Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/s61yv5KU-MzMgLkWKPoUNVLjQhg.roa
File: s61yv5KU-MzMgLkWKPoUNVLjQhg.roa (raw, json)
Hash identifier: sBkMiUtHAV3ToABJLtfHzQGVeTvCXT0UMs6UHTlwlRM=
Subject key identifier: B3:AD:72:BF:92:94:F8:CC:CC:80:B9:16:28:FA:14:35:52:E3:42:18
Certificate issuer: /CN=17c203e3f365923a843d3220317a1c68cf74de0f
Certificate serial: 019CDCA2ECD081A1B211153FF9CBAF9FFBA0
Authority key identifier: 17:C2:03:E3:F3:65:92:3A:84:3D:32:20:31:7A:1C:68:CF:74:DE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/s61yv5KU-MzMgLkWKPoUNVLjQhg.roa
Signing time: Wed 11 Mar 2026 11:23:10 +0000
ROA not before: Wed 11 Mar 2026 11:23:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215373
IP address blocks: 37.203.35.0/24 maxlen: 24
37.203.37.0/24 maxlen: 24
37.203.38.0/24 maxlen: 24
89.111.9.0/24 maxlen: 24
89.111.10.0/24 maxlen: 24
89.111.19.0/24 maxlen: 24
89.111.22.0/24 maxlen: 24
89.111.25.0/24 maxlen: 24
89.111.26.0/23 maxlen: 23
89.111.26.0/24 maxlen: 24
89.111.27.0/24 maxlen: 24
89.111.28.0/22 maxlen: 22
89.111.28.0/24 maxlen: 24
89.111.29.0/24 maxlen: 24
89.111.30.0/24 maxlen: 24
89.111.31.0/24 maxlen: 24
185.219.156.0/22 maxlen: 22
185.219.156.0/24 maxlen: 24
185.219.157.0/24 maxlen: 24
185.219.158.0/24 maxlen: 24
185.219.159.0/24 maxlen: 24
193.164.210.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/F8ID4_NlkjqEPTIgMXocaM903g8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/F8ID4_NlkjqEPTIgMXocaM903g8.mft
rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:dc:a2:ec:d0:81:a1:b2:11:15:3f:f9:cb:af:9f:fb:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17c203e3f365923a843d3220317a1c68cf74de0f
Validity
Not Before: Mar 11 11:23:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b3ad72bf9294f8cccc80b91628fa143552e34218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f8:c9:fb:89:f4:67:af:d5:f4:87:0d:c5:20:
e4:ed:a2:21:28:de:19:22:71:13:f3:c8:6d:e3:03:
1b:ea:0f:d0:49:88:af:32:74:15:8a:6c:62:a2:76:
f3:af:35:7c:7e:e1:4c:48:8a:69:a4:fd:9e:fd:36:
6c:ff:60:d3:f4:00:c4:ae:d4:31:91:d9:1e:90:7c:
f0:9a:85:6d:f0:89:47:65:eb:6c:9d:4c:12:ba:ed:
d1:22:19:47:8d:09:a8:29:2b:5b:5d:a2:e6:78:28:
da:7a:af:69:3f:e3:d3:19:67:15:8e:5d:34:cb:aa:
b4:e0:11:3f:71:c0:e1:31:52:e9:8b:20:af:7d:76:
b8:5d:7c:e9:4b:88:9d:ad:0f:ed:b0:66:f6:70:73:
2c:ee:c7:d4:37:cb:bc:e1:a2:54:ca:25:eb:a1:ca:
7e:8d:0e:81:e7:e1:c0:c7:eb:52:a2:9c:e3:49:75:
66:9f:01:54:8d:5d:88:7e:97:50:18:d0:cf:b4:d7:
6c:ec:54:48:0e:1e:3d:e6:8a:30:c8:02:cd:43:a6:
5a:58:90:88:4b:99:cd:1c:f1:7e:9d:09:75:b6:33:
b0:2a:13:4f:4f:0c:68:c5:5a:ce:4b:b3:27:1a:fe:
1e:cb:4c:67:71:a5:a3:4a:d1:6b:cc:f7:41:48:5a:
f1:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:AD:72:BF:92:94:F8:CC:CC:80:B9:16:28:FA:14:35:52:E3:42:18
X509v3 Authority Key Identifier:
