Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/IrAmy11rZJI6T7b9TOqwrK9lVyU.roa
File: IrAmy11rZJI6T7b9TOqwrK9lVyU.roa (raw, json)
Hash identifier: h9URKcjvU/CcITMUnrMcCY/cFNmMmE8d3RdTZSBmw+I=
Subject key identifier: 22:B0:26:CB:5D:6B:64:92:3A:4F:B6:FD:4C:EA:B0:AC:AF:65:57:25
Certificate issuer: /CN=0ae4bc9401d9f87772c8c9c69834077512f42611
Certificate serial: 019D6DB56E5C74DDC862DC15460C6B75D9C3
Authority key identifier: 0A:E4:BC:94:01:D9:F8:77:72:C8:C9:C6:98:34:07:75:12:F4:26:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/IrAmy11rZJI6T7b9TOqwrK9lVyU.roa
Signing time: Wed 08 Apr 2026 15:28:20 +0000
ROA not before: Wed 08 Apr 2026 15:28:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49791
IP address blocks: 81.85.73.0/24 maxlen: 24
185.5.74.0/24 maxlen: 24
185.9.27.0/24 maxlen: 24
185.28.175.0/24 maxlen: 24
213.155.8.0/24 maxlen: 24
213.155.13.0/24 maxlen: 24
213.155.29.0/24 maxlen: 24
217.177.35.0/24 maxlen: 24
217.179.50.0/24 maxlen: 24
217.179.51.0/24 maxlen: 24
2a11:2cc0:12::/47 maxlen: 47
2a11:2cc0:14::/47 maxlen: 47
2a11:2cc0:16::/47 maxlen: 47
2a11:2cc0:18::/47 maxlen: 47
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.mft
rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 13:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6d:b5:6e:5c:74:dd:c8:62:dc:15:46:0c:6b:75:d9:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ae4bc9401d9f87772c8c9c69834077512f42611
Validity
Not Before: Apr 8 15:28:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=22b026cb5d6b64923a4fb6fd4ceab0acaf655725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:fb:e3:38:67:d3:bd:60:63:b1:cb:68:f7:92:
4a:4f:7e:c7:d6:82:86:9e:92:31:8d:8a:aa:08:b6:
da:c9:d3:b3:16:bd:93:42:1f:b6:c3:84:52:67:00:
e3:45:60:68:b0:f9:73:fa:1c:ab:14:5c:eb:b6:28:
92:b9:cb:0b:bf:32:78:53:ac:02:e5:cc:5a:54:34:
db:a5:33:fd:7b:ed:39:28:9a:56:6a:5d:66:1d:23:
7a:2c:41:07:ab:87:e9:23:bb:e9:50:bd:f6:13:19:
e9:54:08:89:f7:d2:28:1d:4b:b9:3c:00:92:e4:7e:
0d:82:55:ff:aa:da:93:c1:f7:c6:2d:e4:17:10:04:
53:99:85:70:d8:bc:80:bf:ad:8b:b5:95:8f:49:5f:
6a:aa:79:84:37:e3:7c:64:c5:27:47:73:af:66:94:
85:28:17:0c:38:41:0c:81:b9:8f:f7:f8:eb:39:4a:
02:76:ad:15:91:8d:36:be:75:06:b3:22:cc:45:49:
13:af:cf:ea:d7:83:94:13:cc:8c:8d:41:85:86:6d:
77:2a:be:f1:03:b1:f4:65:d3:b3:fb:7a:5d:a2:2a:
ce:c7:34:62:17:6d:d8:33:e3:05:9a:ef:fd:a9:69:
84:dd:80:b5:19:46:66:40:ed:aa:7d:d4:87:7f:77:
d3:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:B0:26:CB:5D:6B:64:92:3A:4F:B6:FD:4C:EA:B0:AC:AF:65:57:25
X509v3 Authority Key Identifier:
keyid:0A:E4:BC:94:01:D9:F8:77:72:C8:C9:C6:98:34:07:75:12:F4:26:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/IrAmy11rZJI6T7b9TOqwrK9lVyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.85.73.0/24
185.5.74.0/24
185.9.27.0/24
185.28.175.0/24
