Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/308c09-0034-4486-8274-d4dbd5e204f7/1/hS-zp-zfmueU5iHRFKC0O06b_Y8.roa
File: hS-zp-zfmueU5iHRFKC0O06b_Y8.roa (raw, json)
Hash identifier: bQDlMMAMtH4O8JePaz3JngoNBpURtKGCYa9QelbxBc8=
Subject key identifier: 85:2F:B3:A7:EC:DF:9A:E7:94:E6:21:D1:14:A0:B4:3B:4E:9B:FD:8F
Certificate issuer: /CN=db99f330be3147b4da90d114a3cf4205fa451103
Certificate serial: 019D4381BF3927EE1EFAAB2721B41AB1EC4A
Authority key identifier: DB:99:F3:30:BE:31:47:B4:DA:90:D1:14:A3:CF:42:05:FA:45:11:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/25nzML4xR7TakNEUo89CBfpFEQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/308c09-0034-4486-8274-d4dbd5e204f7/1/hS-zp-zfmueU5iHRFKC0O06b_Y8.roa
Signing time: Tue 31 Mar 2026 10:47:49 +0000
ROA not before: Tue 31 Mar 2026 10:47:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20738
IP address blocks: 79.170.40.0/21 maxlen: 21
79.170.40.0/24 maxlen: 24
79.170.41.0/24 maxlen: 24
79.170.42.0/24 maxlen: 24
79.170.43.0/24 maxlen: 24
79.170.44.0/24 maxlen: 24
79.170.45.0/24 maxlen: 24
79.170.46.0/24 maxlen: 24
79.170.47.0/24 maxlen: 24
213.155.0.0/24 maxlen: 24
213.155.1.0/24 maxlen: 24
213.155.2.0/24 maxlen: 24
2a01:e840::/32 maxlen: 48
2a01:e840:2::/48 maxlen: 48
2a01:e840:3::/48 maxlen: 48
2a01:e840:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/308c09-0034-4486-8274-d4dbd5e204f7/1/25nzML4xR7TakNEUo89CBfpFEQM.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/308c09-0034-4486-8274-d4dbd5e204f7/1/25nzML4xR7TakNEUo89CBfpFEQM.mft
rsync://rpki.ripe.net/repository/DEFAULT/25nzML4xR7TakNEUo89CBfpFEQM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 09:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:43:81:bf:39:27:ee:1e:fa:ab:27:21:b4:1a:b1:ec:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db99f330be3147b4da90d114a3cf4205fa451103
Validity
Not Before: Mar 31 10:47:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=852fb3a7ecdf9ae794e621d114a0b43b4e9bfd8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:33:1d:3f:4f:56:49:44:75:11:a2:d5:aa:b6:
7f:ca:6b:f7:4e:0e:8b:4b:fc:ed:42:20:82:b2:3b:
48:4d:be:6e:fc:33:1e:38:37:53:73:65:b4:20:54:
91:f7:43:6c:33:d3:12:cc:13:0f:c7:ed:4e:ab:cc:
52:26:e6:f6:27:8f:63:a2:ff:c3:b0:98:9d:5b:ee:
5e:fb:e1:f4:be:96:9a:97:10:b0:32:66:84:c0:71:
4e:6a:08:f0:5a:1e:72:ac:f8:2a:35:ff:43:a8:20:
cc:ac:1f:9a:29:b5:ec:a0:79:63:a3:72:d5:e8:be:
0e:a5:d6:d5:84:07:55:80:9f:1f:74:32:95:00:e2:
45:c1:ff:f7:17:d0:35:e8:8f:58:15:0a:66:1e:79:
2f:13:0c:d6:68:81:05:ca:aa:28:00:01:e0:60:4d:
75:03:d5:18:b8:10:ee:c8:1f:4f:41:42:b6:4c:b0:
8e:4c:89:78:79:fb:31:bf:fb:c3:c3:94:9d:71:7e:
a1:8f:f9:66:4d:d6:d4:7f:1b:19:4e:ad:0b:3b:03:
ff:75:bb:64:53:f8:00:b0:6a:fc:b1:a8:78:3e:d5:
18:00:e3:b1:cc:99:84:b1:22:17:b2:34:21:98:27:
01:e9:09:50:aa:d4:c9:d3:13:b2:89:65:3c:35:93:
21:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:2F:B3:A7:EC:DF:9A:E7:94:E6:21:D1:14:A0:B4:3B:4E:9B:FD:8F
X509v3 Authority Key Identifier:
