Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/PIctaaq8hYam_9VAPrVCYf9AqiI.roa
File: PIctaaq8hYam_9VAPrVCYf9AqiI.roa (raw, json)
Hash identifier: M1/1hfWtMFwKSAcTSdndXFN4Ntl5XmVjhTvpw61hDG0=
Subject key identifier: 3C:87:2D:69:AA:BC:85:86:A6:FF:D5:40:3E:B5:42:61:FF:40:AA:22
Certificate issuer: /CN=8353accb94e10cf8c2c29679067ee39099f404d3
Certificate serial: 019E925F7641B1DD0F9B6B06B2B78F88AB14
Authority key identifier: 83:53:AC:CB:94:E1:0C:F8:C2:C2:96:79:06:7E:E3:90:99:F4:04:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/PIctaaq8hYam_9VAPrVCYf9AqiI.roa
Signing time: Thu 04 Jun 2026 11:23:10 +0000
ROA not before: Thu 04 Jun 2026 11:23:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214171
IP address blocks: 93.126.10.0/24 maxlen: 24
93.126.46.0/24 maxlen: 24
93.126.47.0/24 maxlen: 24
93.126.59.0/24 maxlen: 24
93.126.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.mft
rsync://rpki.ripe.net/repository/DEFAULT/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 17:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:92:5f:76:41:b1:dd:0f:9b:6b:06:b2:b7:8f:88:ab:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8353accb94e10cf8c2c29679067ee39099f404d3
Validity
Not Before: Jun 4 11:23:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3c872d69aabc8586a6ffd5403eb54261ff40aa22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:55:1e:ad:82:8e:f5:c0:5a:06:d4:7f:8f:63:
23:6c:ee:48:00:38:79:26:8b:54:37:05:b1:e2:37:
42:33:f9:10:c7:46:bd:e0:7e:f5:9b:f5:08:70:23:
ac:c2:a4:1a:0a:d7:1a:2a:37:b2:2a:53:d2:11:67:
80:0f:8c:f7:75:4b:64:d6:02:8b:41:2b:c3:b4:e0:
ba:23:69:90:cb:58:80:aa:9d:10:15:d2:90:65:86:
71:bf:89:32:a0:97:66:cb:fe:23:9d:0d:1b:bb:fa:
8a:45:83:73:2b:7b:32:37:46:2f:77:96:7c:15:48:
4d:30:e5:6a:71:14:bb:9a:29:9a:fc:e8:d6:3d:2e:
39:46:ab:87:0a:93:78:33:31:0d:74:b7:a6:fc:f7:
84:7b:d7:0d:85:b6:12:13:4c:97:a9:84:3c:ca:3f:
18:21:ac:30:52:f3:31:71:04:75:03:3e:c6:d8:73:
3b:14:ed:e4:d6:f2:2a:e8:a9:f2:f3:5c:05:c8:1f:
d4:19:ae:f9:74:a2:8c:4a:34:65:24:94:56:3a:5a:
76:9c:56:6d:4c:5e:42:c8:e9:ad:66:e8:52:b1:e0:
0c:21:40:d9:72:3e:52:e6:21:dc:8c:66:80:5a:e6:
6b:a0:a6:b7:9f:85:38:ab:ca:59:b5:c3:fe:55:b6:
06:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:87:2D:69:AA:BC:85:86:A6:FF:D5:40:3E:B5:42:61:FF:40:AA:22
X509v3 Authority Key Identifier:
keyid:83:53:AC:CB:94:E1:0C:F8:C2:C2:96:79:06:7E:E3:90:99:F4:04:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/PIctaaq8hYam_9VAPrVCYf9AqiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.126.10.0/24
93.126.46.0/23
93.126.59.0-93.126.60.255
