Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/m_9DNbciOyMJhFYq6AMIc9hId24.roa
File: m_9DNbciOyMJhFYq6AMIc9hId24.roa (raw, json)
Hash identifier: tBW7znRdSpU63evh7Ukilhd1TX1abcrpsvoLCnD8lGw=
Subject key identifier: 9B:FF:43:35:B7:22:3B:23:09:84:56:2A:E8:03:08:73:D8:48:77:6E
Certificate issuer: /CN=93515f25986e4b572a78b109d995c9ddf5da1266
Certificate serial: 019EF3A9DB7145F732CAC6A0F980A8D9816C
Authority key identifier: 93:51:5F:25:98:6E:4B:57:2A:78:B1:09:D9:95:C9:DD:F5:DA:12:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/m_9DNbciOyMJhFYq6AMIc9hId24.roa
Signing time: Tue 23 Jun 2026 08:47:35 +0000
ROA not before: Tue 23 Jun 2026 08:47:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60855
IP address blocks: 143.126.100.0/24 maxlen: 24
143.126.203.0/24 maxlen: 24
143.126.211.0/24 maxlen: 24
143.126.221.0/24 maxlen: 24
143.126.247.0/24 maxlen: 24
143.126.248.0/23 maxlen: 23
143.126.248.0/24 maxlen: 24
143.126.249.0/24 maxlen: 24
143.126.250.0/23 maxlen: 23
143.126.250.0/24 maxlen: 24
143.126.251.0/24 maxlen: 24
143.126.254.0/24 maxlen: 24
143.126.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.mft
rsync://rpki.ripe.net/repository/DEFAULT/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 11:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:f3:a9:db:71:45:f7:32:ca:c6:a0:f9:80:a8:d9:81:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93515f25986e4b572a78b109d995c9ddf5da1266
Validity
Not Before: Jun 23 08:47:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9bff4335b7223b230984562ae8030873d848776e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:71:fc:4d:92:57:a1:30:41:e2:c7:42:7b:b7:
82:ed:b1:7a:50:83:00:f4:71:01:8c:3e:6a:13:2a:
7e:dc:b3:62:d3:30:4e:60:6a:4a:de:9d:c9:da:79:
fd:72:e1:d8:8e:73:49:3a:70:f8:56:63:b7:12:61:
92:6c:ce:29:68:d9:73:85:8a:24:1c:3b:72:7f:d6:
81:e9:44:f9:e1:bd:33:37:f9:0d:5e:f1:be:62:a1:
7e:8b:99:64:98:4e:97:28:25:76:ec:a1:16:bd:ac:
19:ca:e5:02:f4:40:b6:b1:ef:c7:3e:29:c6:9f:60:
fe:dc:e8:51:60:0f:ee:a6:4d:3a:b1:49:57:51:ba:
d4:08:5e:d2:0a:c3:c6:01:bd:fd:d6:ef:ef:08:a2:
54:9e:fd:1e:86:be:0d:29:51:f4:21:38:63:71:61:
5e:26:aa:88:54:91:33:8a:38:0d:75:7e:c5:1e:95:
bb:1e:19:5c:f5:41:47:77:34:b7:92:40:f8:3d:55:
ed:3a:2a:a0:c1:1d:74:85:c6:4c:e8:c9:93:5a:e6:
b7:78:2b:40:d8:52:12:d3:1e:cb:0e:f4:b8:17:61:
ea:f4:92:cd:5b:ea:b1:b5:1b:4a:de:f7:86:e8:ae:
cc:1b:5c:6a:2a:bf:f5:34:6c:6b:1b:23:a3:e7:d8:
75:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:FF:43:35:B7:22:3B:23:09:84:56:2A:E8:03:08:73:D8:48:77:6E
X509v3 Authority Key Identifier:
keyid:93:51:5F:25:98:6E:4B:57:2A:78:B1:09:D9:95:C9:DD:F5:DA:12:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/m_9DNbciOyMJhFYq6AMIc9hId24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.126.100.0/24
