Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/9zGgYV27pcXzRZPYvXsGi_q7u_0.roa
File: 9zGgYV27pcXzRZPYvXsGi_q7u_0.roa (raw, json)
Hash identifier: 37bbslR8yNtebmwByAGo/T5zj6zbONI0JTKi+uZYWrc=
Subject key identifier: F7:31:A0:61:5D:BB:A5:C5:F3:45:93:D8:BD:7B:06:8B:FA:BB:BB:FD
Certificate issuer: /CN=87be093097097c4457ff5aa3e5893c8c15432612
Certificate serial: 019DBE5AADEA8721C569A9BD5115D19F21D2
Authority key identifier: 87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/9zGgYV27pcXzRZPYvXsGi_q7u_0.roa
Signing time: Fri 24 Apr 2026 07:18:26 +0000
ROA not before: Fri 24 Apr 2026 07:18:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39409
IP address blocks: 37.153.156.0/24 maxlen: 24
89.35.49.0/24 maxlen: 24
89.37.99.0/24 maxlen: 24
185.216.8.0/24 maxlen: 24
2001:678:20c::/48 maxlen: 48
2001:678:d58::/48 maxlen: 48
2a10:9906::/48 maxlen: 48
2a10:9906:1001::/48 maxlen: 48
2a10:9906:1002::/48 maxlen: 48
2a10:9906:3010::/48 maxlen: 48
2a10:9906:3020::/48 maxlen: 48
2a10:9906:3050::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.mft
rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 01:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:be:5a:ad:ea:87:21:c5:69:a9:bd:51:15:d1:9f:21:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87be093097097c4457ff5aa3e5893c8c15432612
Validity
Not Before: Apr 24 07:18:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f731a0615dbba5c5f34593d8bd7b068bfabbbbfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:10:01:1e:35:58:75:ae:a7:22:ee:2b:ff:76:
7d:aa:a5:9f:b4:16:b6:12:8c:af:30:ae:cd:18:54:
6a:49:eb:0a:8e:c0:2b:4b:a8:03:41:29:27:5a:ed:
61:5a:9b:7c:2e:1f:d8:6a:09:68:95:96:0a:6a:33:
35:4a:1e:aa:13:08:c1:9b:9f:84:a4:e9:26:6d:8e:
41:09:1c:96:0c:01:ad:ef:24:e5:82:59:bc:a8:30:
79:37:60:c5:5d:25:65:c6:77:38:97:71:fa:82:3f:
f6:27:48:a3:72:7b:69:43:72:1a:be:45:e1:ac:2c:
90:74:45:bf:0c:d6:9f:ee:ac:7c:0d:26:74:5e:c9:
9f:14:45:0c:f3:3b:4b:8b:63:b7:58:2e:d0:31:2d:
ba:97:a5:b0:11:4f:31:7b:0e:12:3b:db:36:05:f2:
98:fc:a7:62:36:16:c7:c3:3d:a0:5a:e7:d5:7c:65:
a3:65:6a:75:da:11:a4:39:39:1e:e5:db:51:ff:37:
28:14:79:22:63:02:1e:2c:0e:e8:ba:20:7b:8c:52:
0d:e8:c4:97:ed:c7:be:fa:43:0a:13:5e:f8:6a:93:
74:d1:34:7f:14:9d:80:e1:75:1b:d6:ac:d2:d5:c1:
55:3b:e7:05:f8:f0:07:09:80:65:72:76:98:3b:87:
71:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:31:A0:61:5D:BB:A5:C5:F3:45:93:D8:BD:7B:06:8B:FA:BB:BB:FD
X509v3 Authority Key Identifier:
keyid:87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/9zGgYV27pcXzRZPYvXsGi_q7u_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.156.0/24
89.35.49.0/24
89.37.99.0/24
185.216.8.0/24
IPv6:
2001:678:20c::/48
