Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/9ced26-47b0-427a-881e-f713ad516185/1/r8t5jSQk5lFlDxv7c6ibzUYCg64.roa
File: r8t5jSQk5lFlDxv7c6ibzUYCg64.roa (raw, json)
Hash identifier: Wn/9Zc0Zbqrrz8vzDzG060ISIulF2mhJvZxaset/d+s=
Subject key identifier: AF:CB:79:8D:24:24:E6:51:65:0F:1B:FB:73:A8:9B:CD:46:02:83:AE
Certificate issuer: /CN=20b13910c1f98735e401650b1d34bf8b6a0a0696
Certificate serial: 019C485FF025D1AA8ACAF91821D9B01E5622
Authority key identifier: 20:B1:39:10:C1:F9:87:35:E4:01:65:0B:1D:34:BF:8B:6A:0A:06:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ILE5EMH5hzXkAWULHTS_i2oKBpY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/9ced26-47b0-427a-881e-f713ad516185/1/r8t5jSQk5lFlDxv7c6ibzUYCg64.roa
Signing time: Tue 10 Feb 2026 16:26:12 +0000
ROA not before: Tue 10 Feb 2026 16:26:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213972
IP address blocks: 193.17.32.0/24 maxlen: 24
2a01:fac0::/48 maxlen: 48
2a01:fac0:1::/48 maxlen: 48
2a01:fac4::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/9ced26-47b0-427a-881e-f713ad516185/1/ILE5EMH5hzXkAWULHTS_i2oKBpY.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/9ced26-47b0-427a-881e-f713ad516185/1/ILE5EMH5hzXkAWULHTS_i2oKBpY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ILE5EMH5hzXkAWULHTS_i2oKBpY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 13:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:48:5f:f0:25:d1:aa:8a:ca:f9:18:21:d9:b0:1e:56:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20b13910c1f98735e401650b1d34bf8b6a0a0696
Validity
Not Before: Feb 10 16:26:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=afcb798d2424e651650f1bfb73a89bcd460283ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:f6:ec:84:b3:7f:24:5b:1a:83:37:d6:71:17:
30:52:f0:0f:78:20:b9:ac:8c:96:24:d3:92:ea:a8:
07:55:68:a6:b0:8a:62:72:ea:03:d7:20:c9:29:6f:
ef:47:e0:1d:ea:d8:92:c7:96:7b:56:e0:83:ea:3e:
de:67:6a:ed:26:d5:d1:a8:f8:cd:f8:fc:93:10:68:
06:62:13:f3:49:c5:f7:65:24:a3:48:12:d2:3d:f9:
5b:12:f0:50:1b:d5:a6:1a:6b:9a:21:85:f3:a1:3a:
79:7e:02:cf:f1:e9:34:3f:9c:f0:c2:ac:a2:f4:a8:
a4:82:e9:c6:e5:27:6e:a7:a0:44:68:5d:de:ad:6a:
67:cd:c1:85:b6:23:2b:8c:5e:33:4e:e4:48:85:d4:
da:16:88:2a:87:18:b6:45:5f:7c:2e:64:40:3b:ac:
73:bf:15:3f:94:5e:3d:44:d7:f2:c9:4c:3f:1e:8b:
7a:d6:91:6d:78:b8:e7:7b:2c:6e:c4:82:91:ef:84:
16:48:d4:b1:5e:37:fe:09:b7:18:7a:c7:d0:52:89:
dd:fa:c0:2d:b6:98:ae:82:95:c0:15:dc:c3:b3:d6:
94:64:27:f3:42:ff:14:1b:11:78:40:7f:22:ab:88:
bc:7f:cf:9e:eb:7f:32:9e:99:50:98:8a:de:2a:d3:
b5:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:CB:79:8D:24:24:E6:51:65:0F:1B:FB:73:A8:9B:CD:46:02:83:AE
X509v3 Authority Key Identifier:
