
b9:c9:76:ae:af:bf:91:66:90:3d:46:d2:33:b8:98:
4d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:17:75:76:73:2F:AB:27:AE:E8:8A:B2:A7:8F:16:AA:22:37:3D:7F
X509v3 Authority Key Identifier:
keyid:AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/BRd1dnMvqyeu6Iqyp48WqiI3PX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.200.17.0/24
82.200.77.0/24
82.200.122.0/23
94.251.92.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:e4:8b:57:39:0b:e7:14:ed:c6:0b:48:5c:19:97:f7:ff:ae:
f4:03:fb:bd:31:9c:f6:a0:ac:91:4d:4e:1d:d0:bd:82:4a:ef:
33:4c:71:92:44:5f:0d:e3:3a:4c:ba:d5:76:a8:8f:a7:de:f6:
0f:e1:b8:56:90:53:47:6d:70:7c:66:5c:51:34:2e:16:5a:cf:
f8:09:ec:e6:57:1e:67:4f:b0:0a:3c:5a:3f:14:d8:1d:7f:a1:
cb:f5:7c:44:75:fe:10:b2:de:03:a3:61:e1:4e:4d:d6:92:d5:
10:b9:24:60:17:fc:d3:56:62:44:7f:c6:f7:76:77:7c:b5:f1:
bc:b3:74:e4:e7:d8:78:bf:be:94:13:be:61:7e:7d:3d:86:50:
6f:1c:72:e5:05:15:15:3e:38:7b:97:47:45:9c:f7:a3:28:ac:
02:a1:aa:81:6d:e1:4d:3e:c6:f8:12:27:da:86:46:5f:05:98:
78:73:9b:82:96:d6:6c:a6:7a:1a:60:ee:1f:c0:a7:4e:c5:b1:
71:fb:ab:2e:72:5c:0b:03:24:70:3c:21:67:e5:c2:7a:28:a1:
d8:03:00:55:1f:02:8d:ca:99:95:6e:b1:7d:8b:70:35:31:4c:
de:b9:ce:f3:35:f4:ce:84:d6:69:7b:21:49:fd:17:be:f4:4f:
29:d7:2a:5c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZt+pnGB9kaOn45we/lLlxWvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYWM4MzBjY2FhNzQ3ODNkZDk2MWZhYjI0MWEyMjhkN2Nj
NmY4MDgwHhcNMjYwMTAyMTIxOTU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTE3NzU3NjczMmZhYjI3YWVlODhhYjJhNzhmMTZhYTIyMzczZDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsiKgPtvbL/WIpq+KLCVhjFMOjx3
InYp6VgmIQ8xwVgCs7Gp/BsyTWwrTGPp/TeWFx/a9r5Wfjo99nGXqfiQLswXxJZv
li7E6UzLOR6WoI9Om+dAT+/Gah3Mqed6MqTiNvGTojD6Bq7Jrb9LXBe98+1W8tGz
fx45CoU+QDxoUYhN5olcDzPKhv2IisQZOgqHZWteqsaWFea6peO8UCDQITapQtiK
dcWxlFjsriPlZIDArYeWnMyBbrp3+hDkQJneFoy7jS58/WGt0VcchwlX/ujBIPkx
vJE+O12G1r2xvY7uZKLdF9oI03zA3cGQqSC5yXaur7+RZpA9RtIzuJhNSQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAUXdXZzL6snruiKsqePFqoiNz1/MB8GA1UdIwQY
MBaAFK2sgwzKp0eD3ZYfqyQaIo18xvgIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgt
OTI5ZjdkNjM1ZjRiLzEvQlJkMWRuTXZxeWV1NklxeXA0OFdxaUkzUFg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgtOTI5ZjdkNjM1ZjRi
LzEvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUsgRAwQA
UshNAwQBUsh6AwQAXvtcMA0GCSqGSIb3DQEBCwUAA4IBAQA85ItXOQvnFO3GC0hc
GZf3/670A/u9MZz2oKyRTU4d0L2CSu8zTHGSRF8N4zpMutV2qI+n3vYP4bhWkFNH
bXB8ZlxRNC4WWs/4CezmVx5nT7AKPFo/FNgdf6HL9XxEdf4Qst4Do2HhTk3WktUQ
uSRgF/zTVmJEf8b3dnd8tfG8s3Tk59h4v76UE75hfn09hlBvHHLlBRUVPjh7l0dF
nPejKKwCoaqBbeFNPsb4EifahkZfBZh4c5uCltZspnoaYO4fwKdOxbFx+6suclwL
AyRwPCFn5cJ6KKHYAwBVHwKNypmVbrF9i3A1MUzeuc7zNfTOhNZpeyFJ/Re+9E8p
1ypc
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:59:18 2026 by rpki-client