Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/vm9MnN1GdtpeLVn8_AJh1rnUOzk.roa
File: vm9MnN1GdtpeLVn8_AJh1rnUOzk.roa (raw, json)
Hash identifier: 6dxvy1o688KqnNgPtmJv43xHGk7/2FGAwemTruwiheY=
Subject key identifier: BE:6F:4C:9C:DD:46:76:DA:5E:2D:59:FC:FC:02:61:D6:B9:D4:3B:39
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 019ED4F6969AF8AF6BDD8EB9B84F73A0AFA9
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/vm9MnN1GdtpeLVn8_AJh1rnUOzk.roa
Signing time: Wed 17 Jun 2026 09:43:10 +0000
ROA not before: Wed 17 Jun 2026 09:43:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 79.172.250.0/23 maxlen: 24
79.172.250.0/24 maxlen: 24
87.229.8.0/22 maxlen: 22
87.229.8.0/24 maxlen: 24
87.229.11.0/24 maxlen: 24
87.229.35.0/24 maxlen: 24
87.229.37.0/24 maxlen: 24
87.229.80.0/23 maxlen: 24
87.229.81.0/24 maxlen: 24
87.229.124.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Jun 2026 17:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:d4:f6:96:9a:f8:af:6b:dd:8e:b9:b8:4f:73:a0:af:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jun 17 09:43:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=be6f4c9cdd4676da5e2d59fcfc0261d6b9d43b39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d4:9a:db:b0:0d:ae:89:38:5b:01:75:10:dc:
d3:bd:8b:4b:4e:2f:d9:de:73:4a:9d:76:6d:5a:59:
e4:70:8d:50:9d:9e:6d:e2:62:85:80:24:23:84:c9:
6a:43:f9:3d:d9:62:4a:cd:4d:7a:8f:fe:8d:b6:21:
61:78:8e:0a:a5:78:06:d6:63:5c:74:98:65:77:14:
60:03:89:ea:d1:55:7a:31:f7:93:a8:ab:b1:0d:74:
bc:8e:f1:01:1f:af:9c:e9:0f:54:c0:68:b3:c0:fb:
55:a8:c4:b8:8c:5f:cf:36:9f:82:91:80:04:8a:06:
51:2f:90:f2:09:3e:20:49:b3:5a:be:e0:88:08:21:
b4:54:98:6d:18:81:b3:ed:fb:4b:4f:46:fb:75:d3:
b5:77:42:d3:c4:fc:e3:93:f8:d7:78:20:2f:bb:5b:
03:d5:85:bc:ef:04:74:79:b8:63:a8:81:dd:3c:11:
ae:a7:c7:81:48:02:00:10:01:dd:01:55:9e:4a:db:
4d:83:31:b7:de:9f:b6:1c:02:6f:08:d3:37:92:5a:
27:84:2d:89:e0:89:88:17:dc:3b:7b:7e:8d:49:9c:
e2:40:cd:96:38:e0:bc:b1:c6:a9:82:1e:d3:ea:d9:
07:32:ef:ea:43:5c:67:a9:72:fd:f4:06:30:d8:0b:
34:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:6F:4C:9C:DD:46:76:DA:5E:2D:59:FC:FC:02:61:D6:B9:D4:3B:39
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/vm9MnN1GdtpeLVn8_AJh1rnUOzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.250.0/23
87.229.8.0/22
87.229.35.0/24
87.229.37.0/24
87.229.80.0/23
87.229.124.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:31:5f:bc:d4:9c:3b:b1:9f:4b:ba:14:8d:2d:74:3f:f8:6b:
23:4c:5b:64:df:ab:32:c5:54:4f:ed:29:47:89:77:17:32:b8:
68:70:60:17:af:29:54:3b:78:01:5a:f9:88:af:f5:6a:af:5f:
d7:fa:5f:52:c8:b7:e0:f8:15:66:05:f5:3d:f4:f6:e2:6a:f0:
a3:92:84:df:98:be:8a:51:b6:0c:9f:d2:b2:1f:f6:91:7a:1c:
e8:c8:66:3c:12:ac:c7:2d:d9:a7:c9:34:9d:b0:41:63:a2:e7:
ec:80:ef:44:b1:18:4a:f9:da:1f:d0:9c:20:8d:30:98:49:4a:
82:6e:62:99:99:ac:ec:19:52:49:c0:05:85:eb:4b:3c:72:60:
1b:7b:45:c5:c0:50:47:ec:63:c9:8a:0b:82:55:ee:84:71:7e:
52:7f:7e:4f:25:6d:e6:68:f0:30:d8:e8:be:b1:0e:89:5a:61:
c6:8b:c5:90:13:cc:3b:11:93:15:84:39:14:5f:d6:19:a7:0b:
b7:6d:c8:fc:bf:00:fd:20:cc:f1:e2:d1:3b:8b:36:00:76:30:
dc:66:e3:be:a9:f6:d1:0f:87:5c:58:69:62:c4:ac:3d:76:dd:
43:42:95:e5:44:66:77:c2:9c:54:0b:6c:89:04:e8:11:ae:db:
17:c0:4a:95
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ7U9paa+K9r3Y65uE9zoK+pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjYwNjE3MDk0MzEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTZmNGM5Y2RkNDY3NmRhNWUyZDU5ZmNmYzAyNjFkNmI5ZDQzYjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9Sa27ANrok4WwF1ENzTvYtLTi/Z
3nNKnXZtWlnkcI1QnZ5t4mKFgCQjhMlqQ/k92WJKzU16j/6NtiFheI4KpXgG1mNc
dJhldxRgA4nq0VV6MfeTqKuxDXS8jvEBH6+c6Q9UwGizwPtVqMS4jF/PNp+CkYAE
igZRL5DyCT4gSbNavuCICCG0VJhtGIGz7ftLT0b7ddO1d0LTxPzjk/jXeCAvu1sD
1YW87wR0ebhjqIHdPBGup8eBSAIAEAHdAVWeSttNgzG33p+2HAJvCNM3klonhC2J
4ImIF9w7e36NSZziQM2WOOC8scapgh7T6tkHMu/qQ1xnqXL99AYw2As0YwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFL5vTJzdRnbaXi1Z/PwCYda51Ds5MB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvdm05TW5OMUdkdHBlTFZuOF9BSmgxcm5VT3prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBT6z6AwQC
V+UIAwQAV+UjAwQAV+UlAwQBV+VQAwQBV+V8MA0GCSqGSIb3DQEBCwUAA4IBAQCg
MV+81Jw7sZ9LuhSNLXQ/+GsjTFtk36syxVRP7SlHiXcXMrhocGAXrylUO3gBWvmI
r/Vqr1/X+l9SyLfg+BVmBfU99PbiavCjkoTfmL6KUbYMn9KyH/aRehzoyGY8EqzH
LdmnyTSdsEFjoufsgO9EsRhK+dof0JwgjTCYSUqCbmKZmazsGVJJwAWF60s8cmAb
e0XFwFBH7GPJiguCVe6EcX5Sf35PJW3maPAw2Oi+sQ6JWmHGi8WQE8w7EZMVhDkU
X9YZpwu3bcj8vwD9IMzx4tE7izYAdjDcZuO+qfbRD4dcWGlixKw9dt1DQpXlRGZ3
wpxUC2yJBOgRrtsXwEqV
-----END CERTIFICATE-----
Generated at Wed Jun 17 22:40:58 2026 by rpki-client