keyid:20:B1:39:10:C1:F9:87:35:E4:01:65:0B:1D:34:BF:8B:6A:0A:06:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ILE5EMH5hzXkAWULHTS_i2oKBpY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/9ced26-47b0-427a-881e-f713ad516185/1/r8t5jSQk5lFlDxv7c6ibzUYCg64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/9ced26-47b0-427a-881e-f713ad516185/1/ILE5EMH5hzXkAWULHTS_i2oKBpY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.32.0/24
IPv6:
2a01:fac0::/47
2a01:fac4::/44
Signature Algorithm: sha256WithRSAEncryption
9c:90:1c:28:b7:e5:70:a4:9f:5a:b5:ce:9d:1d:e8:0b:d8:08:
d7:09:56:3b:a0:51:58:c2:08:7d:d7:31:11:ad:2b:18:a5:6f:
a4:e2:16:f9:a7:f8:02:ab:c7:93:d3:34:e9:d4:7f:a3:56:a7:
65:96:73:f3:16:9b:a8:09:9c:3c:35:46:ba:aa:fa:2a:ac:5c:
57:b9:84:b4:04:f1:95:ef:93:08:dc:ea:ca:f8:16:9b:f8:a4:
6a:51:e2:6a:18:ec:28:ca:15:fa:7a:f4:bf:e1:15:f2:8a:9f:
fd:a2:2f:1a:08:30:a7:f6:37:61:ec:5d:7f:72:02:4a:43:07:
1b:71:36:f2:2c:f7:6a:cd:ee:f1:e7:e3:31:65:54:1c:a0:79:
40:5f:4a:c7:5e:83:27:fe:d8:b9:2a:20:11:23:4a:b0:05:06:
37:68:80:76:09:85:ee:dd:8f:d8:e9:2d:ef:85:bf:2e:7d:12:
6f:5a:66:92:b2:2f:95:45:c5:50:38:cb:0a:99:df:4e:d6:e0:
5e:c5:5c:57:e1:30:ce:ee:ce:33:d5:b0:8c:1b:75:63:82:35:
f5:45:b9:22:7e:44:16:dc:fa:d5:1d:9e:b9:7e:e3:5a:f1:8c:
89:0d:ab:d2:e4:e9:ac:49:f3:60:8c:a0:39:fc:b1:c0:55:f1:
99:39:bb:71
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZxIX/Al0aqKyvkYIdmwHlYiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYjEzOTEwYzFmOTg3MzVlNDAxNjUwYjFkMzRiZjhiNmEw
YTA2OTYwHhcNMjYwMjEwMTYyNjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmNiNzk4ZDI0MjRlNjUxNjUwZjFiZmI3M2E4OWJjZDQ2MDI4M2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9PbshLN/JFsagzfWcRcwUvAPeCC5
rIyWJNOS6qgHVWimsIpicuoD1yDJKW/vR+Ad6tiSx5Z7VuCD6j7eZ2rtJtXRqPjN
+PyTEGgGYhPzScX3ZSSjSBLSPflbEvBQG9WmGmuaIYXzoTp5fgLP8ek0P5zwwqyi
9KikgunG5Sdup6BEaF3erWpnzcGFtiMrjF4zTuRIhdTaFogqhxi2RV98LmRAO6xz
vxU/lF49RNfyyUw/Hot61pFteLjneyxuxIKR74QWSNSxXjf+CbcYesfQUond+sAt
tpiugpXAFdzDs9aUZCfzQv8UGxF4QH8iq4i8f8+e638ynplQmIreKtO1NwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFK/LeY0kJOZRZQ8b+3Oom81GAoOuMB8GA1UdIwQY
MBaAFCCxORDB+Yc15AFlCx00v4tqCgaWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUxFNUVNSDVoelhrQVdVTEhUU19pMm9LQnBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85Y2VkMjYtNDdiMC00MjdhLTg4MWUt
ZjcxM2FkNTE2MTg1LzEvcjh0NWpTUWs1bEZsRHh2N2M2aWJ6VVlDZzY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85Y2VkMjYtNDdiMC00MjdhLTg4MWUtZjcxM2FkNTE2MTg1
LzEvSUxFNUVNSDVoelhrQVdVTEhUU19pMm9LQnBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAwREgMBgE
AgACMBIDBwEqAfrAAAADBwQqAfrEAAAwDQYJKoZIhvcNAQELBQADggEBAJyQHCi3
5XCkn1q1zp0d6AvYCNcJVjugUVjCCH3XMRGtKxilb6TiFvmn+AKrx5PTNOnUf6NW
p2WWc/MWm6gJnDw1Rrqq+iqsXFe5hLQE8ZXvkwjc6sr4Fpv4pGpR4moY7CjKFfp6
9L/hFfKKn/2iLxoIMKf2N2HsXX9yAkpDBxtxNvIs92rN7vHn4zFlVBygeUBfSsde
gyf+2LkqIBEjSrAFBjdogHYJhe7dj9jpLe+Fvy59Em9aZpKyL5VFxVA4ywqZ307W
4F7FXFfhMM7uzjPVsIwbdWOCNfVFuSJ+RBbc+tUdnrl+41rxjIkNq9Lk6axJ82CM
oDn8scBV8Zk5u3E=
-----END CERTIFICATE-----
Generated at Mon Mar 2 23:07:13 2026 by rpki-client