Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/n7ixmd6DAmhJxTqX4vxV_dP3eTs.roa
File: n7ixmd6DAmhJxTqX4vxV_dP3eTs.roa (raw, json)
Hash identifier: 89s447xTZp5RmwpqbP0mywDn8k6QsKWuMcUwO+ZQ7M0=
Subject key identifier: 9F:B8:B1:99:DE:83:02:68:49:C5:3A:97:E2:FC:55:FD:D3:F7:79:3B
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 019E25A7D6DE2D5941AF829DAB294068ADF7
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/n7ixmd6DAmhJxTqX4vxV_dP3eTs.roa
Signing time: Thu 14 May 2026 08:43:36 +0000
ROA not before: Thu 14 May 2026 08:43:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9123
IP address blocks: 2.59.40.0/24 maxlen: 24
2.59.41.0/24 maxlen: 24
2.59.42.0/24 maxlen: 24
2.59.43.0/24 maxlen: 24
45.93.201.0/24 maxlen: 24
45.153.70.0/24 maxlen: 24
45.153.71.0/24 maxlen: 24
80.76.60.0/24 maxlen: 24
91.198.220.0/24 maxlen: 24
92.119.229.0/24 maxlen: 24
93.93.207.0/24 maxlen: 24
176.53.160.0/24 maxlen: 24
176.53.161.0/24 maxlen: 24
176.53.162.0/24 maxlen: 24
176.53.163.0/24 maxlen: 24
185.192.247.0/24 maxlen: 24
185.251.20.0/24 maxlen: 24
193.160.208.0/24 maxlen: 24
193.160.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 May 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:25:a7:d6:de:2d:59:41:af:82:9d:ab:29:40:68:ad:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: May 14 08:43:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9fb8b199de83026849c53a97e2fc55fdd3f7793b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b5:a6:14:00:d7:8f:e1:55:ec:0c:be:63:52:
00:ee:05:23:76:eb:e5:f3:79:af:2f:e2:1b:6f:6b:
30:82:bf:3e:d6:1f:fc:a9:04:5d:1f:1b:b6:59:b9:
15:e8:33:5d:95:c8:b9:45:b2:05:6f:8d:9b:20:7e:
be:7e:4c:05:04:45:71:20:59:6a:9e:bc:46:f1:72:
c0:01:28:79:74:a8:0c:73:f4:9a:b7:17:b0:0f:73:
c0:40:b9:b8:18:44:82:0f:6f:89:21:3f:18:26:1f:
9a:19:2d:2e:03:3d:93:b0:f0:ae:84:4e:d7:20:5f:
3c:c1:73:d5:d5:93:38:c5:ca:35:99:2b:c3:a1:37:
7c:b5:75:8b:82:63:57:1e:31:51:d6:2b:da:59:41:
9f:20:17:49:b3:85:69:f1:51:2c:ad:34:33:7c:24:
b8:09:74:47:bc:d2:c7:1d:88:98:88:32:01:6a:d0:
35:e3:e4:2e:65:23:c9:92:c8:fe:4c:37:4e:80:be:
d4:dc:6e:6c:cf:07:8c:94:90:3f:42:06:3f:6e:fd:
04:df:40:99:18:af:f8:34:a5:2e:9c:ff:ad:b7:60:
8d:ce:f3:f2:a6:29:f0:24:05:54:91:88:40:33:18:
70:a6:13:e7:ee:8f:f3:19:52:24:4e:7e:95:8b:74:
ec:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:B8:B1:99:DE:83:02:68:49:C5:3A:97:E2:FC:55:FD:D3:F7:79:3B
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/n7ixmd6DAmhJxTqX4vxV_dP3eTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.40.0/22
