Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/86NmFsLv5F6qdqSCA0-oSMY2krw.roa
File: 86NmFsLv5F6qdqSCA0-oSMY2krw.roa (raw, json)
Hash identifier: sMuaaWRNry574gR2H/keSL0gVnxfPBBx69iwakvlnEQ=
Subject key identifier: F3:A3:66:16:C2:EF:E4:5E:AA:76:A4:82:03:4F:A8:48:C6:36:92:BC
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 019CBD2F1D419EE33412A9AE8B6D04B0EEA1
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/86NmFsLv5F6qdqSCA0-oSMY2krw.roa
Signing time: Thu 05 Mar 2026 08:48:27 +0000
ROA not before: Thu 05 Mar 2026 08:48:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42689
IP address blocks: 84.55.12.0/24 maxlen: 24
84.55.13.0/24 maxlen: 24
84.55.20.0/24 maxlen: 24
95.173.47.0/24 maxlen: 24
95.173.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 16:05:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:bd:2f:1d:41:9e:e3:34:12:a9:ae:8b:6d:04:b0:ee:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Mar 5 08:48:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f3a36616c2efe45eaa76a482034fa848c63692bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:32:26:43:9a:43:25:5b:94:0b:76:fc:b0:18:
a5:1c:6a:d6:32:af:45:ee:d5:d5:03:72:67:8c:0e:
09:71:cb:d9:21:e2:14:c1:74:c6:3c:83:a3:0b:b8:
fa:2a:34:17:d0:47:8f:ff:f1:a8:fc:cc:56:0c:c8:
c2:11:41:9d:10:02:c2:ff:6a:c0:de:7a:79:d5:5f:
37:05:5b:d2:9c:fa:0c:13:3d:79:b8:f5:1c:86:60:
2e:e1:5c:01:66:6f:b4:a0:1f:e1:5d:87:0c:b2:59:
4e:e3:67:02:47:d4:1f:83:31:7a:1b:7f:ae:02:1e:
d3:17:dd:2d:c8:e8:b5:3d:fe:41:59:f3:68:56:4a:
14:27:a4:76:75:d0:c3:94:08:c4:e7:89:42:71:00:
b3:c0:29:f3:94:06:c1:36:0a:98:71:ea:df:90:e6:
36:cd:03:27:19:2e:bb:c1:d9:be:d9:13:64:f8:6f:
3c:bf:77:19:5c:6a:5e:f8:30:23:ed:59:8d:c9:90:
bb:80:8e:e2:7d:cd:a5:69:c6:86:83:c3:75:2e:09:
1e:b9:cb:45:bc:41:2b:e0:eb:65:cc:35:08:fd:f2:
24:5b:e8:8a:bd:07:10:bd:bd:98:4f:3c:49:f6:64:
1e:e4:2e:0e:1c:d5:6f:3a:ca:3b:9b:71:fa:de:5a:
bc:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:A3:66:16:C2:EF:E4:5E:AA:76:A4:82:03:4F:A8:48:C6:36:92:BC
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/86NmFsLv5F6qdqSCA0-oSMY2krw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.55.12.0/23
84.55.20.0/24
95.173.47.0/24
95.173.56.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:6c:3d:16:f2:44:f3:79:87:25:49:cb:4b:53:5f:9a:3a:b2:
29:5e:77:16:66:78:4d:91:82:40:95:d3:3a:0c:b8:a4:43:57:
dc:5c:e3:d7:af:58:54:0a:3b:e8:db:8c:37:18:36:d5:37:aa:
a3:5e:c7:73:48:b1:f4:24:61:78:c7:ed:da:f9:b3:30:2e:71:
74:e9:54:61:56:84:59:d5:ed:45:fe:78:62:80:23:84:10:50:
a3:af:1b:24:e8:fc:d3:b0:c8:2f:40:71:9f:bb:99:f4:94:9e:
74:fc:41:b3:7d:a0:3d:f3:1a:02:c1:6c:cd:97:79:4e:58:ed:
d3:d5:19:5d:70:27:e1:f4:8a:e5:d5:cf:af:63:d5:92:89:66:
90:37:01:d4:fd:93:fa:58:fd:c9:17:87:3a:85:6c:be:65:0f:
b7:63:5c:f4:ac:e5:40:d6:20:43:04:8e:8d:73:1d:97:7d:eb:
53:38:a7:b6:04:33:ce:b0:d5:9c:3e:08:f5:73:28:b0:dc:99:
55:53:2f:33:e7:6b:ed:52:6f:cd:24:8c:cb:36:f2:cc:ff:d5:
89:57:5f:b1:3f:80:cd:90:ba:8d:93:a0:2b:b3:f9:d3:9a:2c:
9c:c3:0e:c6:78:83:63:7d:b8:3f:10:96:50:8f:c4:82:0e:98:
2b:14:3d:e9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZy9Lx1BnuM0Eqmui20EsO6hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjYwMzA1MDg0ODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2EzNjYxNmMyZWZlNDVlYWE3NmE0ODIwMzRmYTg0OGM2MzY5MmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jImQ5pDJVuUC3b8sBilHGrWMq9F
7tXVA3JnjA4JccvZIeIUwXTGPIOjC7j6KjQX0EeP//Go/MxWDMjCEUGdEALC/2rA
3np51V83BVvSnPoMEz15uPUchmAu4VwBZm+0oB/hXYcMsllO42cCR9QfgzF6G3+u
Ah7TF90tyOi1Pf5BWfNoVkoUJ6R2ddDDlAjE54lCcQCzwCnzlAbBNgqYcerfkOY2
zQMnGS67wdm+2RNk+G88v3cZXGpe+DAj7VmNyZC7gI7ifc2lacaGg8N1LgkeuctF
vEEr4OtlzDUI/fIkW+iKvQcQvb2YTzxJ9mQe5C4OHNVvOso7m3H63lq8jQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPOjZhbC7+ReqnakggNPqEjGNpK8MB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvODZObUZzTHY1RjZxZHFTQ0EwLW9TTVkya3J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBVDcMAwQA
VDcUAwQAX60vAwQAX604MA0GCSqGSIb3DQEBCwUAA4IBAQCMbD0W8kTzeYclSctL
U1+aOrIpXncWZnhNkYJAldM6DLikQ1fcXOPXr1hUCjvo24w3GDbVN6qjXsdzSLH0
JGF4x+3a+bMwLnF06VRhVoRZ1e1F/nhigCOEEFCjrxsk6PzTsMgvQHGfu5n0lJ50
/EGzfaA98xoCwWzNl3lOWO3T1RldcCfh9Irl1c+vY9WSiWaQNwHU/ZP6WP3JF4c6
hWy+ZQ+3Y1z0rOVA1iBDBI6Ncx2XfetTOKe2BDPOsNWcPgj1cyiw3JlVUy8z52vt
Um/NJIzLNvLM/9WJV1+xP4DNkLqNk6Ars/nTmiycww7GeINjfbg/EJZQj8SCDpgr
FD3p
-----END CERTIFICATE-----
Generated at Fri Mar 6 02:01:33 2026 by rpki-client