
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/9k5BtTPPxnZiW0r-J9VyWSs6SCI.roa
File: 9k5BtTPPxnZiW0r-J9VyWSs6SCI.roa (raw, json)
Hash identifier: F+RPFKfqZfbIU5EIxsSYhbg7pY/p6XGYN9oPR99wNrI=
Subject key identifier: F6:4E:41:B5:33:CF:C6:76:62:5B:4A:FE:27:D5:72:59:2B:3A:48:22
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 019EFE1206B8795E3DA5E47B33AF279C3432
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/9k5BtTPPxnZiW0r-J9VyWSs6SCI.roa
Signing time: Thu 25 Jun 2026 09:17:34 +0000
ROA not before: Thu 25 Jun 2026 09:17:34 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 40676
IP address blocks: 80.76.44.0/24 maxlen: 24
93.177.111.0/24 maxlen: 24
185.240.87.0/24 maxlen: 24
193.42.246.0/24 maxlen: 24
194.62.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 Jul 2026 08:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:fe:12:06:b8:79:5e:3d:a5:e4:7b:33:af:27:9c:34:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Jun 25 09:17:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f64e41b533cfc676625b4afe27d572592b3a4822
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c4:2d:8f:de:ff:16:69:a8:ae:5c:9d:37:63:
a9:9c:ab:74:50:1e:0f:72:07:99:b2:21:f4:a5:bf:
3b:c6:ba:e7:3c:93:9d:24:6f:23:c4:f9:36:96:47:
18:3b:51:03:1b:fc:4d:36:64:e8:35:0d:4a:33:34:
94:01:8b:19:5d:da:45:ee:e3:d7:9f:d1:67:61:d7:
18:28:89:00:cb:a5:f6:e2:63:a1:06:d2:02:a0:c0:
63:a0:b1:df:f7:b8:38:e9:09:5c:ad:a9:f9:36:e6:
85:e8:26:33:2f:2e:71:4a:2e:a7:a1:db:be:fd:55:
bd:a0:4e:ff:ed:26:8e:3c:db:5c:ba:2e:65:04:15:
ef:87:5c:59:db:99:da:c9:48:a2:6a:6e:48:3a:f8:
d6:32:df:42:92:d7:f8:64:83:26:09:83:3b:23:9a:
90:31:7f:89:56:d8:c6:b9:39:c6:26:a6:05:85:bb:
86:9e:b9:0d:4d:bc:c9:5a:07:56:61:3c:53:c1:50:
af:ae:d6:7d:9a:0b:1f:2c:f7:f1:8f:5d:c5:a2:c9:
27:29:f3:17:7f:0b:37:b6:70:27:fb:e6:c4:92:ef:
54:d0:ae:5c:f3:50:71:bf:46:77:6e:57:ba:ef:83:
ad:9d:ed:76:4d:a9:08:27:d9:cd:1a:2e:76:2f:b8:
09:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:4E:41:B5:33:CF:C6:76:62:5B:4A:FE:27:D5:72:59:2B:3A:48:22
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/9k5BtTPPxnZiW0r-J9VyWSs6SCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.44.0/24
93.177.111.0/24
185.240.87.0/24
193.42.246.0/24
194.62.165.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:04:ac:7f:07:53:eb:6c:6f:f5:fc:4f:d1:9d:12:de:c0:84:
c9:83:89:11:b0:04:ab:48:69:98:08:ea:24:6c:77:e3:7f:0e:
2f:33:07:f2:94:c6:71:30:6a:90:d0:8b:02:39:54:89:ea:53:
62:d8:ae:19:55:32:52:f5:8e:6e:33:75:c4:0b:cc:ce:8b:29:
03:cc:ed:8a:ff:9c:96:5b:56:16:62:b4:bb:24:c9:c0:10:e8:
7e:35:e7:83:b5:35:de:93:3d:d9:56:36:44:39:e1:39:16:a6:
be:a0:1e:e8:44:95:7a:11:ab:5f:01:4b:49:b9:f0:34:4c:95:
b4:14:6b:0e:ef:50:b2:20:64:6d:cc:64:c0:ac:da:63:c1:fe:
f5:88:7a:c7:b6:d2:1a:d8:c6:aa:34:3f:84:ee:8c:97:1b:e8:
5b:18:9f:89:da:6c:e4:7b:1d:7e:a5:24:82:6c:ba:1f:a8:b3:
a4:85:ff:50:6b:cc:18:76:03:74:37:3e:5a:0f:11:4e:d5:e5:
5e:1f:8d:e1:ac:cf:ad:62:f7:bb:b2:c8:bf:a7:1c:6c:cf:38:
9a:b6:76:6b:ac:98:e4:0a:8c:d0:1d:b7:6f:ea:2d:06:43:8b:
8c:74:f2:a2:4c:5f:9e:52:6b:3e:7c:40:87:5d:b6:eb:b6:19:
14:90:86:aa
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ7+Ega4eV49peR7M68nnDQyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjYwNjI1MDkxNzM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjRlNDFiNTMzY2ZjNjc2NjI1YjRhZmUyN2Q1NzI1OTJiM2E0ODIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsQtj97/FmmorlydN2OpnKt0UB4P
cgeZsiH0pb87xrrnPJOdJG8jxPk2lkcYO1EDG/xNNmToNQ1KMzSUAYsZXdpF7uPX
n9FnYdcYKIkAy6X24mOhBtICoMBjoLHf97g46Qlcran5NuaF6CYzLy5xSi6nodu+
/VW9oE7/7SaOPNtcui5lBBXvh1xZ25nayUiiam5IOvjWMt9Cktf4ZIMmCYM7I5qQ
MX+JVtjGuTnGJqYFhbuGnrkNTbzJWgdWYTxTwVCvrtZ9mgsfLPfxj13FosknKfMX
fws3tnAn++bEku9U0K5c81Bxv0Z3ble674Otne12TakIJ9nNGi52L7gJdQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPZOQbUzz8Z2YltK/ifVclkrOkgiMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvOWs1QnRUUFB4blppVzByLUo5VnlXU3M2U0NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUEwsAwQA
XbFvAwQAufBXAwQAwSr2AwQAwj6lMA0GCSqGSIb3DQEBCwUAA4IBAQAfBKx/B1Pr
bG/1/E/RnRLewITJg4kRsASrSGmYCOokbHfjfw4vMwfylMZxMGqQ0IsCOVSJ6lNi
2K4ZVTJS9Y5uM3XEC8zOiykDzO2K/5yWW1YWYrS7JMnAEOh+NeeDtTXekz3ZVjZE
OeE5Fqa+oB7oRJV6EatfAUtJufA0TJW0FGsO71CyIGRtzGTArNpjwf71iHrHttIa
2MaqND+E7oyXG+hbGJ+J2mzkex1+pSSCbLofqLOkhf9Qa8wYdgN0Nz5aDxFO1eVe
H43hrM+tYve7ssi/pxxszziatnZrrJjkCozQHbdv6i0GQ4uMdPKiTF+eUms+fECH
XbbrthkUkIaq
-----END CERTIFICATE-----
Generated at Wed Jul 1 13:50:54 2026 by rpki-client