Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7271Yn_6ZOPoOecXDpfkPWkPDXQ.roa
File: 7271Yn_6ZOPoOecXDpfkPWkPDXQ.roa (raw, json)
Hash identifier: Vc7QS/oceumsCJPEFwv/CqaeNuNT4ritHGJfZ5nf/Vk=
Subject key identifier: EF:6E:F5:62:7F:FA:64:E3:E8:39:E7:17:0E:97:E4:3D:69:0F:0D:74
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019CB2CA98AA33C948D740EC91A9200E94FE
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7271Yn_6ZOPoOecXDpfkPWkPDXQ.roa
Signing time: Tue 03 Mar 2026 08:22:27 +0000
ROA not before: Tue 03 Mar 2026 08:22:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9318
IP address blocks: 79.99.76.0/24 maxlen: 24
109.176.10.0/24 maxlen: 24
109.176.134.0/24 maxlen: 24
217.144.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 01:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b2:ca:98:aa:33:c9:48:d7:40:ec:91:a9:20:0e:94:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 3 08:22:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ef6ef5627ffa64e3e839e7170e97e43d690f0d74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ff:a7:cd:a8:d1:62:c8:b5:af:f7:3d:cc:b0:
b7:84:6f:f3:3a:eb:ef:b7:51:64:5c:70:b2:44:38:
5a:25:48:98:f3:c7:1f:ed:62:3b:42:eb:cb:53:68:
67:93:dd:7d:c6:d9:dc:54:86:ef:4c:02:78:82:e2:
24:bf:f8:64:fe:ae:33:7c:3d:5e:16:c7:21:9c:01:
f4:b4:3d:69:81:04:c3:64:45:b0:ea:fc:77:53:8f:
ef:63:80:c6:6a:a3:23:76:95:a0:1b:9f:8e:f6:7f:
40:d2:a9:62:e3:4f:f8:b6:ff:75:dd:b5:2a:2f:52:
23:1b:74:c9:47:d9:7d:13:0b:94:34:e9:20:68:06:
3e:97:f3:8a:fe:4e:95:14:bd:27:1f:ec:e8:a2:5b:
e0:6c:1f:94:b8:e4:5f:35:96:08:86:aa:9c:06:1e:
6c:cf:39:f4:e1:6a:06:fc:a1:40:54:f9:bf:40:4c:
32:84:b2:05:6f:5e:ca:ed:d8:43:f8:44:88:32:bd:
92:92:1b:12:9a:19:85:71:6d:88:a5:ed:aa:23:8a:
f8:e6:87:e4:2b:78:ed:53:4e:cb:c7:df:fc:46:0d:
6f:cd:d2:49:d6:6b:77:01:ef:3b:12:48:d6:f1:03:
89:36:d1:c7:58:a9:cd:89:5c:de:a2:b5:96:11:a5:
c2:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:6E:F5:62:7F:FA:64:E3:E8:39:E7:17:0E:97:E4:3D:69:0F:0D:74
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7271Yn_6ZOPoOecXDpfkPWkPDXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.99.76.0/24
109.176.10.0/24
109.176.134.0/24
217.144.158.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:9a:27:34:40:42:35:c6:af:db:89:01:fa:4f:42:5c:93:c8:
f9:14:1e:83:f1:7b:6b:58:4b:7e:76:b9:b0:e0:e4:17:05:40:
a0:f9:f4:96:8b:66:f1:d9:80:a8:36:b6:2f:76:b4:7e:1c:20:
fc:11:bc:ca:e1:5d:5d:ef:83:ec:76:c9:c0:92:5f:ae:ae:61:
d8:b8:fd:f7:ad:8c:de:37:9a:d4:46:36:0d:de:fb:62:db:4f:
cf:c1:52:24:1f:5f:bc:97:e6:bc:b0:f5:e0:c6:04:b2:84:6a:
32:54:2d:98:ca:93:ce:6a:95:cf:dc:36:91:b5:ac:8d:58:2e:
04:ee:14:19:6f:9c:9e:65:ed:fc:cb:a8:38:f4:91:46:9f:4d:
7c:e0:54:44:2a:9b:e5:90:95:51:96:f9:ed:67:2d:9e:b9:a2:
7a:f6:15:11:13:96:71:1d:ef:b1:5c:39:0f:14:7e:8b:18:37:
b7:87:a2:c8:74:85:53:fb:85:64:67:d4:f8:90:c4:6c:4a:66:
d5:87:6b:3d:9d:af:49:52:c1:f0:86:d2:ad:f7:71:3a:bb:f0:
58:09:18:27:92:6e:2d:87:63:4c:8d:1a:45:b7:19:74:bf:16:
33:aa:c9:b7:0b:b2:11:b7:c9:60:8a:fb:1a:36:8d:2b:77:a0:
2f:c7:df:14
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZyyypiqM8lI10DskakgDpT+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwMzAzMDgyMjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjZlZjU2MjdmZmE2NGUzZTgzOWU3MTcwZTk3ZTQzZDY5MGYwZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsv+nzajRYsi1r/c9zLC3hG/zOuvv
t1FkXHCyRDhaJUiY88cf7WI7QuvLU2hnk919xtncVIbvTAJ4guIkv/hk/q4zfD1e
FschnAH0tD1pgQTDZEWw6vx3U4/vY4DGaqMjdpWgG5+O9n9A0qli40/4tv913bUq
L1IjG3TJR9l9EwuUNOkgaAY+l/OK/k6VFL0nH+zoolvgbB+UuORfNZYIhqqcBh5s
zzn04WoG/KFAVPm/QEwyhLIFb17K7dhD+ESIMr2SkhsSmhmFcW2Ipe2qI4r45ofk
K3jtU07Lx9/8Rg1vzdJJ1mt3Ae87EkjW8QOJNtHHWKnNiVzeorWWEaXCLwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO9u9WJ/+mTj6DnnFw6X5D1pDw10MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNzI3MVluXzZaT1BvT2VjWERwZmtQV2tQRFhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAT2NMAwQA
bbAKAwQAbbCGAwQA2ZCeMA0GCSqGSIb3DQEBCwUAA4IBAQCNmic0QEI1xq/biQH6
T0Jck8j5FB6D8XtrWEt+drmw4OQXBUCg+fSWi2bx2YCoNrYvdrR+HCD8EbzK4V1d
74PsdsnAkl+urmHYuP33rYzeN5rURjYN3vti20/PwVIkH1+8l+a8sPXgxgSyhGoy
VC2YypPOapXP3DaRtayNWC4E7hQZb5yeZe38y6g49JFGn0184FREKpvlkJVRlvnt
Zy2euaJ69hURE5ZxHe+xXDkPFH6LGDe3h6LIdIVT+4VkZ9T4kMRsSmbVh2s9na9J
UsHwhtKt93E6u/BYCRgnkm4th2NMjRpFtxl0vxYzqsm3C7IRt8lgivsaNo0rd6Av
x98U
-----END CERTIFICATE-----
Generated at Sat Mar 21 12:01:42 2026 by rpki-client