Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/f220a0-df81-42fb-b714-dedd35293230/1/9sdNFthZZukD_uXtTd0XAPClQdY.roa
File: 9sdNFthZZukD_uXtTd0XAPClQdY.roa (raw, json)
Hash identifier: tGqQPkljGMhWTFdHBoZoHHu7YzMwjEuFnjQUjnre+7E=
Subject key identifier: F6:C7:4D:16:D8:59:66:E9:03:FE:E5:ED:4D:DD:17:00:F0:A5:41:D6
Certificate issuer: /CN=c74ca0855178a0cdd71914bcf223aa31af6369a4
Certificate serial: 019C8B4B808EC41CC32D40AACEBD5F567627
Authority key identifier: C7:4C:A0:85:51:78:A0:CD:D7:19:14:BC:F2:23:AA:31:AF:63:69:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0yghVF4oM3XGRS88iOqMa9jaaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/f220a0-df81-42fb-b714-dedd35293230/1/9sdNFthZZukD_uXtTd0XAPClQdY.roa
Signing time: Mon 23 Feb 2026 16:18:27 +0000
ROA not before: Mon 23 Feb 2026 16:18:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 59790
IP address blocks: 5.154.233.0/24 maxlen: 24
5.183.208.0/24 maxlen: 24
86.54.99.0/24 maxlen: 24
91.240.40.0/22 maxlen: 22
93.92.116.0/22 maxlen: 22
94.176.100.0/22 maxlen: 22
185.35.232.0/22 maxlen: 22
185.67.120.0/24 maxlen: 24
185.107.24.0/22 maxlen: 22
185.125.36.0/22 maxlen: 22
185.224.116.0/22 maxlen: 22
193.32.11.0/24 maxlen: 24
193.124.76.0/22 maxlen: 22
193.124.144.0/21 maxlen: 21
194.135.200.0/21 maxlen: 21
195.216.136.0/22 maxlen: 22
208.122.6.0/23 maxlen: 23
2a04:65c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/f220a0-df81-42fb-b714-dedd35293230/1/x0yghVF4oM3XGRS88iOqMa9jaaQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/f220a0-df81-42fb-b714-dedd35293230/1/x0yghVF4oM3XGRS88iOqMa9jaaQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/x0yghVF4oM3XGRS88iOqMa9jaaQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8b:4b:80:8e:c4:1c:c3:2d:40:aa:ce:bd:5f:56:76:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74ca0855178a0cdd71914bcf223aa31af6369a4
Validity
Not Before: Feb 23 16:18:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f6c74d16d85966e903fee5ed4ddd1700f0a541d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:71:a2:8c:23:15:da:ed:d1:6d:48:80:50:4b:
0d:63:5b:c3:c6:aa:76:6d:af:27:63:33:a4:d3:11:
30:d2:c2:d3:cb:4c:e7:fc:b6:4f:4e:f9:5b:50:06:
c2:25:61:d2:59:08:4c:68:fa:68:bc:0e:74:dd:81:
f4:5f:bd:40:7a:84:ef:da:08:b5:c4:7f:47:28:24:
76:32:9a:de:d0:fd:da:68:b7:69:00:d5:25:a0:91:
4b:91:4d:38:0e:50:65:42:34:7a:3c:b5:16:d1:97:
ff:c7:fd:24:7d:82:ee:49:74:7b:88:2b:97:f4:91:
e0:c8:ff:89:2a:04:d3:c7:94:d9:48:a2:86:e4:09:
5a:4b:d2:59:5c:79:d2:57:40:63:12:e1:a9:06:5a:
7f:df:7c:05:32:86:a7:e7:d8:ba:d4:2b:df:ae:a9:
bc:5f:77:22:cf:62:b7:50:a5:d7:e1:e0:35:a0:2e:
62:44:81:5a:e0:c9:b1:cc:dd:f1:7e:f0:55:21:fe:
da:c4:e5:23:30:08:cb:95:da:b5:19:16:e7:06:ce:
59:26:bc:5b:01:40:b3:77:a0:07:32:42:44:68:4c:
94:00:85:93:ae:a1:99:50:03:2c:b2:40:76:90:0d:
fe:4b:0b:2f:3f:1e:ae:5e:d6:70:89:7b:88:0e:b6:
49:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:C7:4D:16:D8:59:66:E9:03:FE:E5:ED:4D:DD:17:00:F0:A5:41:D6
X509v3 Authority Key Identifier:
