Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/TTfvsK5hd0_GUSO7MSasMs4WeiI.roa
File: TTfvsK5hd0_GUSO7MSasMs4WeiI.roa (raw, json)
Hash identifier: 5fCeSzSrIrlr7y2QP80sfMVoFocJvfEJtnCJtXTc+vY=
Subject key identifier: 4D:37:EF:B0:AE:61:77:4F:C6:51:23:BB:31:26:AC:32:CE:16:7A:22
Certificate issuer: /CN=aca1f4713024804c445403af63fa644b2a935d24
Certificate serial: 019D02C490F33733F10443FB84B5D32AF6DB
Authority key identifier: AC:A1:F4:71:30:24:80:4C:44:54:03:AF:63:FA:64:4B:2A:93:5D:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKH0cTAkgExEVAOvY_pkSyqTXSQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/TTfvsK5hd0_GUSO7MSasMs4WeiI.roa
Signing time: Wed 18 Mar 2026 21:05:29 +0000
ROA not before: Wed 18 Mar 2026 21:05:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12902
IP address blocks: 79.98.168.0/21 maxlen: 24
79.98.170.0/24 maxlen: 24
185.32.232.0/22 maxlen: 24
185.44.244.0/22 maxlen: 24
185.45.116.0/22 maxlen: 24
185.47.20.0/22 maxlen: 24
185.50.92.0/22 maxlen: 24
185.50.93.0/24 maxlen: 24
185.50.95.0/24 maxlen: 24
185.225.220.0/22 maxlen: 24
185.240.112.0/22 maxlen: 24
194.180.219.0/24 maxlen: 24
217.77.128.0/19 maxlen: 24
217.77.144.0/24 maxlen: 24
2001:9c0::/32 maxlen: 32
2a00:c660::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/rKH0cTAkgExEVAOvY_pkSyqTXSQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/rKH0cTAkgExEVAOvY_pkSyqTXSQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKH0cTAkgExEVAOvY_pkSyqTXSQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:02:c4:90:f3:37:33:f1:04:43:fb:84:b5:d3:2a:f6:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca1f4713024804c445403af63fa644b2a935d24
Validity
Not Before: Mar 18 21:05:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4d37efb0ae61774fc65123bb3126ac32ce167a22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:79:4f:f6:2b:c7:82:07:3e:af:13:15:21:93:
b0:8d:d0:db:6c:6a:7f:15:0f:ba:e0:1d:bc:06:16:
21:46:36:4a:93:d8:0c:ad:b1:22:e8:b8:b0:e2:e3:
8a:c1:72:54:fc:e3:6e:56:5a:90:c5:4d:f1:99:e3:
92:3a:20:e5:6e:71:3f:be:60:46:d5:c1:f0:c9:7b:
7f:83:b1:e5:d3:77:60:e1:20:e2:2b:b4:12:16:84:
c7:7f:93:a2:d0:f1:e8:a4:72:c1:41:b5:b2:a5:90:
ec:d2:d5:a4:28:29:cd:f4:55:04:cd:93:80:dd:23:
fb:95:44:a1:5d:07:50:47:bf:e8:28:61:3c:20:74:
4f:5c:c8:90:78:cf:c3:d9:d6:8a:03:62:5b:a6:dc:
f9:ef:48:29:95:e4:1e:06:e9:d2:a9:8f:ba:39:0f:
da:f7:fa:4e:84:7f:3a:29:42:7b:fc:e2:ee:39:cb:
88:d9:a3:8f:47:95:00:4f:e0:65:90:29:a1:9e:e7:
20:09:49:bf:84:dc:0f:8d:5f:81:ff:77:c8:d2:ab:
2d:9b:8a:0e:6a:e5:2a:3e:1d:66:2c:d1:c0:35:4f:
ef:df:99:bf:78:9e:1c:24:54:c7:9d:6d:3d:82:43:
bf:97:af:5d:cc:6f:c2:62:7c:93:15:8a:20:88:56:
9c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:37:EF:B0:AE:61:77:4F:C6:51:23:BB:31:26:AC:32:CE:16:7A:22
X509v3 Authority Key Identifier:
keyid:AC:A1:F4:71:30:24:80:4C:44:54:03:AF:63:FA:64:4B:2A:93:5D:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKH0cTAkgExEVAOvY_pkSyqTXSQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/TTfvsK5hd0_GUSO7MSasMs4WeiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/rKH0cTAkgExEVAOvY_pkSyqTXSQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.168.0/21
