Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rnxg-v2qmXJD1iPcuMVI5SmlNwI.roa
File: rnxg-v2qmXJD1iPcuMVI5SmlNwI.roa (raw, json)
Hash identifier: 0ye/OxWxqvvILZCgRnd5aj20J9/FosLfrSlCU+9lqng=
Subject key identifier: AE:7C:60:FA:FD:AA:99:72:43:D6:23:DC:B8:C5:48:E5:29:A5:37:02
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019C9F143554B713A91FCE1AC2B935026333
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rnxg-v2qmXJD1iPcuMVI5SmlNwI.roa
Signing time: Fri 27 Feb 2026 12:30:27 +0000
ROA not before: Fri 27 Feb 2026 12:30:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16276
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.57.0/24 maxlen: 24
82.152.58.0/24 maxlen: 24
82.152.73.0/24 maxlen: 24
82.152.75.0/24 maxlen: 24
82.152.98.0/24 maxlen: 24
82.152.109.0/24 maxlen: 24
82.152.226.0/24 maxlen: 24
82.152.240.0/24 maxlen: 24
82.152.243.0/24 maxlen: 24
82.153.66.0/24 maxlen: 24
82.153.205.0/24 maxlen: 24
109.176.40.0/21 maxlen: 24
109.176.48.0/21 maxlen: 24
109.176.153.0/24 maxlen: 24
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.218.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9f:14:35:54:b7:13:a9:1f:ce:1a:c2:b9:35:02:63:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 27 12:30:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ae7c60fafdaa997243d623dcb8c548e529a53702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:88:22:6c:6d:cc:ff:2f:f3:ab:3d:87:4a:15:
f1:5b:ca:65:ad:5d:b1:1b:4d:d8:73:f5:f6:93:7f:
a9:c4:17:5e:4a:20:46:c9:26:88:6b:78:d7:e7:33:
3e:23:11:31:34:db:16:45:26:6f:30:5c:78:8d:85:
aa:25:b9:c2:a1:54:4f:2c:e3:0a:25:1d:eb:14:ee:
76:25:5e:6e:bf:a9:c6:f1:38:15:76:86:dc:98:e4:
e7:2b:9f:c3:26:86:ea:af:c0:25:9d:37:0e:5d:3c:
58:26:26:9f:1c:a0:be:9e:7d:1c:e7:53:56:25:bf:
8c:b0:b8:ee:b5:7a:e4:8a:35:5d:1a:00:ee:9e:e3:
3f:84:54:ba:0f:44:06:37:c1:c1:28:87:b7:72:98:
4f:77:22:ce:35:2c:7b:64:f6:1f:48:19:a3:ca:d1:
8e:77:73:b0:6d:95:e8:67:99:78:c6:32:9a:a8:ea:
cd:96:f0:3e:35:1f:46:ba:a3:f1:a4:75:31:a4:34:
d2:1f:e5:38:04:8b:27:49:57:8d:6d:6e:e4:c6:3b:
59:64:9d:1a:d8:41:79:57:6c:1d:83:a6:2e:ca:79:
fb:23:e8:a9:c8:ff:bc:57:bc:36:e5:c0:3e:9e:f7:
49:59:a8:dd:2f:cf:63:1f:3b:51:2f:56:fa:16:66:
74:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:7C:60:FA:FD:AA:99:72:43:D6:23:DC:B8:C5:48:E5:29:A5:37:02
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rnxg-v2qmXJD1iPcuMVI5SmlNwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.57.0-82.152.58.255
82.152.73.0/24
82.152.75.0/24
82.152.98.0/24
