Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/73195c-e663-498c-97db-af64f3fa2459/1/n94KenbJMH70fjR1rrFahdY8U34.roa
File: n94KenbJMH70fjR1rrFahdY8U34.roa (raw, json)
Hash identifier: yP/yPEDoYrtpaNUeRocAKawwYPvsmMlpzOFnFwFc4BQ=
Subject key identifier: 9F:DE:0A:7A:76:C9:30:7E:F4:7E:34:75:AE:B1:5A:85:D6:3C:53:7E
Certificate issuer: /CN=83f36b0adee6cb5518763b5bc8eaa3d41f23e938
Certificate serial: 019C4621E7654DC6E5927873ABBBFF9FBF79
Authority key identifier: 83:F3:6B:0A:DE:E6:CB:55:18:76:3B:5B:C8:EA:A3:D4:1F:23:E9:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g_NrCt7my1UYdjtbyOqj1B8j6Tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/73195c-e663-498c-97db-af64f3fa2459/1/n94KenbJMH70fjR1rrFahdY8U34.roa
Signing time: Tue 10 Feb 2026 05:59:12 +0000
ROA not before: Tue 10 Feb 2026 05:59:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205960
IP address blocks: 176.100.150.0/24 maxlen: 24
176.100.151.0/24 maxlen: 24
176.100.152.0/24 maxlen: 24
176.100.154.0/24 maxlen: 24
176.100.156.0/24 maxlen: 24
176.100.157.0/24 maxlen: 24
176.100.158.0/24 maxlen: 24
176.100.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/73195c-e663-498c-97db-af64f3fa2459/1/g_NrCt7my1UYdjtbyOqj1B8j6Tg.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/73195c-e663-498c-97db-af64f3fa2459/1/g_NrCt7my1UYdjtbyOqj1B8j6Tg.mft
rsync://rpki.ripe.net/repository/DEFAULT/g_NrCt7my1UYdjtbyOqj1B8j6Tg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 17:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:46:21:e7:65:4d:c6:e5:92:78:73:ab:bb:ff:9f:bf:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83f36b0adee6cb5518763b5bc8eaa3d41f23e938
Validity
Not Before: Feb 10 05:59:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9fde0a7a76c9307ef47e3475aeb15a85d63c537e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:44:97:7e:3b:11:e6:10:f0:a3:ad:20:99:43:
8f:dd:2c:44:8f:ed:53:fb:4c:58:42:d9:bc:20:df:
49:49:68:b3:52:a4:30:0d:c6:ca:25:b7:02:38:21:
06:eb:a3:ee:02:8e:21:87:60:c8:42:b2:51:11:5c:
80:98:63:97:a3:78:0b:7e:2c:2f:77:38:9e:4c:9b:
54:54:7e:27:81:95:f0:10:50:14:fa:72:7a:36:91:
ed:18:19:7d:50:2e:5f:23:21:42:c0:e7:c2:79:fe:
ea:9c:f3:ec:ef:21:21:a3:9e:58:41:64:59:6f:52:
29:d1:dd:b8:b8:7f:4b:67:2d:1f:44:15:b7:c0:c8:
a9:a0:ac:11:87:b9:d1:ec:61:5b:f3:3c:7d:14:0a:
ef:78:b1:e4:73:ff:30:38:00:28:8b:60:a1:6c:3b:
66:ef:ee:13:12:a2:46:2e:9f:5a:11:e2:b1:6a:90:
b9:fe:1f:93:62:8b:47:1c:18:12:27:34:3a:8e:c6:
b1:9d:04:ed:dc:ab:96:3b:c6:28:30:7b:4c:0d:12:
5c:03:b3:3c:96:f7:b4:4d:f9:3b:a7:cc:76:d0:b1:
56:09:ac:3d:38:dd:1a:fe:96:3d:10:e7:3a:f1:cf:
8e:40:13:96:49:48:c6:8e:6f:e6:9e:1a:4a:0c:21:
91:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:DE:0A:7A:76:C9:30:7E:F4:7E:34:75:AE:B1:5A:85:D6:3C:53:7E
X509v3 Authority Key Identifier:
