Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/LrIq3yv1RE6T_G5fTsyEiBHJC9w.roa
File: LrIq3yv1RE6T_G5fTsyEiBHJC9w.roa (raw, json)
Hash identifier: KZeppNLsQGbaS62+IPxzV/xqyVyehH9tx8dfR8ms5Hk=
Subject key identifier: 2E:B2:2A:DF:2B:F5:44:4E:93:FC:6E:5F:4E:CC:84:88:11:C9:0B:DC
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 019D780E0DAF8DB11167DF626824A3E66F26
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/LrIq3yv1RE6T_G5fTsyEiBHJC9w.roa
Signing time: Fri 10 Apr 2026 15:41:20 +0000
ROA not before: Fri 10 Apr 2026 15:41:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 19905
IP address blocks: 84.1.158.0/24 maxlen: 24
84.1.236.0/24 maxlen: 24
84.2.54.0/24 maxlen: 24
195.56.141.0/24 maxlen: 24
195.56.199.0/24 maxlen: 24
195.228.4.0/24 maxlen: 24
195.228.31.0/24 maxlen: 24
195.228.112.0/24 maxlen: 24
195.228.180.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:78:0e:0d:af:8d:b1:11:67:df:62:68:24:a3:e6:6f:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Apr 10 15:41:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2eb22adf2bf5444e93fc6e5f4ecc848811c90bdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a9:a1:24:4e:c1:a1:2c:d8:09:5f:35:a6:9a:
fb:89:ec:75:ce:9c:23:de:c9:61:d6:25:f0:d7:2e:
3a:f0:24:04:ed:37:42:91:af:5a:6c:3f:ba:1d:f7:
b1:71:3f:9d:7c:01:dc:9e:7b:cf:3d:b9:7d:91:74:
70:36:ba:1d:b6:83:c1:a4:6b:6e:65:5a:57:66:62:
4b:9c:0d:0e:12:de:4c:b7:4d:55:7f:29:3a:24:eb:
1b:83:73:cc:9a:dc:19:12:96:92:74:d1:d5:c9:a9:
9d:ba:87:a6:cf:57:40:a9:84:3a:f7:07:c2:23:49:
cf:66:5e:a6:5a:bd:17:f5:eb:cb:d1:ae:65:5f:19:
5d:0a:b4:98:76:c9:2f:80:6f:19:f2:3f:3f:6b:01:
e6:2c:f2:2a:44:55:7c:32:c7:f3:84:22:99:86:75:
da:97:d2:ab:4a:df:b4:bd:08:d7:48:87:e2:89:0d:
38:73:11:ae:53:26:db:06:be:36:89:6c:84:c7:84:
e3:5b:98:fc:d1:da:3d:3b:ec:7c:28:fe:5e:fb:20:
c4:f4:17:f5:49:08:78:06:32:c9:d2:49:71:b6:4b:
91:78:9b:29:02:a3:a0:ee:eb:f6:1c:68:54:de:21:
08:c6:86:10:01:4c:d9:fe:d8:d9:f4:3e:78:53:e5:
35:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:B2:2A:DF:2B:F5:44:4E:93:FC:6E:5F:4E:CC:84:88:11:C9:0B:DC
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/LrIq3yv1RE6T_G5fTsyEiBHJC9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.1.158.0/24
84.1.236.0/24
84.2.54.0/24
195.56.141.0/24
195.56.199.0/24
195.228.4.0/24
195.228.31.0/24
195.228.112.0/24
195.228.180.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:55:01:ec:88:04:94:ae:b4:1a:2d:9c:d3:91:9b:32:7c:ff:
5d:d0:97:f4:46:28:a1:70:62:48:80:43:d1:be:bc:66:14:16:
07:b1:80:a6:d3:b9:c0:f7:5d:2a:2e:a3:19:44:33:5f:5a:71:
b7:eb:46:09:a6:08:e7:e4:cd:12:17:30:78:36:b6:8a:bf:0e:
17:37:97:00:40:8b:90:3e:0e:f7:bf:33:a9:05:55:46:f9:4f:
91:f0:4e:14:bc:8f:54:99:d4:8f:6d:9b:95:3e:09:1c:61:7f:
69:65:c9:72:92:ea:b1:c7:f3:31:58:22:59:82:87:ce:a5:74:
d3:de:91:e0:f8:8f:72:4f:f7:78:65:29:b4:dd:aa:51:e5:91:
e3:99:1d:eb:8d:26:0b:65:47:d3:c0:82:a4:a8:21:16:ba:2c:
2c:ba:7a:5c:66:ec:d2:f8:62:06:59:93:e2:3d:96:80:c9:e5:
42:f7:b8:25:dc:06:95:98:f2:de:de:16:2b:cb:54:02:40:6d:
c2:b7:4f:08:d3:10:f5:1d:5d:cb:5e:da:70:66:61:3e:e7:53:
8a:c5:6d:67:51:2b:95:f0:ba:0f:3c:01:b7:b4:ef:04:08:cb:
fa:05:01:1e:8a:ed:2a:2c:8b:38:c3:a2:1b:c0:8a:d2:76:84:
c8:c6:ac:e7
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZ14Dg2vjbERZ99iaCSj5m8mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjYwNDEwMTU0MTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWIyMmFkZjJiZjU0NDRlOTNmYzZlNWY0ZWNjODQ4ODExYzkwYmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6mhJE7BoSzYCV81ppr7iex1zpwj
3slh1iXw1y468CQE7TdCka9abD+6HfexcT+dfAHcnnvPPbl9kXRwNrodtoPBpGtu
ZVpXZmJLnA0OEt5Mt01Vfyk6JOsbg3PMmtwZEpaSdNHVyamduoemz1dAqYQ69wfC
I0nPZl6mWr0X9evL0a5lXxldCrSYdskvgG8Z8j8/awHmLPIqRFV8MsfzhCKZhnXa
l9KrSt+0vQjXSIfiiQ04cxGuUybbBr42iWyEx4TjW5j80do9O+x8KP5e+yDE9Bf1
SQh4BjLJ0klxtkuReJspAqOg7uv2HGhU3iEIxoYQAUzZ/tjZ9D54U+U1twIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFC6yKt8r9UROk/xuX07MhIgRyQvcMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvTHJJcTN5djFSRTZUX0c1ZlRzeUVpQkhKQzl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAVAGeAwQA
VAHsAwQAVAI2AwQAwziNAwQAwzjHAwQAw+QEAwQAw+QfAwQAw+RwAwQAw+S0MA0G
CSqGSIb3DQEBCwUAA4IBAQAMVQHsiASUrrQaLZzTkZsyfP9d0Jf0RiihcGJIgEPR
vrxmFBYHsYCm07nA910qLqMZRDNfWnG360YJpgjn5M0SFzB4NraKvw4XN5cAQIuQ
Pg73vzOpBVVG+U+R8E4UvI9UmdSPbZuVPgkcYX9pZclykuqxx/MxWCJZgofOpXTT
3pHg+I9yT/d4ZSm03apR5ZHjmR3rjSYLZUfTwIKkqCEWuiwsunpcZuzS+GIGWZPi
PZaAyeVC97gl3AaVmPLe3hYry1QCQG3Ct08I0xD1HV3LXtpwZmE+51OKxW1nUSuV
8LoPPAG3tO8ECMv6BQEeiu0qLIs4w6IbwIrSdoTIxqzn
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:55:21 2026 by rpki-client