45.93.201.0/24
45.153.70.0/23
80.76.60.0/24
91.198.220.0/24
92.119.229.0/24
93.93.207.0/24
176.53.160.0/22
185.192.247.0/24
185.251.20.0/24
193.160.208.0/23
Signature Algorithm: sha256WithRSAEncryption
73:ac:05:5e:e9:72:de:ff:9b:d3:09:c7:ba:be:0e:81:07:52:
ca:f8:d4:74:3c:87:d6:c6:a8:75:44:91:46:47:4b:43:af:70:
27:ae:3a:79:d4:24:aa:a7:ab:02:a8:45:bd:c7:46:b2:7f:92:
36:15:86:e7:06:55:17:7b:b3:9f:0e:25:f7:cf:a7:17:8f:7a:
f2:60:d4:33:64:b4:01:62:0f:c1:b0:69:98:eb:c6:39:bd:86:
1a:3c:06:de:6b:a5:14:e4:40:6b:d3:dd:9b:bd:73:62:c0:32:
00:b2:98:fb:57:ee:9f:e3:cc:6d:e0:a2:ed:8c:4d:a7:0a:09:
32:a9:3b:13:67:79:1a:ea:77:1c:b7:be:0c:87:87:bd:69:8e:
37:70:10:a7:e8:dc:57:da:0e:b5:7b:b7:94:22:b0:23:0c:09:
83:09:fe:b7:e9:6b:bd:01:f0:00:24:77:89:f8:7c:cb:3d:48:
99:65:9d:d2:30:8f:36:fc:cf:b2:3a:c6:6f:18:d2:c7:01:79:
cd:77:5e:b7:23:92:3d:c7:f2:f6:51:a4:1f:9b:71:ee:09:79:
88:ab:b6:84:f2:2f:c9:7e:bc:8c:06:e0:5c:80:85:14:1f:95:
21:1f:f5:31:33:2a:90:68:f4:94:4b:da:9d:6e:d0:73:3f:53:
92:34:73:b0
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZ4lp9beLVlBr4KdqylAaK33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjYwNTE0MDg0MzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmI4YjE5OWRlODMwMjY4NDljNTNhOTdlMmZjNTVmZGQzZjc3OTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7WmFADXj+FV7Ay+Y1IA7gUjduvl
83mvL+Ibb2swgr8+1h/8qQRdHxu2WbkV6DNdlci5RbIFb42bIH6+fkwFBEVxIFlq
nrxG8XLAASh5dKgMc/SatxewD3PAQLm4GESCD2+JIT8YJh+aGS0uAz2TsPCuhE7X
IF88wXPV1ZM4xco1mSvDoTd8tXWLgmNXHjFR1ivaWUGfIBdJs4Vp8VEsrTQzfCS4
CXRHvNLHHYiYiDIBatA14+QuZSPJksj+TDdOgL7U3G5szweMlJA/QgY/bv0E30CZ
GK/4NKUunP+tt2CNzvPypinwJAVUkYhAMxhwphPn7o/zGVIkTn6Vi3TszQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFJ+4sZnegwJoScU6l+L8Vf3T93k7MB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvbjdpeG1kNkRBbWhKeFRxWDR2eFZfZFAzZVRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCAjsoAwQA
LV3JAwQBLZlGAwQAUEw8AwQAW8bcAwQAXHflAwQAXV3PAwQCsDWgAwQAucD3AwQA
ufsUAwQBwaDQMA0GCSqGSIb3DQEBCwUAA4IBAQBzrAVe6XLe/5vTCce6vg6BB1LK
+NR0PIfWxqh1RJFGR0tDr3Anrjp51CSqp6sCqEW9x0ayf5I2FYbnBlUXe7OfDiX3
z6cXj3ryYNQzZLQBYg/BsGmY68Y5vYYaPAbea6UU5EBr092bvXNiwDIAspj7V+6f
48xt4KLtjE2nCgkyqTsTZ3ka6ncct74Mh4e9aY43cBCn6NxX2g61e7eUIrAjDAmD
Cf636Wu9AfAAJHeJ+HzLPUiZZZ3SMI82/M+yOsZvGNLHAXnNd163I5I9x/L2UaQf
m3HuCXmIq7aE8i/JfryMBuBcgIUUH5UhH/UxMyqQaPSUS9qdbtBzP1OSNHOw
-----END CERTIFICATE-----
Generated at Tue May 26 02:55:43 2026 by rpki-client