Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/d9824_S4MRqaUsBGkYVeINSXKak.roa
File: d9824_S4MRqaUsBGkYVeINSXKak.roa (raw, json)
Hash identifier: RY+L0TdWrN2W1f3nEXjK676BVMzwhvoJkHUw9U1EJPg=
Subject key identifier: 77:DF:36:E3:F4:B8:31:1A:9A:52:C0:46:91:85:5E:20:D4:97:29:A9
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019C71A6F544AD9A0A0179237CDF67AEA981
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/d9824_S4MRqaUsBGkYVeINSXKak.roa
Signing time: Wed 18 Feb 2026 16:48:13 +0000
ROA not before: Wed 18 Feb 2026 16:48:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62390
IP address blocks: 89.33.13.0/24 maxlen: 24
89.37.116.0/24 maxlen: 24
89.37.117.0/24 maxlen: 24
89.41.179.0/24 maxlen: 24
89.45.12.0/23 maxlen: 23
89.45.12.0/24 maxlen: 24
89.45.13.0/24 maxlen: 24
89.47.232.0/24 maxlen: 24
89.47.233.0/24 maxlen: 24
93.119.105.0/24 maxlen: 24
188.240.210.0/24 maxlen: 24
188.240.221.0/24 maxlen: 24
2001:4d18:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:71:a6:f5:44:ad:9a:0a:01:79:23:7c:df:67:ae:a9:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Feb 18 16:48:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=77df36e3f4b8311a9a52c04691855e20d49729a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:95:c6:08:d7:0b:06:f2:ef:05:7c:f2:d9:cb:
15:f6:2f:87:02:d6:d0:7f:cc:b9:ea:b3:5a:e4:6a:
18:27:9c:8c:ea:72:8d:71:03:cc:be:f0:88:33:fb:
a9:10:50:fe:6e:d3:b1:f6:dd:ea:11:dd:e4:ea:15:
a6:66:25:54:0f:ab:aa:8d:8e:5f:f8:9d:ac:34:c6:
52:31:6b:3a:eb:fa:b7:30:8c:9a:15:b2:d4:fd:09:
05:5c:bd:c1:92:29:fe:69:19:23:18:a2:87:e4:4d:
6a:7b:11:5f:0a:24:f0:f1:59:71:b6:00:1c:be:c6:
17:07:87:16:05:d2:26:53:ba:bb:32:0d:f4:8a:5a:
7a:4f:78:1b:28:f4:ca:50:b9:19:b6:72:7f:0c:12:
47:a1:8a:64:9d:9c:71:9d:57:a9:bf:d4:0d:3f:2f:
65:33:3d:cb:8e:03:be:c0:c6:ca:3a:2a:cb:87:b4:
ff:05:a7:39:b9:14:09:86:56:64:8f:dc:91:48:e8:
ac:78:90:27:6a:f7:2f:2f:a2:be:c5:1a:b7:fc:c0:
0a:02:68:d4:78:69:3b:48:e8:6d:91:5c:3d:8b:d3:
38:ec:ff:c2:5a:07:93:f8:27:49:18:de:7b:3a:1e:
95:85:41:e2:44:f3:4f:99:07:c7:dd:0d:12:6d:f9:
09:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:DF:36:E3:F4:B8:31:1A:9A:52:C0:46:91:85:5E:20:D4:97:29:A9
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/d9824_S4MRqaUsBGkYVeINSXKak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.13.0/24
89.37.116.0/23
89.41.179.0/24
89.45.12.0/23
