Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/pYag05r3IjY8CANS1rOV29P44Q8.roa
File: pYag05r3IjY8CANS1rOV29P44Q8.roa (raw, json)
Hash identifier: HMep+BGio75gBaIq9gk8ClTlPgPcII6c/734DcscQwI=
Subject key identifier: A5:86:A0:D3:9A:F7:22:36:3C:08:03:52:D6:B3:95:DB:D3:F8:E1:0F
Certificate issuer: /CN=b9b8139993be665f3b5d0f6909ef058fa8f97922
Certificate serial: 019DD8A1655FF774CD615FF7B8A1EA9FCBE6
Authority key identifier: B9:B8:13:99:93:BE:66:5F:3B:5D:0F:69:09:EF:05:8F:A8:F9:79:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/pYag05r3IjY8CANS1rOV29P44Q8.roa
Signing time: Wed 29 Apr 2026 09:45:49 +0000
ROA not before: Wed 29 Apr 2026 09:45:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39442
IP address blocks: 92.39.104.0/21 maxlen: 21
185.125.72.0/22 maxlen: 22
185.183.48.0/22 maxlen: 22
185.183.48.0/23 maxlen: 23
188.247.32.0/19 maxlen: 19
188.247.40.0/24 maxlen: 24
188.247.44.0/22 maxlen: 22
188.247.44.0/24 maxlen: 24
188.247.54.0/24 maxlen: 24
188.247.55.0/24 maxlen: 24
188.247.56.0/21 maxlen: 21
213.234.0.0/20 maxlen: 20
213.234.0.0/24 maxlen: 24
213.234.1.0/24 maxlen: 24
213.234.5.0/24 maxlen: 24
213.234.6.0/24 maxlen: 24
213.234.8.0/24 maxlen: 24
213.234.10.0/24 maxlen: 24
213.234.11.0/24 maxlen: 24
213.234.16.0/21 maxlen: 21
213.234.16.0/22 maxlen: 22
213.234.16.0/24 maxlen: 24
213.234.18.0/23 maxlen: 23
213.234.20.0/24 maxlen: 24
213.234.21.0/24 maxlen: 24
213.234.22.0/24 maxlen: 24
213.234.23.0/24 maxlen: 24
217.149.176.0/20 maxlen: 20
217.149.176.0/21 maxlen: 21
217.149.176.0/22 maxlen: 22
217.149.176.0/24 maxlen: 24
217.149.177.0/24 maxlen: 24
217.149.178.0/24 maxlen: 24
217.149.179.0/24 maxlen: 24
217.149.181.0/24 maxlen: 24
217.149.184.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d8:a1:65:5f:f7:74:cd:61:5f:f7:b8:a1:ea:9f:cb:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b8139993be665f3b5d0f6909ef058fa8f97922
Validity
Not Before: Apr 29 09:45:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a586a0d39af722363c080352d6b395dbd3f8e10f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:71:b8:6c:c6:eb:9f:ad:b0:4a:63:a5:47:2b:
97:7c:36:ab:fd:d1:b0:51:49:ac:40:13:f1:b3:44:
96:2d:e9:73:cd:29:bc:09:a5:34:6b:ed:a3:f1:10:
54:3f:16:46:b0:9a:fc:48:3a:76:75:34:e1:b1:ef:
0c:b1:b9:81:5e:b3:18:8e:25:87:b0:b3:d4:45:e0:
d7:98:ba:fe:2f:1b:cd:36:78:9b:69:5f:d5:74:50:
25:1e:d3:da:10:3e:b7:fc:cd:bf:b6:97:06:7a:64:
54:02:40:a8:5a:c7:2b:a3:77:9a:41:a8:8f:19:f3:
40:c0:e8:c1:af:8c:8d:2f:72:92:18:14:35:e4:35:
c2:dd:ef:b3:d6:7b:f5:57:0e:4d:64:8e:a5:62:ec:
62:bd:e6:a4:e2:00:20:c6:3c:7b:8c:50:0e:02:bb:
d1:88:33:2e:03:72:ca:53:e9:db:58:a7:54:bc:bc:
b6:0b:60:83:11:c7:6b:c1:dd:01:57:3f:82:d1:80:
d2:e6:5d:80:f7:59:d0:6c:f1:7b:aa:b7:29:e2:6f:
2d:83:c9:03:dc:c6:84:8d:63:8f:78:b9:15:8b:2f:
f9:e0:37:b6:57:04:9a:3a:4d:67:a8:79:a5:67:0c:
b3:b2:9c:b3:56:73:88:bf:fd:f3:a5:28:8f:af:10:
ba:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:86:A0:D3:9A:F7:22:36:3C:08:03:52:D6:B3:95:DB:D3:F8:E1:0F
