Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/9R90z_RXFkZAiwMA8btLrqNKc5k.roa
File: 9R90z_RXFkZAiwMA8btLrqNKc5k.roa (raw, json)
Hash identifier: qB3OSrsx3CWWt5hbnFdtOpLb0xWqshoihPM7A2OR0ZI=
Subject key identifier: F5:1F:74:CF:F4:57:16:46:40:8B:03:00:F1:BB:4B:AE:A3:4A:73:99
Certificate issuer: /CN=ea46963cc479dadbe3c52234ab9fabaa8122d25b
Certificate serial: 019CE03EB1E72CC6D966BEDECA5F3D959A22
Authority key identifier: EA:46:96:3C:C4:79:DA:DB:E3:C5:22:34:AB:9F:AB:AA:81:22:D2:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6kaWPMR52tvjxSI0q5-rqoEi0ls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/9R90z_RXFkZAiwMA8btLrqNKc5k.roa
Signing time: Thu 12 Mar 2026 04:12:11 +0000
ROA not before: Thu 12 Mar 2026 04:12:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35039
IP address blocks: 139.66.0.0/23 maxlen: 23
139.66.2.0/23 maxlen: 23
139.66.4.0/23 maxlen: 23
139.66.6.0/23 maxlen: 23
139.66.8.0/23 maxlen: 23
139.66.10.0/23 maxlen: 23
139.66.12.0/23 maxlen: 23
139.66.14.0/23 maxlen: 23
139.66.16.0/23 maxlen: 23
139.66.18.0/23 maxlen: 23
139.66.20.0/23 maxlen: 23
139.66.26.0/23 maxlen: 23
139.66.28.0/23 maxlen: 23
139.66.30.0/23 maxlen: 23
139.66.32.0/23 maxlen: 23
139.66.34.0/23 maxlen: 23
139.66.36.0/23 maxlen: 23
139.66.38.0/23 maxlen: 23
139.66.40.0/23 maxlen: 23
139.66.42.0/23 maxlen: 23
139.66.44.0/23 maxlen: 23
139.66.46.0/23 maxlen: 23
139.66.122.0/23 maxlen: 23
139.66.124.0/23 maxlen: 23
139.66.126.0/23 maxlen: 23
155.56.128.0/23 maxlen: 23
155.56.210.0/24 maxlen: 24
155.56.227.0/24 maxlen: 24
155.56.228.0/23 maxlen: 23
155.56.248.0/24 maxlen: 24
217.77.240.0/22 maxlen: 22
217.77.244.0/22 maxlen: 22
217.77.252.0/24 maxlen: 24
217.77.253.0/24 maxlen: 24
217.77.254.0/24 maxlen: 24
217.77.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/6kaWPMR52tvjxSI0q5-rqoEi0ls.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/6kaWPMR52tvjxSI0q5-rqoEi0ls.mft
rsync://rpki.ripe.net/repository/DEFAULT/6kaWPMR52tvjxSI0q5-rqoEi0ls.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e0:3e:b1:e7:2c:c6:d9:66:be:de:ca:5f:3d:95:9a:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea46963cc479dadbe3c52234ab9fabaa8122d25b
Validity
Not Before: Mar 12 04:12:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f51f74cff4571646408b0300f1bb4baea34a7399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:16:cc:8e:17:0c:3c:33:b9:24:60:7e:96:c2:
10:38:e3:cf:8e:97:e2:17:c1:0c:02:f0:c0:c1:1f:
33:ca:64:8d:d0:bb:68:28:0b:8c:36:9c:3e:a9:d1:
34:5e:2d:53:36:d6:36:5c:c1:2e:21:4c:91:54:51:
e8:79:f4:11:0b:ec:c7:20:f6:5d:88:c6:87:fe:89:
56:7e:ca:dc:a1:4b:e2:e7:99:3e:0e:a3:40:61:dd:
29:da:92:03:d0:35:f8:5e:ed:01:e2:3a:0f:30:f4:
27:11:9b:e9:9a:31:68:23:95:b6:2d:ea:59:cb:a8:
38:84:08:a7:29:bb:8b:23:7e:6e:c8:1c:5b:10:bc:
eb:7b:96:27:71:fd:5e:47:47:53:d7:69:5a:a8:9c:
21:3d:96:ee:3d:c4:71:4f:5f:4e:fc:ab:0a:75:79:
b7:b7:93:82:64:0e:33:e3:6c:68:ad:14:7b:6c:0a:
00:1f:58:28:11:5c:22:9c:23:6d:79:08:f1:6d:a5:
ee:cb:d2:eb:4f:c5:75:ab:e4:11:6c:5c:0f:10:84:
b3:70:af:33:ea:05:02:33:d2:1f:76:36:44:5c:a3:
a2:da:75:f3:54:fc:43:f1:84:38:44:0e:f7:17:82:
3e:1a:ad:5b:35:a4:d9:1c:68:0e:e4:27:29:f8:4f:
e3:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:1F:74:CF:F4:57:16:46:40:8B:03:00:F1:BB:4B:AE:A3:4A:73:99