keyid:DB:99:F3:30:BE:31:47:B4:DA:90:D1:14:A3:CF:42:05:FA:45:11:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/25nzML4xR7TakNEUo89CBfpFEQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/308c09-0034-4486-8274-d4dbd5e204f7/1/hS-zp-zfmueU5iHRFKC0O06b_Y8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/308c09-0034-4486-8274-d4dbd5e204f7/1/25nzML4xR7TakNEUo89CBfpFEQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.170.40.0/21
213.155.0.0-213.155.2.255
IPv6:
2a01:e840::/32
Signature Algorithm: sha256WithRSAEncryption
55:ac:29:92:04:f6:38:9c:28:29:3c:96:b5:0e:42:ba:3a:f4:
7c:a7:5a:09:26:cb:63:25:cc:75:72:b6:00:58:ee:7b:85:14:
a9:2b:02:9b:0e:91:88:88:0f:9f:b7:1f:b3:10:a0:5d:55:c0:
b4:d9:1e:18:b7:f2:20:61:96:e9:e6:55:c7:14:9e:4f:7d:80:
f7:2e:21:30:4c:3c:fd:46:02:3f:20:3b:f2:93:2f:9b:d2:1a:
82:90:fb:30:56:d1:4a:8c:0c:76:a0:3a:c7:21:aa:c0:4b:08:
df:a2:f4:34:7f:35:49:c3:d8:50:a3:7d:79:66:86:6e:81:79:
15:f3:29:8b:c8:f2:6c:ec:7e:29:ae:15:da:5e:f1:c9:91:98:
85:92:0b:f6:35:1b:22:3f:df:2b:e1:ed:f7:93:e9:12:aa:d2:
b5:ae:88:d1:bd:b3:ff:90:0e:2c:cf:a1:7c:ba:3b:87:53:36:
8c:a9:24:f9:f0:d8:90:d6:ff:9d:c6:23:13:c2:28:d4:64:3a:
91:df:33:36:11:cd:f9:d6:e8:9d:e8:94:fd:5a:28:94:b8:54:
b4:fd:43:81:47:2c:55:54:f2:a0:b2:24:2e:76:b6:be:a7:f2:
aa:88:40:63:ab:03:1f:ec:b3:80:4a:7e:3b:f4:db:30:f1:c2:
cc:31:ef:d5
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZ1Dgb85J+4e+qsnIbQasexKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOTlmMzMwYmUzMTQ3YjRkYTkwZDExNGEzY2Y0MjA1ZmE0
NTExMDMwHhcNMjYwMzMxMTA0NzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTJmYjNhN2VjZGY5YWU3OTRlNjIxZDExNGEwYjQzYjRlOWJmZDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDMdP09WSUR1EaLVqrZ/ymv3Tg6L
S/ztQiCCsjtITb5u/DMeODdTc2W0IFSR90NsM9MSzBMPx+1Oq8xSJub2J49jov/D
sJidW+5e++H0vpaalxCwMmaEwHFOagjwWh5yrPgqNf9DqCDMrB+aKbXsoHljo3LV
6L4OpdbVhAdVgJ8fdDKVAOJFwf/3F9A16I9YFQpmHnkvEwzWaIEFyqooAAHgYE11
A9UYuBDuyB9PQUK2TLCOTIl4efsxv/vDw5SdcX6hj/lmTdbUfxsZTq0LOwP/dbtk
U/gAsGr8sah4PtUYAOOxzJmEsSIXsjQhmCcB6QlQqtTJ0xOyiWU8NZMhXQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIUvs6fs35rnlOYh0RSgtDtOm/2PMB8GA1UdIwQY
MBaAFNuZ8zC+MUe02pDRFKPPQgX6RREDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjVuek1MNHhSN1Rha05FVW84OUNCZnBGRVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8zMDhjMDktMDAzNC00NDg2LTgyNzQt
ZDRkYmQ1ZTIwNGY3LzEvaFMtenAtemZtdWVVNWlIUkZLQzBPMDZiX1k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8zMDhjMDktMDAzNC00NDg2LTgyNzQtZDRkYmQ1ZTIwNGY3
LzEvMjVuek1MNHhSN1Rha05FVW84OUNCZnBGRVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAZBAIAATATAwQDT6ooMAsD
AwDVmwMEANWbAjANBAIAAjAHAwUAKgHoQDANBgkqhkiG9w0BAQsFAAOCAQEAVawp
kgT2OJwoKTyWtQ5Cujr0fKdaCSbLYyXMdXK2AFjue4UUqSsCmw6RiIgPn7cfsxCg
XVXAtNkeGLfyIGGW6eZVxxSeT32A9y4hMEw8/UYCPyA78pMvm9IagpD7MFbRSowM
dqA6xyGqwEsI36L0NH81ScPYUKN9eWaGboF5FfMpi8jybOx+Ka4V2l7xyZGYhZIL
9jUbIj/fK+Ht95PpEqrSta6I0b2z/5AOLM+hfLo7h1M2jKkk+fDYkNb/ncYjE8Io
1GQ6kd8zNhHN+dboneiU/VoolLhUtP1DgUcsVVTyoLIkLna2vqfyqohAY6sDH+yz
gEp+O/TbMPHCzDHv1Q==
-----END CERTIFICATE-----
Generated at Fri Apr 17 19:41:44 2026 by rpki-client