Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/5cae26-45b5-4fd8-9de5-4b44083d6122/1/y9EmBnlrUJ5TJDgeHtlan8Tczq4.roa
File: y9EmBnlrUJ5TJDgeHtlan8Tczq4.roa (raw, json)
Hash identifier: 2erRWv6redCBPjuOhVB00JAgnjJTYsHMgDSbesnXn8Q=
Subject key identifier: CB:D1:26:06:79:6B:50:9E:53:24:38:1E:1E:D9:5A:9F:C4:DC:CE:AE
Certificate issuer: /CN=2fa7b79445598b42eecbbe828dd894dfaf1dfcaa
Certificate serial: 019D0FCDA9132D7C6205A4D32EFB696E9B0D
Authority key identifier: 2F:A7:B7:94:45:59:8B:42:EE:CB:BE:82:8D:D8:94:DF:AF:1D:FC:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6e3lEVZi0Luy76CjdiU368d_Ko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/5cae26-45b5-4fd8-9de5-4b44083d6122/1/y9EmBnlrUJ5TJDgeHtlan8Tczq4.roa
Signing time: Sat 21 Mar 2026 09:50:29 +0000
ROA not before: Sat 21 Mar 2026 09:50:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 17088
IP address blocks: 91.229.92.0/24 maxlen: 24
185.84.20.0/24 maxlen: 24
185.84.21.0/24 maxlen: 24
185.84.22.0/24 maxlen: 24
185.84.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/5cae26-45b5-4fd8-9de5-4b44083d6122/1/L6e3lEVZi0Luy76CjdiU368d_Ko.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/5cae26-45b5-4fd8-9de5-4b44083d6122/1/L6e3lEVZi0Luy76CjdiU368d_Ko.mft
rsync://rpki.ripe.net/repository/DEFAULT/L6e3lEVZi0Luy76CjdiU368d_Ko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 06:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0f:cd:a9:13:2d:7c:62:05:a4:d3:2e:fb:69:6e:9b:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa7b79445598b42eecbbe828dd894dfaf1dfcaa
Validity
Not Before: Mar 21 09:50:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cbd12606796b509e5324381e1ed95a9fc4dcceae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:2c:6a:24:30:86:20:f9:e3:03:4f:67:89:f8:
ab:9f:d2:cd:bf:ac:ec:0c:3f:3e:f7:f0:3e:63:82:
bc:4e:0b:ad:e1:31:74:c0:ba:83:f4:fe:f7:c7:be:
5e:d9:f6:09:b0:22:7a:cb:60:64:00:aa:63:32:91:
ad:23:25:ff:dd:67:8f:c8:01:a6:4c:76:c3:36:c8:
73:6e:b5:46:a4:76:59:4c:59:60:49:c2:40:24:36:
af:3e:8c:df:07:4a:e3:96:3f:06:bc:01:39:ed:62:
ef:b2:31:40:4e:a0:f5:10:e6:be:a7:df:c8:c4:b3:
8e:2b:3c:69:87:bf:f0:49:2f:3c:a5:e1:16:ef:95:
7f:5b:01:55:7c:04:24:f5:1f:47:db:35:4a:95:ab:
b2:7f:c2:ff:f1:a1:d7:8c:e9:3c:65:1c:fa:f9:b7:
80:a5:76:b1:2d:7c:a1:da:0f:fa:74:62:5b:f2:29:
aa:61:83:26:31:61:20:3a:0a:cc:52:92:ff:ca:fa:
8e:8d:00:d0:c4:33:9e:0b:23:71:76:7e:c5:49:07:
45:37:89:0b:8e:2a:bb:f3:f0:d2:a2:30:35:3d:45:
df:2d:74:90:77:9a:c9:a8:16:f7:1a:7e:04:6b:92:
53:df:ee:ad:ca:8b:9b:c6:08:fe:1d:80:17:0d:85:
df:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:D1:26:06:79:6B:50:9E:53:24:38:1E:1E:D9:5A:9F:C4:DC:CE:AE
X509v3 Authority Key Identifier:
