Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/571244-9c9a-43ac-930c-370c80769831/1/PatdG5AHcJXdhxLeM5tM5L_BcII.roa
File: PatdG5AHcJXdhxLeM5tM5L_BcII.roa (raw, json)
Hash identifier: 5h1/nVhqLUoRO6qPdWe0A5C0Fr5YO1aWm/IO1htZdyc=
Subject key identifier: 3D:AB:5D:1B:90:07:70:95:DD:87:12:DE:33:9B:4C:E4:BF:C1:70:82
Certificate issuer: /CN=88989264e50f39ae888ae3276109bba802e45801
Certificate serial: 019C98AAA8B4C5C2011CCBA076B27A4F9FBC
Authority key identifier: 88:98:92:64:E5:0F:39:AE:88:8A:E3:27:61:09:BB:A8:02:E4:58:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iJiSZOUPOa6IiuMnYQm7qALkWAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/571244-9c9a-43ac-930c-370c80769831/1/PatdG5AHcJXdhxLeM5tM5L_BcII.roa
Signing time: Thu 26 Feb 2026 06:37:26 +0000
ROA not before: Thu 26 Feb 2026 06:37:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 59589
IP address blocks: 95.156.251.0/24 maxlen: 24
195.93.248.0/24 maxlen: 24
2a10:1040::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/571244-9c9a-43ac-930c-370c80769831/1/iJiSZOUPOa6IiuMnYQm7qALkWAE.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/571244-9c9a-43ac-930c-370c80769831/1/iJiSZOUPOa6IiuMnYQm7qALkWAE.mft
rsync://rpki.ripe.net/repository/DEFAULT/iJiSZOUPOa6IiuMnYQm7qALkWAE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:98:aa:a8:b4:c5:c2:01:1c:cb:a0:76:b2:7a:4f:9f:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88989264e50f39ae888ae3276109bba802e45801
Validity
Not Before: Feb 26 06:37:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3dab5d1b90077095dd8712de339b4ce4bfc17082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:35:b8:82:41:63:72:a0:37:86:82:f8:bd:73:
38:0e:b9:17:dc:dd:45:56:1a:58:79:33:ca:65:07:
43:06:9d:8c:cf:91:f3:89:88:9e:7f:cd:77:fe:ea:
6e:84:2d:a8:c5:64:ad:63:79:7e:19:5c:09:20:17:
70:2c:43:e7:29:51:28:f8:30:fd:0e:36:18:96:15:
a9:7a:27:a9:fc:2f:2c:bd:20:a9:ca:49:36:bb:c0:
74:1e:6d:90:05:2c:86:21:e2:76:1f:c6:6e:59:df:
48:af:71:5f:c2:f2:8a:7b:7e:de:ec:45:d5:f4:c9:
ed:ab:c1:6b:ca:96:1e:28:ca:40:b8:ee:32:81:8c:
f4:5c:35:42:71:34:7c:42:39:70:cf:17:bb:a9:5d:
9d:ff:d0:fc:b6:71:28:17:d0:ea:4a:4c:40:79:8f:
36:51:92:3e:b6:18:c5:50:6d:56:4e:04:a9:4a:3e:
2c:fd:b9:9a:41:a5:6f:78:77:75:03:ca:f6:8b:74:
01:26:13:e9:de:a6:77:94:d5:89:74:25:59:6e:81:
40:c6:1b:29:cc:eb:b5:85:6c:72:3b:06:57:c1:ed:
f9:c5:79:08:76:12:7b:9e:90:32:76:82:ac:17:ec:
74:3a:e5:1e:b0:54:74:d3:f9:2b:4f:c9:4f:44:a8:
31:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:AB:5D:1B:90:07:70:95:DD:87:12:DE:33:9B:4C:E4:BF:C1:70:82
X509v3 Authority Key Identifier:
keyid:88:98:92:64:E5:0F:39:AE:88:8A:E3:27:61:09:BB:A8:02:E4:58:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iJiSZOUPOa6IiuMnYQm7qALkWAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/571244-9c9a-43ac-930c-370c80769831/1/PatdG5AHcJXdhxLeM5tM5L_BcII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/571244-9c9a-43ac-930c-370c80769831/1/iJiSZOUPOa6IiuMnYQm7qALkWAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.156.251.0/24
