Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/572b15-bfd7-48e0-bd9b-e69562097086/1/c-MYYoNI7ANhpWNl4U8F_Hfzmow.roa
File: c-MYYoNI7ANhpWNl4U8F_Hfzmow.roa (raw, json)
Hash identifier: skbSxRIkUCLTSaqSWg0+FjMPhARmWa5xKrDu6w4W5Wg=
Subject key identifier: 73:E3:18:62:83:48:EC:03:61:A5:63:65:E1:4F:05:FC:77:F3:9A:8C
Certificate issuer: /CN=4d627a349c9ea3cd6e5dcda0acd7a3fc843ec73b
Certificate serial: 019E8C863972CC56381974A472439ABDDC7D
Authority key identifier: 4D:62:7A:34:9C:9E:A3:CD:6E:5D:CD:A0:AC:D7:A3:FC:84:3E:C7:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TWJ6NJyeo81uXc2grNej_IQ-xzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/572b15-bfd7-48e0-bd9b-e69562097086/1/c-MYYoNI7ANhpWNl4U8F_Hfzmow.roa
Signing time: Wed 03 Jun 2026 08:07:47 +0000
ROA not before: Wed 03 Jun 2026 08:07:47 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198433
IP address blocks: 89.200.220.0/22 maxlen: 22
89.200.220.0/24 maxlen: 24
89.200.221.0/24 maxlen: 24
89.200.222.0/24 maxlen: 24
89.200.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/572b15-bfd7-48e0-bd9b-e69562097086/1/TWJ6NJyeo81uXc2grNej_IQ-xzs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/572b15-bfd7-48e0-bd9b-e69562097086/1/TWJ6NJyeo81uXc2grNej_IQ-xzs.mft
rsync://rpki.ripe.net/repository/DEFAULT/TWJ6NJyeo81uXc2grNej_IQ-xzs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 14:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8c:86:39:72:cc:56:38:19:74:a4:72:43:9a:bd:dc:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d627a349c9ea3cd6e5dcda0acd7a3fc843ec73b
Validity
Not Before: Jun 3 08:07:47 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=73e318628348ec0361a56365e14f05fc77f39a8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7f:7c:0d:94:85:08:b7:49:87:25:31:33:25:
de:dd:ba:33:93:48:96:43:bf:d7:2a:24:79:68:48:
82:34:7e:b4:19:e4:8b:55:79:74:ae:0e:35:62:9c:
91:21:21:7c:91:fa:98:b6:d1:1d:b1:ee:8e:9b:46:
91:57:29:b2:0b:04:9f:b7:41:b0:d1:ae:07:8a:58:
f1:fc:d5:eb:10:8d:8a:d6:46:bb:3e:9a:81:ae:ff:
2b:58:99:ac:1e:35:9e:71:38:3a:4a:0d:f7:15:33:
02:34:19:b8:c8:15:13:df:33:74:e9:2a:87:64:c9:
5d:64:0b:16:e6:50:79:d8:11:44:98:15:0a:01:fa:
b7:20:42:7c:0f:19:b7:d4:1b:48:46:08:d7:55:c5:
ae:fa:69:ac:8d:65:81:14:38:e2:80:03:14:8e:cb:
21:f5:e1:b5:c8:f6:10:39:bd:5d:fd:01:4d:16:48:
19:7b:8f:d8:6c:1b:b7:92:46:86:83:e4:c7:91:34:
41:60:04:b9:f4:0b:f5:08:78:ec:d6:84:f0:5f:48:
e1:49:4b:01:a4:57:83:69:64:ff:51:77:d7:e9:fb:
71:9a:2f:0f:6c:03:82:6b:ad:ef:9c:8a:b3:22:72:
4f:ea:72:c3:83:08:68:8d:29:ff:16:cd:66:ef:7e:
46:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:E3:18:62:83:48:EC:03:61:A5:63:65:E1:4F:05:FC:77:F3:9A:8C
X509v3 Authority Key Identifier:
