Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/421716-50a8-4b8c-aeb5-e9e415f4c5ff/1/vTv6Y9pYzSLa4y30BsFSU3zUkkI.roa
File: vTv6Y9pYzSLa4y30BsFSU3zUkkI.roa (raw, json)
Hash identifier: W0KsvSQFE2TKZ3eONDLazVIwQ+vxG34zEx4WZk3Nw8w=
Subject key identifier: BD:3B:FA:63:DA:58:CD:22:DA:E3:2D:F4:06:C1:52:53:7C:D4:92:42
Certificate issuer: /CN=f985339bd6e4b6f672a67caf7716ee40c14b9569
Certificate serial: 019D04D3E7F1D58C9F5686857F384C6C7649
Authority key identifier: F9:85:33:9B:D6:E4:B6:F6:72:A6:7C:AF:77:16:EE:40:C1:4B:95:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YUzm9bktvZypnyvdxbuQMFLlWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/421716-50a8-4b8c-aeb5-e9e415f4c5ff/1/vTv6Y9pYzSLa4y30BsFSU3zUkkI.roa
Signing time: Thu 19 Mar 2026 06:41:29 +0000
ROA not before: Thu 19 Mar 2026 06:41:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200483
IP address blocks: 79.134.193.0/24 maxlen: 24
79.134.198.0/23 maxlen: 23
79.134.198.0/24 maxlen: 24
79.134.199.0/24 maxlen: 24
79.134.222.0/23 maxlen: 23
79.134.222.0/24 maxlen: 24
79.134.223.0/24 maxlen: 24
93.191.58.0/24 maxlen: 24
93.191.60.0/24 maxlen: 24
93.191.63.0/24 maxlen: 24
95.161.156.0/22 maxlen: 22
95.161.156.0/23 maxlen: 23
95.161.156.0/24 maxlen: 24
95.161.157.0/24 maxlen: 24
95.161.158.0/23 maxlen: 23
95.161.158.0/24 maxlen: 24
95.161.159.0/24 maxlen: 24
95.161.164.0/22 maxlen: 22
95.161.164.0/23 maxlen: 23
95.161.164.0/24 maxlen: 24
95.161.165.0/24 maxlen: 24
95.161.166.0/23 maxlen: 23
95.161.166.0/24 maxlen: 24
95.161.167.0/24 maxlen: 24
95.161.216.0/23 maxlen: 23
95.161.216.0/24 maxlen: 24
95.161.217.0/24 maxlen: 24
95.161.221.0/24 maxlen: 24
95.161.223.0/24 maxlen: 24
95.161.239.0/24 maxlen: 24
178.16.151.0/24 maxlen: 24
185.102.8.0/22 maxlen: 22
185.102.8.0/23 maxlen: 23
185.102.8.0/24 maxlen: 24
185.102.9.0/24 maxlen: 24
185.102.10.0/23 maxlen: 23
185.102.10.0/24 maxlen: 24
185.102.11.0/24 maxlen: 24
185.119.0.0/22 maxlen: 22
185.119.0.0/23 maxlen: 23
185.119.0.0/24 maxlen: 24
185.119.1.0/24 maxlen: 24
185.119.2.0/23 maxlen: 23
185.119.2.0/24 maxlen: 24
185.119.3.0/24 maxlen: 24
185.171.192.0/22 maxlen: 22
185.171.192.0/23 maxlen: 23
185.171.192.0/24 maxlen: 24
185.171.193.0/24 maxlen: 24
185.171.194.0/23 maxlen: 23
185.171.194.0/24 maxlen: 24
185.171.195.0/24 maxlen: 24
185.241.176.0/22 maxlen: 22
185.241.176.0/23 maxlen: 23
185.241.176.0/24 maxlen: 24
185.241.177.0/24 maxlen: 24
185.241.178.0/23 maxlen: 23
185.241.178.0/24 maxlen: 24
185.241.179.0/24 maxlen: 24
217.79.4.0/23 maxlen: 23
217.79.4.0/24 maxlen: 24
217.79.5.0/24 maxlen: 24
217.79.8.0/24 maxlen: 24
