Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1-VI-3smty2xDXVygmWp2DzplUGU.roa
File: 1-VI-3smty2xDXVygmWp2DzplUGU.roa (raw, json)
Hash identifier: rqndJID71rla830VTlfWY82FH50wBCDmMzLQusxGub0=
Subject key identifier: F9:52:3E:DE:C9:AD:CB:6C:43:5D:5C:A0:99:6A:76:0F:3A:65:50:65
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019ECA377422B7F1E1532B9E5F5B9753C616
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1-VI-3smty2xDXVygmWp2DzplUGU.roa
Signing time: Mon 15 Jun 2026 07:38:12 +0000
ROA not before: Mon 15 Jun 2026 07:38:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57630
IP address blocks: 192.36.200.0/24 maxlen: 24
192.71.0.0/24 maxlen: 24
192.71.206.0/24 maxlen: 24
192.71.223.0/24 maxlen: 24
192.165.3.0/24 maxlen: 24
192.165.134.0/23 maxlen: 23
192.165.152.0/22 maxlen: 24
192.165.157.0/24 maxlen: 24
192.165.194.0/24 maxlen: 24
193.180.92.0/24 maxlen: 24
193.181.34.0/24 maxlen: 24
193.183.20.0/24 maxlen: 24
193.183.49.0/24 maxlen: 24
193.183.59.0/24 maxlen: 24
193.234.3.0/24 maxlen: 24
193.234.94.0/24 maxlen: 24
193.234.116.0/22 maxlen: 22
193.234.144.0/24 maxlen: 24
193.234.205.0/24 maxlen: 24
194.14.57.0/24 maxlen: 24
194.68.22.0/23 maxlen: 23
194.68.24.0/24 maxlen: 24
194.68.181.0/24 maxlen: 24
194.71.0.0/23 maxlen: 23
194.71.106.0/24 maxlen: 24
194.71.219.0/24 maxlen: 24
194.103.3.0/24 maxlen: 24
194.103.16.0/23 maxlen: 24
194.103.95.0/24 maxlen: 24
194.103.145.0/24 maxlen: 24
194.103.197.0/24 maxlen: 24
194.132.120.0/24 maxlen: 24
194.132.164.0/24 maxlen: 24
194.132.166.0/24 maxlen: 24
194.132.172.0/23 maxlen: 23
194.132.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Jun 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ca:37:74:22:b7:f1:e1:53:2b:9e:5f:5b:97:53:c6:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jun 15 07:38:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f9523edec9adcb6c435d5ca0996a760f3a655065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3e:73:a5:3a:03:ad:00:09:90:18:09:9b:4f:
f3:e5:b8:05:02:82:15:8b:f9:f9:c4:6c:65:bd:58:
0b:5d:e7:1d:f0:47:f1:5c:3d:e9:db:5d:19:13:54:
bc:8a:14:54:4a:7e:91:fa:43:87:9f:2a:55:e8:6b:
39:dd:9b:f8:aa:46:7f:ba:ec:58:b3:e0:68:f4:54:
11:e1:16:a0:27:41:58:aa:9a:09:82:e1:2f:76:d1:
34:d2:9c:5c:0e:47:64:0f:da:c2:a0:0f:55:9e:0a:
4b:70:1c:ee:4e:d8:e7:99:34:5a:99:99:cb:13:5a:
ab:15:51:19:1b:27:de:07:70:cc:88:1a:e5:af:d7:
7c:30:81:ac:17:a5:89:9b:06:b8:6d:09:2d:f1:a2:
a4:ce:f2:52:92:08:d0:6d:75:47:9f:fd:81:b1:c9:
e5:00:23:7b:f3:bf:7b:07:6c:43:0c:49:77:03:7d:
47:24:50:92:85:be:f4:36:1b:7f:cc:7b:98:10:d0:
11:cd:e2:ab:22:05:cf:e1:b4:4a:ce:ff:a2:49:61:
0b:7b:cf:36:62:24:33:7b:53:7f:5e:14:19:5f:82:
ce:a8:49:cb:07:77:3b:9b:75:86:37:85:a5:2c:ec:
c2:de:f6:dc:12:7e:55:ce:98:e1:61:3f:2f:69:58:
7f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:52:3E:DE:C9:AD:CB:6C:43:5D:5C:A0:99:6A:76:0F:3A:65:50:65
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1-VI-3smty2xDXVygmWp2DzplUGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.200.0/24
192.71.0.0/24
192.71.206.0/24
192.71.223.0/24
192.165.3.0/24
