Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/bzz9cqvlq5e-a-pAz9xvt6XBZ9g.roa
File: bzz9cqvlq5e-a-pAz9xvt6XBZ9g.roa (raw, json)
Hash identifier: vDlJK8ivQ4lnL3A4IV2rBMPVupODouvr4DU0qeHgnjs=
Subject key identifier: 6F:3C:FD:72:AB:E5:AB:97:BE:6B:EA:40:CF:DC:6F:B7:A5:C1:67:D8
Certificate issuer: /CN=0ae4bc9401d9f87772c8c9c69834077512f42611
Certificate serial: 019D1B72C20783BC36C00D8836A2156D0DD6
Authority key identifier: 0A:E4:BC:94:01:D9:F8:77:72:C8:C9:C6:98:34:07:75:12:F4:26:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/bzz9cqvlq5e-a-pAz9xvt6XBZ9g.roa
Signing time: Mon 23 Mar 2026 16:06:38 +0000
ROA not before: Mon 23 Mar 2026 16:06:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49791
IP address blocks: 81.85.73.0/24 maxlen: 24
185.5.74.0/24 maxlen: 24
185.9.27.0/24 maxlen: 24
185.28.175.0/24 maxlen: 24
213.155.13.0/24 maxlen: 24
213.155.29.0/24 maxlen: 24
217.177.35.0/24 maxlen: 24
217.179.50.0/24 maxlen: 24
217.179.51.0/24 maxlen: 24
2a11:2cc0:12::/47 maxlen: 47
2a11:2cc0:14::/47 maxlen: 47
2a11:2cc0:16::/47 maxlen: 47
2a11:2cc0:18::/47 maxlen: 47
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.mft
rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 20:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1b:72:c2:07:83:bc:36:c0:0d:88:36:a2:15:6d:0d:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ae4bc9401d9f87772c8c9c69834077512f42611
Validity
Not Before: Mar 23 16:06:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6f3cfd72abe5ab97be6bea40cfdc6fb7a5c167d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9e:48:0f:0c:f6:d4:5f:77:e6:fd:ed:d6:4b:
bc:65:8c:68:0f:8a:f4:b3:2b:65:fa:37:6a:0b:a1:
a5:0d:a4:26:1a:2c:19:2a:b4:3c:9e:48:6c:0d:48:
7c:fe:29:37:d0:b1:02:0a:18:40:e0:59:24:56:18:
d4:c0:f4:39:a8:74:80:37:91:02:bd:a1:a6:47:a7:
34:ef:0c:c3:de:5f:6b:ce:28:ce:a1:12:3f:d6:9c:
bf:47:07:cb:66:90:35:14:b3:51:64:f2:f1:9c:a5:
32:47:37:30:89:e0:1a:b0:98:e9:23:3b:20:ce:ea:
88:ac:b0:68:ac:bf:3e:b8:a4:82:7d:b0:1f:a3:02:
f9:0a:36:17:d7:cc:64:8a:4a:f7:54:13:08:51:38:
a1:dc:2a:18:17:d9:2e:18:45:ab:20:c7:e3:ab:f6:
fb:c6:ce:32:a6:a0:bf:b5:cb:1d:0d:09:95:57:e3:
cb:cd:c9:55:94:fc:23:65:f6:13:f4:c4:75:fa:37:
30:26:ff:90:62:a7:a4:2d:11:08:59:a3:6c:c2:77:
2f:64:24:c1:2b:1b:15:b9:50:e7:fd:b6:67:40:01:
03:4a:c1:bb:25:7a:fb:0e:f9:b2:25:d0:99:61:8c:
fb:ce:a7:cf:31:da:fe:a5:17:c7:a9:c2:5a:bc:b7:
97:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:3C:FD:72:AB:E5:AB:97:BE:6B:EA:40:CF:DC:6F:B7:A5:C1:67:D8
X509v3 Authority Key Identifier:
keyid:0A:E4:BC:94:01:D9:F8:77:72:C8:C9:C6:98:34:07:75:12:F4:26:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/bzz9cqvlq5e-a-pAz9xvt6XBZ9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.85.73.0/24
185.5.74.0/24
185.9.27.0/24
185.28.175.0/24
