Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/9af615-2c4e-4caf-b5af-ebbe1f477f68/1/n4T_7jQ4VVF7FkHyhaU0P-AIFys.roa
File: n4T_7jQ4VVF7FkHyhaU0P-AIFys.roa (raw, json)
Hash identifier: txUNJivQakynCmq8XiBFMte1p7rhG0wBL1AKIlbWKds=
Subject key identifier: 9F:84:FF:EE:34:38:55:51:7B:16:41:F2:85:A5:34:3F:E0:08:17:2B
Certificate issuer: /CN=af413fd2ad9e25c84bc0b59e608a643663e6bb68
Certificate serial: 019C7A35D1072C7C9B282CF3F35A58CAC56D
Authority key identifier: AF:41:3F:D2:AD:9E:25:C8:4B:C0:B5:9E:60:8A:64:36:63:E6:BB:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r0E_0q2eJchLwLWeYIpkNmPmu2g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/9af615-2c4e-4caf-b5af-ebbe1f477f68/1/n4T_7jQ4VVF7FkHyhaU0P-AIFys.roa
Signing time: Fri 20 Feb 2026 08:41:13 +0000
ROA not before: Fri 20 Feb 2026 08:41:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216275
IP address blocks: 80.248.138.0/23 maxlen: 23
91.226.144.0/23 maxlen: 23
91.229.203.0/24 maxlen: 24
2a13:e740::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/9af615-2c4e-4caf-b5af-ebbe1f477f68/1/r0E_0q2eJchLwLWeYIpkNmPmu2g.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/9af615-2c4e-4caf-b5af-ebbe1f477f68/1/r0E_0q2eJchLwLWeYIpkNmPmu2g.mft
rsync://rpki.ripe.net/repository/DEFAULT/r0E_0q2eJchLwLWeYIpkNmPmu2g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:7a:35:d1:07:2c:7c:9b:28:2c:f3:f3:5a:58:ca:c5:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af413fd2ad9e25c84bc0b59e608a643663e6bb68
Validity
Not Before: Feb 20 08:41:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9f84ffee343855517b1641f285a5343fe008172b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:91:84:0a:8f:1f:75:94:96:af:fa:6e:0f:62:
91:91:81:13:2d:08:d6:bb:86:20:ea:b9:c4:45:85:
d8:32:57:59:32:01:73:90:0d:dd:65:e6:48:f6:7f:
07:2d:bb:9d:64:16:e6:ec:0d:74:44:7c:2b:1b:ab:
ad:33:4b:52:69:48:c6:be:8f:e9:24:0d:b6:db:6b:
1a:b9:98:b3:39:8b:0e:9d:ae:7b:43:1e:0d:51:e8:
7c:0e:a2:0e:24:72:00:b2:73:74:8f:0f:9e:6a:bb:
19:79:de:6b:cf:ed:36:79:19:5a:9d:3f:55:2c:fe:
4a:80:79:d7:bc:db:82:90:d4:3d:46:82:29:27:8c:
5b:00:8c:c9:0b:65:94:bc:73:60:3a:ef:e3:e5:40:
47:73:01:d0:41:48:cf:5f:93:ea:c2:0c:1f:20:ff:
97:ef:b8:b6:46:a8:24:1b:34:45:fd:f8:a7:14:35:
3c:61:1d:0d:af:d8:3f:22:99:b5:c1:c5:25:22:89:
fc:6b:ef:cc:aa:24:60:5c:ec:5b:0f:8e:68:d3:ab:
6c:93:d8:25:c2:ba:76:68:5a:ca:1d:4d:60:c2:e0:
c7:6f:0d:f9:62:e1:2e:4b:d9:52:63:5b:0e:5e:05:
e9:50:9c:9d:3d:f0:36:c9:f5:08:af:50:ca:3a:17:
b5:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:84:FF:EE:34:38:55:51:7B:16:41:F2:85:A5:34:3F:E0:08:17:2B
X509v3 Authority Key Identifier:
keyid:AF:41:3F:D2:AD:9E:25:C8:4B:C0:B5:9E:60:8A:64:36:63:E6:BB:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r0E_0q2eJchLwLWeYIpkNmPmu2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/9af615-2c4e-4caf-b5af-ebbe1f477f68/1/n4T_7jQ4VVF7FkHyhaU0P-AIFys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/9af615-2c4e-4caf-b5af-ebbe1f477f68/1/r0E_0q2eJchLwLWeYIpkNmPmu2g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.248.138.0/23