143.126.203.0/24
143.126.211.0/24
143.126.221.0/24
143.126.247.0-143.126.251.255
143.126.254.0/23
Signature Algorithm: sha256WithRSAEncryption
19:e9:47:cb:6b:53:2c:6f:01:72:be:ad:e8:8a:2e:c4:c9:c3:
60:ef:c9:17:bd:a8:1d:18:59:27:8b:85:cc:36:5a:18:97:1b:
50:50:de:e0:ae:90:06:f4:55:58:c8:69:af:13:fe:f6:6e:98:
04:d8:aa:77:4a:28:b8:92:6e:66:67:8d:67:db:0f:c9:6c:44:
48:df:b9:98:26:cb:54:9c:cc:e8:47:e3:b1:df:45:eb:85:e4:
d7:45:b8:21:c7:79:6a:67:6f:99:a0:da:cc:96:d7:cc:65:ef:
b0:05:7c:65:cc:60:a9:07:e4:38:bd:99:e6:9d:5a:25:a3:3b:
db:d2:61:80:b1:f0:65:be:c9:44:15:c8:a1:d5:2b:10:1b:83:
eb:49:61:72:47:ce:66:85:5f:14:41:88:f2:f3:00:bb:34:2a:
84:c0:e8:4a:f2:93:83:ad:36:fe:bc:2d:da:6c:48:6e:bc:56:
fb:89:21:30:91:00:74:1c:97:e0:d4:67:6e:37:fc:57:d3:52:
da:d2:5a:8d:09:55:80:fb:5d:98:95:e9:88:f1:c7:91:49:6d:
5d:39:10:b6:4f:e4:c6:2f:09:20:82:c8:c6:67:31:20:c9:eb:
55:0c:2a:de:25:c2:30:1c:b5:ca:3b:bb:91:cf:ad:49:c1:57:
07:9f:d4:ad
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZ7zqdtxRfcyysag+YCo2YFsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNTE1ZjI1OTg2ZTRiNTcyYTc4YjEwOWQ5OTVjOWRkZjVk
YTEyNjYwHhcNMjYwNjIzMDg0NzM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmZmNDMzNWI3MjIzYjIzMDk4NDU2MmFlODAzMDg3M2Q4NDg3NzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3H8TZJXoTBB4sdCe7eC7bF6UIMA
9HEBjD5qEyp+3LNi0zBOYGpK3p3J2nn9cuHYjnNJOnD4VmO3EmGSbM4paNlzhYok
HDtyf9aB6UT54b0zN/kNXvG+YqF+i5lkmE6XKCV27KEWvawZyuUC9EC2se/HPinG
n2D+3OhRYA/upk06sUlXUbrUCF7SCsPGAb391u/vCKJUnv0ehr4NKVH0IThjcWFe
JqqIVJEzijgNdX7FHpW7Hhlc9UFHdzS3kkD4PVXtOiqgwR10hcZM6MmTWua3eCtA
2FIS0x7LDvS4F2Hq9JLNW+qxtRtK3veG6K7MG1xqKr/1NGxrGyOj59h1cwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFJv/QzW3IjsjCYRWKugDCHPYSHduMB8GA1UdIwQY
MBaAFJNRXyWYbktXKnixCdmVyd312hJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazFGZkpaaHVTMWNxZUxFSjJaWEozZlhhRW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS84NGIwM2ItNTYxOS00MjcyLTk0N2Yt
MTNkNTEzMjhhOWY3LzEvbV85RE5iY2lPeU1KaEZZcTZBTUljOWhJZDI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS84NGIwM2ItNTYxOS00MjcyLTk0N2YtMTNkNTEzMjhhOWY3
LzEvazFGZkpaaHVTMWNxZUxFSjJaWEozZlhhRW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAj35kAwQA
j37LAwQAj37TAwQAj37dMAwDBACPfvcDBAKPfvgDBAGPfv4wDQYJKoZIhvcNAQEL
BQADggEBABnpR8trUyxvAXK+reiKLsTJw2DvyRe9qB0YWSeLhcw2WhiXG1BQ3uCu
kAb0VVjIaa8T/vZumATYqndKKLiSbmZnjWfbD8lsREjfuZgmy1SczOhH47HfReuF
5NdFuCHHeWpnb5mg2syW18xl77AFfGXMYKkH5Di9meadWiWjO9vSYYCx8GW+yUQV
yKHVKxAbg+tJYXJHzmaFXxRBiPLzALs0KoTA6Eryk4OtNv68LdpsSG68VvuJITCR
AHQcl+DUZ243/FfTUtrSWo0JVYD7XZiV6Yjxx5FJbV05ELZP5MYvCSCCyMZnMSDJ
61UMKt4lwjActco7u5HPrUnBVwef1K0=
-----END CERTIFICATE-----
Generated at Tue Jun 30 21:33:00 2026 by rpki-client