Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/i-qN_sOdwvmJ8SR-xa9u_Dnwelw.roa
File: i-qN_sOdwvmJ8SR-xa9u_Dnwelw.roa (raw, json)
Hash identifier: a+971L8DTZfhdvmMcl+f70OueoCKqq3yOG0I0aXxxmM=
Subject key identifier: 8B:EA:8D:FE:C3:9D:C2:F9:89:F1:24:7E:C5:AF:6E:FC:39:F0:7A:5C
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 019E250FDBB2AEA9B451DC597AFB24E1E67E
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/i-qN_sOdwvmJ8SR-xa9u_Dnwelw.roa
Signing time: Thu 14 May 2026 05:57:36 +0000
ROA not before: Thu 14 May 2026 05:57:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 89.23.87.0/24 maxlen: 24
89.23.91.0/24 maxlen: 24
89.23.92.0/24 maxlen: 24
89.23.93.0/24 maxlen: 24
185.157.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 15 May 2026 23:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:25:0f:db:b2:ae:a9:b4:51:dc:59:7a:fb:24:e1:e6:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: May 14 05:57:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8bea8dfec39dc2f989f1247ec5af6efc39f07a5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:41:4a:96:fb:b7:f9:c4:39:da:9f:0c:7c:d6:
c4:70:5b:6c:d8:db:ed:7c:00:f8:6a:68:45:04:64:
ae:bd:b7:25:a9:3b:42:41:1b:36:6b:b5:f5:7e:e9:
a1:ae:a6:b6:cb:d7:fb:e7:03:f7:ae:b8:aa:2d:84:
48:ab:14:97:ef:29:db:0e:6c:e6:30:be:c2:ae:78:
f4:fa:ca:74:8c:89:88:5d:56:d9:3c:2a:ff:aa:d3:
e5:22:18:fc:19:ec:43:53:0a:81:15:f6:c0:9c:36:
05:04:61:04:bd:02:c7:9c:42:26:b8:9f:42:92:c2:
67:f6:dd:31:d5:30:ce:11:fa:76:c8:00:b9:ea:b3:
34:c7:e6:2d:3e:78:fd:71:5d:b1:c6:65:ac:69:b7:
4d:2f:be:a2:cb:da:00:d5:b1:b2:30:fe:59:18:0a:
99:97:c2:e1:9e:77:4e:14:c9:5c:54:39:c0:09:d0:
3b:0f:cb:cd:4c:eb:ce:3d:5e:25:32:6f:03:a6:14:
5c:9f:81:ec:df:17:35:49:f9:b3:65:9f:da:fe:56:
33:97:e6:db:26:f7:6d:95:aa:88:26:a8:9b:be:b3:
db:5c:27:cc:10:2e:9b:36:5a:99:72:99:b8:a6:97:
e1:73:d5:98:cb:5b:72:2d:ea:b4:44:67:40:38:c4:
34:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:EA:8D:FE:C3:9D:C2:F9:89:F1:24:7E:C5:AF:6E:FC:39:F0:7A:5C
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/i-qN_sOdwvmJ8SR-xa9u_Dnwelw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.87.0/24
89.23.91.0-89.23.93.255
185.157.46.0/24
Signature Algorithm: sha256WithRSAEncryption
07:d0:00:4b:49:0f:6a:90:6a:2f:ed:66:17:4d:c6:ec:15:cb:
99:d3:61:21:0e:da:f3:09:4d:cc:ac:c2:ec:d2:54:5d:84:3e:
3c:a7:25:5b:7a:42:b9:4c:a1:23:82:8d:bb:14:68:f9:db:e8:
37:64:48:c9:7a:c7:d2:9b:ed:2e:3e:64:7f:30:65:49:77:21:
2f:0c:65:12:a4:2d:ab:dc:ba:2a:e0:21:fa:72:5f:0c:25:e4:
20:92:d0:5d:8e:dc:6d:95:f4:3c:36:9c:2a:55:63:1a:26:50:
28:b7:e5:0b:ec:62:41:cd:3c:fc:1e:b4:d6:5f:56:f2:15:9f:
23:ce:27:d4:61:2e:31:90:6a:da:e2:22:bc:a4:a8:cd:3b:25:
4d:9d:ca:94:29:78:da:98:76:16:e9:b9:ce:92:d1:a7:a1:a8:
d1:25:f2:c3:9f:70:e6:7c:ee:6b:c9:e5:a9:ec:9f:cc:94:72:
8d:bb:24:87:cc:b8:14:f0:ea:ea:0a:1f:d3:03:40:bf:48:5b:
63:89:21:57:08:c7:1a:87:bf:1d:3d:1e:81:e9:85:b1:57:b1:
6d:24:c6:35:fd:e4:16:61:49:a6:a9:45:b6:e3:db:0d:e3:e8:
d6:a9:ee:d2:eb:c2:6a:12:a0:88:b6:ae:f4:af:be:a8:b7:02:
a9:91:e6:ad
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ4lD9uyrqm0UdxZevsk4eZ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjYwNTE0MDU1NzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmVhOGRmZWMzOWRjMmY5ODlmMTI0N2VjNWFmNmVmYzM5ZjA3YTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4kFKlvu3+cQ52p8MfNbEcFts2Nvt
fAD4amhFBGSuvbclqTtCQRs2a7X1fumhrqa2y9f75wP3rriqLYRIqxSX7ynbDmzm
ML7Crnj0+sp0jImIXVbZPCr/qtPlIhj8GexDUwqBFfbAnDYFBGEEvQLHnEImuJ9C
ksJn9t0x1TDOEfp2yAC56rM0x+YtPnj9cV2xxmWsabdNL76iy9oA1bGyMP5ZGAqZ
l8LhnndOFMlcVDnACdA7D8vNTOvOPV4lMm8DphRcn4Hs3xc1SfmzZZ/a/lYzl+bb
JvdtlaqIJqibvrPbXCfMEC6bNlqZcpm4ppfhc9WYy1tyLeq0RGdAOMQ0gwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIvqjf7DncL5ifEkfsWvbvw58HpcMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvaS1xTl9zT2R3dm1KOFNSLXhhOXVfRG53ZWx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAWRdXMAwD
BABZF1sDBAFZF1wDBAC5nS4wDQYJKoZIhvcNAQELBQADggEBAAfQAEtJD2qQai/t
ZhdNxuwVy5nTYSEO2vMJTcyswuzSVF2EPjynJVt6QrlMoSOCjbsUaPnb6DdkSMl6
x9Kb7S4+ZH8wZUl3IS8MZRKkLavcuirgIfpyXwwl5CCS0F2O3G2V9Dw2nCpVYxom
UCi35QvsYkHNPPwetNZfVvIVnyPOJ9RhLjGQatriIrykqM07JU2dypQpeNqYdhbp
uc6S0aehqNEl8sOfcOZ87mvJ5ansn8yUco27JIfMuBTw6uoKH9MDQL9IW2OJIVcI
xxqHvx09HoHphbFXsW0kxjX95BZhSaapRbbj2w3j6Nap7tLrwmoSoIi2rvSvvqi3
AqmR5q0=
-----END CERTIFICATE-----
Generated at Fri May 15 08:18:46 2026 by rpki-client