2001:678:d58::/48
2a10:9906::/48
2a10:9906:1001::-2a10:9906:1002:ffff:ffff:ffff:ffff:ffff
2a10:9906:3010::/48
2a10:9906:3020::/48
2a10:9906:3050::/48
Signature Algorithm: sha256WithRSAEncryption
61:11:55:51:a3:1c:50:e6:84:e4:9d:89:8d:5f:cc:2e:5e:28:
3d:d8:3b:b8:3f:44:66:5e:99:0c:eb:d9:5a:44:27:5e:33:11:
8a:d3:a3:93:e5:32:91:34:0c:8f:7b:80:c6:6c:13:bb:7d:22:
e5:cf:27:b2:d0:3f:c3:31:c8:37:f1:68:f0:74:f4:4c:0f:03:
64:15:2d:29:3f:d9:fb:65:90:af:9b:8b:2b:16:86:74:32:38:
22:21:7c:c8:d2:e2:8c:4f:4f:c3:82:3a:33:fb:93:2e:4d:72:
0f:d2:c2:29:0e:16:f1:cf:45:2a:7d:7f:31:16:67:7a:01:01:
13:52:60:99:18:e8:69:a3:54:e1:11:39:44:55:19:8c:4a:9b:
ac:84:41:23:56:63:8f:bd:76:07:43:d2:81:51:e7:97:4b:7b:
4f:ad:46:ce:0e:d6:ed:d6:df:5f:b7:82:c0:c6:c7:88:b6:00:
21:00:aa:ea:5c:48:0b:39:4b:32:ae:5f:df:d6:85:ab:28:84:
0b:78:80:b8:7d:d8:92:4b:dc:31:0e:9e:4b:0c:9b:9a:fd:4c:
f8:82:4e:a2:96:6d:d9:de:42:9f:81:6f:72:6b:ad:bf:1f:dc:
18:15:b9:a2:9d:a2:2c:27:05:92:89:a2:59:80:22:3f:8c:6f:
a5:90:de:20
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZ2+Wq3qhyHFaam9URXRnyHSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YmUwOTMwOTcwOTdjNDQ1N2ZmNWFhM2U1ODkzYzhjMTU0
MzI2MTIwHhcNMjYwNDI0MDcxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzMxYTA2MTVkYmJhNWM1ZjM0NTkzZDhiZDdiMDY4YmZhYmJiYmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRABHjVYda6nIu4r/3Z9qqWftBa2
EoyvMK7NGFRqSesKjsArS6gDQSknWu1hWpt8Lh/YaglolZYKajM1Sh6qEwjBm5+E
pOkmbY5BCRyWDAGt7yTlglm8qDB5N2DFXSVlxnc4l3H6gj/2J0ijcntpQ3IavkXh
rCyQdEW/DNaf7qx8DSZ0XsmfFEUM8ztLi2O3WC7QMS26l6WwEU8xew4SO9s2BfKY
/KdiNhbHwz2gWufVfGWjZWp12hGkOTke5dtR/zcoFHkiYwIeLA7ouiB7jFIN6MSX
7ce++kMKE174apN00TR/FJ2A4XUb1qzS1cFVO+cF+PAHCYBlcnaYO4dxlwIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFPcxoGFdu6XF80WT2L17Bov6u7v9MB8GA1UdIwQY
MBaAFIe+CTCXCXxEV/9ao+WJPIwVQyYSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMt
MmNkZTY1ZjMxMTJhLzEvOXpHZ1lWMjdwY1h6UlpQWXZYc0dpX3E3dV8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMtMmNkZTY1ZjMxMTJh
LzEvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwHgQCAAEwGAMEACWZnAME
AFkjMQMEAFklYwMEALnYCDBQBAIAAjBKAwcAIAEGeAIMAwcAIAEGeA1YAwcAKhCZ
BgAAMBIDBwAqEJkGEAEDBwAqEJkGEAIDBwAqEJkGMBADBwAqEJkGMCADBwAqEJkG
MFAwDQYJKoZIhvcNAQELBQADggEBAGERVVGjHFDmhOSdiY1fzC5eKD3YO7g/RGZe
mQzr2VpEJ14zEYrTo5PlMpE0DI97gMZsE7t9IuXPJ7LQP8MxyDfxaPB09EwPA2QV
LSk/2ftlkK+biysWhnQyOCIhfMjS4oxPT8OCOjP7ky5Ncg/SwikOFvHPRSp9fzEW
Z3oBARNSYJkY6GmjVOEROURVGYxKm6yEQSNWY4+9dgdD0oFR55dLe0+tRs4O1u3W
31+3gsDGx4i2ACEAqupcSAs5SzKuX9/WhasohAt4gLh92JJL3DEOnksMm5r9TPiC
TqKWbdneQp+Bb3Jrrb8f3BgVuaKdoiwnBZKJolmAIj+Mb6WQ3iA=
-----END CERTIFICATE-----
Generated at Wed May 13 12:25:43 2026 by rpki-client