195.93.248.0/24
IPv6:
2a10:1040::/32
Signature Algorithm: sha256WithRSAEncryption
ba:a9:01:1c:7b:64:7a:78:3e:7a:7e:28:7a:bb:b0:ed:20:1b:
09:ec:74:68:61:72:88:78:9a:52:5f:b9:b2:f5:b5:8e:99:2c:
3d:c6:b0:01:4e:8a:35:8b:49:aa:8e:fd:ac:8f:c3:2f:90:d8:
75:84:ef:44:b4:5b:11:e8:61:36:51:24:7c:95:3f:79:f1:37:
a6:02:7f:e2:9d:93:33:6a:97:06:1d:bb:bb:8c:43:d1:c7:ff:
6d:fe:80:50:71:36:a2:de:74:97:db:b7:d7:34:89:5a:c8:53:
32:29:a1:ea:e2:b2:8b:90:06:9e:85:de:f9:ab:5a:ec:67:c7:
50:93:2a:92:d8:97:c0:f9:f2:05:57:ba:f3:76:29:a8:70:b7:
4f:e8:e1:d2:4c:0f:2e:24:17:19:6a:1a:2d:c4:5d:72:74:2b:
2e:63:ba:34:ea:c5:71:21:9f:78:15:31:b5:d1:64:69:d2:5c:
96:b7:4c:d4:12:27:9b:4e:70:dd:30:c4:aa:a3:96:3e:c5:65:
b8:59:f7:42:49:5c:de:dc:c3:9e:4e:8f:c0:5d:08:f2:e2:a4:
e4:fb:71:72:90:73:0d:5a:2d:70:3c:5f:d7:77:23:ee:d5:31:
ce:6a:79:d4:33:46:49:4c:2c:67:6f:71:e4:f2:e8:d3:0f:ee:
ec:f9:d4:f2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZyYqqi0xcIBHMugdrJ6T5+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4OTg5MjY0ZTUwZjM5YWU4ODhhZTMyNzYxMDliYmE4MDJl
NDU4MDEwHhcNMjYwMjI2MDYzNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGFiNWQxYjkwMDc3MDk1ZGQ4NzEyZGUzMzliNGNlNGJmYzE3MDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjW4gkFjcqA3hoL4vXM4DrkX3N1F
VhpYeTPKZQdDBp2Mz5HziYief813/upuhC2oxWStY3l+GVwJIBdwLEPnKVEo+DD9
DjYYlhWpeiep/C8svSCpykk2u8B0Hm2QBSyGIeJ2H8ZuWd9Ir3FfwvKKe37e7EXV
9Mntq8FrypYeKMpAuO4ygYz0XDVCcTR8Qjlwzxe7qV2d/9D8tnEoF9DqSkxAeY82
UZI+thjFUG1WTgSpSj4s/bmaQaVveHd1A8r2i3QBJhPp3qZ3lNWJdCVZboFAxhsp
zOu1hWxyOwZXwe35xXkIdhJ7npAydoKsF+x0OuUesFR00/krT8lPRKgx2QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFD2rXRuQB3CV3YcS3jObTOS/wXCCMB8GA1UdIwQY
MBaAFIiYkmTlDzmuiIrjJ2EJu6gC5FgBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUppU1pPVVBPYTZJaXVNbllRbTdxQUxrV0FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81NzEyNDQtOWM5YS00M2FjLTkzMGMt
MzcwYzgwNzY5ODMxLzEvUGF0ZEc1QUhjSlhkaHhMZU01dE01TF9CY0lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81NzEyNDQtOWM5YS00M2FjLTkzMGMtMzcwYzgwNzY5ODMx
LzEvaUppU1pPVVBPYTZJaXVNbllRbTdxQUxrV0FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAX5z7AwQA
w134MA0EAgACMAcDBQAqEBBAMA0GCSqGSIb3DQEBCwUAA4IBAQC6qQEce2R6eD56
fih6u7DtIBsJ7HRoYXKIeJpSX7my9bWOmSw9xrABToo1i0mqjv2sj8MvkNh1hO9E
tFsR6GE2USR8lT958TemAn/inZMzapcGHbu7jEPRx/9t/oBQcTai3nSX27fXNIla
yFMyKaHq4rKLkAaehd75q1rsZ8dQkyqS2JfA+fIFV7rzdimocLdP6OHSTA8uJBcZ
ahotxF1ydCsuY7o06sVxIZ94FTG10WRp0lyWt0zUEiebTnDdMMSqo5Y+xWW4WfdC
SVze3MOeTo/AXQjy4qTk+3FykHMNWi1wPF/XdyPu1THOannUM0ZJTCxnb3Hk8ujT
D+7s+dTy
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:30:09 2026 by rpki-client