keyid:4D:62:7A:34:9C:9E:A3:CD:6E:5D:CD:A0:AC:D7:A3:FC:84:3E:C7:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TWJ6NJyeo81uXc2grNej_IQ-xzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/572b15-bfd7-48e0-bd9b-e69562097086/1/c-MYYoNI7ANhpWNl4U8F_Hfzmow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/572b15-bfd7-48e0-bd9b-e69562097086/1/TWJ6NJyeo81uXc2grNej_IQ-xzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.200.220.0/22
Signature Algorithm: sha256WithRSAEncryption
d5:2e:f4:d5:7b:8a:d4:ae:d4:cb:d9:62:33:98:d9:fd:96:d2:
1a:e2:8f:d9:50:a8:dd:91:51:5d:1f:01:e6:2a:2e:2c:d7:dc:
43:8a:63:63:60:d6:57:b8:93:97:72:d2:5e:12:5a:b3:e7:76:
bb:3c:d4:a4:88:af:8e:47:a7:72:75:c0:56:2a:6c:d1:7d:95:
b9:c1:25:0d:9f:1a:6e:5d:6f:15:39:a3:e1:2c:3c:9d:d3:3b:
e1:5b:92:eb:00:77:a5:95:87:1b:78:90:4b:f2:8b:0d:83:92:
4e:a7:91:b5:b5:b2:d5:9b:06:f2:ef:ea:28:e7:44:4f:78:e7:
2e:b7:3d:b8:60:6b:6e:d4:23:78:9d:de:7d:2e:35:58:e1:d0:
13:0c:e7:85:2c:41:eb:f5:09:a7:f9:de:b9:ac:00:15:c4:44:
87:be:d6:36:76:b2:0b:45:6c:b9:8e:7f:f8:c9:93:81:3d:5e:
04:1a:c6:0e:5a:7e:65:6a:6b:73:fa:da:f3:de:b1:07:4b:4f:
64:14:94:15:5a:16:28:fb:c3:35:6a:19:25:d4:8a:c2:58:0d:
90:c4:b5:c5:6e:a9:85:76:50:59:8c:45:e5:60:83:da:b0:b9:
c6:61:21:70:8a:ee:66:69:98:7d:62:86:bf:ab:99:44:4d:df:
40:8a:52:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ6MhjlyzFY4GXSkckOavdx9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNjI3YTM0OWM5ZWEzY2Q2ZTVkY2RhMGFjZDdhM2ZjODQz
ZWM3M2IwHhcNMjYwNjAzMDgwNzQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2UzMTg2MjgzNDhlYzAzNjFhNTYzNjVlMTRmMDVmYzc3ZjM5YThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu398DZSFCLdJhyUxMyXe3bozk0iW
Q7/XKiR5aEiCNH60GeSLVXl0rg41YpyRISF8kfqYttEdse6Om0aRVymyCwSft0Gw
0a4Hiljx/NXrEI2K1ka7PpqBrv8rWJmsHjWecTg6Sg33FTMCNBm4yBUT3zN06SqH
ZMldZAsW5lB52BFEmBUKAfq3IEJ8Dxm31BtIRgjXVcWu+mmsjWWBFDjigAMUjssh
9eG1yPYQOb1d/QFNFkgZe4/YbBu3kkaGg+THkTRBYAS59Av1CHjs1oTwX0jhSUsB
pFeDaWT/UXfX6ftxmi8PbAOCa63vnIqzInJP6nLDgwhojSn/Fs1m735GPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHPjGGKDSOwDYaVjZeFPBfx385qMMB8GA1UdIwQY
MBaAFE1iejScnqPNbl3NoKzXo/yEPsc7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFdKNk5KeWVvODF1WGMyZ3JOZWpfSVEteHpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi81NzJiMTUtYmZkNy00OGUwLWJkOWIt
ZTY5NTYyMDk3MDg2LzEvYy1NWVlvTkk3QU5ocFdObDRVOEZfSGZ6bW93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi81NzJiMTUtYmZkNy00OGUwLWJkOWItZTY5NTYyMDk3MDg2
LzEvVFdKNk5KeWVvODF1WGMyZ3JOZWpfSVEteHpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWcjcMA0G
CSqGSIb3DQEBCwUAA4IBAQDVLvTVe4rUrtTL2WIzmNn9ltIa4o/ZUKjdkVFdHwHm
Ki4s19xDimNjYNZXuJOXctJeElqz53a7PNSkiK+OR6dydcBWKmzRfZW5wSUNnxpu
XW8VOaPhLDyd0zvhW5LrAHellYcbeJBL8osNg5JOp5G1tbLVmwby7+oo50RPeOcu
tz24YGtu1CN4nd59LjVY4dATDOeFLEHr9Qmn+d65rAAVxESHvtY2drILRWy5jn/4
yZOBPV4EGsYOWn5lamtz+trz3rEHS09kFJQVWhYo+8M1ahkl1IrCWA2QxLXFbqmF
dlBZjEXlYIPasLnGYSFwiu5maZh9Yoa/q5lETd9AilLj
-----END CERTIFICATE-----
Generated at Fri Jun 12 00:15:39 2026 by rpki-client