Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/vGbYlgAHGuxAtkX_gF1BeSRqyBw.roa
File: vGbYlgAHGuxAtkX_gF1BeSRqyBw.roa (raw, json)
Hash identifier: AoXRDljrLO0qQScHnB2yMCrZvRd/l+376wR7c+Uavms=
Subject key identifier: BC:66:D8:96:00:07:1A:EC:40:B6:45:FF:80:5D:41:79:24:6A:C8:1C
Certificate issuer: /CN=0afe9d66655b5fd27b2c17ca9685650d53f3bb0a
Certificate serial: 019B797EDF357DE2B95C4983F4C610A2BE5D
Authority key identifier: 0A:FE:9D:66:65:5B:5F:D2:7B:2C:17:CA:96:85:65:0D:53:F3:BB:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cv6dZmVbX9J7LBfKloVlDVPzuwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/vGbYlgAHGuxAtkX_gF1BeSRqyBw.roa
Signing time: Thu 01 Jan 2026 12:18:36 +0000
ROA not before: Thu 01 Jan 2026 12:18:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41419
IP address blocks: 89.250.80.0/20 maxlen: 24
89.250.81.0/24 maxlen: 24
89.250.82.0/24 maxlen: 24
89.250.83.0/24 maxlen: 24
89.250.84.0/24 maxlen: 24
89.250.85.0/24 maxlen: 24
89.250.86.0/24 maxlen: 24
89.250.87.0/24 maxlen: 24
89.250.88.0/24 maxlen: 24
89.250.89.0/24 maxlen: 24
89.250.90.0/24 maxlen: 24
89.250.91.0/24 maxlen: 24
89.250.92.0/24 maxlen: 24
89.250.93.0/24 maxlen: 24
89.250.94.0/24 maxlen: 24
89.250.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/Cv6dZmVbX9J7LBfKloVlDVPzuwo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/Cv6dZmVbX9J7LBfKloVlDVPzuwo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Cv6dZmVbX9J7LBfKloVlDVPzuwo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 12:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:79:7e:df:35:7d:e2:b9:5c:49:83:f4:c6:10:a2:be:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0afe9d66655b5fd27b2c17ca9685650d53f3bb0a
Validity
Not Before: Jan 1 12:18:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bc66d89600071aec40b645ff805d4179246ac81c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:6a:80:6f:54:59:b9:08:b0:c6:bd:4c:18:9f:
41:73:c8:3e:3b:c9:33:88:7c:6a:d5:ba:8e:17:57:
03:6a:51:26:1e:98:48:ef:d5:02:49:2a:07:08:7b:
96:cc:f6:31:0c:b5:d9:d5:5a:ab:6f:ab:22:f0:ad:
9b:2d:98:35:cb:15:5d:42:37:40:53:80:30:ef:aa:
56:a4:25:f3:64:ab:5e:9a:f6:fd:ab:cd:61:a5:37:
3c:60:3f:cb:03:9e:8b:0f:8f:96:d4:c9:cf:47:5a:
b7:93:e8:39:dd:5b:83:bf:56:ba:e5:b4:25:fc:6e:
ca:00:28:df:4e:f0:f4:d7:ab:58:31:f7:59:98:35:
e3:2f:80:d1:c6:34:3f:8e:a6:2e:ed:ac:40:3a:fd:
7f:73:ff:fd:e5:e7:0c:2c:7c:db:f4:79:be:f2:43:
a9:4e:d1:a0:e2:c0:b2:c3:91:c6:2f:58:90:f8:aa:
b2:6e:f0:bc:81:b5:8a:0a:d6:e2:e3:d6:ba:37:bc:
55:f8:0b:4b:74:bf:b1:3c:7d:1d:fd:f8:75:1e:43:
7a:d2:5c:0c:d2:bc:3b:f6:ea:07:02:a3:c2:89:f6:
38:c0:5b:47:8a:ca:b4:81:b6:71:dd:61:94:6e:34:
8a:d4:25:cf:ea:81:c7:8e:69:29:2e:d1:98:27:f9:
7e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:66:D8:96:00:07:1A:EC:40:B6:45:FF:80:5D:41:79:24:6A:C8:1C
X509v3 Authority Key Identifier:
keyid:0A:FE:9D:66:65:5B:5F:D2:7B:2C:17:CA:96:85:65:0D:53:F3:BB:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cv6dZmVbX9J7LBfKloVlDVPzuwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/vGbYlgAHGuxAtkX_gF1BeSRqyBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/Cv6dZmVbX9J7LBfKloVlDVPzuwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.250.80.0/20
Signature Algorithm: sha256WithRSAEncryption
65:ef:75:c3:1d:90:2c:75:fc:a1:b0:2e:83:4b:43:e0:d7:37:
b8:fa:af:ab:16:e7:0a:0a:f9:c5:a6:2b:0a:2e:0d:83:02:81:
ff:39:fd:29:6a:ae:c5:29:58:4b:29:a3:bc:ed:88:af:48:55:
06:2a:10:8e:77:82:2d:d3:9e:5a:5a:80:e5:8c:10:44:3d:2f:
c5:f0:5c:11:93:57:26:6e:98:48:2b:47:14:d3:8a:ba:f8:af:
0f:a5:97:a1:4e:17:a0:7c:19:83:c4:4f:d6:d0:fa:8d:ef:e5:
1b:31:9b:a9:37:91:69:3e:6e:7e:b1:1c:2d:52:df:e1:21:a9:
ef:78:07:fb:01:fc:d4:76:fe:b2:08:32:f8:9e:a4:75:0e:1d:
2b:30:b0:9e:df:d6:ae:90:af:a9:e6:1c:f7:8f:21:99:ed:c0:
9e:68:e4:a0:eb:8d:6e:71:3b:bb:26:91:39:24:9c:59:50:74:
be:e3:fb:8d:58:a7:26:58:91:39:71:36:37:64:7f:0f:b5:f3:
0a:c4:ff:1f:73:80:76:e1:c4:d4:a8:cb:40:c0:18:0f:07:66:
48:1b:15:c0:b5:1c:93:c9:37:b2:a0:9d:d7:41:40:e1:b5:e7:
4d:61:32:5d:cf:f8:38:10:fb:2b:1c:99:82:f0:e9:d9:9b:69:
c8:25:8b:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5ft81feK5XEmD9MYQor5dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZmU5ZDY2NjU1YjVmZDI3YjJjMTdjYTk2ODU2NTBkNTNm
M2JiMGEwHhcNMjYwMTAxMTIxODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzY2ZDg5NjAwMDcxYWVjNDBiNjQ1ZmY4MDVkNDE3OTI0NmFjODFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5mqAb1RZuQiwxr1MGJ9Bc8g+O8kz
iHxq1bqOF1cDalEmHphI79UCSSoHCHuWzPYxDLXZ1Vqrb6si8K2bLZg1yxVdQjdA
U4Aw76pWpCXzZKtemvb9q81hpTc8YD/LA56LD4+W1MnPR1q3k+g53VuDv1a65bQl
/G7KACjfTvD016tYMfdZmDXjL4DRxjQ/jqYu7axAOv1/c//95ecMLHzb9Hm+8kOp
TtGg4sCyw5HGL1iQ+KqybvC8gbWKCtbi49a6N7xV+AtLdL+xPH0d/fh1HkN60lwM
0rw79uoHAqPCifY4wFtHisq0gbZx3WGUbjSK1CXP6oHHjmkpLtGYJ/l+2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLxm2JYABxrsQLZF/4BdQXkkasgcMB8GA1UdIwQY
MBaAFAr+nWZlW1/SeywXypaFZQ1T87sKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3Y2ZFptVmJYOUo3TEJmS2xvVmxEVlB6dXdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS84MWVmMmQtYWU2Ni00NzM5LThkZWIt
YmRjMjQ4YTZmNTY1LzEvdkdiWWxnQUhHdXhBdGtYX2dGMUJlU1JxeUJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS84MWVmMmQtYWU2Ni00NzM5LThkZWItYmRjMjQ4YTZmNTY1
LzEvQ3Y2ZFptVmJYOUo3TEJmS2xvVmxEVlB6dXdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEWfpQMA0G
CSqGSIb3DQEBCwUAA4IBAQBl73XDHZAsdfyhsC6DS0Pg1ze4+q+rFucKCvnFpisK
Lg2DAoH/Of0paq7FKVhLKaO87YivSFUGKhCOd4It055aWoDljBBEPS/F8FwRk1cm
bphIK0cU04q6+K8PpZehThegfBmDxE/W0PqN7+UbMZupN5FpPm5+sRwtUt/hIanv
eAf7AfzUdv6yCDL4nqR1Dh0rMLCe39aukK+p5hz3jyGZ7cCeaOSg641ucTu7JpE5
JJxZUHS+4/uNWKcmWJE5cTY3ZH8PtfMKxP8fc4B24cTUqMtAwBgPB2ZIGxXAtRyT
yTeyoJ3XQUDhtedNYTJdz/g4EPsrHJmC8OnZm2nIJYvC
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:05:13 2026 by rpki-client