keyid:C7:4C:A0:85:51:78:A0:CD:D7:19:14:BC:F2:23:AA:31:AF:63:69:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0yghVF4oM3XGRS88iOqMa9jaaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f220a0-df81-42fb-b714-dedd35293230/1/9sdNFthZZukD_uXtTd0XAPClQdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f220a0-df81-42fb-b714-dedd35293230/1/x0yghVF4oM3XGRS88iOqMa9jaaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.233.0/24
5.183.208.0/24
86.54.99.0/24
91.240.40.0/22
93.92.116.0/22
94.176.100.0/22
185.35.232.0/22
185.67.120.0/24
185.107.24.0/22
185.125.36.0/22
185.224.116.0/22
193.32.11.0/24
193.124.76.0/22
193.124.144.0/21
194.135.200.0/21
195.216.136.0/22
208.122.6.0/23
IPv6:
2a04:65c0::/29
Signature Algorithm: sha256WithRSAEncryption
79:69:8b:e2:21:c1:9c:e0:55:95:f5:8e:b0:fa:2c:f7:f5:b3:
0c:13:5b:e3:de:7f:f0:b0:84:99:3e:32:ba:73:f1:2d:a7:b8:
ab:7e:39:25:e7:cb:83:fe:bf:84:4c:fd:67:e3:52:24:3e:e3:
9e:c7:fb:0e:8f:6f:72:04:c8:a7:ba:d1:90:fe:fd:0a:16:02:
7c:80:e8:93:c1:05:9d:97:ab:7d:c5:c5:69:62:1c:f6:97:1d:
1b:b9:12:f6:ae:81:a7:11:43:94:bb:98:fc:b5:31:15:25:51:
fc:5a:81:da:fb:cb:cd:59:10:ad:dc:9d:20:62:31:17:2e:d3:
fa:6f:68:86:f9:bc:1c:c9:5b:b6:f5:33:c2:5e:dd:19:45:bb:
ec:b7:01:3c:f3:b6:66:65:f2:36:9e:56:95:0b:8d:12:5b:8d:
52:3a:ff:e4:ee:23:b2:82:43:18:f1:bf:35:07:06:f8:ea:c1:
76:b7:af:01:62:3c:78:c7:bd:61:c6:18:1c:2e:1d:13:f9:2d:
04:b1:a2:a9:26:ba:f8:65:96:73:3a:a6:db:05:06:b3:9b:ff:
00:65:18:f0:13:1d:49:20:fa:5d:e1:a5:02:fa:24:d1:d1:ce:
6a:1a:3a:51:03:91:c9:ea:e8:7b:32:50:0d:51:e2:36:03:ea:
a2:9b:73:f5
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAZyLS4COxBzDLUCqzr1fVnYnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGNhMDg1NTE3OGEwY2RkNzE5MTRiY2YyMjNhYTMxYWY2
MzY5YTQwHhcNMjYwMjIzMTYxODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmM3NGQxNmQ4NTk2NmU5MDNmZWU1ZWQ0ZGRkMTcwMGYwYTU0MWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHGijCMV2u3RbUiAUEsNY1vDxqp2
ba8nYzOk0xEw0sLTy0zn/LZPTvlbUAbCJWHSWQhMaPpovA503YH0X71AeoTv2gi1
xH9HKCR2Mpre0P3aaLdpANUloJFLkU04DlBlQjR6PLUW0Zf/x/0kfYLuSXR7iCuX
9JHgyP+JKgTTx5TZSKKG5AlaS9JZXHnSV0BjEuGpBlp/33wFMoan59i61Cvfrqm8
X3ciz2K3UKXX4eA1oC5iRIFa4MmxzN3xfvBVIf7axOUjMAjLldq1GRbnBs5ZJrxb
AUCzd6AHMkJEaEyUAIWTrqGZUAMsskB2kA3+SwsvPx6uXtZwiXuIDrZJ2QIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFPbHTRbYWWbpA/7l7U3dFwDwpUHWMB8GA1UdIwQY
MBaAFMdMoIVReKDN1xkUvPIjqjGvY2mkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB5Z2hWRjRvTTNYR1JTODhpT3FNYTlqYWFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mMjIwYTAtZGY4MS00MmZiLWI3MTQt
ZGVkZDM1MjkzMjMwLzEvOXNkTkZ0aFpadWtEX3VYdFRkMFhBUENsUWRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mMjIwYTAtZGY4MS00MmZiLWI3MTQtZGVkZDM1MjkzMjMw
LzEveDB5Z2hWRjRvTTNYR1JTODhpT3FNYTlqYWFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAAWa6QME
AAW30AMEAFY2YwMEAlvwKAMEAl1cdAMEAl6wZAMEArkj6AMEALlDeAMEArlrGAME
Arl9JAMEArngdAMEAMEgCwMEAsF8TAMEA8F8kAMEA8KHyAMEAsPYiAMEAdB6BjAN
BAIAAjAHAwUDKgRlwDANBgkqhkiG9w0BAQsFAAOCAQEAeWmL4iHBnOBVlfWOsPos
9/WzDBNb495/8LCEmT4yunPxLae4q345JefLg/6/hEz9Z+NSJD7jnsf7Do9vcgTI
p7rRkP79ChYCfIDok8EFnZerfcXFaWIc9pcdG7kS9q6BpxFDlLuY/LUxFSVR/FqB
2vvLzVkQrdydIGIxFy7T+m9ohvm8HMlbtvUzwl7dGUW77LcBPPO2ZmXyNp5WlQuN
EluNUjr/5O4jsoJDGPG/NQcG+OrBdrevAWI8eMe9YcYYHC4dE/ktBLGiqSa6+GWW
czqm2wUGs5v/AGUY8BMdSSD6XeGlAvok0dHOaho6UQORyeroezJQDVHiNgPqoptz
9Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:51:38 2026 by rpki-client