Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/z9zkwXOMAomFcYcfl8UP7pdc_3E.roa
File: z9zkwXOMAomFcYcfl8UP7pdc_3E.roa (raw, json)
Hash identifier: mIId20Nu0Cifwvea7GT9BU7II7UtsVp+MZ5345vuHug=
Subject key identifier: CF:DC:E4:C1:73:8C:02:89:85:71:87:1F:97:C5:0F:EE:97:5C:FF:71
Certificate issuer: /CN=c27358682df3df8bdc7024507f92ecfc5ae097bb
Certificate serial: 019EDA450C87893B6CB8C877B47C2A4DF29F
Authority key identifier: C2:73:58:68:2D:F3:DF:8B:DC:70:24:50:7F:92:EC:FC:5A:E0:97:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wnNYaC3z34vccCRQf5Ls_Frgl7s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/z9zkwXOMAomFcYcfl8UP7pdc_3E.roa
Signing time: Thu 18 Jun 2026 10:26:58 +0000
ROA not before: Thu 18 Jun 2026 10:26:58 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 15703
IP address blocks: 80.247.220.0/24 maxlen: 24
87.233.0.0/16 maxlen: 24
193.28.152.0/24 maxlen: 24
213.193.193.0/24 maxlen: 24
213.193.208.0/21 maxlen: 24
213.193.210.0/24 maxlen: 24
213.193.234.0/24 maxlen: 24
213.193.247.0/24 maxlen: 24
213.239.136.0/24 maxlen: 24
2001:990::/32 maxlen: 32
2001:9a8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/wnNYaC3z34vccCRQf5Ls_Frgl7s.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/wnNYaC3z34vccCRQf5Ls_Frgl7s.mft
rsync://rpki.ripe.net/repository/DEFAULT/wnNYaC3z34vccCRQf5Ls_Frgl7s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Jun 2026 13:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:da:45:0c:87:89:3b:6c:b8:c8:77:b4:7c:2a:4d:f2:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c27358682df3df8bdc7024507f92ecfc5ae097bb
Validity
Not Before: Jun 18 10:26:58 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cfdce4c1738c02898571871f97c50fee975cff71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f8:3f:6e:8f:57:c2:6b:78:a0:37:e8:91:f3:
8c:6f:50:6e:49:14:fa:56:64:b8:93:81:da:5d:ca:
73:e9:85:02:9f:95:74:10:35:d3:63:2b:cf:47:3d:
ba:bc:69:f6:ac:de:7e:2f:6f:bf:58:3e:c3:a3:84:
b5:d3:64:64:a3:5b:06:0f:fc:dd:7b:80:74:cb:cc:
b6:f4:3d:65:74:a7:a1:91:48:e2:10:6b:8f:9f:ce:
92:ab:c9:72:ec:70:ec:52:bb:d6:7a:ba:1d:2a:9b:
3d:30:fe:d0:fc:98:a8:1b:e9:5d:79:af:a5:16:bf:
f3:a2:c6:dc:9e:04:56:61:d8:7c:64:3a:d9:e9:7a:
2b:ea:7e:8c:24:83:75:27:0d:39:7d:21:37:50:d7:
42:f4:a9:3a:05:d9:5e:f2:4a:f5:c7:58:be:27:b3:
fa:eb:65:2a:48:a9:35:40:d2:8c:04:e9:e8:b6:f8:
d7:4f:f7:6e:58:44:c8:b3:3a:0b:fc:1c:52:60:12:
c8:9a:a0:4c:bd:93:e9:62:02:ff:3f:78:ea:b6:61:
ed:2a:3e:d9:b1:83:5e:88:f3:c5:4d:13:5d:cb:d2:
ae:cc:a3:25:3e:33:8c:18:bd:89:99:e7:fc:8d:e3:
05:d2:21:12:2a:0a:2a:52:c1:34:de:df:2a:f9:02:
f9:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:DC:E4:C1:73:8C:02:89:85:71:87:1F:97:C5:0F:EE:97:5C:FF:71
X509v3 Authority Key Identifier:
keyid:C2:73:58:68:2D:F3:DF:8B:DC:70:24:50:7F:92:EC:FC:5A:E0:97:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wnNYaC3z34vccCRQf5Ls_Frgl7s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/z9zkwXOMAomFcYcfl8UP7pdc_3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/wnNYaC3z34vccCRQf5Ls_Frgl7s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.247.220.0/24
