Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/9XQ3v7NAyX7Zn1qmQQWXb2qR2dM.roa
File: 9XQ3v7NAyX7Zn1qmQQWXb2qR2dM.roa (raw, json)
Hash identifier: LoJHTZuUcieblT+nTohVJEnVdn7k2NrPeNKfLmUfk68=
Subject key identifier: F5:74:37:BF:B3:40:C9:7E:D9:9F:5A:A6:41:05:97:6F:6A:91:D9:D3
Certificate issuer: /CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Certificate serial: 019EB22D44B05451D748FA0E297FCA5D7265
Authority key identifier: B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/9XQ3v7NAyX7Zn1qmQQWXb2qR2dM.roa
Signing time: Wed 10 Jun 2026 15:36:11 +0000
ROA not before: Wed 10 Jun 2026 15:36:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 80.174.32.0/19 maxlen: 19
80.174.113.0/24 maxlen: 24
80.174.118.0/24 maxlen: 24
80.174.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.mft
rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 08:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b2:2d:44:b0:54:51:d7:48:fa:0e:29:7f:ca:5d:72:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Validity
Not Before: Jun 10 15:36:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f57437bfb340c97ed99f5aa64105976f6a91d9d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c3:d8:e7:3d:1d:50:e3:ed:9c:fd:6d:40:db:
97:59:bf:d1:28:ba:82:d9:ff:a6:20:2a:c1:9a:1e:
2a:4d:aa:e7:42:57:16:9a:10:f3:a7:2b:c3:75:2b:
36:6f:76:a6:70:1e:e8:32:d3:37:65:0e:6a:b3:74:
2e:fb:15:02:4e:67:b9:d9:04:11:09:22:c2:16:89:
af:a1:fc:b0:ac:7c:ae:57:be:83:6a:66:8f:26:1a:
08:0f:d0:d6:63:85:5a:63:25:bb:de:22:3a:89:20:
64:ec:b1:a3:3c:6d:33:7d:fb:40:29:94:e4:a6:e1:
67:df:4d:06:a5:a0:35:2e:67:13:fa:40:0d:ef:4e:
59:d1:6b:32:34:f2:e4:78:a0:03:e9:8e:71:62:97:
2b:b2:6a:4a:da:af:c1:20:b5:7d:e6:dd:b6:27:a0:
6b:6e:72:18:26:82:7a:a7:fa:15:6d:24:2c:57:6d:
29:cd:51:d7:b5:c0:a8:6d:57:80:d0:b7:d4:76:c0:
e2:17:f9:d5:d3:d8:21:0f:9c:f3:77:40:79:67:e7:
0a:62:0a:7a:d3:33:2d:ea:77:f8:f0:84:78:18:3b:
91:24:e7:a0:6f:e2:b8:bb:4e:13:86:a9:e7:7b:fc:
16:83:fd:71:2a:41:dc:b3:e5:c9:54:90:fd:f3:75:
22:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:74:37:BF:B3:40:C9:7E:D9:9F:5A:A6:41:05:97:6F:6A:91:D9:D3
X509v3 Authority Key Identifier:
keyid:B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/9XQ3v7NAyX7Zn1qmQQWXb2qR2dM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.174.32.0/19
80.174.113.0/24
80.174.118.0/24
80.174.121.0/24
Signature Algorithm: sha256WithRSAEncryption
39:bc:cd:33:13:84:2a:11:2c:ae:5e:22:3a:fd:d7:f0:5a:40:
e3:82:9b:56:fe:33:c3:a6:d3:83:86:ad:f1:31:2c:b2:41:fa:
40:0d:f5:ec:3c:e7:93:d6:79:3f:8c:f3:42:85:84:80:c0:33:
08:f2:d1:e6:88:e9:52:ec:bd:d8:45:15:d0:92:54:11:51:18:
8e:24:21:1e:d7:f5:85:00:c7:dd:ea:17:a3:36:b4:0b:5d:68:
c3:88:86:5d:f1:06:ec:bf:5f:d1:e9:c6:66:00:63:58:38:3f:
93:8a:32:3d:1b:a8:ea:9f:80:bc:5b:96:25:7b:e1:f0:84:45:
22:eb:cf:1d:bb:34:4f:be:c0:d4:43:4b:00:b1:63:f0:8d:20:
51:23:03:1d:c2:1d:3f:14:0a:55:18:b0:45:94:c4:66:d1:b6:
e7:da:ab:b6:91:5a:d4:af:2d:f9:ec:50:06:91:26:8d:c2:39:
86:be:79:8e:02:38:29:ee:8f:a3:27:b2:21:97:aa:6a:a4:9b:
92:5f:37:bd:01:8b:60:fb:de:bf:8b:36:ae:d8:4d:16:6f:de:
89:69:bb:3c:a2:52:c9:63:29:e0:3d:3c:16:91:f6:3a:1e:15:
08:a5:23:e5:00:c1:82:52:e1:d6:3e:11:f5:cd:df:f0:88:7f:
48:1f:1b:74
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ6yLUSwVFHXSPoOKX/KXXJlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTk5OTg5OWY3NmQyZTJlNGNjZGZjODE3Zjk4NzljZmFj
MDZiYmUwHhcNMjYwNjEwMTUzNjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTc0MzdiZmIzNDBjOTdlZDk5ZjVhYTY0MTA1OTc2ZjZhOTFkOWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28PY5z0dUOPtnP1tQNuXWb/RKLqC
2f+mICrBmh4qTarnQlcWmhDzpyvDdSs2b3amcB7oMtM3ZQ5qs3Qu+xUCTme52QQR
CSLCFomvofywrHyuV76DamaPJhoID9DWY4VaYyW73iI6iSBk7LGjPG0zfftAKZTk
puFn300GpaA1LmcT+kAN705Z0WsyNPLkeKAD6Y5xYpcrsmpK2q/BILV95t22J6Br
bnIYJoJ6p/oVbSQsV20pzVHXtcCobVeA0LfUdsDiF/nV09ghD5zzd0B5Z+cKYgp6
0zMt6nf48IR4GDuRJOegb+K4u04Thqnne/wWg/1xKkHcs+XJVJD983Ui9QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPV0N7+zQMl+2Z9apkEFl29qkdnTMB8GA1UdIwQY
MBaAFLRZmYmfdtLi5MzfyBf5h5z6wGu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUt
NzM0MjhmOWM3YmZmLzEvOVhRM3Y3TkF5WDdabjFxbVFRV1hiMnFSMmRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUtNzM0MjhmOWM3YmZm
LzEvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFUK4gAwQA
UK5xAwQAUK52AwQAUK55MA0GCSqGSIb3DQEBCwUAA4IBAQA5vM0zE4QqESyuXiI6
/dfwWkDjgptW/jPDptODhq3xMSyyQfpADfXsPOeT1nk/jPNChYSAwDMI8tHmiOlS
7L3YRRXQklQRURiOJCEe1/WFAMfd6hejNrQLXWjDiIZd8Qbsv1/R6cZmAGNYOD+T
ijI9G6jqn4C8W5Yle+HwhEUi688duzRPvsDUQ0sAsWPwjSBRIwMdwh0/FApVGLBF
lMRm0bbn2qu2kVrUry357FAGkSaNwjmGvnmOAjgp7o+jJ7Ihl6pqpJuSXze9AYtg
+96/izau2E0Wb96Jabs8olLJYyngPTwWkfY6HhUIpSPlAMGCUuHWPhH1zd/wiH9I
Hxt0
-----END CERTIFICATE-----
Generated at Thu Jun 11 14:17:48 2026 by rpki-client