Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/384467-2081-43b4-b47e-f9f385572696/1/8u--PHXcb8fanvRnVD8ORFDAWAo.roa
File: 8u--PHXcb8fanvRnVD8ORFDAWAo.roa (raw, json)
Hash identifier: SlV1tdKj8d+d8O1aFXysjvMqssjH3C5EHOnIRAt5jZs=
Subject key identifier: F2:EF:BE:3C:75:DC:6F:C7:DA:9E:F4:67:54:3F:0E:44:50:C0:58:0A
Certificate issuer: /CN=0cec6f76298c5f5fe26b1e932a450513fcc39b38
Certificate serial: 019B7AC7FC851CBBE58FD61F34241CBC666E
Authority key identifier: 0C:EC:6F:76:29:8C:5F:5F:E2:6B:1E:93:2A:45:05:13:FC:C3:9B:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOxvdimMX1_iax6TKkUFE_zDmzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/384467-2081-43b4-b47e-f9f385572696/1/8u--PHXcb8fanvRnVD8ORFDAWAo.roa
Signing time: Thu 01 Jan 2026 18:18:05 +0000
ROA not before: Thu 01 Jan 2026 18:18:05 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51066
IP address blocks: 195.254.190.0/23 maxlen: 23
2001:67c:210::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/384467-2081-43b4-b47e-f9f385572696/1/DOxvdimMX1_iax6TKkUFE_zDmzg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/384467-2081-43b4-b47e-f9f385572696/1/DOxvdimMX1_iax6TKkUFE_zDmzg.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOxvdimMX1_iax6TKkUFE_zDmzg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7a:c7:fc:85:1c:bb:e5:8f:d6:1f:34:24:1c:bc:66:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cec6f76298c5f5fe26b1e932a450513fcc39b38
Validity
Not Before: Jan 1 18:18:05 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f2efbe3c75dc6fc7da9ef467543f0e4450c0580a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e8:90:64:0b:9e:82:93:8c:b2:dc:8d:e5:96:
b1:0f:26:34:fc:83:c4:35:1d:ae:89:f6:0e:c8:42:
98:d5:ef:d8:2a:b4:df:2b:ae:80:c6:4b:90:66:a8:
f6:ff:72:48:33:2e:85:12:93:58:85:f1:55:3f:64:
f0:bb:52:3f:43:e5:c1:78:b0:55:3a:28:ba:a3:3c:
7d:f6:f8:29:a2:ec:53:b3:b1:88:cc:96:0a:a1:13:
4c:53:9d:15:e1:d2:04:2b:6c:b6:a4:3b:4f:a7:73:
b7:2f:46:81:5c:87:51:ab:bb:75:95:af:d2:37:01:
ad:c4:b6:6e:8b:0d:25:c4:55:c2:9f:2f:e8:9a:96:
1d:12:11:b3:1b:9a:82:fc:c6:f2:76:32:c8:b9:7d:
7e:d8:6b:15:6e:8b:af:b6:c1:23:96:3b:11:00:b6:
52:13:d8:b7:0b:37:2d:1c:40:d2:1b:90:b6:7c:3a:
30:fb:be:64:d9:9d:0b:29:c7:c8:2c:5d:72:59:b3:
31:bc:05:fd:0b:8b:3a:3b:bf:15:1a:0c:66:9a:6a:
cf:a5:7c:e5:2d:e0:86:c4:e3:5e:73:32:58:3f:e8:
1a:f4:49:a9:fb:c6:cb:2e:ca:57:fd:04:4e:73:64:
67:ec:67:c0:bc:c6:e7:ca:25:0a:1f:68:9d:3b:8a:
2c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:EF:BE:3C:75:DC:6F:C7:DA:9E:F4:67:54:3F:0E:44:50:C0:58:0A
X509v3 Authority Key Identifier:
keyid:0C:EC:6F:76:29:8C:5F:5F:E2:6B:1E:93:2A:45:05:13:FC:C3:9B:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOxvdimMX1_iax6TKkUFE_zDmzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/384467-2081-43b4-b47e-f9f385572696/1/8u--PHXcb8fanvRnVD8ORFDAWAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/384467-2081-43b4-b47e-f9f385572696/1/DOxvdimMX1_iax6TKkUFE_zDmzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.190.0/23
