Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/83cebe-c8ce-489d-a2f0-b95a16416b56/1/Ldw7iPn1SUZR0o_Mw2A1SwKSf3o.roa
File: Ldw7iPn1SUZR0o_Mw2A1SwKSf3o.roa (raw, json)
Hash identifier: qx+pYfWPpYvuMywyJs0SwN08g9+w1RyFT1RhBFHmVnQ=
Subject key identifier: 2D:DC:3B:88:F9:F5:49:46:51:D2:8F:CC:C3:60:35:4B:02:92:7F:7A
Certificate issuer: /CN=f215517b0b20309e916405b9e1ed21a0469a6895
Certificate serial: 019E36253AEC1445E543A0EF5AC71E76E0D3
Authority key identifier: F2:15:51:7B:0B:20:30:9E:91:64:05:B9:E1:ED:21:A0:46:9A:68:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8hVRewsgMJ6RZAW54e0hoEaaaJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/83cebe-c8ce-489d-a2f0-b95a16416b56/1/Ldw7iPn1SUZR0o_Mw2A1SwKSf3o.roa
Signing time: Sun 17 May 2026 13:34:30 +0000
ROA not before: Sun 17 May 2026 13:34:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201966
IP address blocks: 91.219.119.0/24 maxlen: 24
185.92.216.0/22 maxlen: 24
185.92.216.0/24 maxlen: 24
185.92.217.0/24 maxlen: 24
185.92.218.0/24 maxlen: 24
185.92.219.0/24 maxlen: 24
2a14:8900::/29 maxlen: 64
2a14:8900::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/83cebe-c8ce-489d-a2f0-b95a16416b56/1/8hVRewsgMJ6RZAW54e0hoEaaaJU.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/83cebe-c8ce-489d-a2f0-b95a16416b56/1/8hVRewsgMJ6RZAW54e0hoEaaaJU.mft
rsync://rpki.ripe.net/repository/DEFAULT/8hVRewsgMJ6RZAW54e0hoEaaaJU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 04:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:36:25:3a:ec:14:45:e5:43:a0:ef:5a:c7:1e:76:e0:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f215517b0b20309e916405b9e1ed21a0469a6895
Validity
Not Before: May 17 13:34:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2ddc3b88f9f5494651d28fccc360354b02927f7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:99:b7:53:c5:94:8d:fc:14:f5:1a:b7:f9:4e:
ef:35:f4:2b:c2:47:16:33:d8:39:f3:f5:f8:ff:25:
a0:3b:be:d1:84:3a:4a:55:14:e7:3c:9e:27:09:b4:
84:37:62:be:47:ea:e4:25:12:b8:97:99:14:0f:ea:
7c:3d:f7:25:48:c0:5d:49:15:92:3c:1c:ed:ac:4a:
64:fb:d4:5a:59:18:c3:2f:4b:46:66:22:f1:ec:c4:
b8:66:00:27:fc:15:03:b5:f6:ba:33:98:47:a5:e9:
63:66:a2:33:b3:a4:7e:ec:48:81:15:cc:43:94:51:
18:a0:50:8e:fb:22:05:0e:28:68:01:28:48:eb:69:
63:db:9a:0d:5a:41:71:db:6b:fd:dd:51:73:db:cf:
f1:f9:3a:e6:a7:41:ce:50:ed:f1:ba:26:7d:10:e5:
65:2e:af:c8:03:ca:45:b1:f3:54:c9:0b:ca:15:f4:
26:80:04:ca:7d:a3:5b:06:23:fd:42:89:08:4c:5b:
11:c7:42:26:f8:fc:c0:c2:0e:74:94:ac:fb:99:4c:
c1:af:80:a9:6f:94:d0:fb:b0:b6:22:ea:b9:3e:5d:
e6:e5:b5:37:ad:8e:1d:03:a8:6e:5e:bf:a9:99:52:
e2:4f:cd:00:fc:7d:4c:c6:18:a5:c7:e6:fa:d8:af:
92:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:DC:3B:88:F9:F5:49:46:51:D2:8F:CC:C3:60:35:4B:02:92:7F:7A
X509v3 Authority Key Identifier:
keyid:F2:15:51:7B:0B:20:30:9E:91:64:05:B9:E1:ED:21:A0:46:9A:68:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8hVRewsgMJ6RZAW54e0hoEaaaJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/83cebe-c8ce-489d-a2f0-b95a16416b56/1/Ldw7iPn1SUZR0o_Mw2A1SwKSf3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/83cebe-c8ce-489d-a2f0-b95a16416b56/1/8hVRewsgMJ6RZAW54e0hoEaaaJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.119.0/24
185.92.216.0/22
IPv6:
2a14:8900::/29
Signature Algorithm: sha256WithRSAEncryption
82:62:8f:27:fa:4b:3d:55:7b:24:ab:a7:77:bf:ea:9d:9c:07:
c1:05:78:38:54:a2:b4:14:4f:4b:86:60:ab:ce:ef:f1:ef:3f:
ea:a9:72:0a:4c:43:29:ec:dd:97:5d:f9:b6:f8:0e:d1:9e:0b:
72:68:13:da:e0:58:35:20:cf:00:2d:17:73:bf:a8:1c:53:b4:
7f:3f:c4:73:66:09:45:ff:dc:1c:9b:b2:9d:de:7a:db:4e:6d:
7d:fa:d0:7f:ff:18:e6:15:c5:5a:3a:c1:fc:f0:0b:75:9d:a0:
19:40:94:71:1d:a1:6a:4a:02:e5:c6:35:6d:9d:a9:59:8e:95:
ca:af:cf:ea:df:b5:c2:2b:37:68:d5:18:13:04:a3:7f:6b:7d:
2c:a2:4c:ea:9b:81:e0:fe:31:d4:af:fb:2a:f5:35:89:6f:a0:
2c:f9:cd:e0:e7:93:e5:c6:96:1f:fc:ae:ab:a7:81:be:e9:36:
ce:7d:da:83:e0:e8:c1:1e:37:5c:c0:e5:eb:13:eb:4d:73:e0:
2b:b3:db:44:f0:96:e7:68:eb:92:4a:72:ee:06:57:05:41:d6:
96:b6:eb:0d:ee:3c:81:e7:08:fa:a3:1a:17:9d:24:20:ba:cc:
af:f6:ca:75:9d:a7:6d:b4:e2:04:88:79:8e:bd:21:6b:37:ee:
5a:9a:9f:28
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ42JTrsFEXlQ6DvWsceduDTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyMTU1MTdiMGIyMDMwOWU5MTY0MDViOWUxZWQyMWEwNDY5
YTY4OTUwHhcNMjYwNTE3MTMzNDMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGRjM2I4OGY5ZjU0OTQ2NTFkMjhmY2NjMzYwMzU0YjAyOTI3ZjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8pm3U8WUjfwU9Rq3+U7vNfQrwkcW
M9g58/X4/yWgO77RhDpKVRTnPJ4nCbSEN2K+R+rkJRK4l5kUD+p8PfclSMBdSRWS
PBztrEpk+9RaWRjDL0tGZiLx7MS4ZgAn/BUDtfa6M5hHpeljZqIzs6R+7EiBFcxD
lFEYoFCO+yIFDihoAShI62lj25oNWkFx22v93VFz28/x+Trmp0HOUO3xuiZ9EOVl
Lq/IA8pFsfNUyQvKFfQmgATKfaNbBiP9QokITFsRx0Im+PzAwg50lKz7mUzBr4Cp
b5TQ+7C2Iuq5Pl3m5bU3rY4dA6huXr+pmVLiT80A/H1Mxhilx+b62K+StQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFC3cO4j59UlGUdKPzMNgNUsCkn96MB8GA1UdIwQY
MBaAFPIVUXsLIDCekWQFueHtIaBGmmiVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGhWUmV3c2dNSjZSWkFXNTRlMGhvRWFhYUpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi84M2NlYmUtYzhjZS00ODlkLWEyZjAt
Yjk1YTE2NDE2YjU2LzEvTGR3N2lQbjFTVVpSMG9fTXcyQTFTd0tTZjNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi84M2NlYmUtYzhjZS00ODlkLWEyZjAtYjk1YTE2NDE2YjU2
LzEvOGhWUmV3c2dNSjZSWkFXNTRlMGhvRWFhYUpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9t3AwQC
uVzYMA0EAgACMAcDBQMqFIkAMA0GCSqGSIb3DQEBCwUAA4IBAQCCYo8n+ks9VXsk
q6d3v+qdnAfBBXg4VKK0FE9LhmCrzu/x7z/qqXIKTEMp7N2XXfm2+A7RngtyaBPa
4Fg1IM8ALRdzv6gcU7R/P8RzZglF/9wcm7Kd3nrbTm19+tB//xjmFcVaOsH88At1
naAZQJRxHaFqSgLlxjVtnalZjpXKr8/q37XCKzdo1RgTBKN/a30sokzqm4Hg/jHU
r/sq9TWJb6As+c3g55PlxpYf/K6rp4G+6TbOfdqD4OjBHjdcwOXrE+tNc+Ars9tE
8JbnaOuSSnLuBlcFQdaWtusN7jyB5wj6oxoXnSQgusyv9sp1nadttOIEiHmOvSFr
N+5amp8o
-----END CERTIFICATE-----
Generated at Sat Jun 13 12:55:55 2026 by rpki-client