Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/e85375-40ff-4e77-b4e9-bb0671d8ea32/1/8z842irPUI8EAcdgem6-OTXhKlE.roa
File: 8z842irPUI8EAcdgem6-OTXhKlE.roa (raw, json)
Hash identifier: HK9+peK6bA6qvniuZHkI3MKhAoqJRMXPjQN3NjLDd4Q=
Subject key identifier: F3:3F:38:DA:2A:CF:50:8F:04:01:C7:60:7A:6E:BE:39:35:E1:2A:51
Certificate issuer: /CN=ac27bc245e76ba5e5c1fc5e9ee55b4b48de7f85a
Certificate serial: 019D540BB19F4E6E8BCC9824F377300C2C7B
Authority key identifier: AC:27:BC:24:5E:76:BA:5E:5C:1F:C5:E9:EE:55:B4:B4:8D:E7:F8:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rCe8JF52ul5cH8Xp7lW0tI3n-Fo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/e85375-40ff-4e77-b4e9-bb0671d8ea32/1/8z842irPUI8EAcdgem6-OTXhKlE.roa
Signing time: Fri 03 Apr 2026 15:52:25 +0000
ROA not before: Fri 03 Apr 2026 15:52:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206375
IP address blocks: 45.135.204.0/24 maxlen: 32
45.135.205.0/24 maxlen: 32
45.135.206.0/24 maxlen: 32
45.135.207.0/24 maxlen: 32
139.28.104.0/24 maxlen: 32
139.28.105.0/24 maxlen: 32
139.28.106.0/24 maxlen: 32
139.28.107.0/24 maxlen: 32
185.188.128.0/24 maxlen: 32
185.188.129.0/24 maxlen: 32
185.188.130.0/24 maxlen: 32
185.188.131.0/24 maxlen: 32
185.219.176.0/24 maxlen: 32
185.219.177.0/24 maxlen: 32
185.219.178.0/24 maxlen: 32
185.219.179.0/24 maxlen: 32
2a0b:bf40::/29 maxlen: 48
2a0b:bf40::/48 maxlen: 48
2a0b:bf40:1::/48 maxlen: 48
2a0b:bf40:2::/48 maxlen: 48
2a0b:bf40:3::/48 maxlen: 48
2a0b:bf40:4::/48 maxlen: 48
2a0b:bf40:5::/48 maxlen: 48
2a0b:bf40:6::/48 maxlen: 48
2a0b:bf40:7::/48 maxlen: 48
2a0b:bf40:8::/48 maxlen: 48
2a0b:bf40:9::/48 maxlen: 48
2a0b:bf40:a::/48 maxlen: 48
2a0b:bf40:b::/48 maxlen: 48
2a0b:bf40:c::/48 maxlen: 48
2a0b:bf40:d::/48 maxlen: 48
2a0b:bf40:e::/48 maxlen: 48
2a0b:bf40:f::/48 maxlen: 48
2a0b:bf40:10::/48 maxlen: 48
2a0b:bf40:11::/48 maxlen: 48
2a0b:bf40:12::/48 maxlen: 48
2a0b:bf40:13::/48 maxlen: 48
2a0b:bf40:14::/48 maxlen: 48
2a0b:bf40:15::/48 maxlen: 48
2a0b:bf40:16::/48 maxlen: 48
2a0b:bf40:17::/48 maxlen: 48
2a0b:bf40:18::/48 maxlen: 48
2a0b:bf40:19::/48 maxlen: 48
2a0b:bf40:c000::/38 maxlen: 38
2a0b:bf40:c800::/38 maxlen: 38
2a0b:bf40:d000::/38 maxlen: 38
2a0b:bf40:d800::/38 maxlen: 38
2a0b:bf40:e000::/38 maxlen: 38
2a0b:bf40:e800::/38 maxlen: 38
2a0b:bf40:f000::/38 maxlen: 38
