Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/m6ptgFXprSst72B7DcWjacefpu0.roa
File: m6ptgFXprSst72B7DcWjacefpu0.roa (raw, json)
Hash identifier: MUx4NpBh49q7kC7uF4y0p7+rMSycmRDpaX5i1+bhvgk=
Subject key identifier: 9B:AA:6D:80:55:E9:AD:2B:2D:EF:60:7B:0D:C5:A3:69:C7:9F:A6:ED
Certificate issuer: /CN=d17bf4fbea894f43eeb3db1b216e57766e01ab81
Certificate serial: 019D68406D2F6487B2A5B195B20543B464FD
Authority key identifier: D1:7B:F4:FB:EA:89:4F:43:EE:B3:DB:1B:21:6E:57:76:6E:01:AB:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/m6ptgFXprSst72B7DcWjacefpu0.roa
Signing time: Tue 07 Apr 2026 14:02:25 +0000
ROA not before: Tue 07 Apr 2026 14:02:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205334
IP address blocks: 176.119.132.0/22 maxlen: 22
176.119.132.0/23 maxlen: 23
176.119.132.0/24 maxlen: 24
176.119.133.0/24 maxlen: 24
176.119.134.0/23 maxlen: 23
176.119.134.0/24 maxlen: 24
176.119.135.0/24 maxlen: 24
185.193.172.0/24 maxlen: 24
185.193.173.0/24 maxlen: 24
185.193.174.0/24 maxlen: 24
185.193.175.0/24 maxlen: 24
185.211.41.0/24 maxlen: 24
185.214.168.0/24 maxlen: 24
185.214.169.0/24 maxlen: 24
185.214.170.0/24 maxlen: 24
185.214.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:68:40:6d:2f:64:87:b2:a5:b1:95:b2:05:43:b4:64:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d17bf4fbea894f43eeb3db1b216e57766e01ab81
Validity
Not Before: Apr 7 14:02:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9baa6d8055e9ad2b2def607b0dc5a369c79fa6ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b4:97:eb:fd:55:e6:f2:5e:7d:20:2c:1d:6a:
ea:d5:0a:51:1a:b8:b1:bc:65:bc:04:1d:18:3a:ba:
0d:f1:92:8f:6f:93:d7:33:2b:93:d4:be:9f:95:fb:
bb:49:68:ef:13:e3:c9:eb:8c:55:27:c7:9c:2f:ff:
ec:9f:e0:20:13:f7:2a:9c:da:94:63:c0:1d:bc:24:
99:81:d5:3e:ec:d6:91:5e:45:ef:ec:35:bd:80:55:
59:4e:ae:7c:ac:27:7c:92:a1:e2:5e:78:73:13:7a:
5c:29:72:df:3f:51:fa:83:cf:b9:f7:dd:70:7c:2a:
73:0a:03:10:b7:ce:f1:ac:a3:00:8b:4b:07:77:d0:
d9:6d:7b:f0:81:05:53:08:01:45:96:5d:b4:0b:11:
12:c8:99:d1:7c:c5:70:cc:ee:9c:aa:38:54:54:9f:
e2:27:d9:3b:66:a9:82:a0:34:c4:3c:01:01:26:f9:
0e:3e:d0:d3:3b:04:f9:d4:16:41:1a:f5:a3:fc:6a:
f5:bb:c0:c8:c5:ae:e7:8f:d9:3f:2c:16:6a:b5:40:
e8:25:53:de:c1:3f:e6:b6:97:0b:bf:ec:d5:fa:bc:
a3:81:da:f8:f3:20:21:e4:f4:a5:a0:90:ca:c4:69:
c6:3e:0f:f3:3f:a5:3b:8f:bd:e4:39:e6:8c:d5:78:
47:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:AA:6D:80:55:E9:AD:2B:2D:EF:60:7B:0D:C5:A3:69:C7:9F:A6:ED
X509v3 Authority Key Identifier:
keyid:D1:7B:F4:FB:EA:89:4F:43:EE:B3:DB:1B:21:6E:57:76:6E:01:AB:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/m6ptgFXprSst72B7DcWjacefpu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.132.0/22
