Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/1-LhYy5O9tb6HzVJhfevYGoe7Cio.roa
File: 1-LhYy5O9tb6HzVJhfevYGoe7Cio.roa (raw, json)
Hash identifier: vJCAr67NRf6C/SpjKV8FnklMKW5pSoRJKPp1iuCTt5k=
Subject key identifier: F8:B8:58:CB:93:BD:B5:BE:87:CD:52:61:7D:EB:D8:1A:87:BB:0A:2A
Certificate issuer: /CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e
Certificate serial: 019D9AFEC44F69E89A567530DA2723018F78
Authority key identifier: A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/1-LhYy5O9tb6HzVJhfevYGoe7Cio.roa
Signing time: Fri 17 Apr 2026 10:31:20 +0000
ROA not before: Fri 17 Apr 2026 10:31:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 47328
IP address blocks: 83.222.124.0/22 maxlen: 24
176.58.60.0/24 maxlen: 24
176.58.61.0/24 maxlen: 24
185.190.188.0/24 maxlen: 24
185.190.189.0/24 maxlen: 24
212.124.96.0/22 maxlen: 24
212.124.100.0/22 maxlen: 24
212.124.104.0/22 maxlen: 24
212.124.108.0/22 maxlen: 24
212.124.112.0/21 maxlen: 24
212.124.120.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/o2dNWISlCoTgfb32eY3cu5zCAy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/o2dNWISlCoTgfb32eY3cu5zCAy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:fe:c4:4f:69:e8:9a:56:75:30:da:27:23:01:8f:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e
Validity
Not Before: Apr 17 10:31:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f8b858cb93bdb5be87cd52617debd81a87bb0a2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e7:cf:ae:b5:3f:4b:f0:69:bf:a0:1b:f7:ac:
a4:d5:8f:03:ff:8e:c0:e0:66:f7:9b:41:0a:b3:e0:
6f:ef:de:d5:81:6c:69:47:28:bf:40:32:5e:b3:fd:
6b:da:4f:1d:c2:6e:ad:c0:c1:43:b7:fc:93:2b:67:
07:39:96:7c:bb:3e:bd:4f:82:f0:f8:51:21:62:47:
48:46:5c:3c:97:dd:ee:ff:da:bf:82:0f:f7:16:77:
bf:94:3f:21:71:5a:46:a6:f2:b5:ca:50:d4:29:d8:
96:28:43:31:b3:8a:64:d8:af:5e:d5:6e:8a:3d:83:
fc:4f:ea:7c:a5:20:cb:47:1e:4d:61:74:e5:f1:27:
fd:4f:e2:b2:10:eb:03:ab:09:a0:c3:0e:5c:bd:c9:
93:b2:29:d2:e8:4b:46:f5:4a:a2:e2:3e:b4:ee:f7:
ea:19:e1:a4:a3:dc:f0:88:90:0e:e0:99:19:9e:97:
ce:79:a2:10:d4:9a:f5:66:ba:b6:44:48:e3:a7:25:
7c:15:37:15:b6:f9:79:f1:b3:71:67:ac:e7:62:1c:
10:84:a3:68:2f:4b:9e:4d:10:2b:7d:aa:ed:15:2f:
02:16:9f:2a:41:c7:99:58:a8:16:2c:99:e3:e0:a3:
74:ab:12:8b:84:19:76:1c:ed:51:61:f4:85:fa:98:
2f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:B8:58:CB:93:BD:B5:BE:87:CD:52:61:7D:EB:D8:1A:87:BB:0A:2A
X509v3 Authority Key Identifier:
keyid:A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/1-LhYy5O9tb6HzVJhfevYGoe7Cio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/o2dNWISlCoTgfb32eY3cu5zCAy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.222.124.0/22
