Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/_A-K9vx2iN7WhM3RMvz7NViaQEc.roa
File: _A-K9vx2iN7WhM3RMvz7NViaQEc.roa (raw, json)
Hash identifier: GY86de6rVHKS0W1LDrCV89D1BH0jGsWZ2Evy3ySbRvA=
Subject key identifier: FC:0F:8A:F6:FC:76:88:DE:D6:84:CD:D1:32:FC:FB:35:58:9A:40:47
Certificate issuer: /CN=92660b23fe3b8642d6bf475f8eb7fcad9d13c413
Certificate serial: 019DB94A4AB991E6D15B9F0CD6A690AC553B
Authority key identifier: 92:66:0B:23:FE:3B:86:42:D6:BF:47:5F:8E:B7:FC:AD:9D:13:C4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmYLI_47hkLWv0dfjrf8rZ0TxBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/_A-K9vx2iN7WhM3RMvz7NViaQEc.roa
Signing time: Thu 23 Apr 2026 07:42:26 +0000
ROA not before: Thu 23 Apr 2026 07:42:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44076
IP address blocks: 9.204.0.0/16 maxlen: 24
9.206.0.0/16 maxlen: 24
45.129.40.0/21 maxlen: 24
45.135.244.0/22 maxlen: 24
45.137.172.0/22 maxlen: 24
45.141.72.0/22 maxlen: 24
45.142.4.0/22 maxlen: 24
188.34.64.0/18 maxlen: 24
192.214.160.0/19 maxlen: 24
193.19.129.0/24 maxlen: 24
193.19.130.0/24 maxlen: 24
193.148.160.0/19 maxlen: 24
213.17.0.0/18 maxlen: 24
2a05:b540::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/kmYLI_47hkLWv0dfjrf8rZ0TxBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/kmYLI_47hkLWv0dfjrf8rZ0TxBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/kmYLI_47hkLWv0dfjrf8rZ0TxBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 19:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b9:4a:4a:b9:91:e6:d1:5b:9f:0c:d6:a6:90:ac:55:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92660b23fe3b8642d6bf475f8eb7fcad9d13c413
Validity
Not Before: Apr 23 07:42:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fc0f8af6fc7688ded684cdd132fcfb35589a4047
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:21:25:ee:bf:90:d8:b4:07:39:e4:60:f6:00:
86:4b:03:dd:f6:70:b2:fe:30:14:2a:42:17:38:9c:
43:f7:7b:85:05:c2:db:58:2c:16:a0:2f:76:e5:95:
55:39:8a:28:e6:f3:7e:73:37:07:80:a8:82:6b:04:
60:1a:43:68:c3:23:e2:7e:bd:cd:65:20:ca:d7:f1:
21:b0:ce:cf:1c:13:2a:d3:24:27:0e:9a:7a:a4:69:
0a:3b:72:46:e5:02:8f:3b:da:05:e8:2d:a8:ae:1b:
f9:5f:a0:04:06:81:63:d7:52:ee:ab:1a:1a:f4:e6:
46:7b:53:3a:01:6b:8e:d4:d1:2b:3d:fe:34:be:8c:
a1:e4:01:80:73:b9:ae:36:cd:ee:a6:db:48:49:e0:
b7:55:ca:78:c8:cb:78:9c:6f:a4:ca:61:2e:a9:08:
a6:77:f5:b4:ed:b8:70:1e:8a:2c:d0:8a:5f:81:f2:
15:e7:87:d0:59:75:d9:5c:44:c8:3a:b2:17:de:45:
22:80:63:fa:34:69:cf:8c:af:9c:1a:ce:cf:14:d8:
40:53:a6:ef:73:41:37:33:cd:27:1b:48:72:8a:af:
c3:a9:e8:c6:18:9d:dd:75:2f:dc:91:9e:a6:75:f3:
b9:a2:c7:b7:9a:b3:45:4d:ee:f0:5a:a2:cc:67:04:
e0:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:0F:8A:F6:FC:76:88:DE:D6:84:CD:D1:32:FC:FB:35:58:9A:40:47
X509v3 Authority Key Identifier:
keyid:92:66:0B:23:FE:3B:86:42:D6:BF:47:5F:8E:B7:FC:AD:9D:13:C4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmYLI_47hkLWv0dfjrf8rZ0TxBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/_A-K9vx2iN7WhM3RMvz7NViaQEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/kmYLI_47hkLWv0dfjrf8rZ0TxBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
