Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/eee8b5-b451-41d7-ad12-f75618be62d7/1/T8x0xAy4_PhKVTNAIYlfZtMXvu0.roa
File: T8x0xAy4_PhKVTNAIYlfZtMXvu0.roa (raw, json)
Hash identifier: s67CBRuK7ZUjTCXXYr43zzJxgIRbOGZjxmpnRxJkzf4=
Subject key identifier: 4F:CC:74:C4:0C:B8:FC:F8:4A:55:33:40:21:89:5F:66:D3:17:BE:ED
Certificate issuer: /CN=17ebc86d853f7e3a920153f1fb0b19f7b0e41a7f
Certificate serial: 019B77C71BB06912171D65E2325D460D1850
Authority key identifier: 17:EB:C8:6D:85:3F:7E:3A:92:01:53:F1:FB:0B:19:F7:B0:E4:1A:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F-vIbYU_fjqSAVPx-wsZ97DkGn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/eee8b5-b451-41d7-ad12-f75618be62d7/1/T8x0xAy4_PhKVTNAIYlfZtMXvu0.roa
Signing time: Thu 01 Jan 2026 04:18:15 +0000
ROA not before: Thu 01 Jan 2026 04:18:15 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213095
IP address blocks: 91.239.56.0/24 maxlen: 24
163.114.159.0/24 maxlen: 24
185.21.130.0/24 maxlen: 24
2a07:fb40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/eee8b5-b451-41d7-ad12-f75618be62d7/1/F-vIbYU_fjqSAVPx-wsZ97DkGn8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/eee8b5-b451-41d7-ad12-f75618be62d7/1/F-vIbYU_fjqSAVPx-wsZ97DkGn8.mft
rsync://rpki.ripe.net/repository/DEFAULT/F-vIbYU_fjqSAVPx-wsZ97DkGn8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:77:c7:1b:b0:69:12:17:1d:65:e2:32:5d:46:0d:18:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17ebc86d853f7e3a920153f1fb0b19f7b0e41a7f
Validity
Not Before: Jan 1 04:18:15 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4fcc74c40cb8fcf84a55334021895f66d317beed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0f:83:38:d2:ef:f4:3a:0b:a4:c6:58:f5:fc:
35:ac:dd:af:5a:b1:89:02:af:12:f1:8c:1d:5b:e6:
18:65:45:3a:5d:9b:cb:a5:51:aa:c3:66:bd:29:7d:
24:d1:b5:5e:55:0d:0c:7a:eb:bc:1c:d5:8c:ed:e6:
fc:21:35:2e:71:b0:44:d1:ee:a4:47:31:1d:2d:4b:
bc:55:f3:a1:93:73:12:37:9d:3b:8b:12:5e:ad:df:
61:63:dc:5a:51:b0:d8:f4:65:89:4d:e3:c5:f2:1d:
82:17:db:b8:d1:b0:ce:39:84:1f:6d:30:7d:4e:ba:
26:66:22:a5:a2:9d:c0:60:a7:90:6d:dd:f8:c9:8f:
89:8e:d1:28:1d:ec:e5:b8:34:c0:74:50:d6:62:bf:
f5:3c:b7:5a:b6:01:87:b2:cb:e5:d4:4f:ab:d6:b6:
9a:29:fa:3f:20:50:46:dd:e6:de:49:66:78:09:c3:
95:d2:e1:9b:d9:47:87:aa:3f:c3:57:3f:0f:8e:1f:
5c:64:d3:7a:2f:82:43:4f:2f:74:91:1a:2e:d6:7e:
1a:f2:db:55:8d:2a:38:94:98:eb:11:47:e4:98:f6:
6c:fd:27:13:d5:6c:56:2d:98:38:43:8b:44:42:2a:
38:2f:47:ec:c9:da:44:90:40:22:40:ca:a6:0f:61:
d3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:CC:74:C4:0C:B8:FC:F8:4A:55:33:40:21:89:5F:66:D3:17:BE:ED
X509v3 Authority Key Identifier:
keyid:17:EB:C8:6D:85:3F:7E:3A:92:01:53:F1:FB:0B:19:F7:B0:E4:1A:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F-vIbYU_fjqSAVPx-wsZ97DkGn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/eee8b5-b451-41d7-ad12-f75618be62d7/1/T8x0xAy4_PhKVTNAIYlfZtMXvu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/eee8b5-b451-41d7-ad12-f75618be62d7/1/F-vIbYU_fjqSAVPx-wsZ97DkGn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.56.0/24