2a0b:bf40:f800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/e85375-40ff-4e77-b4e9-bb0671d8ea32/1/rCe8JF52ul5cH8Xp7lW0tI3n-Fo.crl
rsync://rpki.ripe.net/repository/DEFAULT/c6/e85375-40ff-4e77-b4e9-bb0671d8ea32/1/rCe8JF52ul5cH8Xp7lW0tI3n-Fo.mft
rsync://rpki.ripe.net/repository/DEFAULT/rCe8JF52ul5cH8Xp7lW0tI3n-Fo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:54:0b:b1:9f:4e:6e:8b:cc:98:24:f3:77:30:0c:2c:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac27bc245e76ba5e5c1fc5e9ee55b4b48de7f85a
Validity
Not Before: Apr 3 15:52:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f33f38da2acf508f0401c7607a6ebe3935e12a51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e6:48:3b:2e:1f:d1:40:e0:91:38:76:bf:d3:
43:6d:12:99:f6:92:13:3e:a0:d6:38:f2:fd:4c:93:
f1:4d:a3:c1:46:3d:94:f2:4d:27:5f:90:ee:c4:02:
d5:45:07:a0:16:fb:36:83:b3:27:3c:32:57:88:08:
d6:48:de:27:3b:bd:11:3a:af:02:7a:e0:83:08:1d:
c4:f4:a9:e8:62:4c:09:36:3f:1f:7d:47:4c:bb:6e:
12:ac:d2:e6:e3:3f:b9:73:63:8d:fd:2f:94:5c:50:
e3:f3:d2:8c:3b:15:8b:a2:ca:a3:a2:9c:d1:38:b6:
71:e9:3f:98:a6:d1:34:29:a2:57:b9:b6:3b:60:93:
4e:2e:93:1b:d2:5c:47:f3:b1:1b:dc:7c:e3:68:b5:
ac:62:39:e3:d5:73:5d:62:46:d0:62:c1:76:e1:29:
c0:2e:28:24:66:0d:9d:5f:c0:f5:5d:10:a3:7e:bd:
d6:fe:5c:25:98:ba:68:e9:e4:4c:14:66:c0:d8:d0:
49:16:19:4c:76:e9:95:ad:82:1a:14:a4:d4:6a:f2:
9a:72:b4:48:95:ce:40:b4:9a:14:fe:03:b7:7c:03:
aa:68:45:55:d6:e4:12:79:e0:a3:46:4d:28:89:01:
8a:fc:8c:f4:f4:f5:09:07:00:8a:9d:ef:e5:95:c7:
5d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:3F:38:DA:2A:CF:50:8F:04:01:C7:60:7A:6E:BE:39:35:E1:2A:51
X509v3 Authority Key Identifier:
keyid:AC:27:BC:24:5E:76:BA:5E:5C:1F:C5:E9:EE:55:B4:B4:8D:E7:F8:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rCe8JF52ul5cH8Xp7lW0tI3n-Fo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/e85375-40ff-4e77-b4e9-bb0671d8ea32/1/8z842irPUI8EAcdgem6-OTXhKlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/e85375-40ff-4e77-b4e9-bb0671d8ea32/1/rCe8JF52ul5cH8Xp7lW0tI3n-Fo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.204.0/22
139.28.104.0/22
185.188.128.0/22
185.219.176.0/22
IPv6:
2a0b:bf40::/29
Signature Algorithm: sha256WithRSAEncryption
90:4e:f8:7a:a6:3e:90:ee:89:72:74:24:dc:e3:4d:51:37:13:
ab:53:cf:d3:0d:08:e4:b4:9f:7e:04:f5:2d:87:64:9e:1a:07:
b9:bd:a6:62:eb:a7:7f:25:1f:ab:2a:37:a6:b5:72:b9:ce:39:
d3:5b:84:71:d4:5b:15:9a:c2:3f:87:35:76:53:e4:c5:6f:76:
