
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/1-mmnoNOS11tga2Q29yD5BQAuFLE.roa
File: 1-mmnoNOS11tga2Q29yD5BQAuFLE.roa (raw, json)
Hash identifier: GOq5nJwjD0VCVYVCda8zJe1uGhLFpPTQrRyVuZj7aM8=
Subject key identifier: FA:69:A7:A0:D3:92:D7:5B:60:6B:64:36:F7:20:F9:05:00:2E:14:B1
Certificate issuer: /CN=749d8a4328930b938fa86018b1e447ee4d8da8f9
Certificate serial: 019EFFDF79C5A4F1EC3E58C1AAAA57E4AAF1
Authority key identifier: 74:9D:8A:43:28:93:0B:93:8F:A8:60:18:B1:E4:47:EE:4D:8D:A8:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJ2KQyiTC5OPqGAYseRH7k2NqPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/1-mmnoNOS11tga2Q29yD5BQAuFLE.roa
Signing time: Thu 25 Jun 2026 17:41:36 +0000
ROA not before: Thu 25 Jun 2026 17:41:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50837
IP address blocks: 87.120.132.0/24 maxlen: 24
91.92.176.0/23 maxlen: 23
91.92.176.0/24 maxlen: 24
91.92.177.0/24 maxlen: 24
94.156.66.0/24 maxlen: 24
94.156.227.0/24 maxlen: 24
185.230.208.0/22 maxlen: 22
185.230.208.0/23 maxlen: 23
185.230.210.0/23 maxlen: 23
212.87.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJ2KQyiTC5OPqGAYseRH7k2NqPk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 Jul 2026 08:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ff:df:79:c5:a4:f1:ec:3e:58:c1:aa:aa:57:e4:aa:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749d8a4328930b938fa86018b1e447ee4d8da8f9
Validity
Not Before: Jun 25 17:41:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fa69a7a0d392d75b606b6436f720f905002e14b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:a1:8d:33:50:3d:2a:f8:c3:0d:7b:aa:a0:b3:
34:eb:f8:27:33:f2:ca:e4:67:65:1f:74:cc:c0:7d:
39:57:74:d0:7b:d7:33:c1:e1:ea:75:ad:ca:f8:d2:
ae:d9:c1:ab:6c:24:26:be:4d:c5:ee:f6:c1:bb:14:
a9:60:17:1b:8b:ea:6d:3f:6c:68:bb:07:27:fc:6e:
2a:aa:32:06:1b:49:45:eb:1a:fe:13:88:a0:a3:6c:
43:27:02:6b:f7:02:1f:a8:3b:19:ab:eb:9c:ec:46:
71:14:c8:76:4a:1f:a6:83:59:da:76:cf:e8:1f:da:
6a:ad:da:99:5d:c9:1d:4a:cf:c2:89:b7:af:1d:43:
c3:a0:dd:9a:a8:83:02:65:ad:64:c3:eb:8e:48:01:
99:fd:4d:3a:7a:2c:be:70:f7:14:a6:70:09:5d:89:
cc:7f:95:4d:fe:fb:cc:84:b8:b3:9f:c6:69:f2:74:
17:95:c9:a7:46:4a:cf:7d:5b:51:f4:61:f9:1f:d1:
0e:0b:2e:51:b3:92:66:a2:b4:ff:fb:a6:40:0f:79:
5c:e4:3a:f4:8d:45:87:8e:09:f1:26:4a:04:a2:ba:
e3:ed:e9:52:49:c5:43:57:58:a7:22:61:21:9b:c6:
e6:cf:f4:90:60:a2:4d:a2:70:dd:02:88:41:16:d0:
50:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:69:A7:A0:D3:92:D7:5B:60:6B:64:36:F7:20:F9:05:00:2E:14:B1
X509v3 Authority Key Identifier:
keyid:74:9D:8A:43:28:93:0B:93:8F:A8:60:18:B1:E4:47:EE:4D:8D:A8:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJ2KQyiTC5OPqGAYseRH7k2NqPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/1-mmnoNOS11tga2Q29yD5BQAuFLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.132.0/24
