Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AWw2_iV371jKuLL_tXk6jn2gH04.roa
File: AWw2_iV371jKuLL_tXk6jn2gH04.roa (raw, json)
Hash identifier: rs8sCBTGFBTqrvWaWLjDIiHy0saQWenqka2wS39WZGU=
Subject key identifier: 01:6C:36:FE:25:77:EF:58:CA:B8:B2:FF:B5:79:3A:8E:7D:A0:1F:4E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019D726788DE76B7969EF7159EA912F5E4D1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AWw2_iV371jKuLL_tXk6jn2gH04.roa
Signing time: Thu 09 Apr 2026 13:21:21 +0000
ROA not before: Thu 09 Apr 2026 13:21:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213607
IP address blocks: 81.168.8.0/24 maxlen: 24
81.168.9.0/24 maxlen: 24
81.168.11.0/24 maxlen: 24
81.168.16.0/24 maxlen: 24
81.168.29.0/24 maxlen: 24
81.168.85.0/24 maxlen: 24
81.168.101.0/24 maxlen: 24
82.153.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 04:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:67:88:de:76:b7:96:9e:f7:15:9e:a9:12:f5:e4:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 9 13:21:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=016c36fe2577ef58cab8b2ffb5793a8e7da01f4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ff:5b:e3:17:8e:3d:ac:5b:ea:40:7b:96:b4:
c9:e8:f4:c5:51:47:3b:78:8f:c3:8d:b3:18:df:cc:
50:8b:cf:01:11:8c:cc:ea:87:2b:6e:63:c6:ed:cf:
fa:1e:20:6e:9c:fc:1c:23:68:9c:43:a9:ca:d4:09:
9a:43:e0:4f:b2:51:e5:23:e3:8a:ae:de:27:b5:12:
bc:c6:cb:cd:9e:2b:81:ab:40:e1:2f:e1:90:89:d1:
9a:76:ab:d3:c4:f4:49:62:44:35:25:d6:cc:72:42:
dd:30:2e:05:be:24:d0:ce:b5:03:9f:0a:90:e0:14:
ed:a9:db:ef:00:db:cb:d7:e9:f0:c7:5d:d5:87:27:
44:5d:3a:d6:d5:27:41:45:62:38:17:a1:cf:63:9a:
f5:82:29:63:e0:b4:e0:2b:78:31:be:ed:fb:27:c9:
b3:e9:af:d4:c7:21:18:95:89:13:a0:03:44:ab:63:
d7:06:66:ee:72:51:9e:7a:00:54:a4:fe:06:8f:9f:
a5:6d:84:19:98:9d:a2:45:d0:9f:d4:72:08:fb:8c:
be:2f:ab:89:ff:5b:47:be:34:90:ae:aa:ad:79:1d:
6f:1f:81:de:75:a8:12:ad:62:84:27:64:b3:65:cd:
15:5a:13:a6:4c:89:91:1c:c7:35:39:9e:9f:94:3b:
75:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:6C:36:FE:25:77:EF:58:CA:B8:B2:FF:B5:79:3A:8E:7D:A0:1F:4E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AWw2_iV371jKuLL_tXk6jn2gH04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.8.0/23
81.168.11.0/24
81.168.16.0/24
81.168.29.0/24
81.168.85.0/24
81.168.101.0/24
82.153.236.0/24
Signature Algorithm: sha256WithRSAEncryption
92:41:84:e2:a5:00:f1:41:52:68:80:c5:68:71:b2:d6:84:c9:
7d:3d:64:46:86:66:48:30:3b:29:6f:f4:2c:ee:a3:96:8d:9f:
dc:57:b5:2d:84:10:a0:ac:2c:4c:92:e5:f5:ff:20:11:a8:0e:
1c:9d:b5:d1:be:1a:88:1d:59:6f:cc:a2:f6:07:f0:21:63:31:
12:63:4f:90:4c:47:58:da:8e:d2:2d:c8:64:56:b6:3b:3f:22:
cd:b1:57:2a:41:c1:7d:82:ba:d9:03:62:6b:84:f3:74:6e:72:
a9:00:6e:ea:2b:8f:2d:47:ca:a7:62:99:0b:16:6d:52:67:f4:
d5:13:5c:8c:b2:14:d7:65:9f:02:1c:6b:fd:1a:e7:17:d2:0d:
92:9d:4c:f1:7d:25:07:05:73:01:3a:a6:4f:b1:d7:52:e5:d3:
4c:a2:58:e3:07:21:12:e2:dc:21:38:09:93:86:f2:35:84:37:
32:21:04:e8:4c:ab:79:fd:93:56:f6:37:60:3c:bf:31:f4:15:
a5:a8:aa:af:ad:23:b5:bb:79:f5:e7:c0:0c:a2:e2:07:43:8c:
d8:d5:38:88:0c:57:86:9c:5e:f2:17:ed:79:cb:9b:95:b4:37:
8e:93:a6:f7:2b:de:b7:a8:3e:50:18:10:25:0d:8b:10:84:a8:
4f:1d:f3:5c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ1yZ4jedreWnvcVnqkS9eTRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwNDA5MTMyMTIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTZjMzZmZTI1NzdlZjU4Y2FiOGIyZmZiNTc5M2E4ZTdkYTAxZjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArf9b4xeOPaxb6kB7lrTJ6PTFUUc7
eI/DjbMY38xQi88BEYzM6ocrbmPG7c/6HiBunPwcI2icQ6nK1AmaQ+BPslHlI+OK
rt4ntRK8xsvNniuBq0DhL+GQidGadqvTxPRJYkQ1JdbMckLdMC4FviTQzrUDnwqQ
4BTtqdvvANvL1+nwx13VhydEXTrW1SdBRWI4F6HPY5r1gilj4LTgK3gxvu37J8mz
6a/UxyEYlYkToANEq2PXBmbuclGeegBUpP4Gj5+lbYQZmJ2iRdCf1HII+4y+L6uJ
/1tHvjSQrqqteR1vH4HedagSrWKEJ2SzZc0VWhOmTImRHMc1OZ6flDt1AQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAFsNv4ld+9Yyriy/7V5Oo59oB9OMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQVd3Ml9pVjM3MWpLdUxMX3RYazZqbjJnSDA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBUagIAwQA
UagLAwQAUagQAwQAUagdAwQAUahVAwQAUahlAwQAUpnsMA0GCSqGSIb3DQEBCwUA
A4IBAQCSQYTipQDxQVJogMVocbLWhMl9PWRGhmZIMDspb/Qs7qOWjZ/cV7UthBCg
rCxMkuX1/yARqA4cnbXRvhqIHVlvzKL2B/AhYzESY0+QTEdY2o7SLchkVrY7PyLN
sVcqQcF9grrZA2JrhPN0bnKpAG7qK48tR8qnYpkLFm1SZ/TVE1yMshTXZZ8CHGv9
GucX0g2SnUzxfSUHBXMBOqZPsddS5dNMoljjByES4twhOAmThvI1hDcyIQToTKt5
/ZNW9jdgPL8x9BWlqKqvrSO1u3n158AMouIHQ4zY1TiIDFeGnF7yF+15y5uVtDeO
k6b3K963qD5QGBAlDYsQhKhPHfNc
-----END CERTIFICATE-----
Generated at Sun Apr 19 13:59:55 2026 by rpki-client