Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/diWdBr8Lw6nPV-tMvOf0Cna3ipc.roa
File: diWdBr8Lw6nPV-tMvOf0Cna3ipc.roa (raw, json)
Hash identifier: iWodsL01tWCHUx+C3pbxQzDdBQEdtQ4RhYGFNEL8TgE=
Subject key identifier: 76:25:9D:06:BF:0B:C3:A9:CF:57:EB:4C:BC:E7:F4:0A:76:B7:8A:97
Certificate issuer: /CN=8353accb94e10cf8c2c29679067ee39099f404d3
Certificate serial: 019D31871DEB430D8BDE0789BDDFDADFC405
Authority key identifier: 83:53:AC:CB:94:E1:0C:F8:C2:C2:96:79:06:7E:E3:90:99:F4:04:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/diWdBr8Lw6nPV-tMvOf0Cna3ipc.roa
Signing time: Fri 27 Mar 2026 23:00:31 +0000
ROA not before: Fri 27 Mar 2026 23:00:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206854
IP address blocks: 93.126.16.0/24 maxlen: 24
93.126.27.0/24 maxlen: 24
93.126.30.0/24 maxlen: 24
93.126.52.0/24 maxlen: 24
93.126.53.0/24 maxlen: 24
93.126.55.0/24 maxlen: 24
93.126.57.0/24 maxlen: 24
93.126.58.0/24 maxlen: 24
193.178.201.0/24 maxlen: 24
193.178.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.mft
rsync://rpki.ripe.net/repository/DEFAULT/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 14:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:31:87:1d:eb:43:0d:8b:de:07:89:bd:df:da:df:c4:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8353accb94e10cf8c2c29679067ee39099f404d3
Validity
Not Before: Mar 27 23:00:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=76259d06bf0bc3a9cf57eb4cbce7f40a76b78a97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e9:f3:5d:0e:49:0c:0a:0a:d6:27:ef:c6:75:
27:e1:2a:d5:55:6c:69:ac:64:40:5e:e7:b9:2c:d3:
2f:b6:7d:94:dd:69:bd:e8:ed:4d:9c:72:6c:cc:c5:
30:ab:88:3e:a4:40:76:21:7f:91:ac:84:48:71:ad:
ab:49:e7:91:59:42:98:f3:e6:d3:4b:f6:6f:1f:4e:
28:14:4c:1c:fd:28:b3:1e:a1:bf:1d:f4:ac:ab:29:
d3:14:ef:5c:75:97:ed:4e:8a:1d:be:d2:a0:9f:b6:
8b:a1:9d:c1:b5:a9:11:fa:41:41:d0:f5:e5:4a:cb:
bf:43:e6:12:f0:e8:43:7f:44:32:81:9e:6a:19:45:
83:ee:31:6a:98:e1:fd:1b:a6:6e:98:4f:3d:29:84:
ac:4c:da:ad:01:3d:1e:da:9b:97:1d:f9:71:3f:5b:
e4:e6:0a:23:20:94:79:e3:9d:2d:91:0b:b2:9c:e2:
93:f8:38:82:40:6f:e8:1a:11:71:eb:9b:5b:c1:f0:
dd:df:32:28:2c:36:d2:69:ed:d2:8d:0c:06:39:e4:
e1:57:e6:55:d1:1c:e9:ee:3d:b8:f0:c1:69:1b:83:
8a:15:0d:b5:9c:35:b6:30:af:9b:d6:db:28:db:e2:
89:07:6b:ae:e1:2b:8c:04:8a:92:03:f7:3c:e0:02:
02:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:25:9D:06:BF:0B:C3:A9:CF:57:EB:4C:BC:E7:F4:0A:76:B7:8A:97
X509v3 Authority Key Identifier:
keyid:83:53:AC:CB:94:E1:0C:F8:C2:C2:96:79:06:7E:E3:90:99:F4:04:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/diWdBr8Lw6nPV-tMvOf0Cna3ipc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.126.16.0/24
93.126.27.0/24
93.126.30.0/24
93.126.52.0/23
