Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nYc7RqLWX611m7oaxHlGIO1ADmc.roa
File: nYc7RqLWX611m7oaxHlGIO1ADmc.roa (raw, json)
Hash identifier: W6pQ2QIlj1BMFNBWQC3O/2nJEQlChFos3gzMiu9Yna0=
Subject key identifier: 9D:87:3B:46:A2:D6:5F:AD:75:9B:BA:1A:C4:79:46:20:ED:40:0E:67
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019E4FD856E395F8843DB3204149BAA1283F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nYc7RqLWX611m7oaxHlGIO1ADmc.roa
Signing time: Fri 22 May 2026 13:20:38 +0000
ROA not before: Fri 22 May 2026 13:20:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16276
IP address blocks: 77.107.88.0/24 maxlen: 24
80.240.94.0/24 maxlen: 24
81.168.80.0/24 maxlen: 24
82.152.8.0/24 maxlen: 24
82.152.57.0/24 maxlen: 24
82.152.58.0/24 maxlen: 24
82.152.73.0/24 maxlen: 24
82.152.75.0/24 maxlen: 24
82.152.98.0/24 maxlen: 24
82.152.109.0/24 maxlen: 24
82.152.226.0/24 maxlen: 24
82.152.240.0/24 maxlen: 24
82.152.243.0/24 maxlen: 24
82.153.66.0/24 maxlen: 24
82.153.205.0/24 maxlen: 24
109.176.40.0/21 maxlen: 24
109.176.48.0/21 maxlen: 24
109.176.153.0/24 maxlen: 24
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.218.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 May 2026 01:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:4f:d8:56:e3:95:f8:84:3d:b3:20:41:49:ba:a1:28:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 22 13:20:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9d873b46a2d65fad759bba1ac4794620ed400e67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9e:c5:77:b7:fe:93:44:83:3e:24:cc:fe:44:
89:2b:ca:0f:5a:06:89:3d:93:73:c2:da:39:c8:be:
00:32:cd:5d:cc:06:a1:b9:ee:0f:57:d8:13:34:df:
7a:2a:e2:fa:0b:d8:d6:40:9c:46:e7:8e:6c:c2:97:
5c:a4:46:5f:54:ff:85:e7:72:36:67:8d:9d:d7:3d:
24:b7:65:35:66:0a:1b:79:ef:da:ae:30:82:11:54:
a9:41:ed:57:fb:e0:8c:16:1e:59:43:aa:36:57:d8:
4d:55:5a:c5:90:92:ef:75:4a:a2:54:a4:45:8f:cb:
4d:12:bd:77:a0:3b:62:5d:02:58:de:9c:fe:e8:12:
d5:73:e1:cc:f3:fd:dc:fb:af:75:47:8d:12:2e:2a:
8c:ab:4a:23:cc:19:18:39:4c:c1:c1:9e:5f:9f:48:
53:5f:7a:35:a3:26:fd:fc:a2:d1:64:29:66:c5:be:
5f:56:5a:6c:ea:5f:f0:af:a6:9e:e2:28:4e:b0:25:
c8:10:8c:05:34:01:80:a9:66:39:d1:c1:2b:a2:91:
ec:d0:ba:1a:2d:64:74:cd:42:3f:35:04:94:24:90:
03:23:b1:76:eb:4b:43:fe:a9:17:21:58:4d:82:26:
25:5a:d3:f7:81:e9:0d:b9:21:50:ef:b2:cc:4c:24:
25:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:87:3B:46:A2:D6:5F:AD:75:9B:BA:1A:C4:79:46:20:ED:40:0E:67
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nYc7RqLWX611m7oaxHlGIO1ADmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.107.88.0/24
80.240.94.0/24
81.168.80.0/24
