Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/46431e-4951-4e1a-9195-68a4551f68a8/1/FfVdJg5XIcbSkgXe0oT2UyQo02U.roa
File: FfVdJg5XIcbSkgXe0oT2UyQo02U.roa (raw, json)
Hash identifier: 8uLb0NWjyf1l8TZHn1K+GA4enCKSVsnIrc3cDPpuhcI=
Subject key identifier: 15:F5:5D:26:0E:57:21:C6:D2:92:05:DE:D2:84:F6:53:24:28:D3:65
Certificate issuer: /CN=ebf36087c3fcecfb006f518d7811b255ea57c90d
Certificate serial: 019C8ED8A001F5B507E6F7DEB617016E7DBE
Authority key identifier: EB:F3:60:87:C3:FC:EC:FB:00:6F:51:8D:78:11:B2:55:EA:57:C9:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_Ngh8P87PsAb1GNeBGyVepXyQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/46431e-4951-4e1a-9195-68a4551f68a8/1/FfVdJg5XIcbSkgXe0oT2UyQo02U.roa
Signing time: Tue 24 Feb 2026 08:51:27 +0000
ROA not before: Tue 24 Feb 2026 08:51:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209581
IP address blocks: 83.136.176.0/24 maxlen: 24
83.136.177.0/24 maxlen: 24
83.136.178.0/24 maxlen: 24
83.136.179.0/24 maxlen: 24
83.229.33.0/24 maxlen: 24
83.229.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/46431e-4951-4e1a-9195-68a4551f68a8/1/6_Ngh8P87PsAb1GNeBGyVepXyQ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/46431e-4951-4e1a-9195-68a4551f68a8/1/6_Ngh8P87PsAb1GNeBGyVepXyQ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/6_Ngh8P87PsAb1GNeBGyVepXyQ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 17:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8e:d8:a0:01:f5:b5:07:e6:f7:de:b6:17:01:6e:7d:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebf36087c3fcecfb006f518d7811b255ea57c90d
Validity
Not Before: Feb 24 08:51:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=15f55d260e5721c6d29205ded284f6532428d365
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e0:92:c3:09:75:e5:e9:ca:e5:d3:0d:79:1d:
75:97:09:bc:9f:47:32:af:4e:c0:11:e7:03:88:66:
2a:e3:e9:f6:89:2a:10:02:21:96:5c:8e:70:82:f6:
0d:1f:29:62:df:a9:38:5b:26:a3:de:04:41:38:34:
1d:51:5a:3e:3f:86:52:ca:04:9a:9d:10:bf:a2:84:
cd:38:11:3c:cf:90:14:d9:00:03:e6:92:96:3a:1b:
98:76:3c:f8:5f:68:a0:d6:ef:dc:1d:2d:6a:8b:2f:
22:e6:61:02:be:78:cc:de:47:3d:7b:64:7f:64:38:
b5:96:a9:84:3b:a9:1a:9a:1f:1a:1d:80:cb:0a:03:
20:7c:a9:f3:f6:78:bc:af:3b:6f:db:96:e1:b0:cd:
9d:81:9c:49:fa:67:54:90:3b:5d:49:f1:de:e5:00:
bf:7f:8f:d4:63:d7:e5:06:6b:f2:a3:99:04:f7:fb:
22:cf:27:09:22:4f:d9:b2:f2:28:32:c8:97:68:63:
6d:05:ea:f8:7c:e4:c6:0b:e9:22:75:70:74:18:b3:
2e:7e:b2:29:bb:82:03:c1:bc:3a:b8:62:8f:32:e9:
10:7d:82:59:7f:8a:3e:1a:07:3d:75:ac:2a:31:22:
c0:3a:d6:f8:67:62:10:33:b4:ab:3e:f1:16:b4:61:
9d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:F5:5D:26:0E:57:21:C6:D2:92:05:DE:D2:84:F6:53:24:28:D3:65
X509v3 Authority Key Identifier:
