Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/mu99Z7W6jCrztbm7Z_mtQirHnmI.roa
File: mu99Z7W6jCrztbm7Z_mtQirHnmI.roa (raw, json)
Hash identifier: AglqGgqrfuAmfsipiEkRE1f6ibGl+h7/SOO2pYcAd5U=
Subject key identifier: 9A:EF:7D:67:B5:BA:8C:2A:F3:B5:B9:BB:67:F9:AD:42:2A:C7:9E:62
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 019F02B6685845A29D8F4E6FE5ABD93F0383
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/mu99Z7W6jCrztbm7Z_mtQirHnmI.roa
Signing time: Fri 26 Jun 2026 06:55:36 +0000
ROA not before: Fri 26 Jun 2026 06:55:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 79.172.192.0/23 maxlen: 24
79.172.250.0/23 maxlen: 24
87.229.8.0/22 maxlen: 22
87.229.8.0/24 maxlen: 24
87.229.11.0/24 maxlen: 24
87.229.35.0/24 maxlen: 24
87.229.37.0/24 maxlen: 24
87.229.80.0/23 maxlen: 24
87.229.81.0/24 maxlen: 24
87.229.124.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:02:b6:68:58:45:a2:9d:8f:4e:6f:e5:ab:d9:3f:03:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jun 26 06:55:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9aef7d67b5ba8c2af3b5b9bb67f9ad422ac79e62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f5:6b:b2:7f:30:2d:5d:74:13:99:0b:4c:ca:
4f:d6:3c:68:9d:d8:0b:09:5c:00:b3:10:db:ee:02:
96:e0:66:0e:7b:60:ef:6a:8b:87:7f:b5:42:80:e7:
47:70:02:75:61:8b:f6:0b:f1:13:28:f5:dc:08:5c:
f1:b2:b8:e4:14:40:97:68:64:74:0f:64:72:1c:5d:
73:a0:b8:81:70:70:78:bb:5a:17:2e:28:23:4a:ec:
70:d6:39:35:c3:02:63:a3:7f:17:ea:8c:85:b4:3a:
b2:80:d4:a5:21:53:ed:52:b5:ed:16:61:f8:ba:94:
4f:ff:3c:4c:77:cf:ac:79:2b:fb:79:f6:5c:2d:e2:
90:74:73:f6:93:9e:c7:60:f9:5c:d6:fa:a6:b5:5e:
9a:38:57:12:c2:6d:81:92:ee:71:52:7f:f8:de:d6:
d3:9a:f0:b8:0f:14:27:a3:0d:3f:f1:7f:2d:0b:65:
62:1b:96:bd:9e:eb:3d:9e:05:d9:06:b0:87:ff:d3:
34:fa:df:f6:f2:69:de:0f:b1:16:74:cb:0d:64:5a:
10:83:82:79:92:46:78:32:e3:3b:56:95:69:cf:3c:
b4:1d:08:4c:ee:a2:7c:9b:84:3a:f1:32:3e:03:9f:
12:36:5b:03:0b:31:90:2b:b9:af:52:54:b1:b9:6f:
0e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:EF:7D:67:B5:BA:8C:2A:F3:B5:B9:BB:67:F9:AD:42:2A:C7:9E:62
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/mu99Z7W6jCrztbm7Z_mtQirHnmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.192.0/23
79.172.250.0/23
87.229.8.0/22
87.229.35.0/24
87.229.37.0/24
87.229.80.0/23
87.229.124.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:da:70:29:c9:4a:15:bf:04:0f:1a:bb:99:36:e5:cf:84:0b:
3b:d3:70:cc:7e:22:1d:ec:1c:3c:12:11:3c:57:d3:ae:39:47:
5b:5b:27:ee:a8:e5:42:c0:f3:af:68:db:c4:38:fa:16:0c:18:
3f:e8:3f:72:01:6d:e7:e2:31:f6:0f:b3:fe:3e:db:39:ae:85:
16:b2:96:9e:32:6e:8c:9a:82:7e:97:45:9e:d7:0e:7e:11:44:
c5:9a:f5:46:c5:c0:45:82:05:15:bc:11:ed:1d:e9:1e:19:73:
af:7d:b2:3d:1f:c1:3d:60:ed:2d:53:ac:e8:e8:0b:1e:1f:1b:
cb:cd:ec:78:24:f4:04:dc:9c:2b:05:75:12:c0:df:08:b0:46:
57:2f:36:65:ef:20:bc:9d:ca:7c:e1:f0:c8:a0:2d:05:c3:26:
16:f6:4c:c6:ef:fe:53:03:fc:53:d7:0d:8c:39:1c:bf:a2:21:
d0:66:a8:09:ea:c1:b0:ed:4f:6f:17:f7:3c:f8:24:f4:09:55:
52:77:eb:20:44:95:ba:ec:1f:7c:fa:4c:2c:d5:05:10:69:08:
ad:e6:54:a5:da:69:a1:23:7d:6c:5e:2c:82:fd:d2:d6:1d:2d:
44:b4:7d:7a:e3:89:6f:f4:f3:c6:cc:1d:00:c9:c1:e9:9f:50:
86:04:40:34
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ8CtmhYRaKdj05v5avZPwODMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjYwNjI2MDY1NTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWVmN2Q2N2I1YmE4YzJhZjNiNWI5YmI2N2Y5YWQ0MjJhYzc5ZTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfVrsn8wLV10E5kLTMpP1jxondgL
CVwAsxDb7gKW4GYOe2DvaouHf7VCgOdHcAJ1YYv2C/ETKPXcCFzxsrjkFECXaGR0
D2RyHF1zoLiBcHB4u1oXLigjSuxw1jk1wwJjo38X6oyFtDqygNSlIVPtUrXtFmH4
upRP/zxMd8+seSv7efZcLeKQdHP2k57HYPlc1vqmtV6aOFcSwm2Bku5xUn/43tbT
mvC4DxQnow0/8X8tC2ViG5a9nus9ngXZBrCH/9M0+t/28mneD7EWdMsNZFoQg4J5
kkZ4MuM7VpVpzzy0HQhM7qJ8m4Q68TI+A58SNlsDCzGQK7mvUlSxuW8OawIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJrvfWe1uowq87W5u2f5rUIqx55iMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvbXU5OVo3VzZqQ3J6dGJtN1pfbXRRaXJIbm1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBT6zAAwQB
T6z6AwQCV+UIAwQAV+UjAwQAV+UlAwQBV+VQAwQBV+V8MA0GCSqGSIb3DQEBCwUA
A4IBAQAc2nApyUoVvwQPGruZNuXPhAs703DMfiId7Bw8EhE8V9OuOUdbWyfuqOVC
wPOvaNvEOPoWDBg/6D9yAW3n4jH2D7P+Pts5roUWspaeMm6MmoJ+l0We1w5+EUTF
mvVGxcBFggUVvBHtHekeGXOvfbI9H8E9YO0tU6zo6AseHxvLzex4JPQE3JwrBXUS
wN8IsEZXLzZl7yC8ncp84fDIoC0FwyYW9kzG7/5TA/xT1w2MORy/oiHQZqgJ6sGw
7U9vF/c8+CT0CVVSd+sgRJW67B98+kws1QUQaQit5lSl2mmhI31sXiyC/dLWHS1E
tH1644lv9PPGzB0AycHpn1CGBEA0
-----END CERTIFICATE-----
Generated at Mon Jun 29 10:00:17 2026 by rpki-client