185.193.172.0/22
185.211.41.0/24
185.214.168.0/22
Signature Algorithm: sha256WithRSAEncryption
c5:c2:ed:d5:bf:8f:88:8d:61:8f:28:4a:9b:35:fe:6c:80:8f:
13:1e:81:6b:6c:53:f5:b7:83:1f:6b:50:19:3c:30:86:e0:60:
e1:28:5b:34:9b:99:9b:59:77:d5:7d:6f:1c:bd:7e:2f:04:8e:
c5:53:bf:07:34:55:d2:3b:4e:13:24:9e:b8:1f:99:d8:6e:ce:
80:c0:3a:11:ba:5a:c4:f1:c4:46:7a:b7:d8:09:08:7a:7a:1f:
38:80:d2:3a:43:72:6c:f8:e2:c4:34:bd:cb:a8:ab:e5:f0:82:
d9:ee:37:1c:6a:71:ac:70:48:e3:98:6f:db:ab:58:f7:db:69:
7a:8e:bb:8e:78:64:f3:7d:7c:35:47:bf:aa:03:75:ef:ba:32:
a0:82:83:39:7d:ab:49:4f:58:90:9f:7b:f0:ae:5e:7c:91:f0:
18:5c:37:24:2b:8d:9c:c1:e5:64:de:5a:13:9e:75:b4:30:5a:
86:a5:d7:91:e3:8c:a9:52:eb:0e:f5:81:d0:99:13:6f:d3:9d:
3b:af:8b:aa:76:55:43:8a:95:ca:2c:8d:82:56:93:a2:4b:3e:
ba:b0:9a:d1:95:65:f3:99:52:82:4b:73:68:c6:14:06:d7:bf:
6a:3c:d0:ef:84:66:6d:db:1d:9f:ad:b7:bf:ef:6e:db:a5:32:
e9:33:24:e4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ1oQG0vZIeypbGVsgVDtGT9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxN2JmNGZiZWE4OTRmNDNlZWIzZGIxYjIxNmU1Nzc2NmUw
MWFiODEwHhcNMjYwNDA3MTQwMjI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmFhNmQ4MDU1ZTlhZDJiMmRlZjYwN2IwZGM1YTM2OWM3OWZhNmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LSX6/1V5vJefSAsHWrq1QpRGrix
vGW8BB0YOroN8ZKPb5PXMyuT1L6flfu7SWjvE+PJ64xVJ8ecL//sn+AgE/cqnNqU
Y8AdvCSZgdU+7NaRXkXv7DW9gFVZTq58rCd8kqHiXnhzE3pcKXLfP1H6g8+5991w
fCpzCgMQt87xrKMAi0sHd9DZbXvwgQVTCAFFll20CxESyJnRfMVwzO6cqjhUVJ/i
J9k7ZqmCoDTEPAEBJvkOPtDTOwT51BZBGvWj/Gr1u8DIxa7nj9k/LBZqtUDoJVPe
wT/mtpcLv+zV+ryjgdr48yAh5PSloJDKxGnGPg/zP6U7j73kOeaM1XhHewIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJuqbYBV6a0rLe9gew3Fo2nHn6btMB8GA1UdIwQY
MBaAFNF79PvqiU9D7rPbGyFuV3ZuAauBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFh2MC0tcUpUMFB1czlzYklXNVhkbTRCcTRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80MjE1MjktNzNlMi00OTE2LThiZDIt
MmMyMDFkMzBhZTA1LzEvbTZwdGdGWHByU3N0NzJCN0RjV2phY2VmcHUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80MjE1MjktNzNlMi00OTE2LThiZDItMmMyMDFkMzBhZTA1
LzEvMFh2MC0tcUpUMFB1czlzYklXNVhkbTRCcTRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCsHeEAwQC
ucGsAwQAudMpAwQCudaoMA0GCSqGSIb3DQEBCwUAA4IBAQDFwu3Vv4+IjWGPKEqb
Nf5sgI8THoFrbFP1t4Mfa1AZPDCG4GDhKFs0m5mbWXfVfW8cvX4vBI7FU78HNFXS
O04TJJ64H5nYbs6AwDoRulrE8cRGerfYCQh6eh84gNI6Q3Js+OLENL3LqKvl8ILZ
7jccanGscEjjmG/bq1j322l6jruOeGTzfXw1R7+qA3XvujKggoM5fatJT1iQn3vw
rl58kfAYXDckK42cweVk3loTnnW0MFqGpdeR44ypUusO9YHQmRNv0507r4uqdlVD
ipXKLI2CVpOiSz66sJrRlWXzmVKCS3NoxhQG179qPNDvhGZt2x2frbe/727bpTLp
MyTk
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:29:51 2026 by rpki-client