Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/341068-28f6-4f81-993f-279203b1d92c/1/fs9mVLTn8Zfe8WvD_dGTNkEkZYo.roa
File: fs9mVLTn8Zfe8WvD_dGTNkEkZYo.roa (raw, json)
Hash identifier: g5QGRJ0AkvlZDjEoyLyV4FCpSkEh2fw5VXxJwPt9kWc=
Subject key identifier: 7E:CF:66:54:B4:E7:F1:97:DE:F1:6B:C3:FD:D1:93:36:41:24:65:8A
Certificate issuer: /CN=7247ba43e270c98bdc642a9e3c218ca524eb0f53
Certificate serial: 019D6D0A3AEE6F2B7D0E4CE0AC4369B7012B
Authority key identifier: 72:47:BA:43:E2:70:C9:8B:DC:64:2A:9E:3C:21:8C:A5:24:EB:0F:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cke6Q-JwyYvcZCqePCGMpSTrD1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/341068-28f6-4f81-993f-279203b1d92c/1/fs9mVLTn8Zfe8WvD_dGTNkEkZYo.roa
Signing time: Wed 08 Apr 2026 12:21:20 +0000
ROA not before: Wed 08 Apr 2026 12:21:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34913
IP address blocks: 80.89.112.0/20 maxlen: 20
185.227.232.0/24 maxlen: 24
185.227.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/341068-28f6-4f81-993f-279203b1d92c/1/cke6Q-JwyYvcZCqePCGMpSTrD1M.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/341068-28f6-4f81-993f-279203b1d92c/1/cke6Q-JwyYvcZCqePCGMpSTrD1M.mft
rsync://rpki.ripe.net/repository/DEFAULT/cke6Q-JwyYvcZCqePCGMpSTrD1M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6d:0a:3a:ee:6f:2b:7d:0e:4c:e0:ac:43:69:b7:01:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7247ba43e270c98bdc642a9e3c218ca524eb0f53
Validity
Not Before: Apr 8 12:21:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7ecf6654b4e7f197def16bc3fdd193364124658a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a3:23:04:29:bd:13:84:98:1e:a9:3b:df:6c:
ae:aa:fb:53:66:e0:df:ac:2f:10:4e:02:c2:3e:9e:
20:75:6f:36:d2:37:8b:d1:92:08:07:af:fa:4a:f5:
e1:f2:68:03:cd:24:8c:15:11:63:e4:ae:c4:ad:7d:
9a:e5:bc:24:4d:fb:f9:85:1e:61:c7:3f:33:2c:f4:
23:e4:96:f0:87:63:a1:f0:2b:12:0e:e8:ae:0e:dc:
98:ec:c7:ff:05:e6:8c:9a:ac:7a:ef:16:6b:a2:8e:
25:e5:e3:88:79:52:b5:a9:15:0a:8e:e4:3c:d6:02:
4f:d0:87:68:3b:fd:90:dd:89:64:72:c2:ee:30:a4:
5d:3b:02:62:f5:f8:23:2e:86:bb:d2:e2:88:2d:cd:
3e:55:fe:5f:82:cf:e2:67:ce:b3:03:22:3c:8a:4d:
4c:45:9f:ff:86:9a:7b:35:01:f0:0e:d2:92:4d:3b:
8f:d6:5e:20:e0:7d:19:77:92:34:fc:50:7a:78:41:
f0:25:04:65:7c:36:25:df:6a:5f:d9:8c:f1:76:18:
c4:f1:de:9e:ca:8e:49:fa:30:3c:ad:64:ce:bc:b4:
bf:c3:85:a2:de:e7:bd:31:d0:ed:91:64:2d:de:3b:
d4:d8:b3:19:f9:4a:36:ef:ef:3e:75:bc:e1:c1:46:
2f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:CF:66:54:B4:E7:F1:97:DE:F1:6B:C3:FD:D1:93:36:41:24:65:8A
X509v3 Authority Key Identifier:
keyid:72:47:BA:43:E2:70:C9:8B:DC:64:2A:9E:3C:21:8C:A5:24:EB:0F:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cke6Q-JwyYvcZCqePCGMpSTrD1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/341068-28f6-4f81-993f-279203b1d92c/1/fs9mVLTn8Zfe8WvD_dGTNkEkZYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/341068-28f6-4f81-993f-279203b1d92c/1/cke6Q-JwyYvcZCqePCGMpSTrD1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.89.112.0/20