163.114.159.0/24
185.21.130.0/24
IPv6:
2a07:fb40::/29
Signature Algorithm: sha256WithRSAEncryption
2d:32:16:78:4f:a7:74:eb:68:f8:51:64:ec:15:7a:65:05:ab:
55:70:10:a2:ec:67:f4:2c:28:bf:5c:03:e9:39:a9:3b:15:72:
ae:37:46:79:54:b3:9d:72:8b:11:90:9e:33:f9:42:90:d8:e7:
14:d0:39:b7:74:99:d7:a5:55:d6:d2:a3:dc:49:79:94:2c:5c:
65:e5:c1:29:5a:ad:fc:0e:91:1c:48:30:01:76:ff:d3:b2:2a:
96:74:84:1e:54:ac:a3:bd:f7:7c:90:df:5c:b3:ed:b7:50:78:
26:6e:b0:e0:94:fd:84:26:5d:42:bd:50:74:ec:7d:5f:5f:83:
55:50:82:41:db:f1:01:76:71:da:63:dc:41:cb:31:a8:63:7a:
03:bb:e9:d1:22:cc:42:e3:ef:9a:56:10:4d:4a:60:5e:c5:60:
99:86:4d:53:f2:c8:bc:ff:1d:b5:c8:1a:99:ce:b0:5b:af:2a:
39:85:47:b0:13:1e:6f:b2:a6:31:fe:10:ae:37:c9:01:13:4e:
03:b0:82:ca:dd:cd:de:9a:a7:30:ab:b2:cb:ff:bd:7e:5a:d3:
44:67:3b:3a:dc:3d:3d:e6:0b:8c:22:85:7e:e9:d3:18:28:ff:
be:ff:41:b8:06:7e:ab:cf:39:19:d3:68:15:44:20:bd:ac:c3:
ec:6a:be:d1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZt3xxuwaRIXHWXiMl1GDRhQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZWJjODZkODUzZjdlM2E5MjAxNTNmMWZiMGIxOWY3YjBl
NDFhN2YwHhcNMjYwMTAxMDQxODE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmNjNzRjNDBjYjhmY2Y4NGE1NTMzNDAyMTg5NWY2NmQzMTdiZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQ+DONLv9DoLpMZY9fw1rN2vWrGJ
Aq8S8YwdW+YYZUU6XZvLpVGqw2a9KX0k0bVeVQ0Meuu8HNWM7eb8ITUucbBE0e6k
RzEdLUu8VfOhk3MSN507ixJerd9hY9xaUbDY9GWJTePF8h2CF9u40bDOOYQfbTB9
TromZiKlop3AYKeQbd34yY+JjtEoHezluDTAdFDWYr/1PLdatgGHssvl1E+r1raa
Kfo/IFBG3ebeSWZ4CcOV0uGb2UeHqj/DVz8Pjh9cZNN6L4JDTy90kRou1n4a8ttV
jSo4lJjrEUfkmPZs/ScT1WxWLZg4Q4tEQio4L0fsydpEkEAiQMqmD2HTqQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFE/MdMQMuPz4SlUzQCGJX2bTF77tMB8GA1UdIwQY
MBaAFBfryG2FP346kgFT8fsLGfew5Bp/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRi12SWJZVV9manFTQVZQeC13c1o5N0RrR244LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9lZWU4YjUtYjQ1MS00MWQ3LWFkMTIt
Zjc1NjE4YmU2MmQ3LzEvVDh4MHhBeTRfUGhLVlROQUlZbGZadE1YdnUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9lZWU4YjUtYjQ1MS00MWQ3LWFkMTItZjc1NjE4YmU2MmQ3
LzEvRi12SWJZVV9manFTQVZQeC13c1o5N0RrR244LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW+84AwQA
o3KfAwQAuRWCMA0EAgACMAcDBQMqB/tAMA0GCSqGSIb3DQEBCwUAA4IBAQAtMhZ4
T6d062j4UWTsFXplBatVcBCi7Gf0LCi/XAPpOak7FXKuN0Z5VLOdcosRkJ4z+UKQ
2OcU0Dm3dJnXpVXW0qPcSXmULFxl5cEpWq38DpEcSDABdv/TsiqWdIQeVKyjvfd8
kN9cs+23UHgmbrDglP2EJl1CvVB07H1fX4NVUIJB2/EBdnHaY9xByzGoY3oDu+nR
IsxC4++aVhBNSmBexWCZhk1T8si8/x21yBqZzrBbryo5hUewEx5vsqYx/hCuN8kB
E04DsILK3c3emqcwq7LL/71+WtNEZzs63D095guMIoV+6dMYKP++/0G4Bn6rzzkZ
02gVRCC9rMPsar7R
-----END CERTIFICATE-----
Generated at Tue Mar 3 01:11:18 2026 by rpki-client