Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/xjNLjU3b2WsIHiu-UnAiZx4zW0A.roa
File: xjNLjU3b2WsIHiu-UnAiZx4zW0A.roa (raw, json)
Hash identifier: 3AhW2nrmM5OnTh+BBjpHS3tXRibur6Y4nLYhWncigUQ=
Subject key identifier: C6:33:4B:8D:4D:DB:D9:6B:08:1E:2B:BE:52:70:22:67:1E:33:5B:40
Certificate issuer: /CN=8b82433ffe94bf3536fec327543d396158202072
Certificate serial: 019CF6510E9ED55EBC87AEE86765AF7529A1
Authority key identifier: 8B:82:43:3F:FE:94:BF:35:36:FE:C3:27:54:3D:39:61:58:20:20:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i4JDP_6UvzU2_sMnVD05YVggIHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/xjNLjU3b2WsIHiu-UnAiZx4zW0A.roa
Signing time: Mon 16 Mar 2026 11:03:53 +0000
ROA not before: Mon 16 Mar 2026 11:03:53 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9123
IP address blocks: 83.217.200.0/24 maxlen: 32
83.217.201.0/24 maxlen: 32
83.217.220.0/24 maxlen: 32
83.217.221.0/24 maxlen: 32
83.217.223.0/24 maxlen: 32
85.198.80.0/24 maxlen: 32
85.198.81.0/24 maxlen: 32
85.198.82.0/24 maxlen: 32
85.198.83.0/24 maxlen: 32
89.169.0.0/24 maxlen: 32
89.169.1.0/24 maxlen: 32
89.169.2.0/24 maxlen: 32
89.169.3.0/24 maxlen: 32
89.169.44.0/24 maxlen: 32
89.169.45.0/24 maxlen: 32
89.169.46.0/24 maxlen: 32
89.169.47.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/i4JDP_6UvzU2_sMnVD05YVggIHI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/i4JDP_6UvzU2_sMnVD05YVggIHI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i4JDP_6UvzU2_sMnVD05YVggIHI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f6:51:0e:9e:d5:5e:bc:87:ae:e8:67:65:af:75:29:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b82433ffe94bf3536fec327543d396158202072
Validity
Not Before: Mar 16 11:03:53 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c6334b8d4ddbd96b081e2bbe527022671e335b40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:39:7d:10:af:35:3e:b7:85:61:a2:d9:13:33:
a3:6c:67:c7:b8:04:d3:f9:a7:2c:66:6b:4c:43:b5:
bf:6b:7c:1f:c6:b3:7e:93:2f:e0:5b:e1:a7:be:2f:
71:ae:46:da:38:af:6f:8b:08:39:7b:32:b2:b4:b4:
62:6e:21:a9:9b:bf:52:36:4a:53:74:30:34:29:6b:
3d:60:73:10:e0:cf:87:4c:e6:2c:b7:7a:0b:30:23:
c0:17:d3:11:b1:58:e4:ed:1b:e7:0f:92:86:bf:33:
ca:06:fe:b0:f6:bf:e7:ef:6a:32:c0:3e:21:55:cd:
76:14:8d:db:23:19:da:39:b7:d7:c7:56:7a:ca:b4:
4d:f7:1d:5c:72:e1:48:9c:03:85:22:c0:3a:83:26:
b0:4a:23:2f:d1:99:91:5d:2f:aa:d7:6c:66:93:12:
3a:56:56:1d:91:40:c1:39:08:c1:43:0d:7b:ee:0e:
46:83:b6:ea:cb:3b:4e:88:65:a4:f6:82:fd:0a:a0:
38:f1:56:00:4b:3c:5f:06:02:36:e2:9a:6e:80:38:
83:64:30:c8:81:8c:3d:4a:7d:50:2c:d1:82:23:12:
4f:64:f8:88:9b:61:ca:8e:e3:30:09:5f:87:95:fb:
25:6c:eb:ad:9f:8b:ab:fc:69:70:16:37:db:10:6c:
e7:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:33:4B:8D:4D:DB:D9:6B:08:1E:2B:BE:52:70:22:67:1E:33:5B:40
X509v3 Authority Key Identifier:
