Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/oJN6XNt9wDJSu0vxe82eKwyZQq8.roa
File: oJN6XNt9wDJSu0vxe82eKwyZQq8.roa (raw, json)
Hash identifier: /XoTJwKzJfnGq/rYqEEIh4D7F7ISz4/qt8715w0/tuw=
Subject key identifier: A0:93:7A:5C:DB:7D:C0:32:52:BB:4B:F1:7B:CD:9E:2B:0C:99:42:AF
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 019E7D26FAF7FD68068CFCD866F753C02930
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/oJN6XNt9wDJSu0vxe82eKwyZQq8.roa
Signing time: Sun 31 May 2026 08:29:27 +0000
ROA not before: Sun 31 May 2026 08:29:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 92.50.0.0/19 maxlen: 19
92.50.32.0/19 maxlen: 19
147.136.68.0/22 maxlen: 24
147.136.76.0/22 maxlen: 24
147.136.84.0/22 maxlen: 24
168.199.128.0/22 maxlen: 24
168.199.160.0/22 maxlen: 24
168.199.192.0/22 maxlen: 24
168.199.212.0/23 maxlen: 23
168.199.220.0/24 maxlen: 24
168.199.221.0/24 maxlen: 24
168.199.223.0/24 maxlen: 24
168.199.224.0/24 maxlen: 24
168.199.229.0/24 maxlen: 24
168.199.232.0/24 maxlen: 24
185.101.244.0/23 maxlen: 24
185.101.246.0/23 maxlen: 24
185.101.252.0/23 maxlen: 23
185.101.254.0/23 maxlen: 23
185.171.252.0/23 maxlen: 23
185.171.253.0/24 maxlen: 24
185.171.254.0/23 maxlen: 23
185.226.204.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Jun 2026 23:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:7d:26:fa:f7:fd:68:06:8c:fc:d8:66:f7:53:c0:29:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: May 31 08:29:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a0937a5cdb7dc03252bb4bf17bcd9e2b0c9942af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ed:fb:ce:d8:e0:82:83:76:54:be:37:e3:f9:
d1:82:9a:b0:e0:36:08:a9:2d:8e:bc:10:7f:b2:fe:
8e:e7:3a:6d:04:6b:bb:d6:e1:77:e2:59:1f:b3:7b:
ed:23:5d:ca:a9:79:75:ce:63:81:4c:46:df:7a:bb:
4f:2f:d7:a5:18:42:85:42:d7:dd:3b:32:ac:a7:49:
29:14:b0:cb:c4:00:c2:87:e1:61:20:d7:30:22:29:
33:6f:e0:54:e6:ee:4a:0b:15:95:3d:a0:6e:0a:44:
a4:81:0e:49:66:08:33:fe:1b:fa:4c:fc:8a:ae:4b:
a6:66:3f:cb:d7:2f:4b:74:0a:d0:ab:a7:b4:32:66:
38:24:4c:d8:e3:ce:24:38:da:42:82:d2:ab:4a:f2:
93:7b:ff:12:c5:2f:d6:e9:46:a2:e6:39:d8:a5:ea:
12:93:ee:7f:4b:67:36:c9:8a:2f:5d:d1:db:57:60:
44:00:cb:ab:cc:f0:9a:e2:0b:bc:bb:c2:0c:2e:a4:
5c:40:c8:8c:c8:fb:a5:e1:b3:68:a8:8d:f6:e3:f4:
dc:c5:db:c2:ea:d6:79:c4:41:a0:2b:f6:06:cd:34:
48:94:35:e8:60:23:75:98:56:8f:79:42:08:61:9f:
b0:1a:37:ad:ea:38:13:bf:70:7f:51:64:cb:3c:7b:
bd:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:93:7A:5C:DB:7D:C0:32:52:BB:4B:F1:7B:CD:9E:2B:0C:99:42:AF
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/oJN6XNt9wDJSu0vxe82eKwyZQq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.50.0.0/18
