Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CTZEUje7WLhpkD7nqEHTDAUu2qA.roa
File: CTZEUje7WLhpkD7nqEHTDAUu2qA.roa (raw, json)
Hash identifier: zs6w3DYRyUlB34r1RHYOVlMOosnmlOIOeZDmYW77mqc=
Subject key identifier: 09:36:44:52:37:BB:58:B8:69:90:3E:E7:A8:41:D3:0C:05:2E:DA:A0
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019EA61A71C9B12F4661BC2CF25118C39F9C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CTZEUje7WLhpkD7nqEHTDAUu2qA.roa
Signing time: Mon 08 Jun 2026 07:20:11 +0000
ROA not before: Mon 08 Jun 2026 07:20:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20473
IP address blocks: 77.93.136.0/24 maxlen: 24
77.93.138.0/23 maxlen: 24
77.107.95.0/24 maxlen: 24
81.168.58.0/24 maxlen: 24
81.168.63.0/24 maxlen: 24
81.168.65.0/24 maxlen: 24
81.168.87.0/24 maxlen: 24
81.168.96.0/24 maxlen: 24
81.168.99.0/24 maxlen: 24
81.168.105.0/24 maxlen: 24
81.168.125.0/24 maxlen: 24
82.152.1.0/24 maxlen: 24
82.152.11.0/24 maxlen: 24
82.152.102.0/24 maxlen: 24
82.152.117.0/24 maxlen: 24
82.152.118.0/24 maxlen: 24
109.176.91.0/24 maxlen: 24
212.38.81.0/24 maxlen: 24
213.130.138.0/24 maxlen: 24
213.210.11.0/24 maxlen: 24
213.210.48.0/23 maxlen: 24
217.144.145.0/24 maxlen: 24
217.144.156.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 08:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a6:1a:71:c9:b1:2f:46:61:bc:2c:f2:51:18:c3:9f:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 8 07:20:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0936445237bb58b869903ee7a841d30c052edaa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:90:5f:0b:a0:d9:4f:e0:25:d3:38:29:b9:8f:
f2:dd:74:3b:89:73:2a:b6:e5:8a:0a:d3:2b:c1:78:
8e:cc:f0:2b:ab:b8:1c:08:51:f3:11:ba:c4:56:3a:
f9:f4:37:80:ec:45:b2:24:ad:a6:c9:28:fb:45:82:
7f:5c:2d:09:0e:73:6d:b8:2a:1b:b2:9f:d8:c4:94:
10:55:ee:c6:23:d8:f2:01:74:9c:b5:e0:50:56:a9:
25:65:6d:c7:d6:a1:b3:46:ad:ea:d6:d4:83:89:d4:
29:30:1e:06:56:0f:38:f2:ff:83:ce:20:7f:b1:a8:
2a:dc:2b:01:3c:ef:86:5b:ff:e3:5f:ae:42:34:ac:
3a:fc:f1:1c:4f:93:b9:72:bf:3d:a4:99:07:28:00:
d7:79:b8:08:89:9d:1f:37:5b:b7:2f:ed:5e:d8:2b:
de:50:4f:33:76:1c:25:0f:d2:ef:36:62:8f:c4:e6:
98:de:f2:34:4b:7b:17:12:37:63:b1:5a:c5:ef:d3:
a8:3e:54:88:4f:f5:d2:5e:59:05:0d:e2:14:5f:dc:
64:46:cb:da:ee:18:59:84:31:78:11:3c:de:4f:23:
05:3b:7b:98:9f:4a:9e:62:1d:fb:89:b4:1d:60:f9:
e9:32:1e:69:92:85:a5:96:dc:3d:6e:10:fb:aa:aa:
aa:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:36:44:52:37:BB:58:B8:69:90:3E:E7:A8:41:D3:0C:05:2E:DA:A0
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CTZEUje7WLhpkD7nqEHTDAUu2qA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.136.0/24
77.93.138.0/23
77.107.95.0/24
81.168.58.0/24
