Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/0PAqFIb9hY6sRx-XJHeV-vMpiLE.roa
File: 0PAqFIb9hY6sRx-XJHeV-vMpiLE.roa (raw, json)
Hash identifier: XGSrtnWtMURYDiKYZNcPKGRR2M8yWTJfv2/amMwKAME=
Subject key identifier: D0:F0:2A:14:86:FD:85:8E:AC:47:1F:97:24:77:95:FA:F3:29:88:B1
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019DA18773E8B558E4A64B00693767401691
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/0PAqFIb9hY6sRx-XJHeV-vMpiLE.roa
Signing time: Sat 18 Apr 2026 16:58:22 +0000
ROA not before: Sat 18 Apr 2026 16:58:22 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208185
IP address blocks: 94.183.242.0/24 maxlen: 24
94.183.243.0/24 maxlen: 24
94.183.244.0/24 maxlen: 24
94.183.245.0/24 maxlen: 24
94.183.246.0/24 maxlen: 24
94.183.247.0/24 maxlen: 24
94.183.248.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a1:87:73:e8:b5:58:e4:a6:4b:00:69:37:67:40:16:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 18 16:58:22 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d0f02a1486fd858eac471f97247795faf32988b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:0d:0f:6f:f1:99:b0:c1:e8:6f:bd:fe:90:a7:
ab:08:14:23:8c:b4:b9:8c:ea:5e:1a:61:d3:04:a4:
5b:30:c3:9c:e0:f4:8a:8f:68:08:60:94:1c:c5:dc:
af:3a:de:45:ce:c7:c3:38:59:87:b7:6f:96:e2:0b:
7e:41:74:59:5a:3a:7c:ae:af:53:2b:2d:a4:96:e4:
32:b9:b7:d9:cb:f8:ed:1a:01:5c:f1:56:ff:35:14:
05:29:52:8d:89:3f:b9:03:89:f5:a0:3d:e0:ec:08:
2e:f2:2c:c8:49:9c:25:4a:b2:f4:cf:34:ef:2d:0b:
5d:bb:73:12:0d:49:fd:63:93:21:85:3c:ef:d4:9d:
1f:11:3d:f2:3f:d0:74:d6:f8:e1:c3:c0:67:cb:28:
86:8c:12:58:f5:fb:92:57:32:28:93:70:40:e1:de:
c4:e6:a0:01:3e:82:3a:f8:20:c3:c0:a1:e9:b6:c4:
2e:00:0f:19:35:48:15:3d:7b:ae:42:b3:79:8a:9a:
b7:69:67:3d:bb:ef:fe:ff:b7:ac:53:7e:00:56:b2:
eb:d4:94:5f:b5:fc:f6:4c:76:d6:f2:44:ef:2d:e1:
7f:03:57:9e:1f:23:43:20:e3:cd:aa:00:64:68:fe:
73:61:a0:3f:3f:98:db:00:58:c6:4b:bf:11:a7:d1:
38:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:F0:2A:14:86:FD:85:8E:AC:47:1F:97:24:77:95:FA:F3:29:88:B1
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/0PAqFIb9hY6sRx-XJHeV-vMpiLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.183.242.0-94.183.251.255
Signature Algorithm: sha256WithRSAEncryption
51:47:ce:bc:52:53:f4:d6:41:ea:a1:a6:73:95:f6:66:3d:37:
77:ab:a6:5f:82:6d:28:15:59:fc:89:72:bb:78:16:87:b0:9a:
ac:2c:dc:e3:28:fc:e3:d9:44:59:fb:41:c4:35:ef:ff:59:8b:
d4:3d:77:2a:f2:12:b0:7f:7e:de:cb:08:99:4a:02:46:b0:8a:
a8:c0:6d:12:52:3d:9e:20:1e:91:77:53:9f:ab:6a:a2:6b:8e:
19:dc:3c:ce:3f:ff:ac:1f:90:fc:d9:a3:1f:f0:af:1d:ca:c5:
e5:0f:de:e1:91:c3:db:21:33:b0:6c:c3:38:6a:bb:22:69:f8:
83:28:2d:f1:9e:e5:b9:31:94:6b:e5:87:2e:ca:bb:95:4d:d7:
31:cd:8a:71:e4:bb:a9:dd:26:fd:40:ab:96:5b:e1:91:6d:ac:
86:9b:cc:40:7b:f3:20:d2:03:2b:67:74:0b:39:73:8b:0a:2e:
3f:a0:6e:02:00:ae:7a:9f:45:d5:e7:0f:21:34:ef:32:ba:54:
7d:cc:a2:e4:da:b6:f2:06:4c:98:bc:d3:5c:fd:ff:e5:e7:22:
40:db:e1:57:40:c7:b4:f9:af:67:b1:f9:4f:eb:f1:1f:14:7e:
3e:da:74:6b:c4:e0:2a:c7:83:f8:c2:b7:b3:ff:94:00:43:00:
d8:6e:62:ed
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZ2hh3PotVjkpksAaTdnQBaRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNDE4MTY1ODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGYwMmExNDg2ZmQ4NThlYWM0NzFmOTcyNDc3OTVmYWYzMjk4OGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxA0Pb/GZsMHob73+kKerCBQjjLS5
jOpeGmHTBKRbMMOc4PSKj2gIYJQcxdyvOt5FzsfDOFmHt2+W4gt+QXRZWjp8rq9T
Ky2kluQyubfZy/jtGgFc8Vb/NRQFKVKNiT+5A4n1oD3g7Agu8izISZwlSrL0zzTv
LQtdu3MSDUn9Y5MhhTzv1J0fET3yP9B01vjhw8BnyyiGjBJY9fuSVzIok3BA4d7E
5qABPoI6+CDDwKHptsQuAA8ZNUgVPXuuQrN5ipq3aWc9u+/+/7esU34AVrLr1JRf
tfz2THbW8kTvLeF/A1eeHyNDIOPNqgBkaP5zYaA/P5jbAFjGS78Rp9E4VQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNDwKhSG/YWOrEcflyR3lfrzKYixMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMFBBcUZJYjloWTZzUngtWEpIZVYtdk1waUxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFet/ID
BAJet/gwDQYJKoZIhvcNAQELBQADggEBAFFHzrxSU/TWQeqhpnOV9mY9N3erpl+C
bSgVWfyJcrt4Foewmqws3OMo/OPZRFn7QcQ17/9Zi9Q9dyryErB/ft7LCJlKAkaw
iqjAbRJSPZ4gHpF3U5+raqJrjhncPM4//6wfkPzZox/wrx3KxeUP3uGRw9shM7Bs
wzhquyJp+IMoLfGe5bkxlGvlhy7Ku5VN1zHNinHku6ndJv1Aq5Zb4ZFtrIabzEB7
8yDSAytndAs5c4sKLj+gbgIArnqfRdXnDyE07zK6VH3MouTatvIGTJi801z9/+Xn
IkDb4VdAx7T5r2ex+U/r8R8Ufj7adGvE4CrHg/jCt7P/lABDANhuYu0=
-----END CERTIFICATE-----
Generated at Sun Apr 19 11:12:27 2026 by rpki-client