keyid:83:F3:6B:0A:DE:E6:CB:55:18:76:3B:5B:C8:EA:A3:D4:1F:23:E9:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g_NrCt7my1UYdjtbyOqj1B8j6Tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/73195c-e663-498c-97db-af64f3fa2459/1/n94KenbJMH70fjR1rrFahdY8U34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/73195c-e663-498c-97db-af64f3fa2459/1/g_NrCt7my1UYdjtbyOqj1B8j6Tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.100.150.0-176.100.152.255
176.100.154.0/24
176.100.156.0/22
Signature Algorithm: sha256WithRSAEncryption
10:c1:5a:0d:4a:ec:a7:8d:c8:1c:db:8a:9b:04:1a:7b:a3:e0:
61:ba:84:e4:fb:2c:53:9a:c1:c9:70:d6:7d:d5:4f:74:4b:f3:
16:41:8e:41:2b:bb:6e:ba:aa:5a:c1:3e:86:a8:3c:a2:3b:9c:
b5:f4:f4:47:7c:b8:70:ce:04:26:fe:b2:2f:af:a6:e6:fd:9b:
8c:85:f3:1a:ec:91:bd:e6:0f:83:fe:c9:5e:19:18:97:fc:95:
f0:64:64:e9:ea:fd:26:f3:7f:bf:f3:2b:ca:77:67:49:fd:b9:
69:4e:2b:2a:4e:84:8a:2d:09:41:1a:b4:50:04:c2:7b:35:ca:
b9:7d:be:a4:f2:8b:03:21:20:5f:5a:8d:ad:28:2c:1a:68:25:
8c:33:e1:cc:5f:56:87:76:2d:e7:c9:72:25:9b:9b:66:34:06:
c1:8f:83:1e:3e:05:6f:41:18:9c:50:6c:bb:69:ae:39:fb:1d:
ea:0a:10:d3:78:06:bd:ea:b4:7d:61:c3:dd:0c:5e:c2:2a:f6:
7a:d9:4c:97:20:48:5c:c3:46:02:f7:3f:57:da:9b:83:40:58:
8f:ff:6f:77:e3:4e:b0:c6:d1:b8:43:87:fb:07:38:74:e5:ca:
ea:76:4a:99:3b:27:b0:57:f0:d7:59:4a:ae:df:fb:1b:34:ad:
48:0b:ab:ce
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZxGIedlTcblknhzq7v/n795MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZjM2YjBhZGVlNmNiNTUxODc2M2I1YmM4ZWFhM2Q0MWYy
M2U5MzgwHhcNMjYwMjEwMDU1OTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmRlMGE3YTc2YzkzMDdlZjQ3ZTM0NzVhZWIxNWE4NWQ2M2M1MzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0SXfjsR5hDwo60gmUOP3SxEj+1T
+0xYQtm8IN9JSWizUqQwDcbKJbcCOCEG66PuAo4hh2DIQrJREVyAmGOXo3gLfiwv
dzieTJtUVH4ngZXwEFAU+nJ6NpHtGBl9UC5fIyFCwOfCef7qnPPs7yEho55YQWRZ
b1Ip0d24uH9LZy0fRBW3wMipoKwRh7nR7GFb8zx9FArveLHkc/8wOAAoi2ChbDtm
7+4TEqJGLp9aEeKxapC5/h+TYotHHBgSJzQ6jsaxnQTt3KuWO8YoMHtMDRJcA7M8
lve0Tfk7p8x20LFWCaw9ON0a/pY9EOc68c+OQBOWSUjGjm/mnhpKDCGR4QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJ/eCnp2yTB+9H40da6xWoXWPFN+MB8GA1UdIwQY
MBaAFIPzawre5stVGHY7W8jqo9QfI+k4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ19OckN0N215MVVZZGp0YnlPcWoxQjhqNlRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC83MzE5NWMtZTY2My00OThjLTk3ZGIt
YWY2NGYzZmEyNDU5LzEvbjk0S2VuYkpNSDcwZmpSMXJyRmFoZFk4VTM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC83MzE5NWMtZTY2My00OThjLTk3ZGItYWY2NGYzZmEyNDU5
LzEvZ19OckN0N215MVVZZGp0YnlPcWoxQjhqNlRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAGwZJYD
BACwZJgDBACwZJoDBAKwZJwwDQYJKoZIhvcNAQELBQADggEBABDBWg1K7KeNyBzb
ipsEGnuj4GG6hOT7LFOawclw1n3VT3RL8xZBjkEru266qlrBPoaoPKI7nLX09Ed8
uHDOBCb+si+vpub9m4yF8xrskb3mD4P+yV4ZGJf8lfBkZOnq/Sbzf7/zK8p3Z0n9
uWlOKypOhIotCUEatFAEwns1yrl9vqTyiwMhIF9aja0oLBpoJYwz4cxfVod2LefJ
ciWbm2Y0BsGPgx4+BW9BGJxQbLtprjn7HeoKENN4Br3qtH1hw90MXsIq9nrZTJcg
SFzDRgL3P1fam4NAWI//b3fjTrDG0bhDh/sHOHTlyup2Spk7J7BX8NdZSq7f+xs0
rUgLq84=
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:12:34 2026 by rpki-client