X509v3 Authority Key Identifier:
keyid:EA:46:96:3C:C4:79:DA:DB:E3:C5:22:34:AB:9F:AB:AA:81:22:D2:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6kaWPMR52tvjxSI0q5-rqoEi0ls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/9R90z_RXFkZAiwMA8btLrqNKc5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/6kaWPMR52tvjxSI0q5-rqoEi0ls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.66.0.0-139.66.21.255
139.66.26.0-139.66.47.255
139.66.122.0-139.66.127.255
155.56.128.0/23
155.56.210.0/24
155.56.227.0-155.56.229.255
155.56.248.0/24
217.77.240.0/21
217.77.252.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:4b:98:b8:26:b5:6e:97:16:cd:a9:21:68:ec:e9:bc:af:6a:
ff:d4:0c:71:52:92:d3:5e:d0:70:eb:24:f1:22:12:51:7c:13:
e8:a0:05:f0:ba:7b:7a:7a:d3:ce:b3:de:19:f6:df:5e:df:65:
f1:a8:9f:2b:26:42:4c:2f:f8:88:6e:cc:e5:90:f9:34:55:e2:
eb:ae:54:b2:b3:49:55:cc:01:e1:fb:bb:dd:2d:b7:ec:91:10:
23:38:2b:b5:71:76:4e:6f:42:95:cc:23:09:28:60:04:6b:78:
6a:d7:bf:70:0b:8c:d6:24:dc:14:c3:46:8d:1a:6b:03:54:f8:
20:e8:2a:db:46:be:70:93:fe:34:9b:e0:90:0b:df:6a:ad:3f:
c8:36:a9:9c:18:d8:38:5d:2c:f5:fb:5d:29:04:42:18:4f:42:
b3:8b:b2:e8:5d:d6:75:24:9e:37:ed:99:03:ba:d0:9c:6d:dd:
e8:58:3a:95:42:2b:20:0d:89:19:89:a7:45:82:61:a4:ae:a6:
b9:8a:81:e7:12:42:84:40:be:b8:15:20:4a:57:99:5f:9f:f3:
04:42:01:63:11:a2:51:c1:70:0d:86:28:0d:63:e5:d1:89:5c:
13:03:a1:b5:9b:31:e9:b6:bc:01:11:e9:af:da:9b:02:e0:00:
53:8a:54:93
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAZzgPrHnLMbZZr7eyl89lZoiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhNDY5NjNjYzQ3OWRhZGJlM2M1MjIzNGFiOWZhYmFhODEy
MmQyNWIwHhcNMjYwMzEyMDQxMjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTFmNzRjZmY0NTcxNjQ2NDA4YjAzMDBmMWJiNGJhZWEzNGE3Mzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8hbMjhcMPDO5JGB+lsIQOOPPjpfi
F8EMAvDAwR8zymSN0LtoKAuMNpw+qdE0Xi1TNtY2XMEuIUyRVFHoefQRC+zHIPZd
iMaH/olWfsrcoUvi55k+DqNAYd0p2pID0DX4Xu0B4joPMPQnEZvpmjFoI5W2LepZ
y6g4hAinKbuLI35uyBxbELzre5Yncf1eR0dT12laqJwhPZbuPcRxT19O/KsKdXm3
t5OCZA4z42xorRR7bAoAH1goEVwinCNteQjxbaXuy9LrT8V1q+QRbFwPEISzcK8z
6gUCM9IfdjZEXKOi2nXzVPxD8YQ4RA73F4I+Gq1bNaTZHGgO5Ccp+E/j3QIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFPUfdM/0VxZGQIsDAPG7S66jSnOZMB8GA1UdIwQY
MBaAFOpGljzEedrb48UiNKufq6qBItJbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmthV1BNUjUydHZqeFNJMHE1LXJxb0VpMGxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9lODYyZGUtYzQ2Yy00ZjIxLWIzOGUt
ZWI1YmM3ZDk3YWEwLzEvOVI5MHpfUlhGa1pBaXdNQThidExycU5LYzVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9lODYyZGUtYzQ2Yy00ZjIxLWIzOGUtZWI1YmM3ZDk3YWEw
LzEvNmthV1BNUjUydHZqeFNJMHE1LXJxb0VpMGxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBbBAIAATBVMAsDAwGLQgME
AYtCFDAMAwQBi0IaAwQEi0IgMAwDBAGLQnoDBAeLQgADBAGbOIADBACbONIwDAME
AJs44wMEAZs45AMEAJs4+AMEA9lN8AMEAtlN/DANBgkqhkiG9w0BAQsFAAOCAQEA
DEuYuCa1bpcWzakhaOzpvK9q/9QMcVKS017QcOsk8SISUXwT6KAF8Lp7enrTzrPe
GfbfXt9l8aifKyZCTC/4iG7M5ZD5NFXi665UsrNJVcwB4fu73S237JEQIzgrtXF2
Tm9ClcwjCShgBGt4ate/cAuM1iTcFMNGjRprA1T4IOgq20a+cJP+NJvgkAvfaq0/
yDapnBjYOF0s9ftdKQRCGE9Cs4uy6F3WdSSeN+2ZA7rQnG3d6Fg6lUIrIA2JGYmn
RYJhpK6muYqB5xJChEC+uBUgSleZX5/zBEIBYxGiUcFwDYYoDWPl0YlcEwOhtZsx
6ba8ARHpr9qbAuAAU4pUkw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:02:45 2026 by rpki-client