Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/2ece26-1781-455e-80b3-93dd6507488e/1/Tz1-N59sSfd-X1uanpY0uE0n3Z8.roa
File: Tz1-N59sSfd-X1uanpY0uE0n3Z8.roa (raw, json)
Hash identifier: TjI9Conr3Wy1dhn8UqIMqHZ2WlgAzdiybMSutLCTCzk=
Subject key identifier: 4F:3D:7E:37:9F:6C:49:F7:7E:5F:5B:9A:9E:96:34:B8:4D:27:DD:9F
Certificate issuer: /CN=82e5fbc3ea525a78c630c4da864ba9a60e199bff
Certificate serial: 019B7AC7D4AB62D6613A4ECC96722A491772
Authority key identifier: 82:E5:FB:C3:EA:52:5A:78:C6:30:C4:DA:86:4B:A9:A6:0E:19:9B:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/guX7w-pSWnjGMMTahkuppg4Zm_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/2ece26-1781-455e-80b3-93dd6507488e/1/Tz1-N59sSfd-X1uanpY0uE0n3Z8.roa
Signing time: Thu 01 Jan 2026 18:17:54 +0000
ROA not before: Thu 01 Jan 2026 18:17:54 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12565
IP address blocks: 91.211.164.0/22 maxlen: 22
91.211.164.0/24 maxlen: 24
91.211.165.0/24 maxlen: 24
91.211.166.0/24 maxlen: 24
91.211.167.0/24 maxlen: 24
185.76.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/2ece26-1781-455e-80b3-93dd6507488e/1/guX7w-pSWnjGMMTahkuppg4Zm_8.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/2ece26-1781-455e-80b3-93dd6507488e/1/guX7w-pSWnjGMMTahkuppg4Zm_8.mft
rsync://rpki.ripe.net/repository/DEFAULT/guX7w-pSWnjGMMTahkuppg4Zm_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 18:01:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7a:c7:d4:ab:62:d6:61:3a:4e:cc:96:72:2a:49:17:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82e5fbc3ea525a78c630c4da864ba9a60e199bff
Validity
Not Before: Jan 1 18:17:54 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4f3d7e379f6c49f77e5f5b9a9e9634b84d27dd9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:50:b4:1e:10:e6:1b:33:ed:e9:bf:62:b0:16:
c6:61:47:30:90:4e:2d:f5:cf:c1:e6:50:e1:5d:82:
65:14:af:48:3f:55:48:ed:e7:14:e9:69:e4:6a:69:
ff:7e:1b:fe:a5:d7:e0:ac:a2:89:7c:77:83:65:27:
3b:46:de:30:86:b9:53:b8:1e:f6:1e:66:db:43:20:
68:d2:a8:11:a5:56:bb:19:ef:20:e1:f8:2a:cf:ae:
7f:c8:09:90:6e:29:aa:f4:d5:87:cb:0d:5a:2e:39:
bf:43:33:ce:ab:39:54:6a:1e:51:53:ed:fb:e9:66:
83:30:a5:34:16:af:47:60:46:9a:93:79:29:a3:85:
d7:63:37:02:d2:6e:e7:8c:70:b0:9e:d2:7d:2d:c9:
bd:cf:20:ce:3b:61:98:c5:43:d5:1c:91:5f:81:75:
29:77:ef:0f:06:97:3f:67:d4:71:1a:8e:a3:8e:60:
5c:56:e9:84:42:34:85:d6:9b:1d:8f:00:f5:c8:11:
10:c1:b6:ed:01:f8:be:22:9b:aa:2a:f2:b5:b4:86:
21:52:21:6f:cc:ef:75:85:16:26:d9:17:75:c7:51:
45:c9:18:77:3f:1e:af:85:3a:09:ba:42:a5:e7:b4:
e1:e8:bf:af:7b:27:41:33:99:c1:27:5d:1d:da:cb:
aa:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:3D:7E:37:9F:6C:49:F7:7E:5F:5B:9A:9E:96:34:B8:4D:27:DD:9F
X509v3 Authority Key Identifier:
keyid:82:E5:FB:C3:EA:52:5A:78:C6:30:C4:DA:86:4B:A9:A6:0E:19:9B:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/guX7w-pSWnjGMMTahkuppg4Zm_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/2ece26-1781-455e-80b3-93dd6507488e/1/Tz1-N59sSfd-X1uanpY0uE0n3Z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/2ece26-1781-455e-80b3-93dd6507488e/1/guX7w-pSWnjGMMTahkuppg4Zm_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.164.0/22
185.76.24.0/24
Signature Algorithm: sha256WithRSAEncryption
39:3b:e8:7e:c0:47:42:0b:06:37:3b:74:99:b9:90:e1:59:a5:
1f:3d:aa:ef:10:35:eb:92:4c:1e:23:93:c5:8f:90:0b:a1:a9:
7d:62:ed:ca:01:8c:e1:4d:93:60:2a:2c:2a:78:2a:0c:a7:19:
14:77:27:92:0f:af:41:7b:6f:4b:a7:c6:53:ac:73:8b:cb:c8:
bd:1e:8d:1f:af:0f:87:b9:c2:a0:24:1a:a4:94:0f:68:53:bd:
38:18:c3:6d:27:87:46:d9:56:55:46:b0:45:00:71:15:9a:e4:
4f:2f:2a:13:6e:ca:4f:db:e8:34:42:5d:16:b6:9e:de:ac:5d:
bd:6a:f5:be:1d:96:c7:11:cc:18:1b:f6:83:b8:8c:18:a4:ed:
95:f7:13:ec:55:ec:ad:d6:88:2d:de:a3:2a:7c:99:e4:ab:fa:
6e:00:06:08:bc:76:44:c4:a9:40:11:85:9e:da:bc:5a:f7:90:
89:58:f2:94:5c:9c:cd:31:6d:26:6d:78:3c:67:89:92:13:2c:
3b:e0:bb:52:df:8a:40:00:da:1e:76:6e:7e:28:45:fe:81:99:
e9:55:a7:55:5a:4f:91:18:5c:54:aa:8f:8a:6f:90:dd:04:27:
69:ee:16:4e:ac:c3:27:24:d8:f6:22:54:dc:f4:29:4b:ad:cd:
04:04:ff:bb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZt6x9SrYtZhOk7MlnIqSRdyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZTVmYmMzZWE1MjVhNzhjNjMwYzRkYTg2NGJhOWE2MGUx
OTliZmYwHhcNMjYwMTAxMTgxNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjNkN2UzNzlmNmM0OWY3N2U1ZjViOWE5ZTk2MzRiODRkMjdkZDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1C0HhDmGzPt6b9isBbGYUcwkE4t
9c/B5lDhXYJlFK9IP1VI7ecU6Wnkamn/fhv+pdfgrKKJfHeDZSc7Rt4whrlTuB72
HmbbQyBo0qgRpVa7Ge8g4fgqz65/yAmQbimq9NWHyw1aLjm/QzPOqzlUah5RU+37
6WaDMKU0Fq9HYEaak3kpo4XXYzcC0m7njHCwntJ9Lcm9zyDOO2GYxUPVHJFfgXUp
d+8PBpc/Z9RxGo6jjmBcVumEQjSF1psdjwD1yBEQwbbtAfi+IpuqKvK1tIYhUiFv
zO91hRYm2Rd1x1FFyRh3Px6vhToJukKl57Th6L+veydBM5nBJ10d2suqRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE89fjefbEn3fl9bmp6WNLhNJ92fMB8GA1UdIwQY
MBaAFILl+8PqUlp4xjDE2oZLqaYOGZv/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3VYN3ctcFNXbmpHTU1UYWhrdXBwZzRabV84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8yZWNlMjYtMTc4MS00NTVlLTgwYjMt
OTNkZDY1MDc0ODhlLzEvVHoxLU41OXNTZmQtWDF1YW5wWTB1RTBuM1o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8yZWNlMjYtMTc4MS00NTVlLTgwYjMtOTNkZDY1MDc0ODhl
LzEvZ3VYN3ctcFNXbmpHTU1UYWhrdXBwZzRabV84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9OkAwQA
uUwYMA0GCSqGSIb3DQEBCwUAA4IBAQA5O+h+wEdCCwY3O3SZuZDhWaUfParvEDXr
kkweI5PFj5ALoal9Yu3KAYzhTZNgKiwqeCoMpxkUdyeSD69Be29Lp8ZTrHOLy8i9
Ho0frw+HucKgJBqklA9oU704GMNtJ4dG2VZVRrBFAHEVmuRPLyoTbspP2+g0Ql0W
tp7erF29avW+HZbHEcwYG/aDuIwYpO2V9xPsVeyt1ogt3qMqfJnkq/puAAYIvHZE
xKlAEYWe2rxa95CJWPKUXJzNMW0mbXg8Z4mSEyw74LtS34pAANoedm5+KEX+gZnp
VadVWk+RGFxUqo+Kb5DdBCdp7hZOrMMnJNj2IlTc9ClLrc0EBP+7
-----END CERTIFICATE-----
Generated at Tue Mar 3 02:27:42 2026 by rpki-client