91.226.144.0/23
91.229.203.0/24
IPv6:
2a13:e740::/29
Signature Algorithm: sha256WithRSAEncryption
2c:ed:3d:f7:64:24:45:c3:c1:c5:5d:f4:63:81:5c:e0:ec:b8:
52:7e:b5:59:5c:df:43:19:4f:60:2d:1f:3f:67:ca:ba:53:dd:
89:94:f9:7e:1a:e7:a1:36:27:d0:94:52:fb:f2:76:a2:89:ee:
5a:d2:9f:d2:c7:b1:f4:8d:72:a8:ae:ec:9e:70:18:2d:05:cb:
80:e6:93:23:ad:9f:f1:10:b3:ef:c7:4e:45:69:9d:d8:20:2d:
4b:39:5a:c3:a7:11:95:ce:98:e7:97:af:51:aa:f0:a4:db:24:
b3:b5:4c:8f:7d:e8:9b:c4:4b:f5:35:1e:00:c1:85:50:77:bb:
84:c0:75:b0:d5:8d:71:79:16:cd:4a:b1:0e:3f:d7:4b:ad:6c:
26:47:f4:6b:86:34:08:19:a3:d5:28:8e:fc:19:57:ea:1c:b3:
3f:3a:14:e8:f1:a7:69:ba:ca:7f:cc:10:bf:af:85:4c:b4:7c:
90:3a:67:09:bf:c1:ef:5d:be:ec:6d:a3:9d:4e:6c:f1:49:15:
af:ee:f9:13:a3:38:5c:9b:2c:24:0d:75:23:69:d3:7a:0a:ac:
0c:6c:51:82:a5:a8:cf:33:e4:ce:61:d3:60:c5:b5:03:58:e7:
f1:3f:6a:33:4a:32:2a:14:eb:b3:60:fa:19:75:5d:f9:27:87:
ed:9c:1e:13
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZx6NdEHLHybKCzz81pYysVtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNDEzZmQyYWQ5ZTI1Yzg0YmMwYjU5ZTYwOGE2NDM2NjNl
NmJiNjgwHhcNMjYwMjIwMDg0MTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Zjg0ZmZlZTM0Mzg1NTUxN2IxNjQxZjI4NWE1MzQzZmUwMDgxNzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpGECo8fdZSWr/puD2KRkYETLQjW
u4Yg6rnERYXYMldZMgFzkA3dZeZI9n8HLbudZBbm7A10RHwrG6utM0tSaUjGvo/p
JA2222sauZizOYsOna57Qx4NUeh8DqIOJHIAsnN0jw+earsZed5rz+02eRlanT9V
LP5KgHnXvNuCkNQ9RoIpJ4xbAIzJC2WUvHNgOu/j5UBHcwHQQUjPX5PqwgwfIP+X
77i2RqgkGzRF/finFDU8YR0Nr9g/Ipm1wcUlIon8a+/MqiRgXOxbD45o06tsk9gl
wrp2aFrKHU1gwuDHbw35YuEuS9lSY1sOXgXpUJydPfA2yfUIr1DKOhe1KQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJ+E/+40OFVRexZB8oWlND/gCBcrMB8GA1UdIwQY
MBaAFK9BP9KtniXIS8C1nmCKZDZj5rtoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjBFXzBxMmVKY2hMd0xXZVlJcGtObVBtdTJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC85YWY2MTUtMmM0ZS00Y2FmLWI1YWYt
ZWJiZTFmNDc3ZjY4LzEvbjRUXzdqUTRWVkY3RmtIeWhhVTBQLUFJRnlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC85YWY2MTUtMmM0ZS00Y2FmLWI1YWYtZWJiZTFmNDc3ZjY4
LzEvcjBFXzBxMmVKY2hMd0xXZVlJcGtObVBtdTJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBUPiKAwQB
W+KQAwQAW+XLMA0EAgACMAcDBQMqE+dAMA0GCSqGSIb3DQEBCwUAA4IBAQAs7T33
ZCRFw8HFXfRjgVzg7LhSfrVZXN9DGU9gLR8/Z8q6U92JlPl+GuehNifQlFL78nai
ie5a0p/Sx7H0jXKoruyecBgtBcuA5pMjrZ/xELPvx05FaZ3YIC1LOVrDpxGVzpjn
l69RqvCk2ySztUyPfeibxEv1NR4AwYVQd7uEwHWw1Y1xeRbNSrEOP9dLrWwmR/Rr
hjQIGaPVKI78GVfqHLM/OhTo8adpusp/zBC/r4VMtHyQOmcJv8HvXb7sbaOdTmzx
SRWv7vkTozhcmywkDXUjadN6CqwMbFGCpajPM+TOYdNgxbUDWOfxP2ozSjIqFOuz
YPoZdV35J4ftnB4T
-----END CERTIFICATE-----
Generated at Sun Mar 1 16:20:53 2026 by rpki-client