Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/W79nBKhPAzEIedXVT5rNtMV1yOo.roa
File: W79nBKhPAzEIedXVT5rNtMV1yOo.roa (raw, json)
Hash identifier: mixrNOg93KKzgb3tWB4Qt/opKcOsyCnIL17ZEqCbhik=
Subject key identifier: 5B:BF:67:04:A8:4F:03:31:08:79:D5:D5:4F:9A:CD:B4:C5:75:C8:EA
Certificate issuer: /CN=8dff1b0ce9f486a67e63d3f0d0e688a24f700c7c
Certificate serial: 019D864A1BA1B512D672580E7888CD1CC755
Authority key identifier: 8D:FF:1B:0C:E9:F4:86:A6:7E:63:D3:F0:D0:E6:88:A2:4F:70:0C:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/W79nBKhPAzEIedXVT5rNtMV1yOo.roa
Signing time: Mon 13 Apr 2026 10:01:36 +0000
ROA not before: Mon 13 Apr 2026 10:01:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51733
IP address blocks: 91.209.254.0/24 maxlen: 24
91.221.58.0/23 maxlen: 23
91.221.58.0/24 maxlen: 24
91.221.59.0/24 maxlen: 24
185.156.84.0/22 maxlen: 22
185.156.84.0/23 maxlen: 23
185.156.84.0/24 maxlen: 24
185.156.85.0/24 maxlen: 24
185.156.86.0/23 maxlen: 23
185.156.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:86:4a:1b:a1:b5:12:d6:72:58:0e:78:88:cd:1c:c7:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8dff1b0ce9f486a67e63d3f0d0e688a24f700c7c
Validity
Not Before: Apr 13 10:01:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5bbf6704a84f03310879d5d54f9acdb4c575c8ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:95:3d:b4:aa:ae:02:a3:f7:6b:36:9d:44:22:
9a:95:fb:39:55:75:37:ae:ae:79:87:c6:bb:31:e6:
09:b6:d6:1b:4b:bb:35:34:94:13:2b:fd:b4:8e:12:
b5:d2:cd:9c:91:9b:93:e4:8d:78:93:dc:99:22:09:
0a:ab:88:95:8b:63:48:54:98:d7:3d:a8:44:67:a5:
14:97:78:5f:c2:27:23:b7:44:2b:59:ba:4e:fd:94:
44:ec:9a:1f:cf:aa:2d:06:83:19:36:fe:0c:ee:8f:
eb:34:7b:88:6c:82:89:7e:0a:de:ac:f4:85:51:b5:
f5:02:d9:5a:59:9e:ba:f8:c2:c1:9d:8c:85:e2:3f:
df:42:f3:2a:e4:6c:4a:0f:91:b7:5f:30:85:e0:40:
5e:17:aa:0f:c7:df:b8:0b:d2:09:75:a7:14:f7:1e:
3d:00:64:77:db:fe:eb:0e:84:26:b8:26:da:5b:b9:
8b:bb:21:4b:e9:f5:22:90:f8:17:c9:ec:06:f0:99:
15:87:22:4f:3e:33:46:39:d8:a0:9d:5c:75:69:ac:
e6:b6:03:5b:fc:b2:d8:9d:08:93:ab:f6:e7:a5:8a:
b5:fe:9c:2d:69:87:0e:9a:13:1d:d2:85:51:20:56:
aa:35:6e:f0:e4:01:95:6b:f3:ef:93:51:4e:9b:31:
fd:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:BF:67:04:A8:4F:03:31:08:79:D5:D5:4F:9A:CD:B4:C5:75:C8:EA
X509v3 Authority Key Identifier:
keyid:8D:FF:1B:0C:E9:F4:86:A6:7E:63:D3:F0:D0:E6:88:A2:4F:70:0C:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/W79nBKhPAzEIedXVT5rNtMV1yOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.254.0/24
91.221.58.0/23