81.168.63.0/24
81.168.65.0/24
81.168.87.0/24
81.168.96.0/24
81.168.99.0/24
81.168.105.0/24
81.168.125.0/24
82.152.1.0/24
82.152.11.0/24
82.152.102.0/24
82.152.117.0-82.152.118.255
109.176.91.0/24
212.38.81.0/24
213.130.138.0/24
213.210.11.0/24
213.210.48.0/23
217.144.145.0/24
217.144.156.0/24
217.145.65.0/24
Signature Algorithm: sha256WithRSAEncryption
70:8f:d1:3f:da:4f:be:14:47:07:f9:26:c4:28:e6:21:e7:f0:
de:05:81:07:b2:a5:f3:0e:0f:93:ce:ab:c8:18:7b:86:1b:1d:
75:30:67:9a:e3:16:88:77:e7:70:0a:f0:97:03:c6:f0:cb:27:
c2:5b:15:dc:22:34:7c:f5:06:f9:08:e6:24:e9:b2:eb:96:1f:
3b:ee:b2:72:5c:38:6c:48:bb:87:7b:1d:02:c2:73:43:a6:5e:
58:6e:81:49:65:41:01:17:e2:3a:2c:f4:87:26:55:53:cd:69:
09:98:71:ab:e7:33:a6:43:66:bb:15:1a:0b:35:db:60:5a:98:
af:2a:37:a7:35:db:69:c4:7e:17:48:5e:c9:53:8d:b0:c0:11:
b2:71:7a:a1:b6:17:f5:c8:de:84:46:ca:9d:f5:46:96:07:83:
72:2c:49:ab:3b:5d:40:d6:94:94:6e:41:b5:f6:48:5f:e2:f3:
e4:e6:21:f0:79:e1:5d:bd:2a:1f:3b:e5:f5:ee:25:a1:6c:42:
8f:d7:c0:25:56:f6:ad:01:76:67:c6:7d:5f:87:cc:52:94:67:
45:07:bb:5e:0d:89:f6:b7:39:e3:58:8f:33:60:40:57:1e:93:
5c:6b:8a:38:88:35:a4:ac:05:c7:ac:ec:21:13:47:47:17:4e:
7e:99:84:f0
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAZ6mGnHJsS9GYbws8lEYw5+cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwNjA4MDcyMDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTM2NDQ1MjM3YmI1OGI4Njk5MDNlZTdhODQxZDMwYzA1MmVkYWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5BfC6DZT+Al0zgpuY/y3XQ7iXMq
tuWKCtMrwXiOzPArq7gcCFHzEbrEVjr59DeA7EWyJK2mySj7RYJ/XC0JDnNtuCob
sp/YxJQQVe7GI9jyAXScteBQVqklZW3H1qGzRq3q1tSDidQpMB4GVg848v+DziB/
sagq3CsBPO+GW//jX65CNKw6/PEcT5O5cr89pJkHKADXebgIiZ0fN1u3L+1e2Cve
UE8zdhwlD9LvNmKPxOaY3vI0S3sXEjdjsVrF79OoPlSIT/XSXlkFDeIUX9xkRsva
7hhZhDF4ETzeTyMFO3uYn0qeYh37ibQdYPnpMh5pkoWlltw9bhD7qqqq1wIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFAk2RFI3u1i4aZA+56hB0wwFLtqgMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQ1RaRVVqZTdXTGhwa0Q3bnFFSFREQVV1MnFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIDBABN
XYgDBAFNXYoDBABNa18DBABRqDoDBABRqD8DBABRqEEDBABRqFcDBABRqGADBABR
qGMDBABRqGkDBABRqH0DBABSmAEDBABSmAsDBABSmGYwDAMEAFKYdQMEAFKYdgME
AG2wWwMEANQmUQMEANWCigMEANXSCwMEAdXSMAMEANmQkQMEANmQnAMEANmRQTAN
BgkqhkiG9w0BAQsFAAOCAQEAcI/RP9pPvhRHB/kmxCjmIefw3gWBB7Kl8w4Pk86r
yBh7hhsddTBnmuMWiHfncArwlwPG8MsnwlsV3CI0fPUG+QjmJOmy65YfO+6yclw4
bEi7h3sdAsJzQ6ZeWG6BSWVBARfiOiz0hyZVU81pCZhxq+czpkNmuxUaCzXbYFqY
ryo3pzXbacR+F0heyVONsMARsnF6obYX9cjehEbKnfVGlgeDcixJqztdQNaUlG5B
tfZIX+Lz5OYh8HnhXb0qHzvl9e4loWxCj9fAJVb2rQF2Z8Z9X4fMUpRnRQe7Xg2J
9rc541iPM2BAVx6TXGuKOIg1pKwFx6zsIRNHRxdOfpmE8A==
-----END CERTIFICATE-----
Generated at Thu Jun 11 14:34:33 2026 by rpki-client