Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/K0wYV3u11o19mGt6kkjoYYZLWPE.roa
File: K0wYV3u11o19mGt6kkjoYYZLWPE.roa (raw, json)
Hash identifier: wYRdl3pa3by4VqtxOD0FS+QhAVPBtiVDzDJP8wkEoJ8=
Subject key identifier: 2B:4C:18:57:7B:B5:D6:8D:7D:98:6B:7A:92:48:E8:61:86:4B:58:F1
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 019CD268863D42D335E07048C272502DAEDE
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/K0wYV3u11o19mGt6kkjoYYZLWPE.roa
Signing time: Mon 09 Mar 2026 11:43:11 +0000
ROA not before: Mon 09 Mar 2026 11:43:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8708
IP address blocks: 80.96.12.0/24 maxlen: 24
80.96.43.0/24 maxlen: 24
80.96.47.0/24 maxlen: 24
80.96.51.0/24 maxlen: 24
80.96.57.0/24 maxlen: 24
80.96.67.0/24 maxlen: 24
80.96.69.0/24 maxlen: 24
80.96.72.0/24 maxlen: 24
80.96.79.0/24 maxlen: 24
80.96.219.0/24 maxlen: 24
80.97.147.0/24 maxlen: 24
80.97.148.0/24 maxlen: 24
80.97.149.0/24 maxlen: 24
81.180.27.0/24 maxlen: 24
81.181.30.0/24 maxlen: 24
81.181.112.0/24 maxlen: 24
81.181.128.0/24 maxlen: 24
81.181.147.0/24 maxlen: 24
81.181.167.0/24 maxlen: 24
81.181.246.0/24 maxlen: 24
85.120.20.0/24 maxlen: 24
85.120.23.0/24 maxlen: 24
193.226.16.0/24 maxlen: 24
193.226.116.0/24 maxlen: 24
193.226.125.0/24 maxlen: 24
193.226.127.0/24 maxlen: 24
193.230.158.0/24 maxlen: 24
193.230.171.0/24 maxlen: 24
193.230.229.0/24 maxlen: 24
193.231.75.0/24 maxlen: 24
193.231.108.0/24 maxlen: 24
193.231.184.0/24 maxlen: 24
193.231.194.0/24 maxlen: 24
193.231.233.0/24 maxlen: 24
193.231.236.0/24 maxlen: 24
193.231.238.0/24 maxlen: 24
193.231.252.0/24 maxlen: 24
194.102.98.0/24 maxlen: 24
194.102.134.0/24 maxlen: 24
194.102.229.0/24 maxlen: 24
194.153.224.0/24 maxlen: 24
194.153.227.0/24 maxlen: 24
217.156.14.0/24 maxlen: 24
217.156.41.0/24 maxlen: 24
217.156.92.0/24 maxlen: 24
217.156.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 18:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d2:68:86:3d:42:d3:35:e0:70:48:c2:72:50:2d:ae:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Mar 9 11:43:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2b4c18577bb5d68d7d986b7a9248e861864b58f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:dd:c7:bc:24:7b:1a:17:4b:00:35:6d:04:5b:
e7:7e:3f:0d:8a:23:33:64:83:ac:72:0d:4d:2b:da:
69:c2:e6:93:db:90:5c:22:93:85:3a:d8:8f:b0:a1:
62:ee:90:cd:a7:5b:dc:54:ce:52:ac:c5:35:7e:27:
c3:18:90:b4:a7:3c:56:e0:d0:5a:d7:01:02:39:cb:
35:45:11:37:ce:a7:23:1a:40:ae:ae:5c:35:45:1a:
79:3f:8b:59:a4:76:82:02:2f:93:98:fd:a8:b8:4c:
5c:f8:ae:31:ef:88:55:f5:27:1a:df:eb:6f:b6:17:
51:7a:45:b3:96:3b:a5:2a:02:be:81:e8:08:d0:46:
ff:da:5a:33:52:33:ba:0a:5c:5c:14:02:05:ee:0f:
38:c9:b5:6d:b3:77:ff:39:6c:92:dd:2f:e9:fe:b4:
ee:c5:f5:6d:a1:fb:6f:96:6c:c8:3b:6a:c9:b7:3f:
b4:d0:f3:1d:f5:a7:37:de:5b:c0:b1:9b:ee:70:12:
44:71:36:3a:18:9c:67:a2:da:5f:2e:12:b7:72:f8:
35:53:0c:10:fa:79:fa:a2:67:7b:8c:04:3f:12:90:
02:85:43:64:29:ca:12:ec:7b:1a:dd:45:e6:d5:e4:
61:c8:4d:50:b8:a1:21:57:35:56:81:22:ec:b0:3e:
d6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:4C:18:57:7B:B5:D6:8D:7D:98:6B:7A:92:48:E8:61:86:4B:58:F1
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/K0wYV3u11o19mGt6kkjoYYZLWPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.12.0/24
