Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/H9oeWcwVf2xL36Ou9mjxNel_kzo.roa
File: H9oeWcwVf2xL36Ou9mjxNel_kzo.roa (raw, json)
Hash identifier: /Vy6rEoa9E+9TCclPU03mw9Obpsi5J4mKFzmaWOIU+0=
Subject key identifier: 1F:DA:1E:59:CC:15:7F:6C:4B:DF:A3:AE:F6:68:F1:35:E9:7F:93:3A
Certificate issuer: /CN=70e5b30272e43053208978dbe44bfee10a5d007e
Certificate serial: 019E72C2771D01E80045AA14FBCFF3757B09
Authority key identifier: 70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/H9oeWcwVf2xL36Ou9mjxNel_kzo.roa
Signing time: Fri 29 May 2026 08:03:27 +0000
ROA not before: Fri 29 May 2026 08:03:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62904
IP address blocks: 31.172.69.0/24 maxlen: 24
31.172.79.0/24 maxlen: 24
81.85.77.0/24 maxlen: 24
89.127.199.0/24 maxlen: 24
194.154.27.0/24 maxlen: 24
217.177.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 30 May 2026 07:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:72:c2:77:1d:01:e8:00:45:aa:14:fb:cf:f3:75:7b:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70e5b30272e43053208978dbe44bfee10a5d007e
Validity
Not Before: May 29 08:03:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1fda1e59cc157f6c4bdfa3aef668f135e97f933a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:0e:73:c4:a8:e2:10:4a:8a:8a:04:2a:99:c8:
d6:6b:2d:cd:62:52:e0:27:74:06:45:90:d0:6f:38:
9e:76:07:2f:47:3e:ba:a4:78:34:75:92:c0:f6:fb:
a1:d2:72:69:1b:f8:33:3c:69:bd:c8:73:41:41:21:
b3:64:1e:3a:73:6a:c6:01:75:3a:d2:65:b2:54:06:
99:83:ef:a0:52:32:ba:a0:76:36:96:33:21:19:a1:
6b:ff:5e:7a:f6:b5:d9:bf:f5:97:fc:87:f0:11:10:
ed:3e:78:83:da:2e:8d:17:1d:cd:e2:4e:ec:03:ab:
30:3a:05:ef:a0:56:a6:76:18:e2:32:ee:f9:3b:77:
37:71:db:22:c0:5a:0e:fd:2c:3a:62:12:25:a5:e5:
85:ba:62:e8:6a:be:d1:1c:4f:b3:c2:4c:a1:6c:d0:
a0:9f:6f:5a:c2:94:18:61:e4:e7:d8:37:d6:e2:87:
72:84:eb:70:df:45:3f:e8:6d:d5:7e:6c:a7:81:1b:
f2:7f:99:5e:23:ae:08:4f:26:ed:41:82:f0:08:17:
eb:0f:10:8d:1f:6c:d3:61:65:12:52:7c:ba:ac:fd:
c9:be:62:4c:51:50:11:be:6c:e6:40:d2:97:d3:c6:
2d:03:a8:18:28:46:a2:28:47:1e:36:8b:31:f2:6c:
8a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:DA:1E:59:CC:15:7F:6C:4B:DF:A3:AE:F6:68:F1:35:E9:7F:93:3A
X509v3 Authority Key Identifier:
keyid:70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/H9oeWcwVf2xL36Ou9mjxNel_kzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.69.0/24
31.172.79.0/24
81.85.77.0/24
89.127.199.0/24
194.154.27.0/24