keyid:EB:F3:60:87:C3:FC:EC:FB:00:6F:51:8D:78:11:B2:55:EA:57:C9:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_Ngh8P87PsAb1GNeBGyVepXyQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/46431e-4951-4e1a-9195-68a4551f68a8/1/FfVdJg5XIcbSkgXe0oT2UyQo02U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/46431e-4951-4e1a-9195-68a4551f68a8/1/6_Ngh8P87PsAb1GNeBGyVepXyQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.176.0/22
83.229.33.0/24
83.229.38.0/24
Signature Algorithm: sha256WithRSAEncryption
27:1c:57:b8:fd:d5:5e:8a:4d:15:d5:4b:8c:c0:ee:54:a4:06:
cf:e1:59:41:83:62:ad:4b:ae:fb:39:34:72:c2:62:7d:6b:f6:
38:22:87:9c:d7:fd:44:07:44:bb:f2:40:31:0f:54:c7:fe:9e:
3e:7e:94:9d:5f:64:bf:7a:18:17:e7:f5:31:44:64:7b:a8:d4:
62:dd:f9:19:0a:1c:96:78:a8:5e:ac:e2:2f:4a:f5:c4:90:aa:
be:2f:db:25:ad:b0:69:ab:ae:e8:3a:20:a8:41:a8:14:62:cd:
4d:e0:e3:85:76:78:40:a5:87:7b:fd:1f:38:36:0c:2c:46:88:
4c:de:63:cf:e1:bb:a2:6a:86:6c:1e:01:04:d0:00:e6:b5:2c:
34:39:de:78:e0:8b:7d:a1:58:e1:24:71:b7:50:82:cb:a5:c4:
85:96:a6:db:9d:43:e1:2a:32:3d:43:24:53:3f:0c:b3:2c:6d:
00:22:85:aa:04:8c:f5:81:30:46:d0:52:e7:e0:6e:54:8e:9e:
77:9d:1a:6a:1c:70:e5:8a:41:d5:5c:da:54:3d:cc:35:d1:c0:
86:dd:c9:20:54:0d:7f:cf:80:c3:55:b0:4b:9d:c9:62:15:3d:
85:af:45:58:4f:bf:5b:07:f6:5b:85:9c:f9:f4:8b:17:b6:68:
fb:02:17:3d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZyO2KAB9bUH5vfethcBbn2+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZjM2MDg3YzNmY2VjZmIwMDZmNTE4ZDc4MTFiMjU1ZWE1
N2M5MGQwHhcNMjYwMjI0MDg1MTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWY1NWQyNjBlNTcyMWM2ZDI5MjA1ZGVkMjg0ZjY1MzI0MjhkMzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteCSwwl15enK5dMNeR11lwm8n0cy
r07AEecDiGYq4+n2iSoQAiGWXI5wgvYNHyli36k4Wyaj3gRBODQdUVo+P4ZSygSa
nRC/ooTNOBE8z5AU2QAD5pKWOhuYdjz4X2ig1u/cHS1qiy8i5mECvnjM3kc9e2R/
ZDi1lqmEO6kamh8aHYDLCgMgfKnz9ni8rztv25bhsM2dgZxJ+mdUkDtdSfHe5QC/
f4/UY9flBmvyo5kE9/sizycJIk/ZsvIoMsiXaGNtBer4fOTGC+kidXB0GLMufrIp
u4IDwbw6uGKPMukQfYJZf4o+Ggc9dawqMSLAOtb4Z2IQM7SrPvEWtGGdvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBX1XSYOVyHG0pIF3tKE9lMkKNNlMB8GA1UdIwQY
MBaAFOvzYIfD/Oz7AG9RjXgRslXqV8kNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9OZ2g4UDg3UHNBYjFHTmVCR3lWZXBYeVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80NjQzMWUtNDk1MS00ZTFhLTkxOTUt
NjhhNDU1MWY2OGE4LzEvRmZWZEpnNVhJY2JTa2dYZTBvVDJVeVFvMDJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80NjQzMWUtNDk1MS00ZTFhLTkxOTUtNjhhNDU1MWY2OGE4
LzEvNl9OZ2g4UDg3UHNBYjFHTmVCR3lWZXBYeVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCU4iwAwQA
U+UhAwQAU+UmMA0GCSqGSIb3DQEBCwUAA4IBAQAnHFe4/dVeik0V1UuMwO5UpAbP
4VlBg2KtS677OTRywmJ9a/Y4Ioec1/1EB0S78kAxD1TH/p4+fpSdX2S/ehgX5/Ux
RGR7qNRi3fkZChyWeKherOIvSvXEkKq+L9slrbBpq67oOiCoQagUYs1N4OOFdnhA
pYd7/R84NgwsRohM3mPP4buiaoZsHgEE0ADmtSw0Od544It9oVjhJHG3UILLpcSF
lqbbnUPhKjI9QyRTPwyzLG0AIoWqBIz1gTBG0FLn4G5Ujp53nRpqHHDlikHVXNpU
Pcw10cCG3ckgVA1/z4DDVbBLncliFT2Fr0VYT79bB/ZbhZz59IsXtmj7Ahc9
-----END CERTIFICATE-----
Generated at Tue Mar 3 02:06:39 2026 by rpki-client