Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/9gRLZ66NafHkrGJXXnEl0Q0jlZA.roa
File: 9gRLZ66NafHkrGJXXnEl0Q0jlZA.roa (raw, json)
Hash identifier: bbbOMmUWDk8Ke38+iNHLWwmoCtJ1TgP1tfuMfgcau9M=
Subject key identifier: F6:04:4B:67:AE:8D:69:F1:E4:AC:62:57:5E:71:25:D1:0D:23:95:90
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 019C66AEE1A63253C0143D5AF5CA1474423B
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/9gRLZ66NafHkrGJXXnEl0Q0jlZA.roa
Signing time: Mon 16 Feb 2026 13:41:02 +0000
ROA not before: Mon 16 Feb 2026 13:41:02 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210703
IP address blocks: 80.76.34.0/23 maxlen: 23
89.44.84.0/23 maxlen: 23
103.249.132.0/23 maxlen: 23
109.69.56.0/23 maxlen: 23
185.103.254.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 23:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:66:ae:e1:a6:32:53:c0:14:3d:5a:f5:ca:14:74:42:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Feb 16 13:41:02 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f6044b67ae8d69f1e4ac62575e7125d10d239590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7c:6c:48:67:d9:35:d5:f8:b4:70:92:b3:fc:
41:54:87:59:98:fe:67:b3:4f:1a:8b:e1:62:fd:95:
48:5d:59:aa:28:89:e7:f1:71:ae:42:14:d7:d5:22:
32:b1:09:47:a8:85:3d:1a:a4:40:c0:53:ae:57:79:
48:4b:17:f3:10:b1:e8:d4:cf:39:b6:8d:fd:ba:2d:
11:81:b0:e4:e2:9e:62:76:e4:4b:23:74:6e:29:bd:
8a:3f:8a:4b:4f:3a:e4:05:c0:c2:cb:fd:dd:8b:22:
91:36:e6:f5:c2:86:08:c5:78:e5:c6:14:b4:69:7b:
67:80:7a:25:8e:47:6d:2e:d0:69:52:25:ca:c6:9b:
25:9d:bf:26:13:ed:f9:39:9a:2d:28:ed:88:8e:c1:
2c:bc:7c:fa:2a:7e:66:d1:b2:d6:5a:73:d7:6b:a4:
4c:5c:a4:a6:f6:73:cc:31:99:1d:8a:0c:dc:da:2d:
88:9e:7e:8f:2b:1f:09:bc:77:75:1d:3c:30:6c:21:
a8:c8:ad:0e:a5:e6:52:f5:74:0b:3e:75:e0:76:6d:
6c:d5:da:06:ea:ac:85:19:a0:d7:1d:95:5d:63:a4:
e8:93:a7:ef:03:a6:49:29:c7:73:46:43:24:be:69:
56:e8:2f:e6:05:4e:77:b2:05:a8:59:42:19:fc:8e:
7e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:04:4B:67:AE:8D:69:F1:E4:AC:62:57:5E:71:25:D1:0D:23:95:90
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/9gRLZ66NafHkrGJXXnEl0Q0jlZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.34.0/23
89.44.84.0/23
103.249.132.0/23
109.69.56.0/23
185.103.254.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:14:7f:bc:1d:65:00:66:bc:2e:0f:42:91:6d:13:3d:52:3e:
c8:01:12:d2:08:e3:8c:22:9d:01:1c:25:bc:83:21:ac:f7:ad:
70:1b:d4:ef:77:7c:1e:de:25:5e:19:5c:9a:49:d3:43:88:dd:
c8:92:f9:a3:d2:fd:50:92:bf:bb:1f:13:74:cb:b5:ca:00:3f:
ba:f5:ef:d5:2d:27:20:51:ab:9e:fb:6a:69:0f:fa:9e:eb:78:
4f:cd:47:60:a5:bb:12:18:9e:a3:05:3d:c1:05:49:cb:16:37:
35:12:2c:8c:b7:0d:6f:ef:57:59:50:2b:59:bb:27:62:20:0b:
7e:4f:38:53:96:c2:d8:44:17:48:0c:d1:fe:f5:d0:fa:e9:ce:
8a:76:96:50:48:1d:5a:29:8f:30:ef:24:85:6f:4b:cb:19:88:
48:bd:ed:d6:a4:9e:89:b6:2e:ae:f3:df:c3:4f:ae:ef:d2:ef:
b1:c2:d4:ec:42:76:5b:a6:53:58:51:27:68:39:ad:0a:cc:51:
93:5e:56:49:79:87:6b:c6:44:a9:74:97:d8:01:87:0b:67:37:
fa:4f:32:aa:9d:26:81:ea:26:bc:cc:89:8d:d7:8f:ee:c4:23:
45:3c:5c:36:ee:8e:c0:f1:f4:46:48:b9:26:0f:07:3a:0f:cf:
a6:1f:11:84
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZxmruGmMlPAFD1a9coUdEI7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjYwMjE2MTM0MTAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjA0NGI2N2FlOGQ2OWYxZTRhYzYyNTc1ZTcxMjVkMTBkMjM5NTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXxsSGfZNdX4tHCSs/xBVIdZmP5n
s08ai+Fi/ZVIXVmqKInn8XGuQhTX1SIysQlHqIU9GqRAwFOuV3lISxfzELHo1M85
to39ui0RgbDk4p5iduRLI3RuKb2KP4pLTzrkBcDCy/3diyKRNub1woYIxXjlxhS0
aXtngHoljkdtLtBpUiXKxpslnb8mE+35OZotKO2IjsEsvHz6Kn5m0bLWWnPXa6RM
XKSm9nPMMZkdigzc2i2Inn6PKx8JvHd1HTwwbCGoyK0OpeZS9XQLPnXgdm1s1doG
6qyFGaDXHZVdY6Tok6fvA6ZJKcdzRkMkvmlW6C/mBU53sgWoWUIZ/I5++wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPYES2eujWnx5KxiV15xJdENI5WQMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvOWdSTFo2Nk5hZkhrckdKWFhuRWwwUTBqbFpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBUEwiAwQB
WSxUAwQBZ/mEAwQBbUU4AwQBuWf+MA0GCSqGSIb3DQEBCwUAA4IBAQCOFH+8HWUA
ZrwuD0KRbRM9Uj7IARLSCOOMIp0BHCW8gyGs961wG9Tvd3we3iVeGVyaSdNDiN3I
kvmj0v1Qkr+7HxN0y7XKAD+69e/VLScgUaue+2ppD/qe63hPzUdgpbsSGJ6jBT3B
BUnLFjc1EiyMtw1v71dZUCtZuydiIAt+TzhTlsLYRBdIDNH+9dD66c6KdpZQSB1a
KY8w7ySFb0vLGYhIve3WpJ6Jti6u89/DT67v0u+xwtTsQnZbplNYUSdoOa0KzFGT
XlZJeYdrxkSpdJfYAYcLZzf6TzKqnSaB6ia8zImN14/uxCNFPFw27o7A8fRGSLkm
Dwc6D8+mHxGE
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:02:18 2026 by rpki-client