185.156.84.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:28:d3:a8:97:ec:b1:b1:35:eb:77:1c:f8:cd:3f:76:98:f7:
50:95:9e:ff:00:61:3d:c8:50:59:54:91:ae:a6:ae:c7:75:aa:
79:9a:76:36:80:ba:f5:ff:1b:82:69:c4:e0:62:71:f2:42:e2:
1d:c6:9b:68:d8:1c:d7:4f:6d:ed:6e:b7:8c:5c:4f:77:19:c2:
92:b4:00:ed:bd:05:76:ac:56:10:b9:f9:07:d8:29:38:91:28:
69:ea:82:f7:3a:c6:fa:a1:9c:fb:a5:bc:9d:42:82:7d:5d:fb:
35:f0:e9:14:44:8d:83:f1:c1:28:de:da:20:6b:30:16:d7:1e:
32:70:ca:9c:75:2c:a1:8c:f0:78:52:31:27:f6:22:c7:5a:02:
d6:4b:2d:65:f5:16:7d:bc:ed:54:eb:e0:c9:e6:f4:05:d4:a5:
17:bf:a4:db:46:dc:5f:ab:ec:c9:2d:ad:a4:9c:8f:4d:31:53:
f3:31:0e:2f:c1:60:26:76:a0:6d:2a:59:8d:ac:b1:b8:1d:db:
bb:20:2e:00:a5:ca:1a:a9:56:a9:f6:f0:66:37:25:92:05:83:
27:e1:10:c3:6e:4b:8d:07:30:11:ac:fd:76:16:43:0e:de:7f:
49:df:9a:be:fa:53:28:6b:24:a3:bd:c2:e2:8e:bc:82:e4:e2:
1e:63:0c:f8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ2GShuhtRLWclgOeIjNHMdVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkZmYxYjBjZTlmNDg2YTY3ZTYzZDNmMGQwZTY4OGEyNGY3
MDBjN2MwHhcNMjYwNDEzMTAwMTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmJmNjcwNGE4NGYwMzMxMDg3OWQ1ZDU0ZjlhY2RiNGM1NzVjOGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5pU9tKquAqP3azadRCKalfs5VXU3
rq55h8a7MeYJttYbS7s1NJQTK/20jhK10s2ckZuT5I14k9yZIgkKq4iVi2NIVJjX
PahEZ6UUl3hfwicjt0QrWbpO/ZRE7Jofz6otBoMZNv4M7o/rNHuIbIKJfgrerPSF
UbX1AtlaWZ66+MLBnYyF4j/fQvMq5GxKD5G3XzCF4EBeF6oPx9+4C9IJdacU9x49
AGR32/7rDoQmuCbaW7mLuyFL6fUikPgXyewG8JkVhyJPPjNGOdignVx1aazmtgNb
/LLYnQiTq/bnpYq1/pwtaYcOmhMd0oVRIFaqNW7w5AGVa/Pvk1FOmzH9rQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFu/ZwSoTwMxCHnV1U+azbTFdcjqMB8GA1UdIwQY
MBaAFI3/Gwzp9IamfmPT8NDmiKJPcAx8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamY4YkRPbjBocVotWTlQdzBPYUlvazl3REh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80YWY2NGEtNTdmOC00NjQzLTg3YmEt
ZDg3YjcwMjZhM2ZmLzEvVzc5bkJLaFBBekVJZWRYVlQ1ck50TVYxeU9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi80YWY2NGEtNTdmOC00NjQzLTg3YmEtZDg3YjcwMjZhM2Zm
LzEvamY4YkRPbjBocVotWTlQdzBPYUlvazl3REh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9H+AwQB
W906AwQCuZxUMA0GCSqGSIb3DQEBCwUAA4IBAQCnKNOol+yxsTXrdxz4zT92mPdQ
lZ7/AGE9yFBZVJGupq7Hdap5mnY2gLr1/xuCacTgYnHyQuIdxpto2BzXT23tbreM
XE93GcKStADtvQV2rFYQufkH2Ck4kShp6oL3Osb6oZz7pbydQoJ9Xfs18OkURI2D
8cEo3togazAW1x4ycMqcdSyhjPB4UjEn9iLHWgLWSy1l9RZ9vO1U6+DJ5vQF1KUX
v6TbRtxfq+zJLa2knI9NMVPzMQ4vwWAmdqBtKlmNrLG4Hdu7IC4ApcoaqVap9vBm
NyWSBYMn4RDDbkuNBzARrP12FkMO3n9J35q++lMoaySjvcLijryC5OIeYwz4
-----END CERTIFICATE-----
Generated at Sun Apr 19 11:34:07 2026 by rpki-client