147.136.68.0/22
147.136.76.0/22
147.136.84.0/22
168.199.128.0/22
168.199.160.0/22
168.199.192.0/22
168.199.212.0/23
168.199.220.0/23
168.199.223.0-168.199.224.255
168.199.229.0/24
168.199.232.0/24
185.101.244.0/22
185.101.252.0/22
185.171.252.0/22
185.226.204.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:4c:db:b7:ff:77:32:3b:5d:8f:0b:09:6b:3d:eb:ba:66:b9:
cb:2c:c0:b9:a3:39:91:dd:86:71:37:d1:c6:0f:84:57:bc:97:
d9:2e:20:7b:62:c4:f9:de:26:ca:8b:52:85:6a:64:f7:c0:23:
42:99:69:71:00:fd:f1:19:00:89:78:ba:ac:2a:e1:84:9d:65:
fc:54:e6:09:24:dc:d1:2f:75:d2:81:34:2f:06:c4:b2:93:9f:
cb:96:4f:de:17:6c:ba:c5:6f:01:67:a6:5f:37:f1:81:3c:bd:
53:0d:08:e8:2c:c2:8b:5c:c5:bc:65:e2:2e:bb:e4:1f:63:02:
b8:bb:3f:55:42:06:34:78:b6:73:8d:61:3a:8e:52:6c:ef:70:
bf:f6:f4:5e:71:45:9a:b6:86:86:8b:a1:cc:f5:90:eb:7e:40:
53:e8:58:bf:9b:f6:6b:50:09:f4:d1:17:60:82:ce:fd:2a:e0:
b2:5c:4f:73:84:2d:88:2e:d7:a5:d0:54:d0:1b:aa:a7:36:97:
60:dd:cf:b3:b2:0f:d6:09:ec:90:89:18:99:0d:13:e3:95:54:
ca:4e:f6:f0:02:58:a1:31:c7:7e:62:bc:bf:1c:d3:4d:f4:e4:
ee:64:5f:8a:77:35:68:66:52:36:b8:ac:83:01:25:12:e1:58:
ce:22:5a:93
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZ59Jvr3/WgGjPzYZvdTwCkwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjYwNTMxMDgyOTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDkzN2E1Y2RiN2RjMDMyNTJiYjRiZjE3YmNkOWUyYjBjOTk0MmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAie37ztjggoN2VL434/nRgpqw4DYI
qS2OvBB/sv6O5zptBGu71uF34lkfs3vtI13KqXl1zmOBTEbfertPL9elGEKFQtfd
OzKsp0kpFLDLxADCh+FhINcwIikzb+BU5u5KCxWVPaBuCkSkgQ5JZggz/hv6TPyK
rkumZj/L1y9LdArQq6e0MmY4JEzY484kONpCgtKrSvKTe/8SxS/W6Uai5jnYpeoS
k+5/S2c2yYovXdHbV2BEAMurzPCa4gu8u8IMLqRcQMiMyPul4bNoqI324/TcxdvC
6tZ5xEGgK/YGzTRIlDXoYCN1mFaPeUIIYZ+wGjet6jgTv3B/UWTLPHu9HwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFKCTelzbfcAyUrtL8XvNnisMmUKvMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvb0pONlhOdDl3REpTdTB2eGU4MmVLd3laUXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEBlwyAAME
ApOIRAMEApOITAMEApOIVAMEAqjHgAMEAqjHoAMEAqjHwAMEAajH1AMEAajH3DAM
AwQAqMffAwQAqMfgAwQAqMflAwQAqMfoAwQCuWX0AwQCuWX8AwQCuav8AwQBueLM
MA0GCSqGSIb3DQEBCwUAA4IBAQBqTNu3/3cyO12PCwlrPeu6ZrnLLMC5ozmR3YZx
N9HGD4RXvJfZLiB7YsT53ibKi1KFamT3wCNCmWlxAP3xGQCJeLqsKuGEnWX8VOYJ
JNzRL3XSgTQvBsSyk5/Llk/eF2y6xW8BZ6ZfN/GBPL1TDQjoLMKLXMW8ZeIuu+Qf
YwK4uz9VQgY0eLZzjWE6jlJs73C/9vRecUWatoaGi6HM9ZDrfkBT6Fi/m/ZrUAn0
0Rdggs79KuCyXE9zhC2ILtel0FTQG6qnNpdg3c+zsg/WCeyQiRiZDRPjlVTKTvbw
AlihMcd+Yry/HNNN9OTuZF+KdzVoZlI2uKyDASUS4VjOIlqT
-----END CERTIFICATE-----
Generated at Thu Jun 11 09:11:59 2026 by rpki-client