176.58.60.0/23
185.190.188.0/23
212.124.96.0/19
Signature Algorithm: sha256WithRSAEncryption
a5:18:8e:c0:fa:28:02:12:82:d1:b1:33:ef:a9:96:1c:42:ea:
a7:db:bf:70:c4:b8:e9:9c:71:a0:14:95:34:47:5d:0d:2c:8e:
17:e1:d7:43:35:c5:c8:6a:8c:5f:3e:33:61:f6:6a:b4:37:f3:
93:39:2f:26:b4:fc:bb:3b:e0:4c:5d:e2:4d:9b:35:8c:1d:72:
39:24:72:55:65:0f:04:25:c1:44:48:86:48:d4:12:2b:29:c5:
fe:f6:16:47:e9:1b:78:d8:6a:31:e5:13:c2:b3:be:03:62:88:
c4:ae:27:a2:a5:a7:5f:6b:f5:ea:a5:17:ce:2c:ed:66:b5:bd:
09:bc:71:ad:fc:a2:9d:ee:0f:3e:d2:78:a3:d0:99:ad:ee:e6:
ed:86:a7:4b:b3:66:82:96:b7:ab:48:f3:4a:1e:d9:d7:30:7f:
5b:c1:c3:73:9c:72:c3:9e:e2:2b:fd:1c:84:55:1f:3e:ba:15:
41:25:c2:2b:fc:1f:2f:90:db:da:15:d2:51:e2:df:9c:84:7e:
c3:6a:53:90:07:6c:50:44:88:18:06:30:c7:d3:81:02:1f:ff:
ad:10:b4:2c:0e:ee:a5:cc:df:77:cb:4d:33:95:65:e0:5c:3b:
39:d1:6c:6c:0f:72:13:7e:65:56:82:5b:b4:3b:70:df:dc:3d:
83:38:90:d7
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZ2a/sRPaeiaVnUw2icjAY94MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjc0ZDU4ODRhNTBhODRlMDdkYmRmNjc5OGRkY2JiOWNj
MjAzMmUwHhcNMjYwNDE3MTAzMTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGI4NThjYjkzYmRiNWJlODdjZDUyNjE3ZGViZDgxYTg3YmIwYTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+fPrrU/S/Bpv6Ab96yk1Y8D/47A
4Gb3m0EKs+Bv797VgWxpRyi/QDJes/1r2k8dwm6twMFDt/yTK2cHOZZ8uz69T4Lw
+FEhYkdIRlw8l93u/9q/gg/3Fne/lD8hcVpGpvK1ylDUKdiWKEMxs4pk2K9e1W6K
PYP8T+p8pSDLRx5NYXTl8Sf9T+KyEOsDqwmgww5cvcmTsinS6EtG9Uqi4j607vfq
GeGko9zwiJAO4JkZnpfOeaIQ1Jr1Zrq2REjjpyV8FTcVtvl58bNxZ6znYhwQhKNo
L0ueTRArfartFS8CFp8qQceZWKgWLJnj4KN0qxKLhBl2HO1RYfSF+pgv7QIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPi4WMuTvbW+h81SYX3r2BqHuwoqMB8GA1UdIwQY
MBaAFKNnTViEpQqE4H299nmN3LucwgMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJkTldJU2xDb1RnZmIzMmVZM2N1NXpDQXk0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84MDY1MzItNTRlOS00YjQ5LWI4YTct
OWUyMjBmMDRhOTAxLzEvMS1MaFl5NU85dGI2SHpWSmhmZXZZR29lN0Npby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjMvODA2NTMyLTU0ZTktNGI0OS1iOGE3LTllMjIwZjA0YTkw
MS8xL28yZE5XSVNsQ29UZ2ZiMzJlWTNjdTV6Q0F5NC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAlPefAME
AbA6PAMEAbm+vAMEBdR8YDANBgkqhkiG9w0BAQsFAAOCAQEApRiOwPooAhKC0bEz
76mWHELqp9u/cMS46ZxxoBSVNEddDSyOF+HXQzXFyGqMXz4zYfZqtDfzkzkvJrT8
uzvgTF3iTZs1jB1yOSRyVWUPBCXBREiGSNQSKynF/vYWR+kbeNhqMeUTwrO+A2KI
xK4noqWnX2v16qUXziztZrW9Cbxxrfyine4PPtJ4o9CZre7m7YanS7Nmgpa3q0jz
Sh7Z1zB/W8HDc5xyw57iK/0chFUfProVQSXCK/wfL5Db2hXSUeLfnIR+w2pTkAds
UESIGAYwx9OBAh//rRC0LA7upczfd8tNM5Vl4Fw7OdFsbA9yE35lVoJbtDtw39w9
gziQ1w==
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:28:57 2026 by rpki-client