89.47.232.0/23
93.119.105.0/24
188.240.210.0/24
188.240.221.0/24
IPv6:
2001:4d18:2::/48
Signature Algorithm: sha256WithRSAEncryption
1f:c8:57:75:75:fa:0e:5e:fb:46:48:ea:9f:75:26:a5:f0:1b:
4a:4e:0d:c3:ec:53:3b:8d:3a:24:4f:c0:fd:63:db:34:57:88:
07:ac:e4:87:30:b5:3b:0a:fc:92:bb:3e:d7:5b:e0:12:58:0a:
22:f4:a1:58:a5:43:37:8b:9a:08:2a:01:13:c4:03:14:78:f8:
19:b5:46:45:76:d3:ed:d5:8f:e8:0e:66:55:57:fe:5f:4f:90:
59:2a:74:25:c3:7f:33:8f:08:2b:0f:63:c2:cc:de:03:97:2c:
23:c4:fb:26:96:f5:a4:1f:91:84:e6:5b:de:31:9b:9e:fe:5e:
06:ea:e1:b7:50:c1:d7:50:12:cf:8c:cb:02:3c:99:4b:ff:32:
2b:6d:55:11:11:c1:00:b4:e9:66:68:3a:73:26:43:b9:f0:10:
8e:98:cf:7d:1e:2a:44:02:d1:53:7d:e0:82:8f:05:d1:af:d5:
d9:45:d5:a5:55:38:9c:0e:bb:34:e9:04:59:0b:8f:8e:dd:1f:
8a:1d:1d:84:a3:ac:49:0d:ca:13:28:83:5e:9a:89:16:9d:92:
7a:53:63:74:27:11:63:ac:91:1a:a2:49:f0:63:80:75:b6:bf:
a3:7f:50:57:87:de:8c:fa:fd:76:dc:1a:d2:1d:81:57:b9:46:
1c:8b:f8:fe
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZxxpvVErZoKAXkjfN9nrqmBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjYwMjE4MTY0ODEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2RmMzZlM2Y0YjgzMTFhOWE1MmMwNDY5MTg1NWUyMGQ0OTcyOWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZXGCNcLBvLvBXzy2csV9i+HAtbQ
f8y56rNa5GoYJ5yM6nKNcQPMvvCIM/upEFD+btOx9t3qEd3k6hWmZiVUD6uqjY5f
+J2sNMZSMWs66/q3MIyaFbLU/QkFXL3Bkin+aRkjGKKH5E1qexFfCiTw8VlxtgAc
vsYXB4cWBdImU7q7Mg30ilp6T3gbKPTKULkZtnJ/DBJHoYpknZxxnVepv9QNPy9l
Mz3LjgO+wMbKOirLh7T/Bac5uRQJhlZkj9yRSOiseJAnavcvL6K+xRq3/MAKAmjU
eGk7SOhtkVw9i9M47P/CWgeT+CdJGN57Oh6VhUHiRPNPmQfH3Q0SbfkJ6QIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFHffNuP0uDEamlLARpGFXiDUlympMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvZDk4MjRfUzRNUnFhVXNCR2tZVmVJTlNYS2FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA2BAIAATAwAwQAWSENAwQB
WSV0AwQAWSmzAwQBWS0MAwQBWS/oAwQAXXdpAwQAvPDSAwQAvPDdMA8EAgACMAkD
BwAgAU0YAAIwDQYJKoZIhvcNAQELBQADggEBAB/IV3V1+g5e+0ZI6p91JqXwG0pO
DcPsUzuNOiRPwP1j2zRXiAes5IcwtTsK/JK7Ptdb4BJYCiL0oVilQzeLmggqARPE
AxR4+Bm1RkV20+3Vj+gOZlVX/l9PkFkqdCXDfzOPCCsPY8LM3gOXLCPE+yaW9aQf
kYTmW94xm57+Xgbq4bdQwddQEs+MywI8mUv/MittVRERwQC06WZoOnMmQ7nwEI6Y
z30eKkQC0VN94IKPBdGv1dlF1aVVOJwOuzTpBFkLj47dH4odHYSjrEkNyhMog16a
iRadknpTY3QnEWOskRqiSfBjgHW2v6N/UFeH3oz6/XbcGtIdgVe5RhyL+P4=
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:06:40 2026 by rpki-client