Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/aYMWFh_sotwvBZG_mTpfuPfET2Q.roa
File: aYMWFh_sotwvBZG_mTpfuPfET2Q.roa (raw, json)
Hash identifier: U52p7o8diMtXlOIqFwTr4RfneiwSKfhE/fkY1n1C2Jo=
Subject key identifier: 69:83:16:16:1F:EC:A2:DC:2F:05:91:BF:99:3A:5F:B8:F7:C4:4F:64
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019C02D21F409092744662FC849771AC34FA
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/aYMWFh_sotwvBZG_mTpfuPfET2Q.roa
Signing time: Wed 28 Jan 2026 04:17:30 +0000
ROA not before: Wed 28 Jan 2026 04:17:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 5650
IP address blocks: 89.125.40.0/21 maxlen: 21
89.125.141.0/24 maxlen: 24
89.125.164.0/24 maxlen: 24
89.125.184.0/24 maxlen: 24
89.125.224.0/20 maxlen: 20
167.17.32.0/21 maxlen: 21
167.17.41.0/24 maxlen: 24
167.17.42.0/23 maxlen: 23
167.17.44.0/23 maxlen: 23
167.17.46.0/24 maxlen: 24
206.245.136.0/21 maxlen: 21
206.245.144.0/21 maxlen: 21
208.123.184.0/24 maxlen: 24
208.123.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:02:d2:1f:40:90:92:74:46:62:fc:84:97:71:ac:34:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 28 04:17:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=698316161feca2dc2f0591bf993a5fb8f7c44f64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0e:0e:25:4f:33:80:cf:ac:53:ed:b9:8b:80:
a7:26:70:03:36:26:79:19:6f:3d:7d:48:17:ca:49:
57:7d:61:cc:31:6a:28:9a:39:7f:ba:4e:ef:ea:2b:
77:25:f3:ca:4a:6e:00:11:1b:3b:9a:81:70:bc:1d:
2b:d6:43:3c:e3:45:80:42:41:8e:2b:b7:31:1b:38:
76:3b:41:75:ad:65:6b:10:74:a1:e7:de:cc:91:28:
7b:c3:99:6c:70:de:97:a7:8e:79:ce:2f:6b:1e:31:
49:8c:07:b3:01:f7:09:f6:fa:db:a0:b7:df:1d:86:
92:02:7a:7c:75:4f:39:cc:eb:5c:7e:5d:10:31:ea:
35:ce:f6:78:48:fd:08:c6:b9:42:4e:d3:3b:84:a6:
c6:bd:98:2d:3d:e0:5b:5d:82:8d:20:01:a9:f3:71:
a1:ca:33:92:aa:76:29:d7:90:d3:04:4f:c8:56:bd:
c1:c7:5d:76:27:50:16:69:b4:6d:61:c5:df:e3:dd:
92:a8:7b:a5:d1:08:71:ee:89:73:40:b8:26:3e:4d:
76:d3:fc:2f:c4:d7:16:2b:ac:89:b7:c7:fa:75:75:
00:1e:6c:c2:a9:cb:9f:3c:c8:2c:5e:26:3a:06:39:
63:8d:5a:1d:1d:54:2f:07:60:2a:a2:41:94:7b:59:
a4:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:83:16:16:1F:EC:A2:DC:2F:05:91:BF:99:3A:5F:B8:F7:C4:4F:64
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/aYMWFh_sotwvBZG_mTpfuPfET2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.125.40.0/21
89.125.141.0/24
89.125.164.0/24
89.125.184.0/24
