Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/8DwDtE_zLMPfhC2LWLBMv8i2DIk.roa
File: 8DwDtE_zLMPfhC2LWLBMv8i2DIk.roa (raw, json)
Hash identifier: s83tT0zl7wdD8/rswUNE/caIDGeEK8q3CUDy62J1e3k=
Subject key identifier: F0:3C:03:B4:4F:F3:2C:C3:DF:84:2D:8B:58:B0:4C:BF:C8:B6:0C:89
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 019D525D67FD33E0CF676E6ECFD6EA2DD750
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/8DwDtE_zLMPfhC2LWLBMv8i2DIk.roa
Signing time: Fri 03 Apr 2026 08:02:26 +0000
ROA not before: Fri 03 Apr 2026 08:02:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25198
IP address blocks: 217.147.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 19:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:52:5d:67:fd:33:e0:cf:67:6e:6e:cf:d6:ea:2d:d7:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Apr 3 08:02:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f03c03b44ff32cc3df842d8b58b04cbfc8b60c89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a0:a6:c4:9d:29:82:ee:91:fb:9d:51:38:3f:
72:d5:8a:0d:c6:b6:10:be:47:8d:c6:5c:70:c4:02:
bf:77:63:37:c9:12:96:92:09:52:48:9a:1c:9c:59:
47:67:90:dc:98:22:81:25:e7:69:21:7a:ff:cb:ab:
bd:64:7d:79:69:96:3a:40:df:80:13:82:68:55:0e:
e3:47:b9:7b:37:d3:d7:36:2d:0e:63:c0:86:d0:ee:
33:e1:d2:ad:cc:fc:69:71:ed:63:73:1b:61:a3:82:
ee:1b:18:d3:7d:b4:08:5b:63:b7:d0:29:d4:57:8e:
72:f0:9d:c1:07:bf:e1:77:5a:8c:33:05:b1:06:42:
c8:c7:51:fc:f1:1b:6a:b1:95:45:38:12:12:2d:d6:
76:4b:81:95:12:7e:5d:6e:da:d0:0e:21:e6:c7:77:
5b:d5:f0:25:bc:30:88:7f:65:34:da:79:74:cb:29:
12:0e:65:5d:8b:c9:25:e8:6c:38:0c:74:aa:b5:c0:
52:14:c1:5c:81:17:0f:3f:03:93:a3:04:2c:2e:e1:
17:52:24:01:89:4a:ad:fa:9c:3f:1c:dd:47:64:a5:
27:b5:d2:56:c0:b4:86:5c:80:0b:13:84:db:ac:b0:
66:42:c1:8a:03:be:3f:4c:93:fe:7c:1d:28:40:6e:
80:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:3C:03:B4:4F:F3:2C:C3:DF:84:2D:8B:58:B0:4C:BF:C8:B6:0C:89
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/8DwDtE_zLMPfhC2LWLBMv8i2DIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.13.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:62:c2:ce:e7:b5:30:b2:57:11:c6:f3:37:a3:fc:63:b7:68:
02:25:b6:ea:f2:24:e0:c1:f4:77:1e:79:e6:65:6b:74:13:af:
9e:0d:f1:52:11:37:10:9f:e9:1d:82:89:cb:0f:e3:61:cf:33:
cf:1a:b6:64:2b:99:26:02:05:c3:70:80:56:ec:bd:11:e3:0e:
a9:c0:fa:0e:c7:35:5b:1b:7f:4c:f1:ec:88:f6:9c:f5:54:38:
2d:1a:e7:8e:64:ef:45:11:11:ab:a8:28:9c:02:6c:f3:91:69:
86:64:f8:22:a5:14:2e:eb:e4:13:07:04:53:3e:d0:df:8e:4d:
5c:15:89:d3:85:34:3c:d9:b4:93:6c:b2:4e:2e:72:a3:ed:2e:
94:52:b2:56:3d:2d:90:c3:56:bf:4f:97:cc:83:ee:3d:25:c6:
94:9e:a6:dc:e3:40:f6:48:34:f9:11:9c:04:5d:ec:bb:f2:23:
8f:6f:4d:40:c1:6c:87:a0:65:51:cc:70:21:77:3f:ad:6d:00:
a1:d9:62:3b:41:ac:01:df:14:55:1c:d7:51:49:a1:72:7a:55:
5a:63:84:4d:09:86:2f:9d:23:e7:cd:b2:12:42:39:5d:73:22:
95:19:c4:fd:ca:f8:0f:80:a6:a9:4e:93:30:02:5a:f1:04:8a:
e1:90:7a:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ1SXWf9M+DPZ25uz9bqLddQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjYwNDAzMDgwMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDNjMDNiNDRmZjMyY2MzZGY4NDJkOGI1OGIwNGNiZmM4YjYwYzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqCmxJ0pgu6R+51ROD9y1YoNxrYQ
vkeNxlxwxAK/d2M3yRKWkglSSJocnFlHZ5DcmCKBJedpIXr/y6u9ZH15aZY6QN+A
E4JoVQ7jR7l7N9PXNi0OY8CG0O4z4dKtzPxpce1jcxtho4LuGxjTfbQIW2O30CnU
V45y8J3BB7/hd1qMMwWxBkLIx1H88RtqsZVFOBISLdZ2S4GVEn5dbtrQDiHmx3db
1fAlvDCIf2U02nl0yykSDmVdi8kl6Gw4DHSqtcBSFMFcgRcPPwOTowQsLuEXUiQB
iUqt+pw/HN1HZKUntdJWwLSGXIALE4TbrLBmQsGKA74/TJP+fB0oQG6ArwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPA8A7RP8yzD34Qti1iwTL/ItgyJMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvOER3RHRFX3pMTVBmaEMyTFdMQk12OGkyRElrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZMNMA0G
CSqGSIb3DQEBCwUAA4IBAQA6YsLO57UwslcRxvM3o/xjt2gCJbbq8iTgwfR3Hnnm
ZWt0E6+eDfFSETcQn+kdgonLD+NhzzPPGrZkK5kmAgXDcIBW7L0R4w6pwPoOxzVb
G39M8eyI9pz1VDgtGueOZO9FERGrqCicAmzzkWmGZPgipRQu6+QTBwRTPtDfjk1c
FYnThTQ82bSTbLJOLnKj7S6UUrJWPS2Qw1a/T5fMg+49JcaUnqbc40D2SDT5EZwE
Xey78iOPb01AwWyHoGVRzHAhdz+tbQCh2WI7QawB3xRVHNdRSaFyelVaY4RNCYYv
nSPnzbISQjldcyKVGcT9yvgPgKapTpMwAlrxBIrhkHr+
-----END CERTIFICATE-----
Generated at Fri Apr 17 02:31:16 2026 by rpki-client