Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/sPQTBXUhQk6UJZCQIfZBbd9Pv-U.roa
File: sPQTBXUhQk6UJZCQIfZBbd9Pv-U.roa (raw, json)
Hash identifier: TMIOrtwO5O4ZcGgyNNJHkTCwy9R3KRqkE9Z5jqJ0JJI=
Subject key identifier: B0:F4:13:05:75:21:42:4E:94:25:90:90:21:F6:41:6D:DF:4F:BF:E5
Certificate issuer: /CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Certificate serial: 019DB4C5FB3B61B1D24CFA76F40F9EC328CC
Authority key identifier: 9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/sPQTBXUhQk6UJZCQIfZBbd9Pv-U.roa
Signing time: Wed 22 Apr 2026 10:39:26 +0000
ROA not before: Wed 22 Apr 2026 10:39:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397423
IP address blocks: 89.149.14.0/24 maxlen: 24
89.149.16.0/24 maxlen: 24
89.149.18.0/24 maxlen: 24
89.149.22.0/24 maxlen: 24
89.149.24.0/24 maxlen: 24
89.149.25.0/24 maxlen: 24
89.149.26.0/24 maxlen: 24
89.149.37.0/24 maxlen: 24
89.149.38.0/24 maxlen: 24
89.149.39.0/24 maxlen: 24
89.149.40.0/24 maxlen: 24
89.149.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 07:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b4:c5:fb:3b:61:b1:d2:4c:fa:76:f4:0f:9e:c3:28:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Validity
Not Before: Apr 22 10:39:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b0f413057521424e9425909021f6416ddf4fbfe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e8:52:f0:3a:e5:29:1c:8d:57:83:14:f8:0a:
5b:79:38:d0:31:41:45:9b:db:f2:b9:ef:c4:d1:cb:
dd:c0:dd:20:7a:e3:da:d6:f9:b2:7e:d9:12:cd:f7:
33:f7:47:2b:3c:35:5e:c2:58:05:92:22:fa:0a:f8:
3d:c4:2b:98:dc:03:4f:9c:7a:84:2b:6e:c8:57:fb:
5c:9f:27:2c:29:85:3e:e4:27:f6:b8:e2:92:f3:cc:
9a:1c:2c:0d:36:88:58:4e:eb:c5:bd:a7:d1:c7:69:
79:77:27:40:6c:06:06:d7:41:8d:73:9e:b2:88:86:
25:36:15:66:02:ce:96:62:57:b0:20:0c:c5:36:33:
5b:0b:f6:d8:72:91:d6:f0:b4:69:4e:62:35:bb:b0:
64:48:14:1c:d5:03:d3:fa:ea:d8:3d:9b:3a:6a:04:
87:09:18:a9:35:63:64:86:21:fc:f5:db:78:4c:82:
a9:b8:df:ff:43:3f:19:61:a2:64:12:6d:45:84:ec:
7b:d7:78:98:04:a0:07:31:c6:b5:7c:2b:b4:fc:7d:
1e:f6:d6:61:56:38:fb:92:3e:71:f4:39:f1:55:b1:
8b:ed:4d:06:7f:2c:6f:10:fc:6d:66:d3:d7:89:6e:
05:7c:56:c0:ab:d0:3f:11:1b:d1:95:ec:55:99:7c:
fa:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:F4:13:05:75:21:42:4E:94:25:90:90:21:F6:41:6D:DF:4F:BF:E5
X509v3 Authority Key Identifier:
keyid:9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/sPQTBXUhQk6UJZCQIfZBbd9Pv-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.149.14.0/24
89.149.16.0/24
89.149.18.0/24