82.152.109.0/24
82.152.226.0/24
82.152.240.0/24
82.152.243.0/24
82.153.66.0/24
82.153.205.0/24
109.176.40.0-109.176.55.255
109.176.153.0/24
213.130.130.0/24
213.130.149.0/24
213.218.214.0/24
Signature Algorithm: sha256WithRSAEncryption
66:ce:18:91:fe:d8:0a:29:15:ee:d4:2b:76:a1:8c:1f:34:7b:
46:1e:b3:44:ba:c4:21:d7:45:ff:ce:08:79:ec:89:af:45:59:
e7:e0:84:52:2c:e1:c2:af:16:d8:75:c9:e1:14:0e:40:fc:93:
56:c6:11:96:de:ca:e5:bd:83:de:f9:b4:a2:89:b0:c2:44:3b:
23:26:99:08:98:d5:6a:c2:30:7b:47:19:14:17:d2:c2:55:02:
4e:25:81:6e:ae:b2:56:a4:d7:96:55:3f:aa:9d:b7:4a:fb:b2:
e4:26:12:1c:f0:04:5b:52:88:7a:62:8b:95:dc:25:44:e5:eb:
fc:ea:b4:55:37:a6:a0:02:47:ca:09:2f:98:7b:d9:e7:01:64:
d4:2a:8f:5a:f8:5d:13:ee:5d:b2:b3:25:19:ad:73:f0:a3:24:
52:a4:e6:25:ea:30:4a:4b:83:a9:77:3e:90:5c:98:e6:ec:da:
b2:44:0a:16:20:d3:c2:9c:27:1c:74:51:1a:82:5f:91:f6:9d:
f3:b3:75:98:32:a1:5d:9e:c6:fb:c0:5c:52:c9:5a:25:e8:14:
90:31:02:25:8c:89:41:f7:7d:c7:5b:dc:11:eb:b1:c0:b3:2c:
20:e7:14:99:e3:0d:dd:d0:3a:6f:d8:b9:08:94:56:ce:d7:68:
8b:3f:a0:8d
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZyfFDVUtxOpH84awrk1AmMzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwMjI3MTIzMDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTdjNjBmYWZkYWE5OTcyNDNkNjIzZGNiOGM1NDhlNTI5YTUzNzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4gibG3M/y/zqz2HShXxW8plrV2x
G03Yc/X2k3+pxBdeSiBGySaIa3jX5zM+IxExNNsWRSZvMFx4jYWqJbnCoVRPLOMK
JR3rFO52JV5uv6nG8TgVdobcmOTnK5/DJobqr8AlnTcOXTxYJiafHKC+nn0c51NW
Jb+MsLjutXrkijVdGgDunuM/hFS6D0QGN8HBKIe3cphPdyLONSx7ZPYfSBmjytGO
d3OwbZXoZ5l4xjKaqOrNlvA+NR9GuqPxpHUxpDTSH+U4BIsnSVeNbW7kxjtZZJ0a
2EF5V2wdg6Yuynn7I+ipyP+8V7w25cA+nvdJWajdL89jHztRL1b6FmZ0QwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFK58YPr9qplyQ9Yj3LjFSOUppTcCMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcm54Zy12MnFtWEpEMWlQY3VNVkk1U21sTndJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAFKYCDAM
AwQAUpg5AwQAUpg6AwQAUphJAwQAUphLAwQAUphiAwQAUphtAwQAUpjiAwQAUpjw
AwQAUpjzAwQAUplCAwQAUpnNMAwDBANtsCgDBANtsDADBABtsJkDBADVgoIDBADV
gpUDBADV2tYwDQYJKoZIhvcNAQELBQADggEBAGbOGJH+2AopFe7UK3ahjB80e0Ye
s0S6xCHXRf/OCHnsia9FWefghFIs4cKvFth1yeEUDkD8k1bGEZbeyuW9g975tKKJ
sMJEOyMmmQiY1WrCMHtHGRQX0sJVAk4lgW6uslak15ZVP6qdt0r7suQmEhzwBFtS
iHpii5XcJUTl6/zqtFU3pqACR8oJL5h72ecBZNQqj1r4XRPuXbKzJRmtc/CjJFKk
5iXqMEpLg6l3PpBcmObs2rJEChYg08KcJxx0URqCX5H2nfOzdZgyoV2exvvAXFLJ
WiXoFJAxAiWMiUH3fcdb3BHrscCzLCDnFJnjDd3QOm/YuQiUVs7XaIs/oI0=
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:38:36 2026 by rpki-client