Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/c-8uzc_bF5FkL0h-HqsGRbGhsWg.roa
File: c-8uzc_bF5FkL0h-HqsGRbGhsWg.roa (raw, json)
Hash identifier: +aU4slc8iEEQxB/Bu7Kcz1ZF7yrHgsBSwr8YzuDbZ/0=
Subject key identifier: 73:EF:2E:CD:CF:DB:17:91:64:2F:48:7E:1E:AB:06:45:B1:A1:B1:68
Certificate issuer: /CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Certificate serial: 019D8F1C75460CBD233CB607A65D55C45AD0
Authority key identifier: 4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/c-8uzc_bF5FkL0h-HqsGRbGhsWg.roa
Signing time: Wed 15 Apr 2026 03:08:20 +0000
ROA not before: Wed 15 Apr 2026 03:08:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205290
IP address blocks: 85.234.102.0/24 maxlen: 24
85.234.103.0/24 maxlen: 24
85.234.114.0/24 maxlen: 24
85.234.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/TCuJw8V6PilqpAYelihAvnro8Bg.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/TCuJw8V6PilqpAYelihAvnro8Bg.mft
rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 21:23:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8f:1c:75:46:0c:bd:23:3c:b6:07:a6:5d:55:c4:5a:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Validity
Not Before: Apr 15 03:08:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=73ef2ecdcfdb1791642f487e1eab0645b1a1b168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4d:ce:8d:88:52:ea:b4:6d:62:d7:10:7a:ff:
7d:34:a4:80:0f:cf:2a:47:d9:90:5d:40:97:b6:a4:
30:02:e2:23:e4:b2:7a:d6:59:b9:e3:22:59:35:8f:
89:0e:69:be:44:33:ee:cd:f4:0b:0d:ac:21:fa:84:
12:e4:3b:49:ba:55:4f:c5:0a:1f:a4:15:f7:e6:a3:
4a:c8:98:37:11:4f:0e:c3:d6:7a:ba:87:1a:05:b4:
0d:c6:05:af:60:0c:08:7f:97:37:94:3d:fe:44:af:
e7:73:ba:a4:b8:77:ed:4f:cc:1b:e4:7c:5a:23:73:
08:4d:0a:c5:9a:c7:32:95:31:7e:d6:6a:b1:e8:72:
bf:1e:7e:43:ed:d7:1f:ad:50:c5:1f:bc:a0:f3:ac:
82:29:fe:4c:b4:bc:64:07:1c:ef:e5:84:4a:fb:19:
27:4f:76:44:1f:0a:55:ae:e6:26:09:76:37:8b:97:
bb:6d:0b:46:66:1d:49:e2:c2:ef:7a:75:44:d1:cf:
e9:90:0f:a8:08:15:f3:97:c7:a9:1f:43:4e:0b:46:
64:ce:ae:e4:4d:7a:6f:d7:75:e8:dd:e5:1b:b4:a6:
f4:65:b5:c4:c5:66:28:86:c3:92:21:5b:88:9a:86:
fb:79:74:68:11:bc:4a:b5:8c:b2:ad:fd:bc:54:2f:
b8:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:EF:2E:CD:CF:DB:17:91:64:2F:48:7E:1E:AB:06:45:B1:A1:B1:68
X509v3 Authority Key Identifier:
keyid:4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/c-8uzc_bF5FkL0h-HqsGRbGhsWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/TCuJw8V6PilqpAYelihAvnro8Bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.234.102.0/23
