Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/n-29MuA6EoenP4YOSgLg3PmvldE.roa
File: n-29MuA6EoenP4YOSgLg3PmvldE.roa (raw, json)
Hash identifier: CMzXiVlHnCrRtRBpkGbnWdoSVgd6E5RI6HPXpXpJUwE=
Subject key identifier: 9F:ED:BD:32:E0:3A:12:87:A7:3F:86:0E:4A:02:E0:DC:F9:AF:95:D1
Certificate issuer: /CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Certificate serial: 019E3FF84A31343DC1D2418AF237324ECDF6
Authority key identifier: B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/n-29MuA6EoenP4YOSgLg3PmvldE.roa
Signing time: Tue 19 May 2026 11:21:36 +0000
ROA not before: Tue 19 May 2026 11:21:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198486
IP address blocks: 80.174.128.0/21 maxlen: 24
80.174.244.0/23 maxlen: 24
83.143.171.0/24 maxlen: 24
83.143.174.0/23 maxlen: 24
93.95.16.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.mft
rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 08:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3f:f8:4a:31:34:3d:c1:d2:41:8a:f2:37:32:4e:cd:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Validity
Not Before: May 19 11:21:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9fedbd32e03a1287a73f860e4a02e0dcf9af95d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fd:5c:8e:11:0e:36:b9:eb:7d:1e:76:a5:86:
d3:35:9b:13:d9:d5:de:89:60:bc:81:9c:6a:2c:04:
a0:b0:53:5c:1d:9a:24:f7:13:79:0e:89:69:cc:0a:
47:b9:5a:d5:84:e1:eb:86:bb:1a:eb:51:3b:fa:ec:
1f:0a:01:61:ec:4b:19:5b:18:a3:f0:a9:79:31:50:
8d:d4:5a:5e:6b:47:a7:0c:19:36:43:31:0a:9a:c2:
e1:7a:a8:fc:58:79:ce:50:ab:83:a3:1c:b4:ee:62:
7e:31:c7:53:76:14:b3:d2:67:33:f7:c6:4c:25:67:
ce:76:47:61:0b:c6:9d:b0:79:e8:85:b9:8e:e0:07:
99:0c:11:f0:f3:b4:28:ac:07:4d:10:39:1c:9c:96:
95:b5:8f:28:e7:93:20:5d:d1:76:cb:ea:d3:f5:4b:
2e:c7:5d:97:b0:c7:b2:c6:f7:8c:78:24:a6:49:90:
4d:cc:cf:e4:18:51:08:42:2d:48:0a:6c:68:26:51:
e9:19:f1:42:08:aa:12:ad:97:3e:e8:35:a8:50:1c:
c7:c7:03:da:7d:46:e2:b4:5b:23:fc:ff:47:63:83:
88:46:fa:4a:e3:5c:8c:3c:a5:43:cd:f6:73:6b:69:
71:d8:b6:ce:6b:ee:42:46:0d:85:08:b6:da:4b:6a:
5a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:ED:BD:32:E0:3A:12:87:A7:3F:86:0E:4A:02:E0:DC:F9:AF:95:D1
X509v3 Authority Key Identifier:
keyid:B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/n-29MuA6EoenP4YOSgLg3PmvldE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.174.128.0/21
80.174.244.0/23
83.143.171.0/24
83.143.174.0/23
93.95.16.0/21
Signature Algorithm: sha256WithRSAEncryption
76:b7:41:23:22:1f:10:5f:d9:36:53:19:c7:85:0c:cd:59:17:
76:8f:98:48:24:2a:36:bd:38:e0:21:8c:3f:f7:a1:40:d1:7e:
0c:45:29:e5:47:15:31:27:b4:55:07:c8:29:7a:c7:ed:43:a1:
4f:60:48:84:59:86:f0:45:c3:26:04:3f:c3:c4:e8:9a:94:50:
2a:84:f5:36:ce:2a:81:32:9d:e2:bf:5f:db:70:b1:2b:96:84:
d3:de:b7:66:71:40:50:e7:28:e0:ea:35:de:c4:a3:d5:54:ce:
20:7f:44:21:15:a4:b7:ab:43:bd:4c:53:48:65:82:b6:38:b7:
e0:52:50:e6:70:3d:65:6e:0c:86:24:58:e6:e8:25:57:cd:55:
36:3d:8e:d0:2b:02:95:f4:16:3d:fe:6b:6d:6f:7e:b2:e4:27:
81:5a:41:36:17:45:ff:52:ce:a9:df:af:f7:04:d9:bd:44:ef:
be:88:82:f2:6a:08:18:4f:f3:fc:36:10:08:67:1d:60:74:c2:
16:92:57:66:2f:ca:1a:a6:dd:f0:f4:1e:bb:9a:90:be:1c:1a:
32:3a:c0:8d:87:b4:6f:bb:98:17:f5:09:6b:19:70:7a:3f:51:
4c:0f:2b:48:ef:b7:2b:17:bc:eb:a3:fc:84:14:33:6b:65:7e:
3d:4e:db:c3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ4/+EoxND3B0kGK8jcyTs32MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTk5OTg5OWY3NmQyZTJlNGNjZGZjODE3Zjk4NzljZmFj
MDZiYmUwHhcNMjYwNTE5MTEyMTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmVkYmQzMmUwM2ExMjg3YTczZjg2MGU0YTAyZTBkY2Y5YWY5NWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArf1cjhEONrnrfR52pYbTNZsT2dXe
iWC8gZxqLASgsFNcHZok9xN5DolpzApHuVrVhOHrhrsa61E7+uwfCgFh7EsZWxij
8Kl5MVCN1Fpea0enDBk2QzEKmsLheqj8WHnOUKuDoxy07mJ+McdTdhSz0mcz98ZM
JWfOdkdhC8adsHnohbmO4AeZDBHw87QorAdNEDkcnJaVtY8o55MgXdF2y+rT9Usu
x12XsMeyxveMeCSmSZBNzM/kGFEIQi1ICmxoJlHpGfFCCKoSrZc+6DWoUBzHxwPa
fUbitFsj/P9HY4OIRvpK41yMPKVDzfZza2lx2LbOa+5CRg2FCLbaS2paLwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJ/tvTLgOhKHpz+GDkoC4Nz5r5XRMB8GA1UdIwQY
MBaAFLRZmYmfdtLi5MzfyBf5h5z6wGu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUt
NzM0MjhmOWM3YmZmLzEvbi0yOU11QTZFb2VuUDRZT1NnTGczUG12bGRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUtNzM0MjhmOWM3YmZm
LzEvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDUK6AAwQB
UK70AwQAU4+rAwQBU4+uAwQDXV8QMA0GCSqGSIb3DQEBCwUAA4IBAQB2t0EjIh8Q
X9k2UxnHhQzNWRd2j5hIJCo2vTjgIYw/96FA0X4MRSnlRxUxJ7RVB8gpesftQ6FP
YEiEWYbwRcMmBD/DxOialFAqhPU2ziqBMp3iv1/bcLErloTT3rdmcUBQ5yjg6jXe
xKPVVM4gf0QhFaS3q0O9TFNIZYK2OLfgUlDmcD1lbgyGJFjm6CVXzVU2PY7QKwKV
9BY9/mttb36y5CeBWkE2F0X/Us6p36/3BNm9RO++iILyaggYT/P8NhAIZx1gdMIW
kldmL8oapt3w9B67mpC+HBoyOsCNh7Rvu5gX9QlrGXB6P1FMDytI77crF7zro/yE
FDNrZX49TtvD
-----END CERTIFICATE-----
Generated at Thu Jun 11 14:17:42 2026 by rpki-client