IPv6:
2001:67c:210::/48
Signature Algorithm: sha256WithRSAEncryption
70:8f:86:af:32:bf:e2:de:77:2e:d3:e0:37:9b:3b:01:4d:97:
fd:f3:5d:34:4e:7c:71:cf:79:e6:62:f9:57:28:47:cc:60:85:
85:38:d3:14:9b:78:e8:71:97:25:fc:3c:67:5d:84:b3:06:e8:
42:4d:4e:7f:ec:72:7c:f8:a4:c9:bc:69:9e:ac:2f:b6:d6:1a:
10:9b:73:eb:8a:8e:a8:43:b4:e5:8d:79:26:d8:45:0f:2c:15:
df:a4:fc:51:55:61:b4:36:86:81:40:54:30:a9:04:6e:e1:bb:
6d:8c:29:83:3d:4c:9a:5f:e6:76:55:15:e6:e0:df:ad:dd:b6:
56:3f:6d:fc:af:98:04:64:c0:58:92:09:b3:ea:00:54:03:87:
f9:9f:e3:2d:8e:f6:57:d2:81:e6:5c:df:4d:eb:bb:31:fc:3a:
eb:ed:35:18:80:33:25:b3:3e:7d:8e:89:72:6a:58:bd:64:27:
d4:cb:59:c4:a8:6e:96:de:7d:8b:ba:bb:c3:6d:d5:b1:d9:be:
c1:8c:84:2c:20:c9:88:9f:77:10:72:13:99:25:e5:9e:9d:72:
ee:aa:8d:13:0e:6b:2a:7b:b3:34:a7:12:99:4a:8e:7f:44:e5:
93:8a:59:dd:ce:3c:01:33:55:b7:3a:9f:c5:64:73:3a:1a:61:
bd:5b:dc:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZt6x/yFHLvlj9YfNCQcvGZuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZWM2Zjc2Mjk4YzVmNWZlMjZiMWU5MzJhNDUwNTEzZmNj
MzliMzgwHhcNMjYwMTAxMTgxODA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmVmYmUzYzc1ZGM2ZmM3ZGE5ZWY0Njc1NDNmMGU0NDUwYzA1ODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseiQZAuegpOMstyN5ZaxDyY0/IPE
NR2uifYOyEKY1e/YKrTfK66AxkuQZqj2/3JIMy6FEpNYhfFVP2Twu1I/Q+XBeLBV
Oii6ozx99vgpouxTs7GIzJYKoRNMU50V4dIEK2y2pDtPp3O3L0aBXIdRq7t1la/S
NwGtxLZuiw0lxFXCny/ompYdEhGzG5qC/MbydjLIuX1+2GsVbouvtsEjljsRALZS
E9i3CzctHEDSG5C2fDow+75k2Z0LKcfILF1yWbMxvAX9C4s6O78VGgxmmmrPpXzl
LeCGxONeczJYP+ga9Emp+8bLLspX/QROc2Rn7GfAvMbnyiUKH2idO4osqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPLvvjx13G/H2p70Z1Q/DkRQwFgKMB8GA1UdIwQY
MBaAFAzsb3YpjF9f4msekypFBRP8w5s4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE94dmRpbU1YMV9pYXg2VEtrVUZFX3pEbXpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zODQ0NjctMjA4MS00M2I0LWI0N2Ut
ZjlmMzg1NTcyNjk2LzEvOHUtLVBIWGNiOGZhbnZSblZEOE9SRkRBV0FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zODQ0NjctMjA4MS00M2I0LWI0N2UtZjlmMzg1NTcyNjk2
LzEvRE94dmRpbU1YMV9pYXg2VEtrVUZFX3pEbXpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw/6+MA8E
AgACMAkDBwAgAQZ8AhAwDQYJKoZIhvcNAQELBQADggEBAHCPhq8yv+Ledy7T4Deb
OwFNl/3zXTROfHHPeeZi+VcoR8xghYU40xSbeOhxlyX8PGddhLMG6EJNTn/scnz4
pMm8aZ6sL7bWGhCbc+uKjqhDtOWNeSbYRQ8sFd+k/FFVYbQ2hoFAVDCpBG7hu22M
KYM9TJpf5nZVFebg363dtlY/bfyvmARkwFiSCbPqAFQDh/mf4y2O9lfSgeZc303r
uzH8OuvtNRiAMyWzPn2OiXJqWL1kJ9TLWcSobpbefYu6u8Nt1bHZvsGMhCwgyYif
dxByE5kl5Z6dcu6qjRMOayp7szSnEplKjn9E5ZOKWd3OPAEzVbc6n8VkczoaYb1b
3KE=
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:20:35 2026 by rpki-client