Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/spxNX0Evy0wKIT1vmaLDnNo-Big.roa
File: spxNX0Evy0wKIT1vmaLDnNo-Big.roa (raw, json)
Hash identifier: FNbjAc8UBH89MSMLg9FJE7KppzSW+Jbx8vk6L1dDdVc=
Subject key identifier: B2:9C:4D:5F:41:2F:CB:4C:0A:21:3D:6F:99:A2:C3:9C:DA:3E:06:28
Certificate issuer: /CN=d7d0674bd6f0cc9175219a328c8b396829f6c0af
Certificate serial: 019D9627236C6EAEC677D5E0E62FE38518C5
Authority key identifier: D7:D0:67:4B:D6:F0:CC:91:75:21:9A:32:8C:8B:39:68:29:F6:C0:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/19BnS9bwzJF1IZoyjIs5aCn2wK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/spxNX0Evy0wKIT1vmaLDnNo-Big.roa
Signing time: Thu 16 Apr 2026 11:57:20 +0000
ROA not before: Thu 16 Apr 2026 11:57:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39370
IP address blocks: 89.147.0.0/23 maxlen: 23
89.147.0.0/24 maxlen: 24
89.147.1.0/24 maxlen: 24
89.147.2.0/24 maxlen: 24
89.147.3.0/24 maxlen: 24
89.147.4.0/24 maxlen: 24
89.147.5.0/24 maxlen: 24
89.147.6.0/23 maxlen: 23
89.147.6.0/24 maxlen: 24
89.147.7.0/24 maxlen: 24
89.147.32.0/23 maxlen: 23
89.147.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/19BnS9bwzJF1IZoyjIs5aCn2wK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/19BnS9bwzJF1IZoyjIs5aCn2wK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/19BnS9bwzJF1IZoyjIs5aCn2wK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:96:27:23:6c:6e:ae:c6:77:d5:e0:e6:2f:e3:85:18:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7d0674bd6f0cc9175219a328c8b396829f6c0af
Validity
Not Before: Apr 16 11:57:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b29c4d5f412fcb4c0a213d6f99a2c39cda3e0628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ad:29:f1:04:cb:79:99:7c:ef:94:b6:57:79:
d0:43:b6:56:0d:a0:ad:d7:d0:c7:53:d7:eb:29:4b:
e6:97:e7:7d:72:66:c0:ef:67:0a:b5:b3:6f:e9:0e:
eb:fc:1e:19:b7:7a:84:8b:6f:0a:e9:c7:08:11:19:
dc:25:d7:98:ba:26:69:98:5c:fb:fb:bf:c9:39:e9:
5f:c6:d0:e5:80:f7:f4:b8:f6:13:55:48:10:07:9b:
6f:2d:46:f4:80:42:a0:fb:9d:ce:a5:88:39:99:92:
3b:dd:7d:44:82:a6:54:17:ba:db:d4:3f:12:c2:64:
75:3f:6b:71:7f:02:9c:2f:da:cf:c5:da:ca:5b:c9:
d7:54:93:1f:f6:5a:3e:e1:e0:11:c3:f9:f0:b0:ba:
2a:24:39:ab:79:62:7a:83:cb:dd:78:2c:01:ac:82:
9f:9e:b1:73:eb:37:b2:b8:8b:42:3d:d5:e4:92:bf:
65:05:53:6f:58:ce:64:dd:c1:15:7c:18:0d:1c:50:
08:77:dc:6b:34:47:cd:3a:fd:18:df:46:a9:40:b1:
fc:5d:e2:16:d6:fa:a9:21:84:49:ac:e6:b9:72:3c:
34:1e:8e:eb:41:c6:41:89:47:82:58:13:54:ce:55:
27:3a:60:11:34:82:8b:29:e8:aa:d0:d9:1d:c8:36:
e7:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:9C:4D:5F:41:2F:CB:4C:0A:21:3D:6F:99:A2:C3:9C:DA:3E:06:28
X509v3 Authority Key Identifier:
keyid:D7:D0:67:4B:D6:F0:CC:91:75:21:9A:32:8C:8B:39:68:29:F6:C0:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/19BnS9bwzJF1IZoyjIs5aCn2wK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/spxNX0Evy0wKIT1vmaLDnNo-Big.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/19BnS9bwzJF1IZoyjIs5aCn2wK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.147.0.0/21
89.147.32.0-89.147.34.255
Signature Algorithm: sha256WithRSAEncryption
24:94:b8:45:9c:d8:e3:20:30:9c:f2:8d:5f:97:af:e2:0f:a1:
22:45:ec:f8:77:31:58:33:1f:d7:5c:e0:20:75:3b:cb:ab:85:
ee:ab:62:81:30:9b:bf:c9:21:9f:27:ac:66:4c:a1:54:20:bd:
8b:4e:35:49:06:56:ee:55:f9:2e:a8:91:c1:7e:e3:71:fc:2b:
52:3d:3a:02:37:fe:ad:a5:2b:0f:fc:f9:d2:9e:71:09:6d:4c:
f2:fc:f1:eb:99:80:51:96:c1:c2:60:e2:52:6d:92:c4:f0:b9:
84:8e:a0:12:cb:9e:8f:a0:c6:9b:b5:d3:b1:fd:94:f3:1f:ad:
a8:ea:17:7b:df:9d:3c:ca:14:15:47:07:58:4b:c2:6e:22:b9:
41:a2:b6:95:6f:7f:14:c1:eb:69:82:c5:5b:18:66:3a:f7:32:
c2:89:96:71:85:4f:7c:e3:91:ab:c1:01:bd:b0:ed:48:02:f7:
92:d0:32:e4:f3:bb:d1:4b:80:2c:9a:b7:7a:6a:4e:ca:1f:16:
9b:ec:00:4d:ef:f3:8e:33:80:05:8e:a7:b8:0d:53:84:71:a3:
3e:4f:15:f8:6c:3f:9b:78:c3:46:04:39:b1:c4:9b:35:a7:f6:
61:77:f0:d8:74:d4:b6:d6:a4:9b:bc:1d:6f:61:e6:c6:3d:12:
5a:17:91:88
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZ2WJyNsbq7Gd9Xg5i/jhRjFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3ZDA2NzRiZDZmMGNjOTE3NTIxOWEzMjhjOGIzOTY4Mjlm
NmMwYWYwHhcNMjYwNDE2MTE1NzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjljNGQ1ZjQxMmZjYjRjMGEyMTNkNmY5OWEyYzM5Y2RhM2UwNjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1a0p8QTLeZl875S2V3nQQ7ZWDaCt
19DHU9frKUvml+d9cmbA72cKtbNv6Q7r/B4Zt3qEi28K6ccIERncJdeYuiZpmFz7
+7/JOelfxtDlgPf0uPYTVUgQB5tvLUb0gEKg+53OpYg5mZI73X1EgqZUF7rb1D8S
wmR1P2txfwKcL9rPxdrKW8nXVJMf9lo+4eARw/nwsLoqJDmreWJ6g8vdeCwBrIKf
nrFz6zeyuItCPdXkkr9lBVNvWM5k3cEVfBgNHFAId9xrNEfNOv0Y30apQLH8XeIW
1vqpIYRJrOa5cjw0Ho7rQcZBiUeCWBNUzlUnOmARNIKLKeiq0NkdyDbn1QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLKcTV9BL8tMCiE9b5miw5zaPgYoMB8GA1UdIwQY
MBaAFNfQZ0vW8MyRdSGaMoyLOWgp9sCvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTlCblM5Ynd6SkYxSVpveWpJczVhQ24yd0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iMzBlNWQtOGIzYi00Mjg3LTliM2It
ODIzMmZhM2U2MjlkLzEvc3B4TlgwRXZ5MHdLSVQxdm1hTERuTm8tQmlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9iMzBlNWQtOGIzYi00Mjg3LTliM2ItODIzMmZhM2U2Mjlk
LzEvMTlCblM5Ynd6SkYxSVpveWpJczVhQ24yd0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDWZMAMAwD
BAVZkyADBABZkyIwDQYJKoZIhvcNAQELBQADggEBACSUuEWc2OMgMJzyjV+Xr+IP
oSJF7Ph3MVgzH9dc4CB1O8urhe6rYoEwm7/JIZ8nrGZMoVQgvYtONUkGVu5V+S6o
kcF+43H8K1I9OgI3/q2lKw/8+dKecQltTPL88euZgFGWwcJg4lJtksTwuYSOoBLL
no+gxpu107H9lPMfrajqF3vfnTzKFBVHB1hLwm4iuUGitpVvfxTB62mCxVsYZjr3
MsKJlnGFT3zjkavBAb2w7UgC95LQMuTzu9FLgCyat3pqTsofFpvsAE3v844zgAWO
p7gNU4Rxoz5PFfhsP5t4w0YEObHEmzWn9mF38Nh01LbWpJu8HW9h5sY9EloXkYg=
-----END CERTIFICATE-----
Generated at Sun Apr 19 08:16:08 2026 by rpki-client