9.204.0.0/16
9.206.0.0/16
45.129.40.0/21
45.135.244.0/22
45.137.172.0/22
45.141.72.0/22
45.142.4.0/22
188.34.64.0/18
192.214.160.0/19
193.19.129.0-193.19.130.255
193.148.160.0/19
213.17.0.0/18
IPv6:
2a05:b540::/29
Signature Algorithm: sha256WithRSAEncryption
44:ba:0f:b1:c3:7e:24:39:ea:d1:a3:88:95:a6:05:c3:c5:98:
f1:85:f4:7b:a0:68:47:3f:50:60:21:0e:63:39:42:2b:30:d0:
73:76:bd:b8:80:97:47:50:60:4f:ec:a7:a0:29:16:b1:fa:ed:
d5:95:e6:cc:f8:c7:b7:bb:e4:47:dd:08:5b:52:c6:fa:a3:a8:
c8:bc:ef:2d:ee:ce:8e:b7:e1:d0:25:cd:4d:12:f4:d4:1a:89:
eb:7b:7c:1a:ff:47:69:cf:24:63:2e:e9:a1:70:e1:e2:2d:06:
48:ad:ca:ec:d3:54:e1:92:2a:56:7e:be:1b:91:aa:7a:fd:2c:
98:b1:c9:bc:26:aa:4b:13:83:2d:36:2f:79:a3:f8:5b:5a:d7:
24:e3:28:6c:62:d7:21:41:37:4e:a7:11:52:39:a0:de:43:11:
64:14:90:d8:e2:39:58:4c:46:c7:03:85:df:87:f1:1c:6e:2e:
62:90:2d:85:66:4c:10:b6:b0:cc:94:59:ea:0a:7f:9c:ca:94:
1a:8d:fa:a9:1c:ab:1a:e0:9a:bc:d6:45:ab:e8:88:62:a3:ef:
bd:49:80:75:64:5a:dd:c8:9a:96:99:19:29:49:f0:ed:01:aa:
14:f3:cc:06:b4:21:ef:4f:42:f5:f1:33:bf:bc:a1:ee:a9:ec:
90:76:e9:64
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAZ25Skq5kebRW58M1qaQrFU7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNjYwYjIzZmUzYjg2NDJkNmJmNDc1ZjhlYjdmY2FkOWQx
M2M0MTMwHhcNMjYwNDIzMDc0MjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzBmOGFmNmZjNzY4OGRlZDY4NGNkZDEzMmZjZmIzNTU4OWE0MDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5SEl7r+Q2LQHOeRg9gCGSwPd9nCy
/jAUKkIXOJxD93uFBcLbWCwWoC925ZVVOYoo5vN+czcHgKiCawRgGkNowyPifr3N
ZSDK1/EhsM7PHBMq0yQnDpp6pGkKO3JG5QKPO9oF6C2orhv5X6AEBoFj11Luqxoa
9OZGe1M6AWuO1NErPf40voyh5AGAc7muNs3upttISeC3Vcp4yMt4nG+kymEuqQim
d/W07bhwHoos0IpfgfIV54fQWXXZXETIOrIX3kUigGP6NGnPjK+cGs7PFNhAU6bv
c0E3M80nG0hyiq/DqejGGJ3ddS/ckZ6mdfO5ose3mrNFTe7wWqLMZwTgywIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFPwPivb8doje1oTN0TL8+zVYmkBHMB8GA1UdIwQY
MBaAFJJmCyP+O4ZC1r9HX463/K2dE8QTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva21ZTElfNDdoa0xXdjBkZmpyZjhyWjBUeEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hZTNiYWMtM2RhMi00ZTQ5LWJkYWIt
MTNlZjFjNDU1Y2M0LzEvX0EtSzl2eDJpTjdXaE0zUk12ejdOVmlhUUVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hZTNiYWMtM2RhMi00ZTQ5LWJkYWItMTNlZjFjNDU1Y2M0
LzEva21ZTElfNDdoa0xXdjBkZmpyZjhyWjBUeEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwMACcwDAwAJ
zgMEAy2BKAMEAi2H9AMEAi2JrAMEAi2NSAMEAi2OBAMEBrwiQAMEBcDWoDAMAwQA
wROBAwQAwROCAwQFwZSgAwQG1REAMA0EAgACMAcDBQMqBbVAMA0GCSqGSIb3DQEB
CwUAA4IBAQBEug+xw34kOerRo4iVpgXDxZjxhfR7oGhHP1BgIQ5jOUIrMNBzdr24
gJdHUGBP7KegKRax+u3VlebM+Me3u+RH3QhbUsb6o6jIvO8t7s6Ot+HQJc1NEvTU
Gonre3wa/0dpzyRjLumhcOHiLQZIrcrs01ThkipWfr4bkap6/SyYscm8JqpLE4Mt
Ni95o/hbWtck4yhsYtchQTdOpxFSOaDeQxFkFJDY4jlYTEbHA4Xfh/Ecbi5ikC2F
ZkwQtrDMlFnqCn+cypQajfqpHKsa4Jq81kWr6Ihio++9SYB1ZFrdyJqWmRkpSfDt
AaoU88wGtCHvT0L18TO/vKHuqeyQdulk
-----END CERTIFICATE-----
Generated at Fri Jun 12 00:05:43 2026 by rpki-client