b9:d9:7c:26:df:86:ff:ec:bb:a4:6e:39:54:fd:01:29:f5:9c:
80:02:d9:8d:4f:8e:82:e3:78:7f:89:28:5e:8e:06:63:0d:01:
b9:00:da:16:d3:7a:38:94:14:f2:92:5f:ce:f9:bc:51:78:d2:
ca:d1:a1:db:2e:76:46:17:4f:67:7a:9d:62:84:5a:ea:58:b4:
35:18:15:f8:3c:84:95:15:ca:a8:c7:9a:f3:81:ef:4f:8f:81:
24:3f:2f:02:26:51:9c:19:ee:1b:35:08:a1:99:dc:3f:f6:6c:
a0:0e:bd:cc:f0:c8:1e:b1:24:82:df:6f:23:d4:52:cb:df:6e:
b2:0c:c6:d3:a0:9f:e2:a8:83:51:12:a5:2a:2a:75:8c:1f:4a:
96:3a:69:50:f2:94:15:d9:0c:e5:3b:bc:26:6a:d0:0d:57:09:
e4:46:d4:12:bd:33:5f:05:58:f6:05:04:c1:3f:3f:a6:9d:12:
09:da:32:05
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZ1UC7GfTm6LzJgk83cwDCx7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMjdiYzI0NWU3NmJhNWU1YzFmYzVlOWVlNTViNGI0OGRl
N2Y4NWEwHhcNMjYwNDAzMTU1MjI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzNmMzhkYTJhY2Y1MDhmMDQwMWM3NjA3YTZlYmUzOTM1ZTEyYTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOZIOy4f0UDgkTh2v9NDbRKZ9pIT
PqDWOPL9TJPxTaPBRj2U8k0nX5DuxALVRQegFvs2g7MnPDJXiAjWSN4nO70ROq8C
euCDCB3E9KnoYkwJNj8ffUdMu24SrNLm4z+5c2ON/S+UXFDj89KMOxWLosqjopzR
OLZx6T+YptE0KaJXubY7YJNOLpMb0lxH87Eb3HzjaLWsYjnj1XNdYkbQYsF24SnA
LigkZg2dX8D1XRCjfr3W/lwlmLpo6eRMFGbA2NBJFhlMdumVrYIaFKTUavKacrRI
lc5AtJoU/gO3fAOqaEVV1uQSeeCjRk0oiQGK/Iz09PUJBwCKne/llcddTQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPM/ONoqz1CPBAHHYHpuvjk14SpRMB8GA1UdIwQY
MBaAFKwnvCRedrpeXB/F6e5VtLSN5/haMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckNlOEpGNTJ1bDVjSDhYcDdsVzB0STNuLUZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9lODUzNzUtNDBmZi00ZTc3LWI0ZTkt
YmIwNjcxZDhlYTMyLzEvOHo4NDJpclBVSThFQWNkZ2VtNi1PVFhoS2xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9lODUzNzUtNDBmZi00ZTc3LWI0ZTktYmIwNjcxZDhlYTMy
LzEvckNlOEpGNTJ1bDVjSDhYcDdsVzB0STNuLUZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLYfMAwQC
ixxoAwQCubyAAwQCuduwMA0EAgACMAcDBQMqC79AMA0GCSqGSIb3DQEBCwUAA4IB
AQCQTvh6pj6Q7olydCTc401RNxOrU8/TDQjktJ9+BPUth2SeGge5vaZi66d/JR+r
KjemtXK5zjnTW4Rx1FsVmsI/hzV2U+TFb3a52Xwm34b/7LukbjlU/QEp9ZyAAtmN
T46C43h/iShejgZjDQG5ANoW03o4lBTykl/O+bxReNLK0aHbLnZGF09nep1ihFrq
WLQ1GBX4PISVFcqox5rzge9Pj4EkPy8CJlGcGe4bNQihmdw/9mygDr3M8MgesSSC
328j1FLL326yDMbToJ/iqINREqUqKnWMH0qWOmlQ8pQV2QzlO7wmatANVwnkRtQS
vTNfBVj2BQTBPz+mnRIJ2jIF
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:20:12 2026 by rpki-client