213.155.13.0/24
213.155.29.0/24
217.177.35.0/24
217.179.50.0/23
IPv6:
2a11:2cc0:12::-2a11:2cc0:19:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
85:ff:1b:20:6f:b8:0a:9d:1e:bd:18:88:3b:62:8d:b6:ae:dc:
12:08:85:c0:dc:20:e2:63:aa:a6:d2:55:32:0f:0f:06:db:4b:
39:4f:0b:18:d0:e6:db:aa:5d:33:cd:c2:34:af:8a:29:42:b3:
f6:b1:55:1c:47:ff:b8:87:88:fd:71:e4:e6:21:c2:22:06:e2:
83:5e:ab:46:08:87:7c:c7:11:d1:98:e7:c8:4e:3d:2a:b0:ce:
c7:91:f8:f6:5d:1e:c4:8d:1c:d8:60:2e:57:38:87:80:ee:24:
f7:13:43:fc:77:1a:a3:ba:bf:68:78:e8:eb:57:46:bd:23:e3:
f4:c2:37:5d:17:26:b7:50:f6:d9:03:ba:22:c0:35:e1:ae:3d:
f0:72:fa:49:20:a7:4a:65:48:36:ce:ec:64:1c:4c:97:cd:4b:
86:9a:47:46:0b:69:3e:3b:f7:73:39:6d:4e:6a:cc:54:28:88:
e4:d9:49:7d:3f:3f:92:66:10:70:22:21:1b:ae:ae:12:7d:eb:
62:1c:41:ff:0d:26:9a:cc:fd:7f:b0:be:3f:a4:1e:de:da:14:
e4:13:35:3c:59:78:cc:a2:1d:3f:36:97:ea:1a:1f:c7:c7:1a:
45:12:0c:43:96:ff:64:43:e4:cb:51:77:19:51:20:1c:f0:84:
42:ee:0b:b8
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZ0bcsIHg7w2wA2INqIVbQ3WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZTRiYzk0MDFkOWY4Nzc3MmM4YzljNjk4MzQwNzc1MTJm
NDI2MTEwHhcNMjYwMzIzMTYwNjM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjNjZmQ3MmFiZTVhYjk3YmU2YmVhNDBjZmRjNmZiN2E1YzE2N2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt55IDwz21F935v3t1ku8ZYxoD4r0
sytl+jdqC6GlDaQmGiwZKrQ8nkhsDUh8/ik30LECChhA4FkkVhjUwPQ5qHSAN5EC
vaGmR6c07wzD3l9rzijOoRI/1py/RwfLZpA1FLNRZPLxnKUyRzcwieAasJjpIzsg
zuqIrLBorL8+uKSCfbAfowL5CjYX18xkikr3VBMIUTih3CoYF9kuGEWrIMfjq/b7
xs4ypqC/tcsdDQmVV+PLzclVlPwjZfYT9MR1+jcwJv+QYqekLREIWaNswncvZCTB
KxsVuVDn/bZnQAEDSsG7JXr7DvmyJdCZYYz7zqfPMdr+pRfHqcJavLeX2QIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFG88/XKr5auXvmvqQM/cb7elwWfYMB8GA1UdIwQY
MBaAFArkvJQB2fh3csjJxpg0B3US9CYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3VTOGxBSFotSGR5eU1uR21EUUhkUkwwSmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9hNDA3YTAtOGJjMS00NDE2LTk0Mzct
MjQyNDY2ODJiZjAwLzEvYnp6OWNxdmxxNWUtYS1wQXo5eHZ0NlhCWjlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9hNDA3YTAtOGJjMS00NDE2LTk0MzctMjQyNDY2ODJiZjAw
LzEvQ3VTOGxBSFotSGR5eU1uR21EUUhkUkwwSmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA2BAIAATAwAwQAUVVJAwQA
uQVKAwQAuQkbAwQAuRyvAwQA1ZsNAwQA1ZsdAwQA2bEjAwQB2bMyMBoEAgACMBQw
EgMHASoRLMAAEgMHASoRLMAAGDANBgkqhkiG9w0BAQsFAAOCAQEAhf8bIG+4Cp0e
vRiIO2KNtq7cEgiFwNwg4mOqptJVMg8PBttLOU8LGNDm26pdM83CNK+KKUKz9rFV
HEf/uIeI/XHk5iHCIgbig16rRgiHfMcR0ZjnyE49KrDOx5H49l0exI0c2GAuVziH
gO4k9xND/Hcao7q/aHjo61dGvSPj9MI3XRcmt1D22QO6IsA14a498HL6SSCnSmVI
Ns7sZBxMl81LhppHRgtpPjv3czltTmrMVCiI5NlJfT8/kmYQcCIhG66uEn3rYhxB
/w0mmsz9f7C+P6Qe3toU5BM1PFl4zKIdPzaX6hofx8caRRIMQ5b/ZEPky1F3GVEg
HPCEQu4LuA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:02:50 2026 by rpki-client