91.92.176.0/23
94.156.66.0/24
94.156.227.0/24
185.230.208.0/22
212.87.206.0/24
Signature Algorithm: sha256WithRSAEncryption
92:f1:59:e3:d3:39:f6:bb:f2:21:21:62:37:78:08:b6:f2:a1:
0e:e8:af:e7:a2:0e:f6:9f:cb:2e:82:f3:36:4c:03:19:2b:52:
6a:5f:15:59:5e:6f:d5:d7:2f:b6:7d:bd:79:0b:34:c2:eb:97:
fb:e9:dd:ae:e0:78:d9:05:ea:d0:28:1f:ed:d3:ab:b6:50:22:
a3:cb:1a:3b:65:27:ca:6a:48:a5:d5:16:83:96:d8:8c:73:48:
37:16:9a:4d:c7:e2:70:15:aa:28:51:4c:13:04:f5:63:0b:7c:
de:fd:85:13:8e:45:7b:75:1b:c5:6e:b9:86:3a:05:c2:dc:b9:
6f:d7:ed:c4:6f:cf:a9:8d:75:18:10:98:52:7a:c4:f3:96:f1:
f7:82:d5:21:35:49:07:58:31:2c:f0:42:df:1b:0c:69:7c:5b:
6f:e8:95:b6:38:e3:36:3f:5d:a7:94:51:8b:da:f1:a1:22:12:
33:8c:2f:f7:4a:27:96:2d:80:54:39:2c:3e:e2:ef:41:37:41:
3b:f3:3f:73:94:85:64:fa:17:77:44:93:38:33:82:9f:b4:3c:
27:bf:52:08:e8:61:1a:81:5a:ee:ee:95:1d:7f:e3:b8:62:48:
85:81:9e:26:7f:bf:9d:db:ab:f6:24:bc:33:df:03:41:d5:0a:
76:8f:dc:6e
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZ7/33nFpPHsPljBqqpX5KrxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OWQ4YTQzMjg5MzBiOTM4ZmE4NjAxOGIxZTQ0N2VlNGQ4
ZGE4ZjkwHhcNMjYwNjI1MTc0MTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTY5YTdhMGQzOTJkNzViNjA2YjY0MzZmNzIwZjkwNTAwMmUxNGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3aGNM1A9KvjDDXuqoLM06/gnM/LK
5GdlH3TMwH05V3TQe9czweHqda3K+NKu2cGrbCQmvk3F7vbBuxSpYBcbi+ptP2xo
uwcn/G4qqjIGG0lF6xr+E4igo2xDJwJr9wIfqDsZq+uc7EZxFMh2Sh+mg1nads/o
H9pqrdqZXckdSs/CibevHUPDoN2aqIMCZa1kw+uOSAGZ/U06eiy+cPcUpnAJXYnM
f5VN/vvMhLizn8Zp8nQXlcmnRkrPfVtR9GH5H9EOCy5Rs5JmorT/+6ZAD3lc5Dr0
jUWHjgnxJkoEorrj7elSScVDV1inImEhm8bmz/SQYKJNonDdAohBFtBQBwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPppp6DTktdbYGtkNvcg+QUALhSxMB8GA1UdIwQY
MBaAFHSdikMokwuTj6hgGLHkR+5Njaj5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEoyS1F5aVRDNU9QcUdBWXNlUkg3azJOcVBrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zZmEyMTctODVmNS00ZjE5LWI5MWUt
MDg4OWUzZWNkMWY2LzEvMS1tbW5vTk9TMTF0Z2EyUTI5eUQ1QlFBdUZMRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTcvM2ZhMjE3LTg1ZjUtNGYxOS1iOTFlLTA4ODllM2VjZDFm
Ni8xL2RKMktReWlUQzVPUHFHQVlzZVJIN2syTnFQay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAFd4hAME
AVtcsAMEAF6cQgMEAF6c4wMEArnm0AMEANRXzjANBgkqhkiG9w0BAQsFAAOCAQEA
kvFZ49M59rvyISFiN3gItvKhDuiv56IO9p/LLoLzNkwDGStSal8VWV5v1dcvtn29
eQs0wuuX++ndruB42QXq0Cgf7dOrtlAio8saO2UnympIpdUWg5bYjHNINxaaTcfi
cBWqKFFMEwT1Ywt83v2FE45Fe3UbxW65hjoFwty5b9ftxG/PqY11GBCYUnrE85bx
94LVITVJB1gxLPBC3xsMaXxbb+iVtjjjNj9dp5RRi9rxoSISM4wv90onli2AVDks
PuLvQTdBO/M/c5SFZPoXd0STODOCn7Q8J79SCOhhGoFa7u6VHX/juGJIhYGeJn+/
ndur9iS8M98DQdUKdo/cbg==
-----END CERTIFICATE-----
Generated at Wed Jul 1 11:54:37 2026 by rpki-client