80.96.43.0/24
80.96.47.0/24
80.96.51.0/24
80.96.57.0/24
80.96.67.0/24
80.96.69.0/24
80.96.72.0/24
80.96.79.0/24
80.96.219.0/24
80.97.147.0-80.97.149.255
81.180.27.0/24
81.181.30.0/24
81.181.112.0/24
81.181.128.0/24
81.181.147.0/24
81.181.167.0/24
81.181.246.0/24
85.120.20.0/24
85.120.23.0/24
193.226.16.0/24
193.226.116.0/24
193.226.125.0/24
193.226.127.0/24
193.230.158.0/24
193.230.171.0/24
193.230.229.0/24
193.231.75.0/24
193.231.108.0/24
193.231.184.0/24
193.231.194.0/24
193.231.233.0/24
193.231.236.0/24
193.231.238.0/24
193.231.252.0/24
194.102.98.0/24
194.102.134.0/24
194.102.229.0/24
194.153.224.0/24
194.153.227.0/24
217.156.14.0/24
217.156.41.0/24
217.156.92.0/24
217.156.97.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:cf:ea:d9:2e:7b:db:73:27:6f:13:77:bd:d8:f6:84:73:bd:
6e:03:c4:b0:f4:e9:e1:50:b1:dc:89:aa:1a:fe:61:ee:8f:fe:
9d:0e:10:cb:5f:4c:51:79:bf:79:af:7f:62:45:1c:50:63:c2:
5e:d8:4e:79:ee:ac:ea:93:b0:f7:4c:07:82:6c:9a:a7:cc:55:
b1:a9:29:47:64:75:23:8b:b6:d7:e7:f6:f7:ab:12:b2:c8:f7:
2c:52:88:86:52:fc:95:07:9c:0e:bc:fb:42:c7:36:e0:29:28:
96:b8:4a:04:dc:4d:4f:0d:17:ae:1c:6f:2b:a2:7f:6e:78:80:
9d:19:40:4a:55:95:cc:2e:c1:4c:5b:f0:0a:43:57:69:90:4c:
ee:9e:33:b2:0d:83:63:d0:c0:3d:5e:99:5e:aa:65:5f:96:e6:
2b:52:85:3b:0c:99:f6:b1:91:7c:a9:81:57:12:4f:80:1f:a0:
18:2c:fe:21:10:38:c8:6d:53:cf:1c:60:4b:57:10:52:96:40:
26:69:86:a4:5d:01:2f:cd:e7:9b:37:da:b8:7a:26:e3:8a:53:
a4:de:ac:a6:f4:d6:02:ef:04:48:10:de:25:54:9f:79:7e:61:
e2:4b:9c:9f:65:5c:33:a2:07:28:28:b8:91:6a:6c:80:17:3c:
49:65:f6:62
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgISAZzSaIY9QtM14HBIwnJQLa7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjYwMzA5MTE0MzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjRjMTg1NzdiYjVkNjhkN2Q5ODZiN2E5MjQ4ZTg2MTg2NGI1OGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqt3HvCR7GhdLADVtBFvnfj8NiiMz
ZIOscg1NK9ppwuaT25BcIpOFOtiPsKFi7pDNp1vcVM5SrMU1fifDGJC0pzxW4NBa
1wECOcs1RRE3zqcjGkCurlw1RRp5P4tZpHaCAi+TmP2ouExc+K4x74hV9Sca3+tv
thdRekWzljulKgK+gegI0Eb/2lozUjO6ClxcFAIF7g84ybVts3f/OWyS3S/p/rTu
xfVtoftvlmzIO2rJtz+00PMd9ac33lvAsZvucBJEcTY6GJxnotpfLhK3cvg1UwwQ
+nn6omd7jAQ/EpAChUNkKcoS7Hsa3UXm1eRhyE1QuKEhVzVWgSLssD7WtwIDAQAB
o4IDHTCCAxkwHQYDVR0OBBYEFCtMGFd7tdaNfZhrepJI6GGGS1jxMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvSzB3WVYzdTExbzE5bUd0Nmtram9ZWVpMV1BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMQYIKwYBBQUHAQcBAf8EggEgMIIBHDCCARgEAgABMIIB
EAMEAFBgDAMEAFBgKwMEAFBgLwMEAFBgMwMEAFBgOQMEAFBgQwMEAFBgRQMEAFBg
SAMEAFBgTwMEAFBg2zAMAwQAUGGTAwQBUGGUAwQAUbQbAwQAUbUeAwQAUbVwAwQA
UbWAAwQAUbWTAwQAUbWnAwQAUbX2AwQAVXgUAwQAVXgXAwQAweIQAwQAweJ0AwQA
weJ9AwQAweJ/AwQAweaeAwQAwearAwQAweblAwQAwedLAwQAwedsAwQAwee4AwQA
wefCAwQAwefpAwQAwefsAwQAwefuAwQAwef8AwQAwmZiAwQAwmaGAwQAwmblAwQA
wpngAwQAwpnjAwQA2ZwOAwQA2ZwpAwQA2ZxcAwQA2ZxhMA0GCSqGSIb3DQEBCwUA
A4IBAQCLz+rZLnvbcydvE3e92PaEc71uA8Sw9OnhULHciaoa/mHuj/6dDhDLX0xR
eb95r39iRRxQY8Je2E557qzqk7D3TAeCbJqnzFWxqSlHZHUji7bX5/b3qxKyyPcs
UoiGUvyVB5wOvPtCxzbgKSiWuEoE3E1PDReuHG8ron9ueICdGUBKVZXMLsFMW/AK
Q1dpkEzunjOyDYNj0MA9XpleqmVfluYrUoU7DJn2sZF8qYFXEk+AH6AYLP4hEDjI
bVPPHGBLVxBSlkAmaYakXQEvzeebN9q4eibjilOk3qym9NYC7wRIEN4lVJ95fmHi
S5yfZVwzogcoKLiRamyAFzxJZfZi
-----END CERTIFICATE-----
Generated at Fri Mar 13 03:04:34 2026 by rpki-client