217.177.75.0/24
Signature Algorithm: sha256WithRSAEncryption
35:51:b3:8b:3b:39:90:78:a2:30:20:d7:97:f7:b6:25:91:91:
9d:85:fb:1a:ff:4e:f1:51:59:63:5e:d4:01:1b:ae:cd:cf:51:
89:3a:87:a3:d0:50:5f:b2:50:e1:48:38:06:44:01:52:35:3f:
84:83:f5:eb:1d:fc:b1:50:54:d9:29:61:96:15:a1:8e:85:f1:
f7:0e:6c:5f:75:3b:7f:43:34:75:f5:42:77:cf:c9:96:99:37:
82:5f:fd:6c:e9:70:e3:6d:86:62:3b:e2:dd:fc:6b:1f:c5:e2:
b0:4f:db:0a:70:62:8b:b0:83:e8:2c:f2:b5:cd:9c:0b:e4:43:
d6:23:36:e4:d9:9a:82:c9:07:af:74:6a:a4:67:63:9d:43:0d:
b1:6a:2b:16:dd:78:f2:db:8e:62:2b:42:c3:86:62:ce:d0:03:
eb:6d:47:b5:3a:6d:37:7d:36:9f:29:07:dc:e7:c5:1b:f6:7a:
db:1a:0c:6e:39:67:fc:21:a3:c2:0c:55:c5:90:c0:39:4f:e7:
db:45:e8:ee:84:ca:02:5d:0b:66:83:99:f1:11:6d:88:c8:1a:
39:fb:36:a4:ef:e7:4c:b4:25:fd:83:cb:15:b3:43:ce:a0:52:
28:4d:9b:db:6e:f9:8b:1c:21:69:c6:16:93:84:47:96:7b:b2:
50:60:f0:de
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ5ywncdAegARaoU+8/zdXsJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZTViMzAyNzJlNDMwNTMyMDg5NzhkYmU0NGJmZWUxMGE1
ZDAwN2UwHhcNMjYwNTI5MDgwMzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmRhMWU1OWNjMTU3ZjZjNGJkZmEzYWVmNjY4ZjEzNWU5N2Y5MzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyA5zxKjiEEqKigQqmcjWay3NYlLg
J3QGRZDQbziedgcvRz66pHg0dZLA9vuh0nJpG/gzPGm9yHNBQSGzZB46c2rGAXU6
0mWyVAaZg++gUjK6oHY2ljMhGaFr/1569rXZv/WX/IfwERDtPniD2i6NFx3N4k7s
A6swOgXvoFamdhjiMu75O3c3cdsiwFoO/Sw6YhIlpeWFumLoar7RHE+zwkyhbNCg
n29awpQYYeTn2DfW4odyhOtw30U/6G3VfmyngRvyf5leI64ITybtQYLwCBfrDxCN
H2zTYWUSUny6rP3JvmJMUVARvmzmQNKX08YtA6gYKEaiKEceNosx8myKXQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFB/aHlnMFX9sS9+jrvZo8TXpf5M6MB8GA1UdIwQY
MBaAFHDlswJy5DBTIIl42+RL/uEKXQB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEt
MWZiYzY0MWI1MGIxLzEvSDlvZVdjd1ZmMnhMMzZPdTltanhOZWxfa3pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEtMWZiYzY0MWI1MGIx
LzEvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAH6xFAwQA
H6xPAwQAUVVNAwQAWX/HAwQAwpobAwQA2bFLMA0GCSqGSIb3DQEBCwUAA4IBAQA1
UbOLOzmQeKIwINeX97YlkZGdhfsa/07xUVljXtQBG67Nz1GJOoej0FBfslDhSDgG
RAFSNT+Eg/XrHfyxUFTZKWGWFaGOhfH3DmxfdTt/QzR19UJ3z8mWmTeCX/1s6XDj
bYZiO+Ld/GsfxeKwT9sKcGKLsIPoLPK1zZwL5EPWIzbk2ZqCyQevdGqkZ2OdQw2x
aisW3Xjy245iK0LDhmLO0APrbUe1Om03fTafKQfc58Ub9nrbGgxuOWf8IaPCDFXF
kMA5T+fbRejuhMoCXQtmg5nxEW2IyBo5+zak7+dMtCX9g8sVs0POoFIoTZvbbvmL
HCFpxhaThEeWe7JQYPDe
-----END CERTIFICATE-----
Generated at Fri May 29 16:24:35 2026 by rpki-client