Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/a9PVmeffwqA3twgcV6t0GJNoOig.roa
File: a9PVmeffwqA3twgcV6t0GJNoOig.roa (raw, json)
Hash identifier: qpMObNCzJumJOZZ9WvveWfmJTih0CsrC0uyAIeU07CA=
Subject key identifier: 6B:D3:D5:99:E7:DF:C2:A0:37:B7:08:1C:57:AB:74:18:93:68:3A:28
Certificate issuer: /CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Certificate serial: 019E6DA29A6A65FFD0C573EA600463772E40
Authority key identifier: B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/a9PVmeffwqA3twgcV6t0GJNoOig.roa
Signing time: Thu 28 May 2026 08:10:33 +0000
ROA not before: Thu 28 May 2026 08:10:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 2914
IP address blocks: 80.174.0.0/24 maxlen: 24
80.174.1.0/24 maxlen: 24
80.174.248.0/24 maxlen: 24
80.174.249.0/24 maxlen: 24
103.85.32.0/24 maxlen: 24
103.85.33.0/24 maxlen: 24
103.85.34.0/24 maxlen: 24
103.85.35.0/24 maxlen: 24
202.58.108.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.mft
rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 08:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6d:a2:9a:6a:65:ff:d0:c5:73:ea:60:04:63:77:2e:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Validity
Not Before: May 28 08:10:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6bd3d599e7dfc2a037b7081c57ab741893683a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:19:29:c8:70:1f:72:4d:82:76:99:8c:76:45:
ec:4f:77:a6:72:47:62:7f:6d:4d:9b:25:c7:3c:87:
83:a7:e8:01:4e:3d:10:0c:d8:57:45:45:43:9c:bd:
66:f4:89:64:2c:b1:78:6b:9e:d5:eb:8d:1b:14:d1:
db:14:dc:9c:49:7f:16:f0:60:0f:b7:13:8f:6d:91:
aa:69:33:3b:81:fd:87:93:77:e5:f7:16:1d:24:7a:
09:d4:b6:98:98:0f:05:93:cb:40:6f:ea:da:8f:b3:
20:5a:fe:f0:41:01:9f:c6:28:ef:25:d4:e6:cd:46:
86:c0:58:60:f6:bc:50:25:52:75:b4:62:eb:9c:0c:
a7:cd:6c:85:82:c4:e8:cc:fa:9d:03:75:02:2d:c8:
d7:fc:0e:0d:a4:cb:41:dc:a9:d7:2f:03:e7:f4:9b:
23:3e:12:83:ef:be:11:4b:a2:2d:61:71:a9:50:fd:
17:59:a4:45:87:b5:26:58:7f:9d:c6:e9:5c:be:4c:
d2:67:f2:b2:94:73:4e:78:12:a5:93:45:35:ae:27:
23:f4:31:af:f0:bf:54:fd:ea:2a:df:79:6a:de:48:
b8:2d:c8:6a:6c:c9:c4:69:0f:a5:81:b1:ce:55:b4:
fa:e4:95:d1:36:ae:ad:ba:d7:6b:b0:9f:1a:b2:db:
87:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:D3:D5:99:E7:DF:C2:A0:37:B7:08:1C:57:AB:74:18:93:68:3A:28
X509v3 Authority Key Identifier:
keyid:B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/a9PVmeffwqA3twgcV6t0GJNoOig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.174.0.0/23