X509v3 Authority Key Identifier:
keyid:B9:B8:13:99:93:BE:66:5F:3B:5D:0F:69:09:EF:05:8F:A8:F9:79:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/pYag05r3IjY8CANS1rOV29P44Q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.39.104.0/21
185.125.72.0/22
185.183.48.0/22
188.247.32.0/19
213.234.0.0-213.234.23.255
217.149.176.0/20
Signature Algorithm: sha256WithRSAEncryption
59:db:2a:0a:91:dd:94:f4:40:ea:ed:3f:1f:54:71:f1:1c:87:
ce:18:53:aa:46:85:71:9b:13:db:34:45:d7:6c:fb:65:e9:80:
18:18:3c:1d:2d:61:c0:35:4c:a5:26:f9:1a:7f:bc:bb:56:a2:
e7:cc:4a:42:7a:9b:a0:7b:d5:c8:2e:b1:be:58:8f:9f:22:75:
ae:14:64:77:37:9c:1a:30:8e:46:b1:b8:b4:84:64:95:3b:63:
d9:58:c7:a9:0f:27:61:50:d1:fc:05:17:49:7b:4a:29:10:6a:
13:8b:8d:14:3b:a3:1d:e8:35:89:80:c1:06:37:68:a9:39:f4:
74:b6:da:b0:c8:3c:a3:85:1a:ff:d4:9c:b7:4e:11:8d:93:5e:
19:66:8e:d6:12:d8:d2:15:0f:b3:0a:35:f9:36:9f:26:85:f7:
8b:65:c2:00:fe:de:50:0c:03:e2:0a:94:b8:ea:d1:2e:1d:7f:
3c:60:85:ec:ac:29:d5:49:34:96:eb:dc:20:3e:a1:fb:75:84:
bc:30:49:57:46:0c:72:f6:4e:91:d0:99:27:f8:79:1b:d8:11:
ed:c0:ba:99:07:a4:61:79:09:05:ab:c6:35:eb:65:02:49:e0:
3e:76:86:ed:46:2c:09:0c:b0:b4:78:10:16:61:6a:5d:8c:c7:
87:bf:0f:50
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZ3YoWVf93TNYV/3uKHqn8vmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YjgxMzk5OTNiZTY2NWYzYjVkMGY2OTA5ZWYwNThmYThm
OTc5MjIwHhcNMjYwNDI5MDk0NTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTg2YTBkMzlhZjcyMjM2M2MwODAzNTJkNmIzOTVkYmQzZjhlMTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHG4bMbrn62wSmOlRyuXfDar/dGw
UUmsQBPxs0SWLelzzSm8CaU0a+2j8RBUPxZGsJr8SDp2dTThse8MsbmBXrMYjiWH
sLPUReDXmLr+LxvNNnibaV/VdFAlHtPaED63/M2/tpcGemRUAkCoWscro3eaQaiP
GfNAwOjBr4yNL3KSGBQ15DXC3e+z1nv1Vw5NZI6lYuxiveak4gAgxjx7jFAOArvR
iDMuA3LKU+nbWKdUvLy2C2CDEcdrwd0BVz+C0YDS5l2A91nQbPF7qrcp4m8tg8kD
3MaEjWOPeLkViy/54De2VwSaOk1nqHmlZwyzspyzVnOIv/3zpSiPrxC63wIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFKWGoNOa9yI2PAgDUtazldvT+OEPMB8GA1UdIwQY
MBaAFLm4E5mTvmZfO10PaQnvBY+o+XkiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJnVG1aTy1abDg3WFE5cENlOEZqNmo1ZVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC80NDEyNGQtOGIxNS00NWIyLWE1YzEt
N2JjNzNlZWUxNDQ3LzEvcFlhZzA1cjNJalk4Q0FOUzFyT1YyOVA0NFE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC80NDEyNGQtOGIxNS00NWIyLWE1YzEtN2JjNzNlZWUxNDQ3
LzEvdWJnVG1aTy1abDg3WFE5cENlOEZqNmo1ZVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAxBAIAATArAwQDXCdoAwQC
uX1IAwQCubcwAwQFvPcgMAsDAwHV6gMEA9XqEAMEBNmVsDANBgkqhkiG9w0BAQsF
AAOCAQEAWdsqCpHdlPRA6u0/H1Rx8RyHzhhTqkaFcZsT2zRF12z7ZemAGBg8HS1h
wDVMpSb5Gn+8u1ai58xKQnqboHvVyC6xvliPnyJ1rhRkdzecGjCORrG4tIRklTtj
2VjHqQ8nYVDR/AUXSXtKKRBqE4uNFDujHeg1iYDBBjdoqTn0dLbasMg8o4Ua/9Sc
t04RjZNeGWaO1hLY0hUPswo1+TafJoX3i2XCAP7eUAwD4gqUuOrRLh1/PGCF7Kwp
1Uk0luvcID6h+3WEvDBJV0YMcvZOkdCZJ/h5G9gR7cC6mQekYXkJBavGNetlAkng
PnaG7UYsCQywtHgQFmFqXYzHh78PUA==
-----END CERTIFICATE-----
Generated at Tue May 12 21:32:28 2026 by rpki-client