Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/moqlfmKaE2Btn3qkc70wanITJss.roa
File: moqlfmKaE2Btn3qkc70wanITJss.roa (raw, json)
Hash identifier: b78qrODXBzetBQGVOPaslkoF1rHcqGwC5Req+zJKsno=
Subject key identifier: 9A:8A:A5:7E:62:9A:13:60:6D:9F:7A:A4:73:BD:30:6A:72:13:26:CB
Certificate issuer: /CN=66ba8d64e901b39b501ed3693ec27430713886e3
Certificate serial: 019E1160CBF47070A13D5CAFD0AAB8366278
Authority key identifier: 66:BA:8D:64:E9:01:B3:9B:50:1E:D3:69:3E:C2:74:30:71:38:86:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/moqlfmKaE2Btn3qkc70wanITJss.roa
Signing time: Sun 10 May 2026 10:13:36 +0000
ROA not before: Sun 10 May 2026 10:13:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210861
IP address blocks: 93.190.126.0/24 maxlen: 24
2a11:7980::/40 maxlen: 40
2a11:7980:ff::/48 maxlen: 48
2a11:7980:f001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:11:60:cb:f4:70:70:a1:3d:5c:af:d0:aa:b8:36:62:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ba8d64e901b39b501ed3693ec27430713886e3
Validity
Not Before: May 10 10:13:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9a8aa57e629a13606d9f7aa473bd306a721326cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fb:8f:cd:32:57:21:ba:2e:d4:29:52:86:51:
78:4f:17:d5:19:ed:05:57:16:cb:46:dd:1a:f5:00:
e0:b8:22:4d:da:63:c4:6b:60:8f:db:72:c1:f1:54:
41:68:51:34:c8:2e:9b:f5:da:ff:b4:12:e7:d2:2b:
cc:34:1a:da:d3:1c:46:c8:e2:c9:ae:3a:ca:6d:8d:
4f:9b:ba:94:c1:92:6b:da:29:ff:9d:fb:b9:46:2f:
40:36:85:32:82:cc:81:a9:76:5b:e6:46:e8:b7:a4:
7b:ef:c0:fe:91:ff:a6:e4:47:39:d5:80:53:b1:55:
b9:c1:76:91:46:32:b8:c5:72:c6:65:00:cb:bb:07:
f1:4a:95:00:10:c2:32:7e:3b:0d:b4:bb:f5:55:f4:
23:d3:bf:30:64:4f:e1:59:13:be:00:8f:4d:de:c8:
52:46:84:51:57:b7:ef:5d:42:57:0c:f0:9e:b5:1b:
2e:27:af:73:7b:ce:9c:89:dc:ad:03:31:7e:ef:8b:
15:3c:88:82:61:47:69:1c:b2:29:5d:6c:43:d1:4f:
b3:77:19:89:d5:30:e2:7a:9d:32:ff:60:a2:66:33:
96:f9:1b:1d:77:2d:85:4e:1a:49:e7:52:80:77:63:
33:b8:41:a0:11:c7:b3:0f:11:85:41:c1:45:7d:fa:
0c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:8A:A5:7E:62:9A:13:60:6D:9F:7A:A4:73:BD:30:6A:72:13:26:CB
X509v3 Authority Key Identifier:
keyid:66:BA:8D:64:E9:01:B3:9B:50:1E:D3:69:3E:C2:74:30:71:38:86:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/moqlfmKaE2Btn3qkc70wanITJss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.126.0/24
IPv6:
2a11:7980::/40
2a11:7980:f001::/48
Signature Algorithm: sha256WithRSAEncryption
57:97:a6:6f:d4:4f:74:79:03:cd:c3:e0:b8:9c:4b:f0:3d:c5:
ec:f2:0f:85:8f:fa:ce:aa:f2:bf:65:b3:28:17:95:90:01:c6:
54:cc:44:c1:6d:70:dc:bd:dc:d5:d7:a9:e2:65:4a:1c:84:5a:
13:a0:e3:92:9b:6c:5b:4f:07:49:ea:bf:7d:46:da:11:dd:97:
e9:50:23:e3:e7:9e:59:13:c7:70:52:d0:ec:01:8e:32:5b:a8:
bf:ec:19:fb:7e:de:00:64:1b:8c:a2:bf:e8:ed:20:15:56:26:
a9:65:a1:16:9f:48:5d:95:11:27:6a:1a:72:10:ad:92:74:65:
ca:be:de:4d:29:13:55:82:3b:c1:ec:a5:cb:54:9a:ee:b8:d3:
56:51:3e:a0:e6:2a:71:25:cc:46:a8:81:dd:48:f0:36:4b:8e:
86:c9:6f:52:d7:33:aa:58:f8:91:4c:4a:b8:db:0c:cf:5c:45:
3a:ba:f1:a9:1a:92:9f:06:13:a9:1a:aa:49:3f:ea:f0:ac:51:
3b:e6:36:d1:1e:2f:64:bb:77:bd:db:77:b4:92:39:2a:e7:d3:
3d:15:59:a4:a6:48:b3:2d:5f:97:0d:e5:d7:aa:dd:f5:05:14:
5b:d6:dc:8a:5b:48:e2:af:3b:59:46:9f:ab:a6:ec:c8:e0:7d:
80:41:fb:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4RYMv0cHChPVyv0Kq4NmJ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2YmE4ZDY0ZTkwMWIzOWI1MDFlZDM2OTNlYzI3NDMwNzEz
ODg2ZTMwHhcNMjYwNTEwMTAxMzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YThhYTU3ZTYyOWExMzYwNmQ5ZjdhYTQ3M2JkMzA2YTcyMTMyNmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfuPzTJXIbou1ClShlF4TxfVGe0F
VxbLRt0a9QDguCJN2mPEa2CP23LB8VRBaFE0yC6b9dr/tBLn0ivMNBra0xxGyOLJ
rjrKbY1Pm7qUwZJr2in/nfu5Ri9ANoUygsyBqXZb5kbot6R778D+kf+m5Ec51YBT
sVW5wXaRRjK4xXLGZQDLuwfxSpUAEMIyfjsNtLv1VfQj078wZE/hWRO+AI9N3shS
RoRRV7fvXUJXDPCetRsuJ69ze86cidytAzF+74sVPIiCYUdpHLIpXWxD0U+zdxmJ
1TDiep0y/2CiZjOW+Rsddy2FThpJ51KAd2MzuEGgEcezDxGFQcFFffoMIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJqKpX5imhNgbZ96pHO9MGpyEybLMB8GA1UdIwQY
MBaAFGa6jWTpAbObUB7TaT7CdDBxOIbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnJxTlpPa0JzNXRRSHROcFBzSjBNSEU0aHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9hYTdlNTMtNDkwZi00MTc3LThiMTEt
MGIzZTdlYmU0YWMyLzEvbW9xbGZtS2FFMkJ0bjNxa2M3MHdhbklUSnNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9hYTdlNTMtNDkwZi00MTc3LThiMTEtMGIzZTdlYmU0YWMy
LzEvWnJxTlpPa0JzNXRRSHROcFBzSjBNSEU0aHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQAXb5+MBcE
AgACMBEDBgAqEXmAAAMHACoReYDwATANBgkqhkiG9w0BAQsFAAOCAQEAV5emb9RP
dHkDzcPguJxL8D3F7PIPhY/6zqryv2WzKBeVkAHGVMxEwW1w3L3c1dep4mVKHIRa
E6DjkptsW08HSeq/fUbaEd2X6VAj4+eeWRPHcFLQ7AGOMluov+wZ+37eAGQbjKK/
6O0gFVYmqWWhFp9IXZURJ2oachCtknRlyr7eTSkTVYI7weyly1Sa7rjTVlE+oOYq
cSXMRqiB3UjwNkuOhslvUtczqlj4kUxKuNsMz1xFOrrxqRqSnwYTqRqqST/q8KxR
O+Y20R4vZLt3vdt3tJI5KufTPRVZpKZIsy1flw3l16rd9QUUW9bciltI4q87WUaf
q6bsyOB9gEH76w==
-----END CERTIFICATE-----
Generated at Tue May 12 21:38:48 2026 by rpki-client