82.152.8.0/24
82.152.57.0-82.152.58.255
82.152.73.0/24
82.152.75.0/24
82.152.98.0/24
82.152.109.0/24
82.152.226.0/24
82.152.240.0/24
82.152.243.0/24
82.153.66.0/24
82.153.205.0/24
109.176.40.0-109.176.55.255
109.176.153.0/24
213.130.130.0/24
213.130.149.0/24
213.218.214.0/24
Signature Algorithm: sha256WithRSAEncryption
34:46:08:36:65:d2:d4:1e:0c:08:ee:fa:95:a1:97:3a:d9:de:
0f:63:7f:2f:83:86:69:25:3d:65:02:1f:72:4a:1a:a3:ad:ae:
b0:86:0c:44:1b:cd:14:c4:01:6f:10:31:ac:b4:24:05:43:84:
c4:7d:ed:d0:20:a1:18:50:45:8f:74:60:94:bf:52:4f:f5:b2:
7d:07:45:5b:05:97:7e:e6:7f:6e:84:5a:22:ed:53:ca:1d:ac:
06:a9:09:4c:a1:91:5a:fc:14:4d:ad:a7:ff:96:27:ec:e1:f0:
32:df:97:00:d8:e6:d8:8e:af:13:38:8a:e7:bf:f9:f0:36:a5:
e0:47:bc:b0:90:89:2b:55:2f:f1:6c:4f:5c:f7:6f:74:28:fb:
54:ff:8d:4f:ab:32:2b:40:d9:3c:43:44:81:7b:1d:35:e1:87:
e0:e1:9e:4a:61:ee:96:b6:81:61:45:aa:a5:c3:f5:83:e6:93:
4e:48:35:dc:29:56:ac:46:01:d1:fd:14:cc:53:56:ca:5b:98:
0b:10:a1:2e:d8:9b:76:21:56:b4:aa:2e:7f:ae:66:32:73:29:
bd:9a:9d:98:8c:1d:fc:a8:ca:87:04:28:33:bd:4a:51:8c:89:
c1:6c:9b:56:47:7b:eb:61:ca:c4:0d:88:68:8a:4f:0b:b1:77:
03:5c:1a:17
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZ5P2FbjlfiEPbMgQUm6oSg/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwNTIyMTMyMDM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDg3M2I0NmEyZDY1ZmFkNzU5YmJhMWFjNDc5NDYyMGVkNDAwZTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZ7Fd7f+k0SDPiTM/kSJK8oPWgaJ
PZNzwto5yL4AMs1dzAahue4PV9gTNN96KuL6C9jWQJxG545swpdcpEZfVP+F53I2
Z42d1z0kt2U1Zgobee/arjCCEVSpQe1X++CMFh5ZQ6o2V9hNVVrFkJLvdUqiVKRF
j8tNEr13oDtiXQJY3pz+6BLVc+HM8/3c+691R40SLiqMq0ojzBkYOUzBwZ5fn0hT
X3o1oyb9/KLRZClmxb5fVlps6l/wr6ae4ihOsCXIEIwFNAGAqWY50cEropHs0Loa
LWR0zUI/NQSUJJADI7F260tD/qkXIVhNgiYlWtP3gekNuSFQ77LMTCQliwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFJ2HO0ai1l+tdZu6GsR5RiDtQA5nMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvblljN1JxTFdYNjExbTdvYXhIbEdJTzFBRG1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBABN
a1gDBABQ8F4DBABRqFADBABSmAgwDAMEAFKYOQMEAFKYOgMEAFKYSQMEAFKYSwME
AFKYYgMEAFKYbQMEAFKY4gMEAFKY8AMEAFKY8wMEAFKZQgMEAFKZzTAMAwQDbbAo
AwQDbbAwAwQAbbCZAwQA1YKCAwQA1YKVAwQA1drWMA0GCSqGSIb3DQEBCwUAA4IB
AQA0Rgg2ZdLUHgwI7vqVoZc62d4PY38vg4ZpJT1lAh9yShqjra6whgxEG80UxAFv
EDGstCQFQ4TEfe3QIKEYUEWPdGCUv1JP9bJ9B0VbBZd+5n9uhFoi7VPKHawGqQlM
oZFa/BRNraf/lifs4fAy35cA2ObYjq8TOIrnv/nwNqXgR7ywkIkrVS/xbE9c9290
KPtU/41PqzIrQNk8Q0SBex014Yfg4Z5KYe6WtoFhRaqlw/WD5pNOSDXcKVasRgHR
/RTMU1bKW5gLEKEu2Jt2IVa0qi5/rmYycym9mp2YjB38qMqHBCgzvUpRjInBbJtW
R3vrYcrEDYhoik8LsXcDXBoX
-----END CERTIFICATE-----
Generated at Sun May 24 11:40:23 2026 by rpki-client