85.234.114.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:de:d8:5d:35:98:78:ea:7e:c8:81:4d:2c:de:99:12:2e:97:
96:1c:9d:f3:13:ab:cd:94:0d:75:a7:f9:1e:8d:77:d4:6c:82:
e2:76:35:a4:11:f6:6d:20:49:72:2a:da:f2:ba:61:98:9e:55:
d4:fa:46:93:9a:ae:d4:a7:70:98:56:c7:e1:79:e2:3f:02:00:
7b:39:5f:bd:f6:f9:19:8b:35:70:ac:00:df:69:3d:7d:3d:e7:
88:98:dd:6f:29:d7:84:b8:db:8d:29:ba:5e:06:c9:24:fa:f6:
07:b6:9c:c3:49:d6:37:fe:d9:76:1c:f2:5c:4f:b1:5b:12:0b:
01:01:99:25:11:8a:03:02:70:6b:e4:dc:9c:aa:c9:38:74:bf:
95:63:d5:8a:0f:0e:2c:d1:a5:71:e7:30:87:f5:56:fa:38:b9:
64:d7:b9:79:5b:5c:7c:22:36:09:32:b7:9e:e6:47:86:05:36:
b9:8f:b2:83:d5:23:f0:41:cb:c2:1a:e5:ff:f5:f9:36:71:af:
75:43:7c:3c:23:e5:11:56:c7:38:e5:9e:07:da:87:a0:5b:5d:
6e:d4:00:e4:24:74:c4:e0:f5:93:7e:57:9b:bf:e4:7f:d2:1d:
27:c1:a9:77:ec:20:09:97:c9:1d:7b:4a:bc:91:e6:ef:85:c9:
cb:2f:09:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ2PHHVGDL0jPLYHpl1VxFrQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMmI4OWMzYzU3YTNlMjk2YWE0MDYxZTk2Mjg0MGJlN2Fl
OGYwMTgwHhcNMjYwNDE1MDMwODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2VmMmVjZGNmZGIxNzkxNjQyZjQ4N2UxZWFiMDY0NWIxYTFiMTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuE3OjYhS6rRtYtcQev99NKSAD88q
R9mQXUCXtqQwAuIj5LJ61lm54yJZNY+JDmm+RDPuzfQLDawh+oQS5DtJulVPxQof
pBX35qNKyJg3EU8Ow9Z6uocaBbQNxgWvYAwIf5c3lD3+RK/nc7qkuHftT8wb5Hxa
I3MITQrFmscylTF+1mqx6HK/Hn5D7dcfrVDFH7yg86yCKf5MtLxkBxzv5YRK+xkn
T3ZEHwpVruYmCXY3i5e7bQtGZh1J4sLvenVE0c/pkA+oCBXzl8epH0NOC0Zkzq7k
TXpv13Xo3eUbtKb0ZbXExWYohsOSIVuImob7eXRoEbxKtYyyrf28VC+4TQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHPvLs3P2xeRZC9Ifh6rBkWxobFoMB8GA1UdIwQY
MBaAFEwricPFej4paqQGHpYoQL566PAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQt
MTEyOGU1Y2U2YTViLzEvYy04dXpjX2JGNUZrTDBoLUhxc0dSYkdoc1dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQtMTEyOGU1Y2U2YTVi
LzEvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVepmAwQB
VepyMA0GCSqGSIb3DQEBCwUAA4IBAQCh3thdNZh46n7IgU0s3pkSLpeWHJ3zE6vN
lA11p/kejXfUbILidjWkEfZtIElyKtryumGYnlXU+kaTmq7Up3CYVsfheeI/AgB7
OV+99vkZizVwrADfaT19PeeImN1vKdeEuNuNKbpeBskk+vYHtpzDSdY3/tl2HPJc
T7FbEgsBAZklEYoDAnBr5Nycqsk4dL+VY9WKDw4s0aVx5zCH9Vb6OLlk17l5W1x8
IjYJMree5keGBTa5j7KD1SPwQcvCGuX/9fk2ca91Q3w8I+URVsc45Z4H2oegW11u
1ADkJHTE4PWTflebv+R/0h0nwal37CAJl8kde0q8kebvhcnLLwmz
-----END CERTIFICATE-----
Generated at Sat Apr 18 06:03:53 2026 by rpki-client