192.165.134.0/23
192.165.152.0/22
192.165.157.0/24
192.165.194.0/24
193.180.92.0/24
193.181.34.0/24
193.183.20.0/24
193.183.49.0/24
193.183.59.0/24
193.234.3.0/24
193.234.94.0/24
193.234.116.0/22
193.234.144.0/24
193.234.205.0/24
194.14.57.0/24
194.68.22.0-194.68.24.255
194.68.181.0/24
194.71.0.0/23
194.71.106.0/24
194.71.219.0/24
194.103.3.0/24
194.103.16.0/23
194.103.95.0/24
194.103.145.0/24
194.103.197.0/24
194.132.120.0/24
194.132.164.0/24
194.132.166.0/24
194.132.172.0/23
194.132.186.0/24
Signature Algorithm: sha256WithRSAEncryption
07:ff:16:32:c1:cd:26:c4:8a:0c:23:58:18:e8:fb:17:c6:d7:
34:d0:08:37:36:3a:dc:57:85:f6:51:7d:0b:f8:93:e8:fc:a4:
d5:7b:ad:be:04:60:1d:5e:5d:7f:2d:74:4d:a0:6a:9b:08:87:
6d:72:14:3c:ea:0f:68:b7:6b:fc:66:37:2c:98:82:08:20:12:
6f:46:1d:63:a8:c6:3a:c4:74:65:2c:48:06:a7:91:9b:99:d3:
84:3b:5f:45:c2:d2:64:35:9c:7d:6a:71:d6:0a:86:8c:15:31:
e7:d3:e1:ce:4c:28:71:ae:5d:72:79:0d:9e:94:8a:67:b7:e6:
2d:80:2a:03:5a:45:9e:bb:fc:c1:56:aa:32:55:6e:3e:ff:72:
59:4c:86:17:61:43:36:ba:e6:85:8f:df:bd:ca:35:bd:c5:3d:
f5:ec:1c:a2:29:5a:7d:de:6d:e1:bc:c6:0b:8c:65:5c:f9:09:
74:24:8f:65:5b:bb:21:1f:62:48:8e:a8:83:76:de:6a:cd:3b:
cd:25:67:0e:0e:8b:a5:3d:e7:51:15:0e:1a:f7:67:a8:3c:45:
93:b0:e4:bb:d4:96:65:70:33:8c:6d:80:f1:e8:4a:d3:97:ae:
f6:53:6e:da:16:ec:ee:8d:07:e2:f1:9c:04:8a:75:e4:ca:c2:
96:29:eb:0e
-----BEGIN CERTIFICATE-----
MIIF1zCCBL+gAwIBAgISAZ7KN3Qit/HhUyueX1uXU8YWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjYwNjE1MDczODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTUyM2VkZWM5YWRjYjZjNDM1ZDVjYTA5OTZhNzYwZjNhNjU1MDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArz5zpToDrQAJkBgJm0/z5bgFAoIV
i/n5xGxlvVgLXecd8EfxXD3p210ZE1S8ihRUSn6R+kOHnypV6Gs53Zv4qkZ/uuxY
s+Bo9FQR4RagJ0FYqpoJguEvdtE00pxcDkdkD9rCoA9VngpLcBzuTtjnmTRamZnL
E1qrFVEZGyfeB3DMiBrlr9d8MIGsF6WJmwa4bQkt8aKkzvJSkgjQbXVHn/2Bscnl
ACN78797B2xDDEl3A31HJFCShb70Nht/zHuYENARzeKrIgXP4bRKzv+iSWELe882
YiQze1N/XhQZX4LOqEnLB3c7m3WGN4WlLOzC3vbcEn5VzpjhYT8vaVh/9wIDAQAB
o4IC4zCCAt8wHQYDVR0OBBYEFPlSPt7JrctsQ11coJlqdg86ZVBlMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvMS1WSS0zc210eTJ4RFhWeWdtV3AyRHpwbFVHVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMy
Ni8xL0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB9wYIKwYBBQUHAQcBAf8EgecwgeQwgeEEAgABMIHaAwQA
wCTIAwQAwEcAAwQAwEfOAwQAwEffAwQAwKUDAwQBwKWGAwQCwKWYAwQAwKWdAwQA
wKXCAwQAwbRcAwQAwbUiAwQAwbcUAwQAwbcxAwQAwbc7AwQAweoDAwQAwepeAwQC
wep0AwQAweqQAwQAwerNAwQAwg45MAwDBAHCRBYDBADCRBgDBADCRLUDBAHCRwAD
BADCR2oDBADCR9sDBADCZwMDBAHCZxADBADCZ18DBADCZ5EDBADCZ8UDBADChHgD
BADChKQDBADChKYDBAHChKwDBADChLowDQYJKoZIhvcNAQELBQADggEBAAf/FjLB
zSbEigwjWBjo+xfG1zTQCDc2OtxXhfZRfQv4k+j8pNV7rb4EYB1eXX8tdE2gapsI
h21yFDzqD2i3a/xmNyyYggggEm9GHWOoxjrEdGUsSAankZuZ04Q7X0XC0mQ1nH1q
cdYKhowVMefT4c5MKHGuXXJ5DZ6Uime35i2AKgNaRZ67/MFWqjJVbj7/cllMhhdh
Qza65oWP373KNb3FPfXsHKIpWn3ebeG8xguMZVz5CXQkj2VbuyEfYkiOqIN23mrN
O80lZw4Oi6U951EVDhr3Z6g8RZOw5LvUlmVwM4xtgPHoStOXrvZTbtoW7O6NB+Lx
nASKdeTKwpYp6w4=
-----END CERTIFICATE-----
Generated at Wed Jun 17 09:56:55 2026 by rpki-client