keyid:8B:82:43:3F:FE:94:BF:35:36:FE:C3:27:54:3D:39:61:58:20:20:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i4JDP_6UvzU2_sMnVD05YVggIHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/xjNLjU3b2WsIHiu-UnAiZx4zW0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/i4JDP_6UvzU2_sMnVD05YVggIHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.217.200.0/23
83.217.220.0/23
83.217.223.0/24
85.198.80.0/22
89.169.0.0/22
89.169.44.0/22
Signature Algorithm: sha256WithRSAEncryption
72:f7:1e:d2:d6:ab:89:2f:a8:77:6d:90:72:5b:2b:87:b5:6e:
83:09:5c:80:a9:ed:94:5e:13:46:52:fc:24:c3:5f:fd:b1:bb:
60:da:21:3c:a3:1e:66:19:74:7c:f4:fb:74:56:db:cb:08:76:
67:c9:67:7d:89:26:14:f5:93:42:d1:8f:cf:13:d7:64:94:73:
e2:65:07:ea:f7:79:e9:92:59:8d:c8:6a:1d:95:ce:e0:a7:12:
43:92:71:8a:62:62:bd:f6:1c:f5:c1:7b:a4:0d:70:f3:0c:42:
e1:3b:d9:cd:18:61:e1:57:cf:cc:25:d7:f1:f3:b2:73:9a:35:
7c:54:27:ab:92:c5:77:14:70:4b:c7:07:46:83:6a:a9:e9:5c:
3e:09:a7:ff:ae:23:7b:35:b6:fa:c4:ca:a7:3e:3f:b9:e9:a5:
c1:6c:ab:05:03:dd:ef:cc:76:9a:c3:ca:60:18:78:6b:f0:74:
d0:0a:92:e9:43:7a:53:71:81:83:1c:aa:23:08:68:e0:6f:c0:
aa:08:21:23:5a:a6:69:35:2f:14:0f:69:1e:48:df:f0:f8:f9:
6e:b5:c7:a3:ce:c4:2a:5d:cd:cd:a9:4f:6b:b0:7d:79:55:a0:
42:b1:8d:c7:a7:31:2b:22:0b:64:8f:fc:b8:9c:80:a7:1c:23:
7d:1b:fa:c8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZz2UQ6e1V68h67oZ2WvdSmhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiODI0MzNmZmU5NGJmMzUzNmZlYzMyNzU0M2QzOTYxNTgy
MDIwNzIwHhcNMjYwMzE2MTEwMzUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjMzNGI4ZDRkZGJkOTZiMDgxZTJiYmU1MjcwMjI2NzFlMzM1YjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzl9EK81PreFYaLZEzOjbGfHuATT
+acsZmtMQ7W/a3wfxrN+ky/gW+Gnvi9xrkbaOK9viwg5ezKytLRibiGpm79SNkpT
dDA0KWs9YHMQ4M+HTOYst3oLMCPAF9MRsVjk7RvnD5KGvzPKBv6w9r/n72oywD4h
Vc12FI3bIxnaObfXx1Z6yrRN9x1ccuFInAOFIsA6gyawSiMv0ZmRXS+q12xmkxI6
VlYdkUDBOQjBQw177g5Gg7bqyztOiGWk9oL9CqA48VYASzxfBgI24ppugDiDZDDI
gYw9Sn1QLNGCIxJPZPiIm2HKjuMwCV+HlfslbOutn4ur/GlwFjfbEGzn9QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMYzS41N29lrCB4rvlJwImceM1tAMB8GA1UdIwQY
MBaAFIuCQz/+lL81Nv7DJ1Q9OWFYICByMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTRKRFBfNlV2elUyX3NNblZEMDVZVmdnSUhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9mNTU5M2QtNjg5Yy00ZGZlLThkOTYt
MmRkNzg5MGRjNjg5LzEveGpOTGpVM2IyV3NJSGl1LVVuQWlaeDR6VzBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9mNTU5M2QtNjg5Yy00ZGZlLThkOTYtMmRkNzg5MGRjNjg5
LzEvaTRKRFBfNlV2elUyX3NNblZEMDVZVmdnSUhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBU9nIAwQB
U9ncAwQAU9nfAwQCVcZQAwQCWakAAwQCWaksMA0GCSqGSIb3DQEBCwUAA4IBAQBy
9x7S1quJL6h3bZByWyuHtW6DCVyAqe2UXhNGUvwkw1/9sbtg2iE8ox5mGXR89Pt0
VtvLCHZnyWd9iSYU9ZNC0Y/PE9dklHPiZQfq93npklmNyGodlc7gpxJDknGKYmK9
9hz1wXukDXDzDELhO9nNGGHhV8/MJdfx87JzmjV8VCerksV3FHBLxwdGg2qp6Vw+
Caf/riN7Nbb6xMqnPj+56aXBbKsFA93vzHaaw8pgGHhr8HTQCpLpQ3pTcYGDHKoj
CGjgb8CqCCEjWqZpNS8UD2keSN/w+PlutcejzsQqXc3NqU9rsH15VaBCsY3HpzEr
Igtkj/y4nICnHCN9G/rI
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:05:20 2026 by rpki-client