185.227.232.0/23
Signature Algorithm: sha256WithRSAEncryption
e2:df:71:b9:04:94:0b:bc:b6:d5:4c:e1:39:8c:35:40:5e:48:
fa:11:99:3d:a0:63:f6:a8:a5:8d:48:0f:d8:4d:4f:a1:2a:84:
ce:3c:83:2d:2e:7f:f0:40:8c:81:d6:44:03:74:52:c6:56:ad:
64:79:a2:65:66:be:63:5e:7f:46:49:6a:7e:e1:05:e1:ff:88:
72:ce:a6:2d:9f:05:43:e5:9a:00:f1:4f:11:83:43:3d:a4:d9:
9c:d4:22:e2:c6:92:dd:f2:29:92:68:a7:24:3d:4b:90:2b:fe:
a2:5f:2a:7f:07:cc:76:b7:39:00:9a:48:16:ca:3c:ee:c2:c7:
79:8a:23:27:87:e0:45:0f:1a:53:f8:bb:ad:b8:ed:12:ba:72:
69:dd:a7:4a:26:de:21:55:e9:de:af:d9:44:e5:52:38:ca:7e:
23:51:13:a7:09:e9:b0:cd:9f:e3:02:6c:78:9e:8c:57:e0:ba:
80:c5:1b:7d:8c:61:f3:cf:d8:fb:ce:99:c1:9a:67:9a:78:58:
20:f9:70:d3:81:f8:a1:b7:07:13:6a:0c:be:7d:1e:b5:66:78:
c2:04:0e:85:5d:3b:27:dc:6c:0c:4d:28:a9:ca:33:87:32:f9:
40:4b:c1:34:17:ef:7a:45:3e:d7:ea:35:08:80:b6:7c:56:53:
9a:85:a6:fe
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ1tCjrubyt9DkzgrENptwErMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNDdiYTQzZTI3MGM5OGJkYzY0MmE5ZTNjMjE4Y2E1MjRl
YjBmNTMwHhcNMjYwNDA4MTIyMTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWNmNjY1NGI0ZTdmMTk3ZGVmMTZiYzNmZGQxOTMzNjQxMjQ2NThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqMjBCm9E4SYHqk732yuqvtTZuDf
rC8QTgLCPp4gdW820jeL0ZIIB6/6SvXh8mgDzSSMFRFj5K7ErX2a5bwkTfv5hR5h
xz8zLPQj5Jbwh2Oh8CsSDuiuDtyY7Mf/BeaMmqx67xZroo4l5eOIeVK1qRUKjuQ8
1gJP0IdoO/2Q3YlkcsLuMKRdOwJi9fgjLoa70uKILc0+Vf5fgs/iZ86zAyI8ik1M
RZ//hpp7NQHwDtKSTTuP1l4g4H0Zd5I0/FB6eEHwJQRlfDYl32pf2YzxdhjE8d6e
yo5J+jA8rWTOvLS/w4Wi3ue9MdDtkWQt3jvU2LMZ+Uo27+8+dbzhwUYvfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH7PZlS05/GX3vFrw/3RkzZBJGWKMB8GA1UdIwQY
MBaAFHJHukPicMmL3GQqnjwhjKUk6w9TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2tlNlEtSnd5WXZjWkNxZVBDR01wU1RyRDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8zNDEwNjgtMjhmNi00ZjgxLTk5M2Yt
Mjc5MjAzYjFkOTJjLzEvZnM5bVZMVG44WmZlOFd2RF9kR1ROa0VrWllvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8zNDEwNjgtMjhmNi00ZjgxLTk5M2YtMjc5MjAzYjFkOTJj
LzEvY2tlNlEtSnd5WXZjWkNxZVBDR01wU1RyRDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEUFlwAwQB
uePoMA0GCSqGSIb3DQEBCwUAA4IBAQDi33G5BJQLvLbVTOE5jDVAXkj6EZk9oGP2
qKWNSA/YTU+hKoTOPIMtLn/wQIyB1kQDdFLGVq1keaJlZr5jXn9GSWp+4QXh/4hy
zqYtnwVD5ZoA8U8Rg0M9pNmc1CLixpLd8imSaKckPUuQK/6iXyp/B8x2tzkAmkgW
yjzuwsd5iiMnh+BFDxpT+LutuO0SunJp3adKJt4hVener9lE5VI4yn4jUROnCemw
zZ/jAmx4noxX4LqAxRt9jGHzz9j7zpnBmmeaeFgg+XDTgfihtwcTagy+fR61ZnjC
BA6FXTsn3GwMTSipyjOHMvlAS8E0F+96RT7X6jUIgLZ8VlOahab+
-----END CERTIFICATE-----
Generated at Sat Apr 18 01:20:02 2026 by rpki-client