keyid:2F:A7:B7:94:45:59:8B:42:EE:CB:BE:82:8D:D8:94:DF:AF:1D:FC:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6e3lEVZi0Luy76CjdiU368d_Ko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/5cae26-45b5-4fd8-9de5-4b44083d6122/1/y9EmBnlrUJ5TJDgeHtlan8Tczq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/5cae26-45b5-4fd8-9de5-4b44083d6122/1/L6e3lEVZi0Luy76CjdiU368d_Ko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.92.0/24
185.84.20.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:d9:00:48:8c:f3:8a:92:96:1d:a5:cc:31:4f:42:b4:fb:bb:
7f:e9:72:bf:c2:fc:41:cf:20:bf:1a:6d:ec:46:4d:b1:fb:63:
aa:9d:04:28:3e:36:98:19:6e:5f:b7:35:0d:6a:91:f4:c4:8a:
ff:d0:f5:89:de:01:37:b2:71:76:85:5d:a2:f7:3e:4a:52:a9:
ae:3c:b2:79:da:a7:2e:75:58:a7:65:c7:b0:d6:ac:4b:ab:f4:
36:e5:0e:2a:01:9c:e3:45:df:f1:81:96:69:71:e9:55:43:99:
39:4f:68:0a:4d:ee:13:ea:0a:6d:78:99:18:c3:a8:cb:11:9e:
3d:0c:3b:e5:4f:7b:72:5c:d6:8d:4a:20:21:b1:eb:7a:75:3e:
f6:c2:50:8a:b5:86:03:cb:a7:4c:44:04:77:4e:c9:46:06:a2:
e2:4e:80:f9:3d:3f:aa:0a:0b:f0:b5:9e:a1:03:03:fc:57:2e:
a4:13:6e:4e:7d:5f:73:41:70:1f:09:7c:a4:4d:ce:11:ea:ed:
f8:f4:8c:ca:fa:61:98:0d:67:f2:4c:34:eb:04:18:77:27:33:
68:e2:f2:3d:16:c8:c7:96:45:2c:3d:6b:c7:cb:3c:9b:20:50:
08:95:df:31:d2:35:07:5d:3d:60:d6:f8:5d:ce:6a:14:62:c5:
8b:25:0d:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0PzakTLXxiBaTTLvtpbpsNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTdiNzk0NDU1OThiNDJlZWNiYmU4MjhkZDg5NGRmYWYx
ZGZjYWEwHhcNMjYwMzIxMDk1MDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmQxMjYwNjc5NmI1MDllNTMyNDM4MWUxZWQ5NWE5ZmM0ZGNjZWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyxqJDCGIPnjA09nifirn9LNv6zs
DD8+9/A+Y4K8Tgut4TF0wLqD9P73x75e2fYJsCJ6y2BkAKpjMpGtIyX/3WePyAGm
THbDNshzbrVGpHZZTFlgScJAJDavPozfB0rjlj8GvAE57WLvsjFATqD1EOa+p9/I
xLOOKzxph7/wSS88peEW75V/WwFVfAQk9R9H2zVKlauyf8L/8aHXjOk8ZRz6+beA
pXaxLXyh2g/6dGJb8imqYYMmMWEgOgrMUpL/yvqOjQDQxDOeCyNxdn7FSQdFN4kL
jiq78/DSojA1PUXfLXSQd5rJqBb3Gn4Ea5JT3+6tyoubxgj+HYAXDYXfqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMvRJgZ5a1CeUyQ4Hh7ZWp/E3M6uMB8GA1UdIwQY
MBaAFC+nt5RFWYtC7su+go3YlN+vHfyqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZlM2xFVlppMEx1eTc2Q2pkaVUzNjhkX0tvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My81Y2FlMjYtNDViNS00ZmQ4LTlkZTUt
NGI0NDA4M2Q2MTIyLzEveTlFbUJubHJVSjVUSkRnZUh0bGFuOFRjenE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My81Y2FlMjYtNDViNS00ZmQ4LTlkZTUtNGI0NDA4M2Q2MTIy
LzEvTDZlM2xFVlppMEx1eTc2Q2pkaVUzNjhkX0tvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+VcAwQC
uVQUMA0GCSqGSIb3DQEBCwUAA4IBAQBK2QBIjPOKkpYdpcwxT0K0+7t/6XK/wvxB
zyC/Gm3sRk2x+2OqnQQoPjaYGW5ftzUNapH0xIr/0PWJ3gE3snF2hV2i9z5KUqmu
PLJ52qcudVinZcew1qxLq/Q25Q4qAZzjRd/xgZZpcelVQ5k5T2gKTe4T6gpteJkY
w6jLEZ49DDvlT3tyXNaNSiAhset6dT72wlCKtYYDy6dMRAR3TslGBqLiToD5PT+q
CgvwtZ6hAwP8Vy6kE25OfV9zQXAfCXykTc4R6u349IzK+mGYDWfyTDTrBBh3JzNo
4vI9FsjHlkUsPWvHyzybIFAIld8x0jUHXT1g1vhdzmoUYsWLJQ1j
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:15:39 2026 by rpki-client