Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/K9Dqioe9b1QzXjqNmFeropCvp-0.roa
File: K9Dqioe9b1QzXjqNmFeropCvp-0.roa (raw, json)
Hash identifier: sgULkqb+pMBqo5qKyD2WmWceUGLc0NbCM+ENzx9wYYo=
Subject key identifier: 2B:D0:EA:8A:87:BD:6F:54:33:5E:3A:8D:98:57:AB:A2:90:AF:A7:ED
Certificate issuer: /CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Certificate serial: 019D71E7AE3F207BB85E39380C8101F8CF95
Authority key identifier: B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/K9Dqioe9b1QzXjqNmFeropCvp-0.roa
Signing time: Thu 09 Apr 2026 11:01:41 +0000
ROA not before: Thu 09 Apr 2026 11:01:41 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 24768
IP address blocks: 80.174.240.0/22 maxlen: 22
80.174.247.0/24 maxlen: 24
80.174.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.mft
rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:71:e7:ae:3f:20:7b:b8:5e:39:38:0c:81:01:f8:cf:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Validity
Not Before: Apr 9 11:01:41 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2bd0ea8a87bd6f54335e3a8d9857aba290afa7ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b2:b2:8b:6e:72:9e:76:d8:71:6b:6e:15:91:
b2:4f:7b:57:04:97:4a:7a:a0:4e:b7:74:54:1a:41:
dc:84:89:b9:8d:83:cf:71:a1:6f:07:2d:da:f9:67:
fe:91:cf:a3:c8:07:48:7a:e3:4d:e1:04:2a:68:05:
f8:f2:69:66:71:63:d9:11:d9:d6:8e:2b:87:2c:16:
6c:d5:f3:45:a3:97:3f:ff:1f:79:5c:2d:02:cc:9f:
91:5a:27:f1:a3:45:de:7e:22:07:60:97:51:b4:e5:
ab:e6:8a:14:9d:8f:7f:75:a5:55:56:5b:17:47:05:
21:e2:26:e0:67:89:b9:41:07:f5:0f:5c:38:b0:cb:
f4:87:b9:67:cc:5c:ef:56:26:d4:3e:0a:c1:29:ff:
78:6b:46:0c:25:20:7f:78:e3:1f:ad:6a:d2:0c:ac:
be:39:ab:02:95:09:7d:b6:e1:73:96:22:5c:42:38:
cd:17:b8:98:c4:49:d9:46:0d:80:65:ba:fb:25:1b:
88:8f:21:f0:6d:90:a1:e8:0f:20:c3:d3:a5:df:93:
54:02:e2:d3:b3:33:c2:c9:fd:cc:04:a5:9f:2a:15:
0d:c0:30:cc:7a:af:0e:54:ca:97:be:13:bf:58:97:
ba:5f:3e:7e:8a:fa:bd:27:d7:c8:91:44:15:ed:50:
fc:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D0:EA:8A:87:BD:6F:54:33:5E:3A:8D:98:57:AB:A2:90:AF:A7:ED
X509v3 Authority Key Identifier:
keyid:B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/K9Dqioe9b1QzXjqNmFeropCvp-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.174.240.0/22
80.174.247.0/24
80.174.255.0/24
Signature Algorithm: sha256WithRSAEncryption
59:aa:81:5a:fc:7c:bb:bb:aa:b4:bb:d1:d9:3c:26:60:99:32:
ce:1b:56:38:62:42:f9:47:bd:5f:b0:30:e9:42:33:eb:7c:de:
aa:97:4f:17:18:45:13:21:6d:76:bc:5a:89:ab:12:1f:48:a5:
77:49:96:f9:e9:40:12:ff:bd:97:80:ec:6f:f0:c2:24:2e:46:
96:0b:6a:f5:24:ab:b1:3b:42:c1:08:8c:90:c6:7b:31:84:89:
fc:8c:d5:02:a2:5c:41:77:88:4a:40:5b:3e:2c:34:c7:a2:b9:
60:25:72:06:22:45:aa:7c:bc:5a:11:3f:fd:c2:a8:7c:42:81:
80:0f:e0:91:0c:72:63:38:b5:3a:58:a6:ba:03:54:99:34:10:
7b:e2:51:b4:11:e8:9f:f8:bb:8b:4c:f4:5b:aa:36:5a:a6:cf:
9e:57:dc:36:58:04:c3:17:98:0e:05:75:df:34:de:b3:01:e1:
09:5e:fc:c2:96:2e:c8:95:89:e8:b4:bb:6b:43:b9:28:e1:fc:
0f:90:c5:14:0c:21:77:a6:f0:24:fe:98:50:95:1b:73:81:a8:
b9:bc:8c:ca:85:2f:2a:54:2a:3e:c2:b1:b9:c8:46:7d:67:9d:
45:0b:3e:96:63:a1:02:dc:8e:a5:2d:0c:bc:2f:4b:bc:28:a7:
1e:1d:32:d3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ1x564/IHu4Xjk4DIEB+M+VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTk5OTg5OWY3NmQyZTJlNGNjZGZjODE3Zjk4NzljZmFj
MDZiYmUwHhcNMjYwNDA5MTEwMTQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmQwZWE4YTg3YmQ2ZjU0MzM1ZTNhOGQ5ODU3YWJhMjkwYWZhN2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7Kyi25ynnbYcWtuFZGyT3tXBJdK
eqBOt3RUGkHchIm5jYPPcaFvBy3a+Wf+kc+jyAdIeuNN4QQqaAX48mlmcWPZEdnW
jiuHLBZs1fNFo5c//x95XC0CzJ+RWifxo0XefiIHYJdRtOWr5ooUnY9/daVVVlsX
RwUh4ibgZ4m5QQf1D1w4sMv0h7lnzFzvVibUPgrBKf94a0YMJSB/eOMfrWrSDKy+
OasClQl9tuFzliJcQjjNF7iYxEnZRg2AZbr7JRuIjyHwbZCh6A8gw9Ol35NUAuLT
szPCyf3MBKWfKhUNwDDMeq8OVMqXvhO/WJe6Xz5+ivq9J9fIkUQV7VD8hwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCvQ6oqHvW9UM146jZhXq6KQr6ftMB8GA1UdIwQY
MBaAFLRZmYmfdtLi5MzfyBf5h5z6wGu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUt
NzM0MjhmOWM3YmZmLzEvSzlEcWlvZTliMVF6WGpxTm1GZXJvcEN2cC0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUtNzM0MjhmOWM3YmZm
LzEvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCUK7wAwQA
UK73AwQAUK7/MA0GCSqGSIb3DQEBCwUAA4IBAQBZqoFa/Hy7u6q0u9HZPCZgmTLO
G1Y4YkL5R71fsDDpQjPrfN6ql08XGEUTIW12vFqJqxIfSKV3SZb56UAS/72XgOxv
8MIkLkaWC2r1JKuxO0LBCIyQxnsxhIn8jNUColxBd4hKQFs+LDTHorlgJXIGIkWq
fLxaET/9wqh8QoGAD+CRDHJjOLU6WKa6A1SZNBB74lG0Eeif+LuLTPRbqjZaps+e
V9w2WATDF5gOBXXfNN6zAeEJXvzCli7IlYnotLtrQ7ko4fwPkMUUDCF3pvAk/phQ
lRtzgai5vIzKhS8qVCo+wrG5yEZ9Z51FCz6WY6EC3I6lLQy8L0u8KKceHTLT
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:12:11 2026 by rpki-client