87.233.0.0/16
193.28.152.0/24
213.193.193.0/24
213.193.208.0/21
213.193.234.0/24
213.193.247.0/24
213.239.136.0/24
IPv6:
2001:990::/32
2001:9a8::/32
Signature Algorithm: sha256WithRSAEncryption
d0:f1:84:52:79:ed:30:69:e2:18:20:f9:8d:a5:51:08:a9:77:
19:e7:77:a6:28:b6:56:1d:a2:d3:75:2f:ff:3d:a2:1c:77:18:
f3:11:e5:d4:e8:4e:2d:eb:01:43:bc:a7:ae:8f:52:4c:72:f6:
0a:33:0e:40:51:e3:cb:cc:14:d6:54:af:09:92:5c:fc:c3:c4:
b6:fb:2c:5b:72:7a:32:bd:73:de:da:2c:04:a7:fe:5a:e2:4c:
8c:a9:cf:05:36:93:f5:4f:6f:9f:76:46:c1:33:47:f9:47:89:
d9:a5:a1:08:20:cb:52:b5:e9:8b:6b:bb:28:62:4f:09:88:a1:
65:b7:81:28:c8:6f:07:dc:51:9c:1b:cf:8e:07:61:ac:15:99:
11:f0:d9:76:0a:b8:51:04:58:5d:82:01:f6:1d:c9:34:3c:13:
9f:c8:94:a2:46:ae:de:8f:63:3d:39:97:5d:af:c5:9e:0b:49:
f0:4d:10:f3:3a:88:48:1b:17:b5:e2:58:3b:05:f3:6a:c4:57:
78:b8:6d:7d:31:c1:08:6c:19:b3:86:a3:bd:b2:12:ab:34:95:
0e:38:96:71:8d:70:f2:be:fe:68:19:8b:87:20:a3:dc:ac:04:
c9:e4:c9:28:0c:aa:87:31:39:5d:1d:24:1a:05:f2:aa:36:bf:
bc:57:44:28
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZ7aRQyHiTtsuMh3tHwqTfKfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzM1ODY4MmRmM2RmOGJkYzcwMjQ1MDdmOTJlY2ZjNWFl
MDk3YmIwHhcNMjYwNjE4MTAyNjU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmRjZTRjMTczOGMwMjg5ODU3MTg3MWY5N2M1MGZlZTk3NWNmZjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Pg/bo9Xwmt4oDfokfOMb1BuSRT6
VmS4k4HaXcpz6YUCn5V0EDXTYyvPRz26vGn2rN5+L2+/WD7Do4S102Rko1sGD/zd
e4B0y8y29D1ldKehkUjiEGuPn86Sq8ly7HDsUrvWerodKps9MP7Q/JioG+ldea+l
Fr/zosbcngRWYdh8ZDrZ6Xor6n6MJIN1Jw05fSE3UNdC9Kk6Bdle8kr1x1i+J7P6
62UqSKk1QNKMBOnotvjXT/duWETIszoL/BxSYBLImqBMvZPpYgL/P3jqtmHtKj7Z
sYNeiPPFTRNdy9KuzKMlPjOMGL2Jmef8jeMF0iESKgoqUsE03t8q+QL5tQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFM/c5MFzjAKJhXGHH5fFD+6XXP9xMB8GA1UdIwQY
MBaAFMJzWGgt89+L3HAkUH+S7Pxa4Je7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25OWWFDM3ozNHZjY0NSUWY1THNfRnJnbDdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9mNDQ5YjMtZDhhOC00OTNlLTliZDct
ZTg4NDY1YzQ2MTg2LzEvejl6a3dYT01Bb21GY1ljZmw4VVA3cGRjXzNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9mNDQ5YjMtZDhhOC00OTNlLTliZDctZTg4NDY1YzQ2MTg2
LzEvd25OWWFDM3ozNHZjY0NSUWY1THNfRnJnbDdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA1BAIAATAvAwQAUPfcAwMA
V+kDBADBHJgDBADVwcEDBAPVwdADBADVweoDBADVwfcDBADV74gwFAQCAAIwDgMF
ACABCZADBQAgAQmoMA0GCSqGSIb3DQEBCwUAA4IBAQDQ8YRSee0waeIYIPmNpVEI
qXcZ53emKLZWHaLTdS//PaIcdxjzEeXU6E4t6wFDvKeuj1JMcvYKMw5AUePLzBTW
VK8Jklz8w8S2+yxbcnoyvXPe2iwEp/5a4kyMqc8FNpP1T2+fdkbBM0f5R4nZpaEI
IMtStemLa7soYk8JiKFlt4EoyG8H3FGcG8+OB2GsFZkR8Nl2CrhRBFhdggH2Hck0
PBOfyJSiRq7ej2M9OZddr8WeC0nwTRDzOohIGxe14lg7BfNqxFd4uG19McEIbBmz
hqO9shKrNJUOOJZxjXDyvv5oGYuHIKPcrATJ5MkoDKqHMTldHSQaBfKqNr+8V0Qo
-----END CERTIFICATE-----
Generated at Sun Jun 28 22:07:16 2026 by rpki-client