93.126.55.0/24
93.126.57.0-93.126.58.255
193.178.201.0-193.178.202.255
Signature Algorithm: sha256WithRSAEncryption
8e:e5:93:14:7d:af:c4:b0:1d:b9:e4:ee:d2:b6:e7:71:c6:58:
70:75:23:0f:b4:88:01:63:b5:47:60:dc:37:e3:b2:82:79:af:
c7:b3:b1:49:64:6b:62:7f:2a:57:05:d4:27:91:06:14:e4:d0:
67:c6:bf:73:34:90:bc:0b:da:5a:90:7a:7b:4f:ca:21:ad:d7:
7c:04:b5:10:f6:ec:b8:8c:3b:d3:74:d2:f6:77:6a:9d:ba:07:
20:c0:ea:cd:b1:89:87:53:4f:bb:9f:29:2d:d2:81:b0:1c:c2:
de:90:91:ac:ff:45:d2:c3:39:ae:05:dc:81:dc:c8:30:a9:9d:
7b:b7:5b:77:e3:6c:71:d7:13:45:b7:c6:6d:70:8d:25:d0:d8:
71:36:f8:df:bc:f9:21:f2:3d:75:fa:2e:2e:9c:94:e7:5b:a1:
bb:38:3e:26:58:30:18:4e:12:b4:37:8f:8c:6a:df:14:42:3d:
a8:cc:32:46:b8:2d:01:39:00:72:5a:99:26:35:df:5b:fb:32:
72:c1:11:43:49:e6:1a:e7:19:cd:13:f6:41:15:9a:0f:69:f5:
92:b5:c4:f7:33:02:52:58:f5:ec:bc:a4:d6:d3:29:d3:35:c1:
5e:5c:8f:bf:e5:18:a4:b5:8f:64:44:2a:ab:86:34:4e:f0:f1:
e5:19:1c:69
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZ0xhx3rQw2L3geJvd/a38QFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNTNhY2NiOTRlMTBjZjhjMmMyOTY3OTA2N2VlMzkwOTlm
NDA0ZDMwHhcNMjYwMzI3MjMwMDMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjI1OWQwNmJmMGJjM2E5Y2Y1N2ViNGNiY2U3ZjQwYTc2Yjc4YTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+nzXQ5JDAoK1ifvxnUn4SrVVWxp
rGRAXue5LNMvtn2U3Wm96O1NnHJszMUwq4g+pEB2IX+RrIRIca2rSeeRWUKY8+bT
S/ZvH04oFEwc/SizHqG/HfSsqynTFO9cdZftToodvtKgn7aLoZ3BtakR+kFB0PXl
Ssu/Q+YS8OhDf0QygZ5qGUWD7jFqmOH9G6ZumE89KYSsTNqtAT0e2puXHflxP1vk
5gojIJR5450tkQuynOKT+DiCQG/oGhFx65tbwfDd3zIoLDbSae3SjQwGOeThV+ZV
0Rzp7j248MFpG4OKFQ21nDW2MK+b1tso2+KJB2uu4SuMBIqSA/c84AICOQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFHYlnQa/C8Opz1frTLzn9Ap2t4qXMB8GA1UdIwQY
MBaAFINTrMuU4Qz4wsKWeQZ+45CZ9ATTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzFPc3k1VGhEUGpDd3BaNUJuN2prSm4wQk5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy85OTM3NzItNWZiYS00MGJmLWI3MjEt
NmMzOTUwMTk0MzcwLzEvZGlXZEJyOEx3Nm5QVi10TXZPZjBDbmEzaXBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy85OTM3NzItNWZiYS00MGJmLWI3MjEtNmMzOTUwMTk0Mzcw
LzEvZzFPc3k1VGhEUGpDd3BaNUJuN2prSm4wQk5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQAXX4QAwQA
XX4bAwQAXX4eAwQBXX40AwQAXX43MAwDBABdfjkDBABdfjowDAMEAMGyyQMEAMGy
yjANBgkqhkiG9w0BAQsFAAOCAQEAjuWTFH2vxLAdueTu0rbnccZYcHUjD7SIAWO1
R2DcN+Oygnmvx7OxSWRrYn8qVwXUJ5EGFOTQZ8a/czSQvAvaWpB6e0/KIa3XfAS1
EPbsuIw703TS9ndqnboHIMDqzbGJh1NPu58pLdKBsBzC3pCRrP9F0sM5rgXcgdzI
MKmde7dbd+NscdcTRbfGbXCNJdDYcTb437z5IfI9dfouLpyU51uhuzg+JlgwGE4S
tDePjGrfFEI9qMwyRrgtATkAclqZJjXfW/sycsERQ0nmGucZzRP2QRWaD2n1krXE
9zMCUlj17Lyk1tMp0zXBXlyPv+UYpLWPZEQqq4Y0TvDx5RkcaQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 20:24:23 2026 by rpki-client