Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/ptZzsFfw-Utp22LquE9NZ-hV8F8.roa
File: ptZzsFfw-Utp22LquE9NZ-hV8F8.roa (raw, json)
Hash identifier: 0M7mylADFNmeJz5+Yqyyhe39fhx1CPljZIC5k0P+74k=
Subject key identifier: A6:D6:73:B0:57:F0:F9:4B:69:DB:62:EA:B8:4F:4D:67:E8:55:F0:5F
Certificate issuer: /CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Certificate serial: 019F119B949A688F0D61940E4F35A1184DC6
Authority key identifier: F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/ptZzsFfw-Utp22LquE9NZ-hV8F8.roa
Signing time: Mon 29 Jun 2026 04:20:36 +0000
ROA not before: Mon 29 Jun 2026 04:20:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202468
IP address blocks: 95.38.108.0/23 maxlen: 24
95.38.112.0/21 maxlen: 23
95.38.160.0/21 maxlen: 21
95.38.160.0/23 maxlen: 23
95.38.162.0/23 maxlen: 23
95.38.164.0/23 maxlen: 23
95.38.166.0/23 maxlen: 23
95.38.176.0/20 maxlen: 20
95.38.176.0/23 maxlen: 23
95.38.178.0/23 maxlen: 23
95.38.180.0/23 maxlen: 23
95.38.182.0/23 maxlen: 23
95.38.184.0/23 maxlen: 23
95.38.186.0/23 maxlen: 23
95.38.188.0/23 maxlen: 23
95.38.190.0/23 maxlen: 23
95.38.232.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.mft
rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 14:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:11:9b:94:9a:68:8f:0d:61:94:0e:4f:35:a1:18:4d:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Validity
Not Before: Jun 29 04:20:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a6d673b057f0f94b69db62eab84f4d67e855f05f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:08:c2:b6:64:ac:2f:86:28:70:b3:b9:88:91:
bc:92:7a:3f:f2:11:50:10:eb:0a:49:fb:a2:04:64:
41:29:e9:67:69:0b:43:b2:a5:91:34:30:23:3e:60:
d4:aa:40:3c:dc:b6:88:1d:23:11:62:2f:8e:53:1c:
57:d7:9d:53:f4:30:5a:ec:8b:94:4b:96:92:2c:62:
94:50:ad:04:c3:ee:21:82:1d:c4:1c:47:9d:1b:73:
c9:07:49:66:c8:d4:0d:f5:c0:b3:28:47:c2:c5:7c:
77:5a:bb:1b:2d:1a:b3:b8:92:e9:e7:53:6e:99:dc:
a6:1f:89:28:f4:ac:c2:6e:11:9c:17:e9:11:85:d4:
9d:b5:a0:dc:c1:b8:8b:2b:37:ea:80:27:dd:df:65:
32:53:93:c7:b8:e0:df:85:da:41:7c:51:a8:4e:55:
2c:8e:06:b0:59:b6:5e:4b:40:3b:c2:bc:03:72:12:
86:e9:bd:0d:be:91:40:c4:a8:c6:b3:d2:58:56:09:
7b:ec:45:a7:7b:d6:f4:8d:1f:4b:eb:bc:59:d6:5e:
0a:a6:0e:89:83:5b:80:d4:e4:bd:df:ee:bf:cc:0a:
fb:e7:92:36:46:5c:27:57:5a:1b:04:bd:61:31:b0:
d2:89:bb:07:dd:cc:6b:5b:a3:fe:c4:43:a9:56:98:
03:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:D6:73:B0:57:F0:F9:4B:69:DB:62:EA:B8:4F:4D:67:E8:55:F0:5F
X509v3 Authority Key Identifier:
keyid:F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/ptZzsFfw-Utp22LquE9NZ-hV8F8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.38.108.0/23
95.38.112.0/21
95.38.160.0/21
95.38.176.0/20
95.38.232.0/21
Signature Algorithm: sha256WithRSAEncryption
77:e2:b9:36:83:43:fb:a4:1f:ba:08:06:5b:99:43:fd:e1:05:
b2:6a:58:e6:92:5e:55:ec:ad:c9:62:94:38:d5:2a:d0:53:d6:
0d:23:cf:0f:aa:04:5e:21:37:84:a3:00:7f:e5:35:ae:20:f3:
1c:55:18:57:cb:ba:c9:07:26:15:3e:c5:30:60:19:7c:ea:70:
0b:fc:f6:09:bc:88:70:f9:41:cc:bb:94:a4:97:cd:cc:3f:b8:
c6:23:22:0c:cb:0e:9b:2e:d3:ef:de:39:c8:fd:73:97:41:be:
fe:2d:c4:b7:ac:3c:b7:8c:36:f3:86:8b:0e:74:94:04:4f:cc:
2c:9a:c9:17:c4:ea:73:63:3c:0d:d0:08:fc:cf:ce:9f:ff:96:
31:16:ac:84:1c:f0:49:94:e9:33:e8:69:ff:c3:7b:67:a5:22:
3c:ea:ca:65:be:b9:53:44:ae:f0:27:ae:be:b6:81:7b:06:94:
ee:3a:92:f7:2f:d6:75:59:a7:81:2c:e8:62:41:41:df:82:b0:
3b:5c:d6:54:dd:1c:5c:cb:4a:04:a2:3f:fc:84:77:fd:e4:38:
c9:c5:ed:b4:d1:52:a3:ea:3d:32:59:b7:8b:2f:7c:bc:3e:de:
c5:e1:01:63:32:79:49:16:7f:d9:e5:2e:93:c3:60:3a:80:8c:
b6:f3:d0:95
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ8Rm5SaaI8NYZQOTzWhGE3GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzEwNDA0MTY5MWRjMzg0ZjNiMWE4Y2RmOTVjOTY2Mjhl
YTZkYWYwHhcNMjYwNjI5MDQyMDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmQ2NzNiMDU3ZjBmOTRiNjlkYjYyZWFiODRmNGQ2N2U4NTVmMDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwjCtmSsL4YocLO5iJG8kno/8hFQ
EOsKSfuiBGRBKelnaQtDsqWRNDAjPmDUqkA83LaIHSMRYi+OUxxX151T9DBa7IuU
S5aSLGKUUK0Ew+4hgh3EHEedG3PJB0lmyNQN9cCzKEfCxXx3WrsbLRqzuJLp51Nu
mdymH4ko9KzCbhGcF+kRhdSdtaDcwbiLKzfqgCfd32UyU5PHuODfhdpBfFGoTlUs
jgawWbZeS0A7wrwDchKG6b0NvpFAxKjGs9JYVgl77EWne9b0jR9L67xZ1l4Kpg6J
g1uA1OS93+6/zAr755I2RlwnV1obBL1hMbDSibsH3cxrW6P+xEOpVpgDMwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKbWc7BX8PlLadti6rhPTWfoVfBfMB8GA1UdIwQY
MBaAFPDBBAQWkdw4TzsajN+VyWYo6m2vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQt
NjkxNDIyMzExNzI5LzEvcHRaenNGZnctVXRwMjJMcXVFOU5aLWhWOEY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQtNjkxNDIyMzExNzI5
LzEvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBXyZsAwQD
XyZwAwQDXyagAwQEXyawAwQDXyboMA0GCSqGSIb3DQEBCwUAA4IBAQB34rk2g0P7
pB+6CAZbmUP94QWyaljmkl5V7K3JYpQ41SrQU9YNI88PqgReITeEowB/5TWuIPMc
VRhXy7rJByYVPsUwYBl86nAL/PYJvIhw+UHMu5Skl83MP7jGIyIMyw6bLtPv3jnI
/XOXQb7+LcS3rDy3jDbzhosOdJQET8wsmskXxOpzYzwN0Aj8z86f/5YxFqyEHPBJ
lOkz6Gn/w3tnpSI86splvrlTRK7wJ66+toF7BpTuOpL3L9Z1WaeBLOhiQUHfgrA7
XNZU3Rxcy0oEoj/8hHf95DjJxe200VKj6j0yWbeLL3y8Pt7F4QFjMnlJFn/Z5S6T
w2A6gIy289CV
-----END CERTIFICATE-----
Generated at Tue Jun 30 21:32:34 2026 by rpki-client