2a12:9c80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/421716-50a8-4b8c-aeb5-e9e415f4c5ff/1/1-YUzm9bktvZypnyvdxbuQMFLlWk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/421716-50a8-4b8c-aeb5-e9e415f4c5ff/1/1-YUzm9bktvZypnyvdxbuQMFLlWk.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-YUzm9bktvZypnyvdxbuQMFLlWk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:04:d3:e7:f1:d5:8c:9f:56:86:85:7f:38:4c:6c:76:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f985339bd6e4b6f672a67caf7716ee40c14b9569
Validity
Not Before: Mar 19 06:41:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bd3bfa63da58cd22dae32df406c152537cd49242
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:b6:e6:00:d2:51:aa:eb:6a:ea:8c:53:4b:35:
57:ab:05:4a:0a:c7:db:9e:2c:1a:12:87:6f:ef:d2:
d1:37:b7:b2:01:76:0c:9b:20:03:9d:9b:7e:00:8a:
e6:a2:ef:fe:dc:91:49:f9:25:d0:c5:73:f4:fc:af:
8f:ec:7c:f1:0d:7c:87:96:1b:a6:71:9c:37:08:97:
62:7c:d8:59:4f:d5:6a:d2:fe:ab:fa:69:ea:b6:2b:
ce:02:fd:d6:ad:28:f4:01:da:d4:93:95:c0:8e:21:
e3:53:e2:b3:92:7f:f1:33:46:fe:aa:7d:7f:ed:1d:
18:91:d9:44:e5:6c:0c:fb:7a:69:48:c5:13:ef:8e:
ce:1e:44:1e:c7:e2:82:33:ed:48:b2:5e:a6:b5:39:
6f:49:74:71:0d:2a:d8:a9:d3:ad:45:fb:fd:d0:5a:
8b:85:4e:09:a4:ce:4b:80:77:6b:44:eb:8d:da:04:
53:cb:59:e2:5c:cf:1d:90:ca:b8:1a:9e:f6:e8:95:
fc:63:68:93:6d:55:92:63:89:ef:dc:3e:95:48:49:
ab:a3:63:3d:a3:9e:c4:63:ce:da:30:f2:2a:75:7a:
77:05:e5:20:12:a8:9c:85:49:52:af:67:3a:14:f2:
7a:cb:71:14:48:b9:04:06:3b:21:16:df:ef:01:34:
80:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:3B:FA:63:DA:58:CD:22:DA:E3:2D:F4:06:C1:52:53:7C:D4:92:42
X509v3 Authority Key Identifier:
keyid:F9:85:33:9B:D6:E4:B6:F6:72:A6:7C:AF:77:16:EE:40:C1:4B:95:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YUzm9bktvZypnyvdxbuQMFLlWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/421716-50a8-4b8c-aeb5-e9e415f4c5ff/1/vTv6Y9pYzSLa4y30BsFSU3zUkkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/421716-50a8-4b8c-aeb5-e9e415f4c5ff/1/1-YUzm9bktvZypnyvdxbuQMFLlWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.134.193.0/24
79.134.198.0/23
79.134.222.0/23
93.191.58.0/24
93.191.60.0/24
93.191.63.0/24
95.161.156.0/22
95.161.164.0/22
95.161.216.0/23
95.161.221.0/24
95.161.223.0/24
95.161.239.0/24
178.16.151.0/24
185.102.8.0/22
185.119.0.0/22
185.171.192.0/22
185.241.176.0/22
217.79.4.0/23
217.79.8.0/24
IPv6:
2a12:9c80::/29
Signature Algorithm: sha256WithRSAEncryption
86:ca:bc:12:99:c1:ce:0b:88:de:67:32:ea:85:b5:91:a1:d4:
7f:d9:7d:42:8f:38:27:ac:de:9b:6d:c4:5a:2a:9c:09:f9:3b:
8a:d9:2a:0a:2f:f9:2c:4f:af:e7:0e:d3:b1:a0:7b:7a:ba:2e:
a3:74:18:a8:00:8b:42:d0:d9:7d:b8:1b:6b:38:40:3a:30:69:
2c:7d:b7:c4:9c:55:b2:d4:8d:20:3c:a4:42:81:a0:c2:65:1d:
cd:a1:e0:79:b7:44:97:d7:06:a9:b0:d9:f0:ef:b4:ec:5a:11:
e5:64:88:86:43:c1:fe:44:39:4a:65:58:ad:5d:40:e5:58:f1:
6c:41:8a:23:cb:1c:f5:d6:d3:19:1e:48:e0:1c:31:ee:b5:ba:
42:b2:14:1d:65:0c:2c:ae:fd:c3:9b:eb:09:9b:2f:07:48:7d:
89:67:cc:95:ae:e3:69:9a:3c:7b:6a:8c:e8:f4:41:73:2e:2e:
65:ff:ee:9f:24:54:c2:31:ea:7d:ae:8e:66:f6:d7:ad:ba:a6:
68:83:22:31:d9:d5:7a:2d:25:e8:c5:6b:d6:f0:ac:2a:ba:2b:
17:15:6d:c4:b9:67:81:c8:53:36:9a:09:d7:20:79:c4:0a:56:
b3:5d:91:8f:3b:c6:63:21:a2:cd:03:7d:17:0b:c0:f4:c0:0e:
ca:64:f1:69
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAZ0E0+fx1YyfVoaFfzhMbHZJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5ODUzMzliZDZlNGI2ZjY3MmE2N2NhZjc3MTZlZTQwYzE0
Yjk1NjkwHhcNMjYwMzE5MDY0MTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDNiZmE2M2RhNThjZDIyZGFlMzJkZjQwNmMxNTI1MzdjZDQ5MjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3LbmANJRqutq6oxTSzVXqwVKCsfb
niwaEodv79LRN7eyAXYMmyADnZt+AIrmou/+3JFJ+SXQxXP0/K+P7HzxDXyHlhum
cZw3CJdifNhZT9Vq0v6r+mnqtivOAv3WrSj0AdrUk5XAjiHjU+Kzkn/xM0b+qn1/
7R0YkdlE5WwM+3ppSMUT747OHkQex+KCM+1Isl6mtTlvSXRxDSrYqdOtRfv90FqL
hU4JpM5LgHdrROuN2gRTy1niXM8dkMq4Gp726JX8Y2iTbVWSY4nv3D6VSEmro2M9
o57EY87aMPIqdXp3BeUgEqichUlSr2c6FPJ6y3EUSLkEBjshFt/vATSAPwIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFL07+mPaWM0i2uMt9AbBUlN81JJCMB8GA1UdIwQY
MBaAFPmFM5vW5Lb2cqZ8r3cW7kDBS5VpMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1ZVXptOWJrdHZaeXBueXZkeGJ1UU1GTGxXay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIvNDIxNzE2LTUwYTgtNGI4Yy1hZWI1
LWU5ZTQxNWY0YzVmZi8xL3ZUdjZZOXBZelNMYTR5MzBCc0ZTVTN6VWtrSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmIvNDIxNzE2LTUwYTgtNGI4Yy1hZWI1LWU5ZTQxNWY0YzVm
Zi8xLzEtWVV6bTlia3R2Wnlwbnl2ZHhidVFNRkxsV2suY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZwGCCsGAQUFBwEHAQH/BIGMMIGJMHgEAgABMHIDBABP
hsEDBAFPhsYDBAFPht4DBABdvzoDBABdvzwDBABdvz8DBAJfoZwDBAJfoaQDBAFf
odgDBABfod0DBABfod8DBABfoe8DBACyEJcDBAK5ZggDBAK5dwADBAK5q8ADBAK5
8bADBAHZTwQDBADZTwgwDQQCAAIwBwMFAyoSnIAwDQYJKoZIhvcNAQELBQADggEB
AIbKvBKZwc4LiN5nMuqFtZGh1H/ZfUKPOCes3pttxFoqnAn5O4rZKgov+SxPr+cO
07Gge3q6LqN0GKgAi0LQ2X24G2s4QDowaSx9t8ScVbLUjSA8pEKBoMJlHc2h4Hm3
RJfXBqmw2fDvtOxaEeVkiIZDwf5EOUplWK1dQOVY8WxBiiPLHPXW0xkeSOAcMe61
ukKyFB1lDCyu/cOb6wmbLwdIfYlnzJWu42maPHtqjOj0QXMuLmX/7p8kVMIx6n2u
jmb21626pmiDIjHZ1XotJejFa9bwrCq6KxcVbcS5Z4HIUzaaCdcgecQKVrNdkY87
xmMhos0DfRcLwPTADspk8Wk=
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:06:26 2026 by rpki-client