Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/CrqN-8dENCX_k3ivWzMp1wSj_6o.roa
File: CrqN-8dENCX_k3ivWzMp1wSj_6o.roa (raw, json)
Hash identifier: kVhp22WGbEozW5ZIIiAXKYmEyFULj5XzvSrjpQ6O0sQ=
Subject key identifier: 0A:BA:8D:FB:C7:44:34:25:FF:93:78:AF:5B:33:29:D7:04:A3:FF:AA
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019EABA2C79B9DD6656F27F6C28FFBCA0C2B
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/CrqN-8dENCX_k3ivWzMp1wSj_6o.roa
Signing time: Tue 09 Jun 2026 09:07:12 +0000
ROA not before: Tue 09 Jun 2026 09:07:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198810
IP address blocks: 82.108.162.0/24 maxlen: 24
82.108.173.0/24 maxlen: 24
82.108.202.0/24 maxlen: 24
82.108.220.0/24 maxlen: 24
82.109.11.0/24 maxlen: 24
82.109.60.0/24 maxlen: 24
82.109.69.0/24 maxlen: 24
82.109.98.0/24 maxlen: 24
82.109.102.0/24 maxlen: 24
82.109.151.0/24 maxlen: 24
82.109.166.0/24 maxlen: 24
82.109.172.0/24 maxlen: 24
87.82.235.0/24 maxlen: 24
87.83.0.0/24 maxlen: 24
87.83.170.0/24 maxlen: 24
87.85.99.0/24 maxlen: 24
87.85.138.0/24 maxlen: 24
87.85.140.0/24 maxlen: 24
87.85.164.0/24 maxlen: 24
87.85.253.0/24 maxlen: 24
87.85.255.0/24 maxlen: 24
87.86.92.0/24 maxlen: 24
87.86.95.0/24 maxlen: 24
87.86.188.0/24 maxlen: 24
87.86.191.0/24 maxlen: 24
212.134.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 10:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ab:a2:c7:9b:9d:d6:65:6f:27:f6:c2:8f:fb:ca:0c:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Jun 9 09:07:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0aba8dfbc7443425ff9378af5b3329d704a3ffaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:8f:18:5a:d6:b7:fd:94:15:59:c8:1c:b7:9f:
ea:05:ab:fc:d9:44:f7:66:ab:25:fb:15:c0:9e:b0:
fd:b8:a8:a7:c1:56:7c:fc:c5:ee:2c:de:67:a1:b6:
78:fd:19:31:d6:c1:0a:b4:2d:e1:8f:e8:fe:7f:18:
f3:9a:bd:c5:51:df:5e:03:a0:bd:63:d2:9a:bf:3f:
f2:fc:1e:65:ab:c8:aa:62:d9:5d:d0:1e:b3:c0:fd:
39:b7:0d:cf:4b:69:3f:e4:bb:aa:fd:53:ac:9f:fd:
72:a6:ae:9d:0c:c9:a2:5e:7d:f3:0e:69:ef:2c:34:
c5:90:fd:bc:4c:85:b7:ff:8b:8e:a4:9f:89:33:02:
1c:20:ba:0e:e0:ca:c1:95:d0:96:17:e6:1e:f1:96:
a8:49:a4:0a:a1:62:0e:ba:70:e8:56:ac:85:d2:98:
ab:b1:9e:29:d0:44:22:93:51:e2:6a:ab:c0:a0:bb:
b5:4e:48:a2:10:46:83:c6:25:ab:78:fb:34:a5:5d:
37:61:dd:98:3d:48:72:3d:d3:9a:55:78:6e:02:89:
dc:b4:f9:04:08:ba:cc:3f:87:e4:51:23:1e:11:4b:
d2:a3:d2:3a:ba:1a:ce:f8:71:44:e5:fc:80:d5:b6:
4d:f3:b3:c1:41:dd:d2:f1:51:61:04:9b:35:ac:e2:
79:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:BA:8D:FB:C7:44:34:25:FF:93:78:AF:5B:33:29:D7:04:A3:FF:AA
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/CrqN-8dENCX_k3ivWzMp1wSj_6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.108.162.0/24
82.108.173.0/24
82.108.202.0/24