185.32.232.0/22
185.44.244.0/22
185.45.116.0/22
185.47.20.0/22
185.50.92.0/22
185.225.220.0/22
185.240.112.0/22
194.180.219.0/24
217.77.128.0/19
IPv6:
2001:9c0::/32
2a00:c660::/29
Signature Algorithm: sha256WithRSAEncryption
3b:41:20:04:16:84:54:98:e6:47:2f:59:9c:b1:ec:d8:0c:85:
a3:ba:e5:58:98:96:30:ae:92:21:33:c0:f1:10:d6:1d:9a:1d:
55:d4:b5:15:ff:7d:90:a5:a8:76:16:09:14:95:3a:25:3b:1c:
2c:89:a5:8e:89:e1:7f:39:b2:43:25:8b:49:1e:d7:27:bd:2a:
f9:f0:24:38:69:d7:73:9a:33:71:01:d7:18:95:35:0e:a9:f0:
2d:37:aa:eb:d5:7c:ce:f2:e1:c9:ce:10:19:79:6a:b3:a2:57:
27:c7:3a:6b:8d:39:5d:08:66:ed:b5:41:7f:02:d0:12:f2:34:
f1:3d:bf:96:0e:34:73:b5:01:9a:69:5d:5f:7d:b6:15:de:98:
ef:5c:48:4f:8b:2e:8c:60:d7:1b:89:04:ac:45:25:8b:73:6e:
55:f6:cf:e5:bf:7a:64:9a:ec:c3:79:cf:fa:37:66:d9:2c:b7:
63:67:4c:94:dc:88:9c:e3:9e:b3:a1:37:1a:b1:fd:89:c9:66:
ce:97:0d:e4:17:87:bd:99:2d:a4:0f:9b:2f:6b:8d:49:09:78:
da:fa:52:48:4f:bb:83:fb:38:3c:15:3f:b4:9e:0e:1f:94:ae:
d1:53:03:e1:be:74:b9:a0:cb:4a:e5:56:cc:aa:17:29:ee:33:
4f:85:8c:43
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZ0CxJDzNzPxBEP7hLXTKvbbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTFmNDcxMzAyNDgwNGM0NDU0MDNhZjYzZmE2NDRiMmE5
MzVkMjQwHhcNMjYwMzE4MjEwNTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDM3ZWZiMGFlNjE3NzRmYzY1MTIzYmIzMTI2YWMzMmNlMTY3YTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHlP9ivHggc+rxMVIZOwjdDbbGp/
FQ+64B28BhYhRjZKk9gMrbEi6Liw4uOKwXJU/ONuVlqQxU3xmeOSOiDlbnE/vmBG
1cHwyXt/g7Hl03dg4SDiK7QSFoTHf5Oi0PHopHLBQbWypZDs0tWkKCnN9FUEzZOA
3SP7lUShXQdQR7/oKGE8IHRPXMiQeM/D2daKA2Jbptz570gpleQeBunSqY+6OQ/a
9/pOhH86KUJ7/OLuOcuI2aOPR5UAT+BlkCmhnucgCUm/hNwPjV+B/3fI0qstm4oO
auUqPh1mLNHANU/v35m/eJ4cJFTHnW09gkO/l69dzG/CYnyTFYogiFac+wIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFE0377CuYXdPxlEjuzEmrDLOFnoiMB8GA1UdIwQY
MBaAFKyh9HEwJIBMRFQDr2P6ZEsqk10kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktIMGNUQWtnRXhFVkFPdllfcGtTeXFUWFNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9jNmQ2YmUtYmY0YS00M2U1LWE5MDgt
NWNhMDE2YTEwMDU0LzEvVFRmdnNLNWhkMF9HVVNPN01TYXNNczRXZWlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9jNmQ2YmUtYmY0YS00M2U1LWE5MDgtNWNhMDE2YTEwMDU0
LzEvcktIMGNUQWtnRXhFVkFPdllfcGtTeXFUWFNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQDT2KoAwQC
uSDoAwQCuSz0AwQCuS10AwQCuS8UAwQCuTJcAwQCueHcAwQCufBwAwQAwrTbAwQF
2U2AMBQEAgACMA4DBQAgAQnAAwUDKgDGYDANBgkqhkiG9w0BAQsFAAOCAQEAO0Eg
BBaEVJjmRy9ZnLHs2AyFo7rlWJiWMK6SITPA8RDWHZodVdS1Ff99kKWodhYJFJU6
JTscLImljonhfzmyQyWLSR7XJ70q+fAkOGnXc5ozcQHXGJU1DqnwLTeq69V8zvLh
yc4QGXlqs6JXJ8c6a405XQhm7bVBfwLQEvI08T2/lg40c7UBmmldX322Fd6Y71xI
T4sujGDXG4kErEUli3NuVfbP5b96ZJrsw3nP+jdm2Sy3Y2dMlNyInOOes6E3GrH9
iclmzpcN5BeHvZktpA+bL2uNSQl42vpSSE+7g/s4PBU/tJ4OH5Su0VMD4b50uaDL
SuVWzKoXKe4zT4WMQw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:19:04 2026 by rpki-client