80.174.248.0/23
103.85.32.0/22
202.58.108.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:8d:bb:18:93:15:e0:49:fd:74:40:43:3c:e2:e5:c8:ca:86:
03:5b:e8:8e:9e:0e:4a:ce:d2:b5:da:73:bf:b6:31:7c:f7:06:
bb:1e:6b:48:5a:4a:d8:58:21:62:91:d0:c9:f6:2d:44:eb:9e:
dc:bd:f5:35:d4:da:0a:73:51:77:c3:25:6b:31:3f:c7:a0:c4:
1e:19:d8:3e:1e:2b:60:0d:f2:80:c0:81:1f:20:28:55:42:2c:
f6:b8:1f:a5:80:0f:73:d4:df:2d:c8:67:29:9f:52:29:5c:d8:
f8:f5:9f:f9:83:f5:91:2d:eb:e1:0d:69:8a:12:c8:42:d8:6f:
0d:57:c2:7a:5f:f5:05:2b:f9:15:ab:a5:c9:57:20:f7:3c:ad:
b7:35:c4:b9:3d:db:b9:51:9e:fa:f1:67:df:73:66:6c:8f:52:
31:7c:8e:61:e3:e9:3f:05:26:90:60:a7:04:3c:d6:c4:4f:50:
dc:ea:69:d1:64:50:9e:91:70:02:c8:67:55:b8:51:81:ba:1d:
c0:49:dc:cf:cb:00:7e:e6:60:7c:99:72:6f:bf:b7:01:8b:1b:
b5:5f:70:e1:57:6c:a1:be:c8:c2:68:51:31:4e:83:b4:4f:03:
cd:f4:0c:46:d5:d5:7e:9e:39:c9:fa:5e:be:3e:ee:8a:9e:8b:
3e:c7:eb:5d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ5toppqZf/QxXPqYARjdy5AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTk5OTg5OWY3NmQyZTJlNGNjZGZjODE3Zjk4NzljZmFj
MDZiYmUwHhcNMjYwNTI4MDgxMDMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmQzZDU5OWU3ZGZjMmEwMzdiNzA4MWM1N2FiNzQxODkzNjgzYTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBkpyHAfck2CdpmMdkXsT3emckdi
f21NmyXHPIeDp+gBTj0QDNhXRUVDnL1m9IlkLLF4a57V640bFNHbFNycSX8W8GAP
txOPbZGqaTM7gf2Hk3fl9xYdJHoJ1LaYmA8Fk8tAb+raj7MgWv7wQQGfxijvJdTm
zUaGwFhg9rxQJVJ1tGLrnAynzWyFgsTozPqdA3UCLcjX/A4NpMtB3KnXLwPn9Jsj
PhKD774RS6ItYXGpUP0XWaRFh7UmWH+dxulcvkzSZ/KylHNOeBKlk0U1ricj9DGv
8L9U/eoq33lq3ki4LchqbMnEaQ+lgbHOVbT65JXRNq6tutdrsJ8astuHTQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGvT1Znn38KgN7cIHFerdBiTaDooMB8GA1UdIwQY
MBaAFLRZmYmfdtLi5MzfyBf5h5z6wGu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUt
NzM0MjhmOWM3YmZmLzEvYTlQVm1lZmZ3cUEzdHdnY1Y2dDBHSk5vT2lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUtNzM0MjhmOWM3YmZm
LzEvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBUK4AAwQB
UK74AwQCZ1UgAwQByjpsMA0GCSqGSIb3DQEBCwUAA4IBAQAdjbsYkxXgSf10QEM8
4uXIyoYDW+iOng5KztK12nO/tjF89wa7HmtIWkrYWCFikdDJ9i1E657cvfU11NoK
c1F3wyVrMT/HoMQeGdg+HitgDfKAwIEfIChVQiz2uB+lgA9z1N8tyGcpn1IpXNj4
9Z/5g/WRLevhDWmKEshC2G8NV8J6X/UFK/kVq6XJVyD3PK23NcS5Pdu5UZ768Wff
c2Zsj1IxfI5h4+k/BSaQYKcEPNbET1Dc6mnRZFCekXACyGdVuFGBuh3ASdzPywB+
5mB8mXJvv7cBixu1X3DhV2yhvsjCaFExToO0TwPN9AxG1dV+njnJ+l6+Pu6Knos+
x+td
-----END CERTIFICATE-----
Generated at Thu Jun 11 14:17:47 2026 by rpki-client