213.155.8.0/24
213.155.13.0/24
213.155.29.0/24
217.177.35.0/24
217.179.50.0/23
IPv6:
2a11:2cc0:12::-2a11:2cc0:19:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0e:5d:4e:c1:11:fd:50:bb:72:e0:31:bb:ff:87:c1:7c:b3:36:
c8:cc:36:fe:b0:fe:0b:9f:2a:72:cf:96:5d:a9:ea:10:84:84:
0b:68:49:da:42:cd:13:78:a0:1e:8a:c1:fb:4c:4b:20:d3:50:
0e:87:77:5e:75:df:c6:2a:ac:d0:f8:b6:f1:3f:b8:e6:78:d2:
81:d6:6d:75:11:d3:a9:ca:f5:69:2d:27:3a:39:ec:41:11:79:
6e:af:af:4e:9a:00:53:ed:6d:32:19:d9:ce:0b:ae:e7:78:39:
34:1e:f0:fc:81:07:c0:18:db:fa:fb:44:2f:b1:44:87:77:a4:
57:ba:87:4a:de:82:4d:4f:81:8f:09:4e:ed:d4:8e:9d:e5:f1:
c7:35:d2:fc:e8:d7:55:2d:b9:be:bf:54:3a:6b:ec:5c:d8:b1:
d1:ab:d0:f3:db:dc:30:17:23:0e:49:de:dc:a5:a5:73:2b:e3:
9a:73:5b:c7:94:53:ee:87:3e:d2:5f:72:2f:fb:fe:66:80:b1:
db:71:c3:cd:69:26:73:ed:9c:65:2d:54:77:da:52:9a:3c:b1:
51:71:9c:30:3e:b6:a4:d9:01:d3:ca:a1:12:79:3f:7c:00:8b:
df:89:a3:84:64:6f:8c:e2:42:6e:81:b3:c5:01:d0:e0:a7:6c:
cb:a6:40:a9
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZ1ttW5cdN3IYtwVRgxrddnDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZTRiYzk0MDFkOWY4Nzc3MmM4YzljNjk4MzQwNzc1MTJm
NDI2MTEwHhcNMjYwNDA4MTUyODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmIwMjZjYjVkNmI2NDkyM2E0ZmI2ZmQ0Y2VhYjBhY2FmNjU1NzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PvjOGfTvWBjscto95JKT37H1oKG
npIxjYqqCLbaydOzFr2TQh+2w4RSZwDjRWBosPlz+hyrFFzrtiiSucsLvzJ4U6wC
5cxaVDTbpTP9e+05KJpWal1mHSN6LEEHq4fpI7vpUL32ExnpVAiJ99IoHUu5PACS
5H4NglX/qtqTwffGLeQXEARTmYVw2LyAv62LtZWPSV9qqnmEN+N8ZMUnR3OvZpSF
KBcMOEEMgbmP9/jrOUoCdq0VkY02vnUGsyLMRUkTr8/q14OUE8yMjUGFhm13Kr7x
A7H0ZdOz+3pdoirOxzRiF23YM+MFmu/9qWmE3YC1GUZmQO2qfdSHf3fTrwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFCKwJstda2SSOk+2/UzqsKyvZVclMB8GA1UdIwQY
MBaAFArkvJQB2fh3csjJxpg0B3US9CYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3VTOGxBSFotSGR5eU1uR21EUUhkUkwwSmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9hNDA3YTAtOGJjMS00NDE2LTk0Mzct
MjQyNDY2ODJiZjAwLzEvSXJBbXkxMXJaSkk2VDdiOVRPcXdySzlsVnlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9hNDA3YTAtOGJjMS00NDE2LTk0MzctMjQyNDY2ODJiZjAw
LzEvQ3VTOGxBSFotSGR5eU1uR21EUUhkUkwwSmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjA8BAIAATA2AwQAUVVJAwQA
uQVKAwQAuQkbAwQAuRyvAwQA1ZsIAwQA1ZsNAwQA1ZsdAwQA2bEjAwQB2bMyMBoE
AgACMBQwEgMHASoRLMAAEgMHASoRLMAAGDANBgkqhkiG9w0BAQsFAAOCAQEADl1O
wRH9ULty4DG7/4fBfLM2yMw2/rD+C58qcs+WXanqEISEC2hJ2kLNE3igHorB+0xL
INNQDod3XnXfxiqs0Pi28T+45njSgdZtdRHTqcr1aS0nOjnsQRF5bq+vTpoAU+1t
MhnZzguu53g5NB7w/IEHwBjb+vtEL7FEh3ekV7qHSt6CTU+BjwlO7dSOneXxxzXS
/OjXVS25vr9UOmvsXNix0avQ89vcMBcjDkne3KWlcyvjmnNbx5RT7oc+0l9yL/v+
ZoCx23HDzWkmc+2cZS1Ud9pSmjyxUXGcMD62pNkB08qhEnk/fACL34mjhGRvjOJC
boGzxQHQ4Kdsy6ZAqQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 22:01:28 2026 by rpki-client