
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/aq9niQ1ZlLfgZPSmUPOgIOI3M2c.roa
File: aq9niQ1ZlLfgZPSmUPOgIOI3M2c.roa (raw, json)
Hash identifier: dNTF2xB3WZEo4xS7rRBBdp1UPiHc48uFIsc0/3W0AY8=
Subject key identifier: 6A:AF:67:89:0D:59:94:B7:E0:64:F4:A6:50:F3:A0:20:E2:37:33:67
Certificate issuer: /CN=51f4b0b0469eb0d071994cd8238f34bef00c6fbe
Certificate serial: 019F0419CA343D09042C75C2A0CE1C652665
Authority key identifier: 51:F4:B0:B0:46:9E:B0:D0:71:99:4C:D8:23:8F:34:BE:F0:0C:6F:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UfSwsEaesNBxmUzYI480vvAMb74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/aq9niQ1ZlLfgZPSmUPOgIOI3M2c.roa
Signing time: Fri 26 Jun 2026 13:23:46 +0000
ROA not before: Fri 26 Jun 2026 13:23:46 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200217
IP address blocks: 91.212.135.0/24 maxlen: 24
91.212.149.0/24 maxlen: 24
193.142.60.0/24 maxlen: 24
194.153.72.0/23 maxlen: 24
217.71.192.0/23 maxlen: 24
217.71.194.0/23 maxlen: 24
217.71.196.0/23 maxlen: 24
217.71.198.0/23 maxlen: 24
2a13:7bc0::/48 maxlen: 48
2a13:7bc0:1::/48 maxlen: 48
2a13:7bc0:2::/48 maxlen: 48
2a13:7bc0:3::/48 maxlen: 48
2a13:7bc0:4::/48 maxlen: 48
2a13:7bc0:5::/48 maxlen: 48
2a13:7bc0:6::/48 maxlen: 48
2a13:7bc0:7::/48 maxlen: 48
2a13:7bc0:8::/48 maxlen: 48
2a13:7bc0:9::/48 maxlen: 48
2a13:7bc0:a::/48 maxlen: 48
2a13:7bc0:b::/48 maxlen: 48
2a13:7bc0:c::/48 maxlen: 48
2a13:7bc0:d::/48 maxlen: 48
2a13:7bc0:e::/48 maxlen: 48
2a13:7bc0:f::/48 maxlen: 48
2a13:7bc0:10::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/UfSwsEaesNBxmUzYI480vvAMb74.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/UfSwsEaesNBxmUzYI480vvAMb74.mft
rsync://rpki.ripe.net/repository/DEFAULT/UfSwsEaesNBxmUzYI480vvAMb74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 16:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:04:19:ca:34:3d:09:04:2c:75:c2:a0:ce:1c:65:26:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51f4b0b0469eb0d071994cd8238f34bef00c6fbe
Validity
Not Before: Jun 26 13:23:46 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6aaf67890d5994b7e064f4a650f3a020e2373367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:91:dc:2f:89:a0:6a:b1:ad:d5:6a:cb:04:d4:
b5:ad:9a:c7:de:51:0a:97:f1:72:e5:00:3c:21:94:
7d:ec:b3:c2:7f:42:1c:b2:d9:b7:a8:73:41:1a:01:
b2:02:e1:78:89:e5:4e:97:b8:22:0a:75:ae:3a:6d:
f8:fc:7e:0e:2e:63:57:40:45:a2:96:ff:6b:9a:76:
93:24:13:23:6f:06:c9:4e:84:9e:0e:b8:5c:10:c7:
c5:76:40:48:01:24:5c:e3:9b:70:c5:65:af:b4:cb:
49:b6:b2:2b:1b:8a:fd:db:d1:c4:32:5a:67:23:45:
a0:04:69:62:fb:c5:ec:de:a0:33:f7:89:c3:bf:2a:
b8:39:3c:b2:98:51:22:64:a5:52:8b:92:63:88:fd:
67:d9:e7:41:78:33:ac:03:bc:17:a9:dd:82:ba:65:
c6:24:ca:37:6b:92:0e:86:1e:75:ee:d7:02:28:22:
8c:72:3a:5c:57:d4:27:70:aa:f0:d7:9d:49:aa:41:
2e:51:5b:de:1a:34:da:69:b0:29:c3:7e:33:24:14:
ed:2a:d8:3b:9b:9e:fd:00:c4:18:ef:2a:96:77:8a:
b2:b1:d1:3c:aa:e0:87:ac:a0:c9:d7:a3:03:8e:4d:
3c:dc:59:55:fa:2f:4b:62:aa:65:b2:5c:2a:f7:81:
28:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:AF:67:89:0D:59:94:B7:E0:64:F4:A6:50:F3:A0:20:E2:37:33:67
X509v3 Authority Key Identifier:
