Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/B3y7rGYKrZqH8u4W2_ITr703IcA.roa
File: B3y7rGYKrZqH8u4W2_ITr703IcA.roa (raw, json)
Hash identifier: FEfRlK9/3bnh5D+vlcxp7wr4fd1DSa0/aNG8mMvGwJM=
Subject key identifier: 07:7C:BB:AC:66:0A:AD:9A:87:F2:EE:16:DB:F2:13:AF:BD:37:21:C0
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019EA71EDFACF825049DA4856077EFC73A8E
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/B3y7rGYKrZqH8u4W2_ITr703IcA.roa
Signing time: Mon 08 Jun 2026 12:04:38 +0000
ROA not before: Mon 08 Jun 2026 12:04:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 154383
IP address blocks: 87.82.217.0/24 maxlen: 24
87.83.175.0/24 maxlen: 24
87.84.224.0/24 maxlen: 24
87.86.37.0/24 maxlen: 24
91.143.180.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 20:11:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a7:1e:df:ac:f8:25:04:9d:a4:85:60:77:ef:c7:3a:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Jun 8 12:04:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=077cbbac660aad9a87f2ee16dbf213afbd3721c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4c:51:f5:34:f2:72:00:7a:55:bd:4c:58:4e:
36:e2:5f:4e:46:fd:75:68:e9:84:d2:f8:10:b3:46:
93:23:c0:57:38:8f:8f:d7:0f:b4:1f:d0:6b:e9:cc:
ed:24:1c:f7:75:ba:0c:72:f5:2b:94:84:67:ff:69:
62:b0:b9:5d:5a:fe:d7:55:54:d3:9e:b4:20:23:d8:
79:78:c9:ce:4f:16:4c:31:0c:ef:f5:07:eb:05:ae:
06:9c:02:98:d3:68:5e:09:0f:0f:70:29:ee:e6:b8:
9a:18:44:68:59:1f:34:8b:15:76:e8:5a:13:d7:71:
15:c0:e2:a7:86:50:bb:50:cd:94:d3:86:58:6d:3c:
99:a1:9b:e1:53:23:7a:36:dc:21:d4:fb:69:ef:c5:
20:39:ed:ac:f2:f8:5b:75:bb:20:48:2e:98:3a:fd:
5b:3a:da:9b:95:fd:25:1a:d0:ea:1e:17:33:dd:f7:
de:54:33:6e:af:7b:00:16:72:62:0f:9b:46:c9:f8:
a6:e2:86:9f:dc:0e:3f:2a:74:19:c9:94:2a:dc:c8:
89:ee:db:7b:5e:e0:ef:e0:f1:ec:2b:b4:92:b3:1a:
89:f3:cc:ae:32:27:a1:79:59:a3:8b:2f:92:88:e7:
37:b4:d2:6d:00:ad:b8:d4:b8:26:b0:6a:a6:48:eb:
6b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:7C:BB:AC:66:0A:AD:9A:87:F2:EE:16:DB:F2:13:AF:BD:37:21:C0
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/B3y7rGYKrZqH8u4W2_ITr703IcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.82.217.0/24
87.83.175.0/24
87.84.224.0/24
87.86.37.0/24
91.143.180.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:8e:93:5b:6a:e6:a3:e5:1f:4b:80:05:5d:16:af:9a:92:03:
53:61:b4:cc:c4:ea:1b:bc:4c:7a:69:c5:c8:e1:cf:3c:1d:a8:
cc:75:67:7f:5b:91:5f:70:3f:2d:59:30:99:23:fd:2b:2e:b8:
d0:f0:28:28:20:ee:20:6f:5d:9c:fd:a8:ad:50:5e:3d:6f:cd:
69:d6:80:29:14:fb:5e:c3:a2:ed:40:e9:9c:05:49:63:c3:15:
9b:0a:bc:96:4f:e2:92:79:df:10:8b:03:db:df:a2:ad:b2:dd:
4f:48:23:9b:86:f3:d3:8c:dc:4a:07:a2:dd:a3:fb:35:ba:37:
4f:32:9e:94:96:9a:64:4e:72:ae:97:ca:a3:f5:ae:24:59:d9:
5e:48:91:7d:b6:a0:8c:08:26:d1:b2:f8:81:e7:bd:33:bc:5e:
3c:a6:48:70:78:5d:ec:e4:68:68:77:78:ee:cc:c4:81:64:1a:
e2:a0:b2:74:d7:d6:e1:e6:77:4a:87:9b:db:95:dc:1f:3f:b6:
b6:5a:a7:98:eb:32:5e:fd:df:d8:6d:24:9d:2d:e2:d4:aa:26:
0d:47:42:26:7e:59:ee:9b:52:f9:0e:dc:86:a0:eb:2d:9c:b6:
c9:3f:35:bf:fb:e4:ee:4d:e8:6d:72:4a:7f:f1:de:a2:c3:4e:
b6:19:f3:18
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ6nHt+s+CUEnaSFYHfvxzqOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwNjA4MTIwNDM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzdjYmJhYzY2MGFhZDlhODdmMmVlMTZkYmYyMTNhZmJkMzcyMWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUxR9TTycgB6Vb1MWE424l9ORv11
aOmE0vgQs0aTI8BXOI+P1w+0H9Br6cztJBz3dboMcvUrlIRn/2lisLldWv7XVVTT
nrQgI9h5eMnOTxZMMQzv9QfrBa4GnAKY02heCQ8PcCnu5riaGERoWR80ixV26FoT
13EVwOKnhlC7UM2U04ZYbTyZoZvhUyN6Ntwh1Ptp78UgOe2s8vhbdbsgSC6YOv1b
Otqblf0lGtDqHhcz3ffeVDNur3sAFnJiD5tGyfim4oaf3A4/KnQZyZQq3MiJ7tt7
XuDv4PHsK7SSsxqJ88yuMieheVmjiy+SiOc3tNJtAK241LgmsGqmSOtrywIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAd8u6xmCq2ah/LuFtvyE6+9NyHAMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvQjN5N3JHWUtyWnFIOHU0VzJfSVRyNzAzSWNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAV1LZAwQA
V1OvAwQAV1TgAwQAV1YlAwQAW4+0MA0GCSqGSIb3DQEBCwUAA4IBAQCejpNbauaj
5R9LgAVdFq+akgNTYbTMxOobvEx6acXI4c88HajMdWd/W5FfcD8tWTCZI/0rLrjQ
8CgoIO4gb12c/aitUF49b81p1oApFPtew6LtQOmcBUljwxWbCryWT+KSed8QiwPb
36Ktst1PSCObhvPTjNxKB6Ldo/s1ujdPMp6UlppkTnKul8qj9a4kWdleSJF9tqCM
CCbRsviB570zvF48pkhweF3s5Ghod3juzMSBZBrioLJ019bh5ndKh5vbldwfP7a2
WqeY6zJe/d/YbSSdLeLUqiYNR0Imflnum1L5DtyGoOstnLbJPzW/++TuTehtckp/
8d6iw062GfMY
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:45:26 2026 by rpki-client