Signature Algorithm: sha256WithRSAEncryption
a5:17:9b:5f:4c:6f:0a:77:5d:be:86:e9:93:a5:22:8d:60:fc:
53:8b:aa:a0:30:d9:f0:62:8e:56:89:ae:b9:67:80:16:1f:6d:
6f:79:4f:65:31:2e:dc:ed:79:79:7f:16:b3:c7:ee:b0:00:ef:
67:13:32:8a:bd:1b:8f:8c:37:50:91:e1:04:1b:bb:90:33:68:
27:5d:51:d2:9d:19:24:81:35:f3:1c:9b:79:dc:66:3e:f8:a3:
d6:dd:55:c7:b7:83:18:8d:0f:91:51:5a:f9:9d:85:3e:d3:5d:
48:f6:5d:88:28:46:06:c7:fe:9c:c3:7c:98:57:cb:b5:3d:a9:
69:74:30:42:cb:dc:30:65:17:be:e2:61:4b:50:22:cb:6a:f8:
bf:42:df:9b:fe:18:46:f6:d6:08:11:22:f9:c6:62:3e:9f:37:
04:d3:36:7c:ee:11:1b:58:7a:07:f7:3e:16:7e:6b:43:39:4e:
0a:4f:eb:49:14:2f:5b:68:fe:33:88:a0:0c:44:d3:b2:94:fb:
2d:c2:5a:a8:c6:ba:99:a6:cb:c9:b8:da:c5:08:3a:97:77:fa:
f1:8a:9f:5c:8d:a8:4a:84:a9:f2:ff:e5:e6:fb:79:51:5d:25:
4c:6b:b2:79:b9:09:f0:29:16:38:ae:e1:c2:fb:14:68:1f:ef:
1c:a7:ea:cc
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ6SX3ZBsd0Pm2sGsrePiKsUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNTNhY2NiOTRlMTBjZjhjMmMyOTY3OTA2N2VlMzkwOTlm
NDA0ZDMwHhcNMjYwNjA0MTEyMzEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzg3MmQ2OWFhYmM4NTg2YTZmZmQ1NDAzZWI1NDI2MWZmNDBhYTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFUerYKO9cBaBtR/j2MjbO5IADh5
JotUNwWx4jdCM/kQx0a94H71m/UIcCOswqQaCtcaKjeyKlPSEWeAD4z3dUtk1gKL
QSvDtOC6I2mQy1iAqp0QFdKQZYZxv4kyoJdmy/4jnQ0bu/qKRYNzK3syN0Yvd5Z8
FUhNMOVqcRS7mima/OjWPS45RquHCpN4MzENdLem/PeEe9cNhbYSE0yXqYQ8yj8Y
IawwUvMxcQR1Az7G2HM7FO3k1vIq6Kny81wFyB/UGa75dKKMSjRlJJRWOlp2nFZt
TF5CyOmtZuhSseAMIUDZcj5S5iHcjGaAWuZroKa3n4U4q8pZtcP+VbYG4QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDyHLWmqvIWGpv/VQD61QmH/QKoiMB8GA1UdIwQY
MBaAFINTrMuU4Qz4wsKWeQZ+45CZ9ATTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzFPc3k1VGhEUGpDd3BaNUJuN2prSm4wQk5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy85OTM3NzItNWZiYS00MGJmLWI3MjEt
NmMzOTUwMTk0MzcwLzEvUEljdGFhcThoWWFtXzlWQVByVkNZZjlBcWlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy85OTM3NzItNWZiYS00MGJmLWI3MjEtNmMzOTUwMTk0Mzcw
LzEvZzFPc3k1VGhEUGpDd3BaNUJuN2prSm4wQk5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAXX4KAwQB
XX4uMAwDBABdfjsDBABdfjwwDQYJKoZIhvcNAQELBQADggEBAKUXm19Mbwp3Xb6G
6ZOlIo1g/FOLqqAw2fBijlaJrrlngBYfbW95T2UxLtzteXl/FrPH7rAA72cTMoq9
G4+MN1CR4QQbu5AzaCddUdKdGSSBNfMcm3ncZj74o9bdVce3gxiND5FRWvmdhT7T
XUj2XYgoRgbH/pzDfJhXy7U9qWl0MELL3DBlF77iYUtQIstq+L9C35v+GEb21ggR
IvnGYj6fNwTTNnzuERtYegf3PhZ+a0M5TgpP60kUL1to/jOIoAxE07KU+y3CWqjG
upmmy8m42sUIOpd3+vGKn1yNqEqEqfL/5eb7eVFdJUxrsnm5CfApFjiu4cL7FGgf
7xyn6sw=
-----END CERTIFICATE-----
Generated at Sat Jun 13 23:12:39 2026 by rpki-client