89.125.224.0/20
167.17.32.0/21
167.17.41.0-167.17.46.255
206.245.136.0-206.245.151.255
208.123.184.0/24
208.123.186.0/24
Signature Algorithm: sha256WithRSAEncryption
72:b7:76:b9:fd:51:b3:49:ce:d5:e8:c1:6d:5b:6e:b4:4b:9a:
13:8a:8c:15:df:14:00:4b:aa:93:51:c8:56:5a:78:3a:e4:4a:
77:6a:05:b1:f7:87:e0:c7:d3:63:af:09:76:51:a2:36:df:bd:
12:bb:04:eb:b0:7c:93:e3:d5:b8:e4:f3:b0:07:04:1c:16:6a:
cb:72:9e:48:09:47:72:79:d2:c8:5a:9e:eb:16:3e:c5:02:b9:
3b:a4:25:30:19:28:f9:ae:1c:f7:48:95:cd:91:98:54:6a:5d:
bf:de:e9:97:49:bd:dc:e5:c1:af:6e:bd:fa:0f:8f:61:02:57:
74:70:ac:c6:b6:a8:8f:5e:6f:e3:a5:86:ec:6a:5f:e2:38:65:
28:b7:47:fc:cc:c5:74:a6:8d:db:cb:b7:fe:f2:ec:c6:75:e3:
16:d2:e4:38:6d:77:98:6b:a8:4d:cd:b1:23:d1:4f:38:6c:d4:
4f:13:fa:43:24:11:da:cf:35:a2:19:96:ca:53:eb:f2:5b:57:
00:ba:83:15:66:b2:9d:84:12:7d:f6:bd:1c:69:b7:da:0b:8e:
6c:c0:53:19:f3:64:be:a7:1d:fb:12:65:08:87:3e:7a:dc:c4:
89:b6:c2:8d:09:f9:18:a5:21:6a:3b:40:af:ad:e3:56:52:67:
83:4e:f3:af
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZwC0h9AkJJ0RmL8hJdxrDT6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwMTI4MDQxNzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTgzMTYxNjFmZWNhMmRjMmYwNTkxYmY5OTNhNWZiOGY3YzQ0ZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsw4OJU8zgM+sU+25i4CnJnADNiZ5
GW89fUgXyklXfWHMMWoomjl/uk7v6it3JfPKSm4AERs7moFwvB0r1kM840WAQkGO
K7cxGzh2O0F1rWVrEHSh597MkSh7w5lscN6Xp455zi9rHjFJjAezAfcJ9vrboLff
HYaSAnp8dU85zOtcfl0QMeo1zvZ4SP0IxrlCTtM7hKbGvZgtPeBbXYKNIAGp83Gh
yjOSqnYp15DTBE/IVr3Bx112J1AWabRtYcXf492SqHul0Qhx7olzQLgmPk120/wv
xNcWK6yJt8f6dXUAHmzCqcufPMgsXiY6BjljjVodHVQvB2AqokGUe1mkgwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFGmDFhYf7KLcLwWRv5k6X7j3xE9kMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvYVlNV0ZoX3NvdHd2QlpHX21UcGZ1UGZFVDJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQDWX0oAwQA
WX2NAwQAWX2kAwQAWX24AwQEWX3gAwQDpxEgMAwDBACnESkDBACnES4wDAMEA871
iAMEA871kAMEANB7uAMEANB7ujANBgkqhkiG9w0BAQsFAAOCAQEAcrd2uf1Rs0nO
1ejBbVtutEuaE4qMFd8UAEuqk1HIVlp4OuRKd2oFsfeH4MfTY68JdlGiNt+9ErsE
67B8k+PVuOTzsAcEHBZqy3KeSAlHcnnSyFqe6xY+xQK5O6QlMBko+a4c90iVzZGY
VGpdv97pl0m93OXBr269+g+PYQJXdHCsxraoj15v46WG7Gpf4jhlKLdH/MzFdKaN
28u3/vLsxnXjFtLkOG13mGuoTc2xI9FPOGzUTxP6QyQR2s81ohmWylPr8ltXALqD
FWaynYQSffa9HGm32guObMBTGfNkvqcd+xJlCIc+etzEibbCjQn5GKUhajtAr63j
VlJng07zrw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:04:06 2026 by rpki-client