keyid:17:C2:03:E3:F3:65:92:3A:84:3D:32:20:31:7A:1C:68:CF:74:DE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/s61yv5KU-MzMgLkWKPoUNVLjQhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/F8ID4_NlkjqEPTIgMXocaM903g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.35.0/24
37.203.37.0-37.203.38.255
89.111.9.0-89.111.10.255
89.111.19.0/24
89.111.22.0/24
89.111.25.0-89.111.31.255
185.219.156.0/22
193.164.210.0/23
Signature Algorithm: sha256WithRSAEncryption
44:70:75:31:11:2a:46:ef:27:03:b7:6e:e8:64:63:7c:28:2c:
24:74:92:c2:6a:b8:1b:84:4c:9a:28:14:e6:ee:51:34:da:e4:
a7:b3:68:0b:88:09:db:8a:5e:d9:40:f3:fd:34:67:cd:6f:91:
2c:84:ed:44:be:84:01:48:12:73:40:a2:d6:42:14:b0:a1:8d:
50:b7:5f:d0:6d:60:a1:9d:1b:72:20:d6:af:38:1e:86:4e:a4:
46:76:e3:13:79:26:c4:b4:6b:7f:cb:d3:bb:c6:8f:7d:4e:a6:
fc:c5:00:5a:e2:32:cc:4f:24:79:32:4b:fb:ec:4c:b0:db:90:
05:e3:29:d5:a6:bb:a4:c2:07:79:21:a6:2f:20:59:6f:fc:1d:
e5:95:39:e6:8e:06:22:91:b5:11:70:21:75:25:13:7d:90:bd:
86:20:24:d1:2b:5f:21:85:63:36:df:a2:c9:f9:bf:49:ed:6f:
69:1a:b8:bb:f3:fc:4d:56:81:4a:9e:b7:69:02:67:02:50:2d:
d4:dd:ff:8b:2a:04:17:9e:95:d3:e8:af:fd:57:55:71:7c:57:
3c:40:0d:b0:58:5b:26:e6:39:00:95:43:f5:c2:a0:c5:4f:5c:
a3:c1:29:43:71:c9:e5:20:b9:19:89:df:11:2f:b8:cf:2a:da:
b2:04:52:8b
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZzcouzQgaGyERU/+cuvn/ugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YzIwM2UzZjM2NTkyM2E4NDNkMzIyMDMxN2ExYzY4Y2Y3
NGRlMGYwHhcNMjYwMzExMTEyMzEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2FkNzJiZjkyOTRmOGNjY2M4MGI5MTYyOGZhMTQzNTUyZTM0MjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvjJ+4n0Z6/V9IcNxSDk7aIhKN4Z
InET88ht4wMb6g/QSYivMnQVimxionbzrzV8fuFMSIpppP2e/TZs/2DT9ADErtQx
kdkekHzwmoVt8IlHZetsnUwSuu3RIhlHjQmoKStbXaLmeCjaeq9pP+PTGWcVjl00
y6q04BE/ccDhMVLpiyCvfXa4XXzpS4idrQ/tsGb2cHMs7sfUN8u84aJUyiXrocp+
jQ6B5+HAx+tSopzjSXVmnwFUjV2IfpdQGNDPtNds7FRIDh495oowyALNQ6ZaWJCI
S5nNHPF+nQl1tjOwKhNPTwxoxVrOS7MnGv4ey0xncaWjStFrzPdBSFrx8QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFLOtcr+SlPjMzIC5Fij6FDVS40IYMB8GA1UdIwQY
MBaAFBfCA+PzZZI6hD0yIDF6HGjPdN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjhJRDRfTmxranFFUFRJZ01Yb2NhTTkwM2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy84OWFlOGUtNDY3NC00NTVkLTlmMjMt
YWM2N2EzNmU0YWFiLzEvczYxeXY1S1UtTXpNZ0xrV0tQb1VOVkxqUWhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy84OWFlOGUtNDY3NC00NTVkLTlmMjMtYWM2N2EzNmU0YWFi
LzEvRjhJRDRfTmxranFFUFRJZ01Yb2NhTTkwM2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAJcsjMAwD
BAAlyyUDBAAlyyYwDAMEAFlvCQMEAFlvCgMEAFlvEwMEAFlvFjAMAwQAWW8ZAwQF
WW8AAwQCuducAwQBwaTSMA0GCSqGSIb3DQEBCwUAA4IBAQBEcHUxESpG7ycDt27o
ZGN8KCwkdJLCargbhEyaKBTm7lE02uSns2gLiAnbil7ZQPP9NGfNb5EshO1EvoQB
SBJzQKLWQhSwoY1Qt1/QbWChnRtyINavOB6GTqRGduMTeSbEtGt/y9O7xo99Tqb8
xQBa4jLMTyR5Mkv77Eyw25AF4ynVprukwgd5IaYvIFlv/B3llTnmjgYikbURcCF1
JRN9kL2GICTRK18hhWM236LJ+b9J7W9pGri78/xNVoFKnrdpAmcCUC3U3f+LKgQX
npXT6K/9V1VxfFc8QA2wWFsm5jkAlUP1wqDFT1yjwSlDccnlILkZid8RL7jPKtqy
BFKL
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:34:00 2026 by rpki-client