keyid:51:F4:B0:B0:46:9E:B0:D0:71:99:4C:D8:23:8F:34:BE:F0:0C:6F:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UfSwsEaesNBxmUzYI480vvAMb74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/aq9niQ1ZlLfgZPSmUPOgIOI3M2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/UfSwsEaesNBxmUzYI480vvAMb74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.135.0/24
91.212.149.0/24
193.142.60.0/24
194.153.72.0/23
217.71.192.0/21
IPv6:
2a13:7bc0::-2a13:7bc0:10:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
34:6e:d4:da:dd:4a:74:69:ba:77:95:c6:b7:65:56:8e:47:3d:
9c:6f:30:e1:26:7c:11:4c:0f:bf:fe:35:0d:1b:f1:ab:df:b3:
cb:a0:cf:ff:ea:91:9e:f2:b2:64:51:c1:0e:f8:63:d9:bf:a9:
4b:63:e5:ed:88:fc:89:6a:bc:6c:0f:1d:aa:92:ee:ac:29:ad:
2f:02:59:8e:e7:4a:b3:6d:45:3c:73:38:51:4e:90:5e:d0:e4:
a6:97:d6:ac:fc:c3:c7:a3:c4:bb:1a:2d:c1:27:60:4f:db:20:
ae:3a:f6:66:3c:97:73:19:40:a1:73:b8:08:1e:d2:23:7f:bc:
4f:52:26:fa:b0:e3:af:9e:1b:79:52:74:3f:e5:24:71:99:ef:
ad:85:26:5f:9a:32:f8:c9:30:29:c3:e3:ba:0b:75:4b:fb:1c:
7e:3f:67:34:14:3d:71:d2:ec:33:09:9e:75:af:7b:54:4b:ca:
88:7b:f1:dc:75:1d:7b:88:b8:3f:cb:70:33:a6:d7:7e:51:7b:
eb:35:c6:c1:d1:73:e7:bb:9a:06:91:d5:2a:29:1b:c1:54:5f:
59:e7:cb:10:10:0c:4f:ba:e5:37:34:f6:b8:17:45:20:8e:c5:
12:6f:7e:54:b8:ab:86:46:88:80:bf:21:e1:08:6d:0a:d8:0c:
f9:5e:33:7f
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZ8EGco0PQkELHXCoM4cZSZlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxZjRiMGIwNDY5ZWIwZDA3MTk5NGNkODIzOGYzNGJlZjAw
YzZmYmUwHhcNMjYwNjI2MTMyMzQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWFmNjc4OTBkNTk5NGI3ZTA2NGY0YTY1MGYzYTAyMGUyMzczMzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpHcL4mgarGt1WrLBNS1rZrH3lEK
l/Fy5QA8IZR97LPCf0Icstm3qHNBGgGyAuF4ieVOl7giCnWuOm34/H4OLmNXQEWi
lv9rmnaTJBMjbwbJToSeDrhcEMfFdkBIASRc45twxWWvtMtJtrIrG4r929HEMlpn
I0WgBGli+8Xs3qAz94nDvyq4OTyymFEiZKVSi5JjiP1n2edBeDOsA7wXqd2CumXG
JMo3a5IOhh517tcCKCKMcjpcV9QncKrw151JqkEuUVveGjTaabApw34zJBTtKtg7
m579AMQY7yqWd4qysdE8quCHrKDJ16MDjk083FlV+i9LYqplslwq94EoeQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFGqvZ4kNWZS34GT0plDzoCDiNzNnMB8GA1UdIwQY
MBaAFFH0sLBGnrDQcZlM2COPNL7wDG++MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWZTd3NFYWVzTkJ4bVV6WUk0ODB2dkFNYjc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9kM2FiMjgtN2Y0Ny00MWYzLWIyMzEt
Nzg4NDRlMTAxMTMzLzEvYXE5bmlRMVpsTGZnWlBTbVVQT2dJT0kzTTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9kM2FiMjgtN2Y0Ny00MWYzLWIyMzEtNzg4NDRlMTAxMTMz
LzEvVWZTd3NFYWVzTkJ4bVV6WUk0ODB2dkFNYjc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAkBAIAATAeAwQAW9SHAwQA
W9SVAwQAwY48AwQBwplIAwQD2UfAMBgEAgACMBIwEAMFBioTe8ADBwAqE3vAABAw
DQYJKoZIhvcNAQELBQADggEBADRu1NrdSnRpuneVxrdlVo5HPZxvMOEmfBFMD7/+
NQ0b8avfs8ugz//qkZ7ysmRRwQ74Y9m/qUtj5e2I/IlqvGwPHaqS7qwprS8CWY7n
SrNtRTxzOFFOkF7Q5KaX1qz8w8ejxLsaLcEnYE/bIK469mY8l3MZQKFzuAge0iN/
vE9SJvqw46+eG3lSdD/lJHGZ762FJl+aMvjJMCnD47oLdUv7HH4/ZzQUPXHS7DMJ
nnWve1RLyoh78dx1HXuIuD/LcDOm135Re+s1xsHRc+e7mgaR1SopG8FUX1nnyxAQ
DE+65Tc09rgXRSCOxRJvflS4q4ZGiIC/IeEIbQrYDPleM38=
-----END CERTIFICATE-----
Generated at Fri Jul 3 22:29:53 2026 by rpki-client