Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/irWIIdGrPCF__bNM-7jWvdoN8Fk.roa
File: irWIIdGrPCF__bNM-7jWvdoN8Fk.roa (raw, json)
Hash identifier: MjhDjF/wByz4S64HsuaDNBhp/WXjWepuD6vVlXyMfH4=
Subject key identifier: 8A:B5:88:21:D1:AB:3C:21:7F:FD:B3:4C:FB:B8:D6:BD:DA:0D:F0:59
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019E01FE34BFDAD8CB655699C405300DFE7F
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/irWIIdGrPCF__bNM-7jWvdoN8Fk.roa
Signing time: Thu 07 May 2026 10:31:37 +0000
ROA not before: Thu 07 May 2026 10:31:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20473
IP address blocks: 78.17.168.0/24 maxlen: 24
91.132.50.0/24 maxlen: 24
91.208.61.0/24 maxlen: 24
212.192.16.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:01:fe:34:bf:da:d8:cb:65:56:99:c4:05:30:0d:fe:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: May 7 10:31:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8ab58821d1ab3c217ffdb34cfbb8d6bdda0df059
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c5:53:e9:3e:c2:9f:ff:82:8f:7b:43:30:f3:
95:16:50:15:38:72:15:ae:27:28:4f:ff:6f:98:01:
3b:8b:d9:0b:53:b9:4d:eb:20:b4:a3:8e:bc:c7:a6:
20:54:60:3e:fd:6c:1e:23:44:fe:02:3d:cc:90:98:
a6:44:d4:9e:bf:f5:76:cf:a5:9c:88:b1:7d:86:ed:
d8:21:57:fd:94:f1:67:a6:8c:a5:5b:be:4b:06:a7:
33:d9:b2:26:c4:95:3a:9a:c4:c3:5f:58:2d:58:8f:
ed:44:d9:f4:b4:1d:41:35:d8:4f:9c:e9:3d:a9:98:
ce:dd:4c:09:f9:5e:12:b4:9c:56:a8:1b:12:9f:b7:
50:87:31:7d:3f:af:7b:b1:8d:e3:a7:1f:de:d6:9f:
44:f6:f8:6a:7f:b1:0b:94:55:74:6a:fe:23:1f:ae:
80:c9:11:0a:f6:1e:f4:f1:8e:65:1e:25:df:3d:07:
62:8c:ff:5d:a8:6c:45:43:3b:2c:e8:be:e3:55:63:
e2:fa:6e:3d:33:bc:af:19:98:35:08:03:8a:47:13:
f5:d5:50:b4:b3:b7:83:1e:8c:6d:b5:62:a2:62:fc:
99:66:3e:fb:ac:d3:12:00:5b:de:ea:ed:c0:f4:cd:
d0:7c:3d:4e:ad:a7:3d:c0:ba:ba:0f:ca:64:82:4e:
fa:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:B5:88:21:D1:AB:3C:21:7F:FD:B3:4C:FB:B8:D6:BD:DA:0D:F0:59
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/irWIIdGrPCF__bNM-7jWvdoN8Fk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.17.168.0/24
91.132.50.0/24
91.208.61.0/24
212.192.16.0/23
Signature Algorithm: sha256WithRSAEncryption
65:9c:96:95:9f:0e:15:cb:04:f3:b1:e6:14:ea:8a:9a:1e:2a:
d3:c8:7e:16:ea:5d:14:26:41:78:98:e1:6a:92:ed:ab:8b:0e:
48:38:b1:c7:9f:21:43:7b:b4:68:8c:58:b4:ea:04:d3:05:c8:
2c:ae:86:16:2f:e3:fa:17:f8:aa:89:13:e9:24:7b:4f:99:39:
c9:40:87:c6:38:34:3c:5a:f4:56:f3:4e:8c:71:c0:35:fb:9f:
be:00:7b:64:92:b6:a1:23:62:90:b6:5a:05:10:70:9c:b0:66:
69:ba:b1:e0:1b:a3:96:3f:a0:15:9d:3c:a4:82:0e:7b:34:cd:
8b:85:68:86:26:aa:7e:8a:d3:6a:e6:91:e0:68:bd:2c:13:d8:
dd:41:81:fe:72:65:dd:47:9b:91:84:c9:3d:42:bc:51:4d:df:
55:8b:7e:ad:f6:a3:1c:f1:cc:9d:9c:d9:2f:6f:ed:e5:c4:41:
b0:ce:76:42:e9:c1:f5:78:60:76:1f:3f:ff:f9:bc:d8:fc:34:
8b:bd:ff:75:d7:3d:c6:28:18:ce:76:38:38:e8:79:03:89:fd:
8b:9d:48:f9:b4:7d:c7:7c:c2:34:33:47:af:87:38:33:37:a1:
e4:1c:15:30:e1:e0:39:b7:2f:45:c6:8c:33:37:50:e8:43:e5:
5a:7f:f6:59
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ4B/jS/2tjLZVaZxAUwDf5/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwNTA3MTAzMTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWI1ODgyMWQxYWIzYzIxN2ZmZGIzNGNmYmI4ZDZiZGRhMGRmMDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cVT6T7Cn/+Cj3tDMPOVFlAVOHIV
ricoT/9vmAE7i9kLU7lN6yC0o468x6YgVGA+/WweI0T+Aj3MkJimRNSev/V2z6Wc
iLF9hu3YIVf9lPFnpoylW75LBqcz2bImxJU6msTDX1gtWI/tRNn0tB1BNdhPnOk9
qZjO3UwJ+V4StJxWqBsSn7dQhzF9P697sY3jpx/e1p9E9vhqf7ELlFV0av4jH66A
yREK9h708Y5lHiXfPQdijP9dqGxFQzss6L7jVWPi+m49M7yvGZg1CAOKRxP11VC0
s7eDHoxttWKiYvyZZj77rNMSAFve6u3A9M3QfD1Orac9wLq6D8pkgk76mQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIq1iCHRqzwhf/2zTPu41r3aDfBZMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvaXJXSUlkR3JQQ0ZfX2JOTS03ald2ZG9OOEZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAThGoAwQA
W4QyAwQAW9A9AwQB1MAQMA0GCSqGSIb3DQEBCwUAA4IBAQBlnJaVnw4VywTzseYU
6oqaHirTyH4W6l0UJkF4mOFqku2riw5IOLHHnyFDe7RojFi06gTTBcgsroYWL+P6
F/iqiRPpJHtPmTnJQIfGODQ8WvRW806MccA1+5++AHtkkrahI2KQtloFEHCcsGZp
urHgG6OWP6AVnTykgg57NM2LhWiGJqp+itNq5pHgaL0sE9jdQYH+cmXdR5uRhMk9
QrxRTd9Vi36t9qMc8cydnNkvb+3lxEGwznZC6cH1eGB2Hz//+bzY/DSLvf911z3G
KBjOdjg46HkDif2LnUj5tH3HfMI0M0evhzgzN6HkHBUw4eA5ty9FxowzN1DoQ+Va
f/ZZ
-----END CERTIFICATE-----
Generated at Tue May 12 21:53:48 2026 by rpki-client