
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/cfb251-923f-40c1-9832-e8a39dd60864/1/fU9G1xViiFBAMkydmGaiZ4wfW-4.roa
File: fU9G1xViiFBAMkydmGaiZ4wfW-4.roa (raw, json)
Hash identifier: n+ycwzmY2TKhAULErTgn7mIq9lbCk2qlJBifPQNmgOY=
Subject key identifier: 7D:4F:46:D7:15:62:88:50:40:32:4C:9D:98:66:A2:67:8C:1F:5B:EE
Certificate issuer: /CN=c1a4d967d5ccb1425b91ef4ed789a83afce4612e
Certificate serial: 019F2801A29386643BAD76786B1E10186B45
Authority key identifier: C1:A4:D9:67:D5:CC:B1:42:5B:91:EF:4E:D7:89:A8:3A:FC:E4:61:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/waTZZ9XMsUJbke9O14moOvzkYS4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/cfb251-923f-40c1-9832-e8a39dd60864/1/fU9G1xViiFBAMkydmGaiZ4wfW-4.roa
Signing time: Fri 03 Jul 2026 12:43:43 +0000
ROA not before: Fri 03 Jul 2026 12:43:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 24812
IP address blocks: 80.64.80.0/20 maxlen: 24
80.64.80.0/24 maxlen: 24
80.64.81.0/24 maxlen: 24
80.64.82.0/24 maxlen: 24
80.64.83.0/24 maxlen: 24
80.64.84.0/24 maxlen: 24
80.64.85.0/24 maxlen: 24
80.64.86.0/24 maxlen: 24
80.64.87.0/24 maxlen: 24
80.64.88.0/24 maxlen: 24
80.64.89.0/24 maxlen: 24
80.64.90.0/24 maxlen: 24
80.64.91.0/24 maxlen: 24
80.64.92.0/24 maxlen: 24
80.64.93.0/24 maxlen: 24
80.64.94.0/24 maxlen: 24
80.64.95.0/24 maxlen: 24
91.196.96.0/22 maxlen: 22
91.196.96.0/24 maxlen: 24
91.196.97.0/24 maxlen: 24
91.196.98.0/24 maxlen: 24
91.196.99.0/24 maxlen: 24
176.105.192.0/22 maxlen: 24
176.105.193.0/24 maxlen: 24
176.105.194.0/23 maxlen: 23
176.105.194.0/24 maxlen: 24
176.105.196.0/24 maxlen: 24
176.105.197.0/24 maxlen: 24
176.105.198.0/24 maxlen: 24
176.105.199.0/24 maxlen: 24
176.105.200.0/22 maxlen: 24
176.105.200.0/23 maxlen: 24
176.105.204.0/23 maxlen: 24
176.105.204.0/24 maxlen: 24
176.105.206.0/23 maxlen: 23
176.105.208.0/22 maxlen: 22
176.105.208.0/24 maxlen: 24
176.105.209.0/24 maxlen: 24
176.105.210.0/23 maxlen: 23
176.105.212.0/22 maxlen: 24
176.105.212.0/23 maxlen: 23
176.105.214.0/24 maxlen: 24
176.105.215.0/24 maxlen: 24
176.105.216.0/23 maxlen: 24
176.105.218.0/23 maxlen: 23
176.105.218.0/24 maxlen: 24
176.105.220.0/24 maxlen: 24
176.105.221.0/24 maxlen: 24
176.105.222.0/24 maxlen: 24
176.105.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/cfb251-923f-40c1-9832-e8a39dd60864/1/waTZZ9XMsUJbke9O14moOvzkYS4.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/cfb251-923f-40c1-9832-e8a39dd60864/1/waTZZ9XMsUJbke9O14moOvzkYS4.mft
rsync://rpki.ripe.net/repository/DEFAULT/waTZZ9XMsUJbke9O14moOvzkYS4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:28:01:a2:93:86:64:3b:ad:76:78:6b:1e:10:18:6b:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1a4d967d5ccb1425b91ef4ed789a83afce4612e
Validity
Not Before: Jul 3 12:43:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7d4f46d71562885040324c9d9866a2678c1f5bee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:02:29:2c:66:32:31:68:04:42:54:c5:d0:86:
a4:d4:8d:e5:10:21:35:dc:19:3b:da:78:b5:6e:dc:
a4:cd:03:4a:53:cf:e6:90:f2:3e:20:1e:0e:f9:66:
36:99:57:24:82:24:51:ae:15:c3:83:9e:0c:eb:7d:
f2:29:47:30:f9:26:6d:10:95:0a:3f:94:be:0f:df:
7c:07:7b:3d:e8:b2:bf:62:58:70:72:d7:2f:dc:62:
e0:c0:51:6f:d8:ba:92:0d:25:10:6b:c9:cd:6f:7d:
66:44:6c:46:81:7a:30:fb:a0:4a:04:35:f9:9c:02:
e2:9a:62:2b:c7:4c:b6:e9:cd:b8:93:2b:62:98:d3:
ed:36:97:12:df:50:b7:de:95:d8:0c:55:de:e4:2d:
78:12:c0:01:8e:7f:3e:1f:9b:4b:94:9c:d5:3d:8c:
7c:f5:e6:15:b6:ae:7a:38:20:bc:4f:99:84:67:f1:
94:b7:57:df:e4:6f:dc:14:f8:9b:4f:84:c7:0d:e9:
cb:03:e7:ff:03:c4:a8:6c:d2:30:63:3a:eb:34:72:
07:d6:b4:33:0c:4e:ba:14:7f:2d:24:cc:86:16:01:
35:f9:47:76:b9:54:b2:75:49:b4:6a:e5:c0:6b:b5:
9c:04:45:de:fb:5b:64:65:57:1c:f0:70:fb:ac:21:
92:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:4F:46:D7:15:62:88:50:40:32:4C:9D:98:66:A2:67:8C:1F:5B:EE
X509v3 Authority Key Identifier:
keyid:C1:A4:D9:67:D5:CC:B1:42:5B:91:EF:4E:D7:89:A8:3A:FC:E4:61:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/waTZZ9XMsUJbke9O14moOvzkYS4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/cfb251-923f-40c1-9832-e8a39dd60864/1/fU9G1xViiFBAMkydmGaiZ4wfW-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/cfb251-923f-40c1-9832-e8a39dd60864/1/waTZZ9XMsUJbke9O14moOvzkYS4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.64.80.0/20
91.196.96.0/22
176.105.192.0/19
Signature Algorithm: sha256WithRSAEncryption
62:a9:fb:a6:26:73:41:66:98:35:e5:bc:c9:05:33:73:8a:04:
08:97:07:ce:0e:db:5a:bb:b3:3d:c8:86:84:5c:72:8c:5c:13:
25:31:a1:0a:08:53:b4:22:2d:c9:56:37:68:83:40:40:5f:ee:
5e:8a:a4:74:72:41:ba:90:86:4a:0e:29:0a:81:52:0b:6f:8e:
34:b9:cc:c7:44:c0:ca:ab:85:6d:4a:b6:09:86:c6:51:4b:77:
2a:d2:da:e6:bd:77:1d:5f:dc:2f:b0:2d:9d:db:11:36:0d:81:
89:e2:b9:13:b1:8c:ce:30:8d:99:b9:e8:d3:22:07:96:d7:d3:
d3:37:6a:25:a0:3f:64:ad:4f:cf:73:ba:8e:3c:11:ed:68:e5:
33:93:c1:d6:9a:6c:81:58:65:be:a6:28:00:08:23:19:da:64:
3e:b5:a1:c7:b0:b0:ec:a2:2a:1a:e8:b3:37:57:be:64:c9:45:
e7:1f:c1:59:c4:db:03:9d:01:1c:1d:f6:09:66:7a:53:2a:50:
24:aa:29:37:f3:7b:d9:62:b8:70:be:3a:2c:21:96:a3:c8:35:
91:ad:ed:8d:69:6c:31:96:65:74:dd:99:b4:20:03:1c:d1:e8:
0f:1e:88:cd:c7:97:b4:b0:51:57:e9:23:7e:8d:ca:16:60:21:
e0:b1:f5:f7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ8oAaKThmQ7rXZ4ax4QGGtFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYTRkOTY3ZDVjY2IxNDI1YjkxZWY0ZWQ3ODlhODNhZmNl
NDYxMmUwHhcNMjYwNzAzMTI0MzQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDRmNDZkNzE1NjI4ODUwNDAzMjRjOWQ5ODY2YTI2NzhjMWY1YmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAIpLGYyMWgEQlTF0Iak1I3lECE1
3Bk72ni1btykzQNKU8/mkPI+IB4O+WY2mVckgiRRrhXDg54M633yKUcw+SZtEJUK
P5S+D998B3s96LK/Ylhwctcv3GLgwFFv2LqSDSUQa8nNb31mRGxGgXow+6BKBDX5
nALimmIrx0y26c24kytimNPtNpcS31C33pXYDFXe5C14EsABjn8+H5tLlJzVPYx8
9eYVtq56OCC8T5mEZ/GUt1ff5G/cFPibT4THDenLA+f/A8SobNIwYzrrNHIH1rQz
DE66FH8tJMyGFgE1+Ud2uVSydUm0auXAa7WcBEXe+1tkZVcc8HD7rCGS0wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH1PRtcVYohQQDJMnZhmomeMH1vuMB8GA1UdIwQY
MBaAFMGk2WfVzLFCW5HvTteJqDr85GEuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2FUWlo5WE1zVUpia2U5TzE0bW9PdnprWVM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9jZmIyNTEtOTIzZi00MGMxLTk4MzIt
ZThhMzlkZDYwODY0LzEvZlU5RzF4VmlpRkJBTWt5ZG1HYWlaNHdmVy00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9jZmIyNTEtOTIzZi00MGMxLTk4MzItZThhMzlkZDYwODY0
LzEvd2FUWlo5WE1zVUpia2U5TzE0bW9PdnprWVM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEUEBQAwQC
W8RgAwQFsGnAMA0GCSqGSIb3DQEBCwUAA4IBAQBiqfumJnNBZpg15bzJBTNzigQI
lwfODttau7M9yIaEXHKMXBMlMaEKCFO0Ii3JVjdog0BAX+5eiqR0ckG6kIZKDikK
gVILb440uczHRMDKq4VtSrYJhsZRS3cq0trmvXcdX9wvsC2d2xE2DYGJ4rkTsYzO
MI2ZuejTIgeW19PTN2oloD9krU/Pc7qOPBHtaOUzk8HWmmyBWGW+pigACCMZ2mQ+
taHHsLDsoioa6LM3V75kyUXnH8FZxNsDnQEcHfYJZnpTKlAkqik383vZYrhwvjos
IZajyDWRre2NaWwxlmV03Zm0IAMc0egPHojNx5e0sFFX6SN+jcoWYCHgsfX3
-----END CERTIFICATE-----
Generated at Fri Jul 3 20:52:38 2026 by rpki-client