82.108.220.0/24
82.109.11.0/24
82.109.60.0/24
82.109.69.0/24
82.109.98.0/24
82.109.102.0/24
82.109.151.0/24
82.109.166.0/24
82.109.172.0/24
87.82.235.0/24
87.83.0.0/24
87.83.170.0/24
87.85.99.0/24
87.85.138.0/24
87.85.140.0/24
87.85.164.0/24
87.85.253.0/24
87.85.255.0/24
87.86.92.0/24
87.86.95.0/24
87.86.188.0/24
87.86.191.0/24
212.134.157.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:16:99:59:c8:21:91:29:ea:b6:64:94:65:3f:10:ec:8c:8c:
f8:3f:d7:e1:b9:3d:86:70:8c:b5:f5:11:5e:f1:81:b1:89:d6:
d3:5b:58:2f:63:b0:87:98:d6:e4:be:d0:bb:2c:80:f7:67:13:
79:17:51:61:19:40:50:5b:58:95:5b:a0:fe:4c:0d:ed:63:01:
4f:f3:09:ea:e4:d5:ee:ff:ce:2b:8e:66:5c:7e:af:be:ef:26:
d1:15:42:89:f4:16:a2:3d:bd:b8:6b:4c:1b:45:20:38:97:ab:
68:1f:6d:36:fe:20:36:4a:7a:52:8e:30:5b:9c:0c:67:b1:07:
1f:74:c5:46:7e:1f:34:6d:97:7c:2c:33:93:bb:a9:b9:36:ef:
57:03:00:12:13:7a:7a:17:c8:94:81:88:5a:6d:ac:da:0b:30:
de:ff:24:e4:af:93:ea:de:9a:14:6c:b5:88:92:bd:ed:0f:56:
e5:d2:99:46:8a:8d:46:ce:99:c6:22:0d:47:7b:b3:3f:02:00:
5b:34:b7:6b:60:f4:fe:c0:87:29:8b:97:d0:2a:35:b3:7b:6a:
d7:25:76:18:4f:a0:ca:ef:f7:09:39:22:e2:0c:a4:9d:39:a1:
90:05:30:15:78:e1:2b:7c:29:63:cf:5a:54:20:a4:f3:44:71:
a9:d9:cd:62
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAZ6rosebndZlbyf2wo/7ygwrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwNjA5MDkwNzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWJhOGRmYmM3NDQzNDI1ZmY5Mzc4YWY1YjMzMjlkNzA0YTNmZmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyI8YWta3/ZQVWcgct5/qBav82UT3
Zqsl+xXAnrD9uKinwVZ8/MXuLN5nobZ4/Rkx1sEKtC3hj+j+fxjzmr3FUd9eA6C9
Y9Kavz/y/B5lq8iqYtld0B6zwP05tw3PS2k/5Luq/VOsn/1ypq6dDMmiXn3zDmnv
LDTFkP28TIW3/4uOpJ+JMwIcILoO4MrBldCWF+Ye8ZaoSaQKoWIOunDoVqyF0pir
sZ4p0EQik1HiaqvAoLu1TkiiEEaDxiWrePs0pV03Yd2YPUhyPdOaVXhuAonctPkE
CLrMP4fkUSMeEUvSo9I6uhrO+HFE5fyA1bZN87PBQd3S8VFhBJs1rOJ5bwIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFAq6jfvHRDQl/5N4r1szKdcEo/+qMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvQ3JxTi04ZEVOQ1hfazNpdld6TXAxd1NqXzZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBABS
bKIDBABSbK0DBABSbMoDBABSbNwDBABSbQsDBABSbTwDBABSbUUDBABSbWIDBABS
bWYDBABSbZcDBABSbaYDBABSbawDBABXUusDBABXUwADBABXU6oDBABXVWMDBABX
VYoDBABXVYwDBABXVaQDBABXVf0DBABXVf8DBABXVlwDBABXVl8DBABXVrwDBABX
Vr8DBADUhp0wDQYJKoZIhvcNAQELBQADggEBALsWmVnIIZEp6rZklGU/EOyMjPg/
1+G5PYZwjLX1EV7xgbGJ1tNbWC9jsIeY1uS+0LssgPdnE3kXUWEZQFBbWJVboP5M
De1jAU/zCerk1e7/ziuOZlx+r77vJtEVQon0FqI9vbhrTBtFIDiXq2gfbTb+IDZK
elKOMFucDGexBx90xUZ+HzRtl3wsM5O7qbk271cDABITenoXyJSBiFptrNoLMN7/
JOSvk+remhRstYiSve0PVuXSmUaKjUbOmcYiDUd7sz8CAFs0t2tg9P7AhymLl9Aq
NbN7atcldhhPoMrv9wk5IuIMpJ05oZAFMBV44St8KWPPWlQgpPNEcanZzWI=
-----END CERTIFICATE-----
Generated at Sat Jun 13 20:17:34 2026 by rpki-client