89.149.22.0/24
89.149.24.0-89.149.26.255
89.149.37.0-89.149.41.255
Signature Algorithm: sha256WithRSAEncryption
43:2a:ef:51:d7:0c:d9:c1:08:53:63:dc:86:0d:23:91:c1:7a:
5b:32:81:ad:b1:0b:09:21:c9:40:13:50:53:25:5c:11:79:3b:
0b:94:96:06:32:86:fd:69:ae:99:a4:30:90:0a:42:1d:66:76:
af:fb:ac:8f:0f:46:22:41:cb:c2:1a:bb:af:9f:53:ab:f8:5b:
77:d3:bf:fd:20:c0:90:aa:ea:f7:f3:dd:dc:ed:f3:28:b3:e1:
3e:2a:32:a5:a7:b9:fd:9d:81:a3:90:4c:5b:10:ff:55:0c:23:
16:96:16:23:45:3a:cb:37:c3:e1:ab:7e:f0:0d:46:61:9f:0c:
15:11:6a:4b:0c:e1:86:52:62:69:68:70:0c:35:c0:af:fc:65:
60:b5:3d:e0:f1:99:e1:91:ab:24:fd:b4:f0:9e:be:15:f6:2e:
1e:42:cc:3a:89:6d:6d:cc:65:3b:2c:c3:d4:37:b8:e8:4c:53:
cb:ce:70:5d:47:2f:75:13:b4:4f:ed:66:7b:d4:fa:97:7e:62:
3a:a6:f5:e8:1f:e0:5d:6a:7a:dd:37:88:0f:f2:48:c2:13:31:
7a:8a:3b:58:c1:ae:0e:d0:85:ec:a9:46:8b:da:5e:8d:8e:73:
a6:fc:39:a2:2b:4d:cc:7e:13:e2:5a:84:5c:cf:c4:38:bd:33:
df:95:f0:8b
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZ20xfs7YbHSTPp29A+ewyjMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNDU5YWE0NjAyYmZmYTJkMjY1MGJhNjY4MTg0NThjODlm
YzQ1ODIwHhcNMjYwNDIyMTAzOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGY0MTMwNTc1MjE0MjRlOTQyNTkwOTAyMWY2NDE2ZGRmNGZiZmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOhS8DrlKRyNV4MU+ApbeTjQMUFF
m9vyue/E0cvdwN0geuPa1vmyftkSzfcz90crPDVewlgFkiL6Cvg9xCuY3ANPnHqE
K27IV/tcnycsKYU+5Cf2uOKS88yaHCwNNohYTuvFvafRx2l5dydAbAYG10GNc56y
iIYlNhVmAs6WYlewIAzFNjNbC/bYcpHW8LRpTmI1u7BkSBQc1QPT+urYPZs6agSH
CRipNWNkhiH89dt4TIKpuN//Qz8ZYaJkEm1FhOx713iYBKAHMca1fCu0/H0e9tZh
Vjj7kj5x9DnxVbGL7U0GfyxvEPxtZtPXiW4FfFbAq9A/ERvRlexVmXz6UwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFLD0EwV1IUJOlCWQkCH2QW3fT7/lMB8GA1UdIwQY
MBaAFJ5FmqRgK/+i0mULpmgYRYyJ/EWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWIt
MjhhODQxZGEwYmZkLzEvc1BRVEJYVWhRazZVSlpDUUlmWkJiZDlQdi1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWItMjhhODQxZGEwYmZk
LzEvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQAWZUOAwQA
WZUQAwQAWZUSAwQAWZUWMAwDBANZlRgDBABZlRowDAMEAFmVJQMEAVmVKDANBgkq
hkiG9w0BAQsFAAOCAQEAQyrvUdcM2cEIU2Pchg0jkcF6WzKBrbELCSHJQBNQUyVc
EXk7C5SWBjKG/WmumaQwkApCHWZ2r/usjw9GIkHLwhq7r59Tq/hbd9O//SDAkKrq
9/Pd3O3zKLPhPioypae5/Z2Bo5BMWxD/VQwjFpYWI0U6yzfD4at+8A1GYZ8MFRFq
SwzhhlJiaWhwDDXAr/xlYLU94PGZ4ZGrJP208J6+FfYuHkLMOoltbcxlOyzD1De4
6ExTy85wXUcvdRO0T+1me9T6l35iOqb16B/gXWp63TeID/JIwhMxeoo7WMGuDtCF
7KlGi9pejY5zpvw5oitNzH4T4lqEXM/EOL0z35Xwiw==
-----END CERTIFICATE-----
Generated at Mon Apr 27 15:44:39 2026 by rpki-client