Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/73ifgy99OQkGzTEcq9zepTONKxQ.roa
File: 73ifgy99OQkGzTEcq9zepTONKxQ.roa (raw, json)
Hash identifier: 4zhTzbj3V3yrAZvwEac5lyxz6RMKFD+ijUfTKZuFWOA=
Subject key identifier: EF:78:9F:83:2F:7D:39:09:06:CD:31:1C:AB:DC:DE:A5:33:8D:2B:14
Certificate issuer: /CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Certificate serial: 019E1B74C00ACF5B38C48B7B2C2D06DF5A9E
Authority key identifier: C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/73ifgy99OQkGzTEcq9zepTONKxQ.roa
Signing time: Tue 12 May 2026 09:11:36 +0000
ROA not before: Tue 12 May 2026 09:11:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35745
IP address blocks: 37.131.160.0/20 maxlen: 20
46.20.48.0/20 maxlen: 20
46.20.56.0/23 maxlen: 23
46.20.58.0/24 maxlen: 24
91.206.108.0/23 maxlen: 23
91.208.50.0/24 maxlen: 24
93.175.128.0/20 maxlen: 20
93.175.128.0/24 maxlen: 24
93.175.129.0/24 maxlen: 24
93.175.132.0/22 maxlen: 22
93.175.136.0/21 maxlen: 21
128.127.80.0/20 maxlen: 20
128.127.80.0/21 maxlen: 21
185.15.232.0/22 maxlen: 22
188.125.224.0/19 maxlen: 19
188.125.242.0/23 maxlen: 23
188.125.244.0/22 maxlen: 22
213.109.32.0/20 maxlen: 20
213.109.34.0/23 maxlen: 23
213.109.39.0/24 maxlen: 24
213.109.40.0/24 maxlen: 24
213.109.45.0/24 maxlen: 24
2a00:10a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.mft
rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1b:74:c0:0a:cf:5b:38:c4:8b:7b:2c:2d:06:df:5a:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Validity
Not Before: May 12 09:11:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ef789f832f7d390906cd311cabdcdea5338d2b14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0a:be:97:75:d6:fc:e8:e0:a6:89:19:e1:9f:
23:1d:35:a9:ad:df:21:fc:6a:83:f6:4b:c4:60:15:
f0:18:fd:70:27:2f:3c:3e:61:eb:ff:63:e4:20:53:
3f:17:d6:09:f4:01:d8:14:80:ad:5d:d1:6e:45:b7:
b0:fd:6d:42:aa:01:9f:4c:fd:63:09:af:8d:78:60:
d7:18:38:ee:6f:38:15:4f:23:eb:6c:51:17:9d:87:
e5:64:bc:88:b3:8a:5f:77:67:31:ea:5c:63:d1:a1:
20:af:dd:73:db:75:18:42:45:5c:76:76:6d:61:49:
6a:52:8c:83:c7:c6:fa:e8:62:9b:93:d4:f6:6e:1d:
18:3b:d0:d6:24:a4:37:c5:72:5d:af:33:97:ff:3f:
c1:6a:c6:8f:c3:df:b6:09:f7:f5:87:ca:cf:a8:9e:
14:2a:f5:94:d9:f3:9c:9a:95:ac:00:ae:9b:7c:7c:
9c:de:a1:35:cb:9e:ce:f8:93:0a:69:b6:cf:3b:d8:
44:d4:a0:6e:53:ce:3f:23:95:6c:e2:ed:b1:f5:8d:
d7:b6:e2:c3:ef:46:21:41:2e:9a:78:42:91:07:51:
5c:b7:36:96:91:4e:cd:7d:e1:0b:73:f4:85:dc:9a:
41:b2:7c:c3:b0:19:66:a4:fb:3b:a9:88:46:96:ac:
df:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:78:9F:83:2F:7D:39:09:06:CD:31:1C:AB:DC:DE:A5:33:8D:2B:14
X509v3 Authority Key Identifier:
keyid:C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/73ifgy99OQkGzTEcq9zepTONKxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.131.160.0/20
46.20.48.0/20
91.206.108.0/23
91.208.50.0/24
93.175.128.0/20
128.127.80.0/20
185.15.232.0/22
188.125.224.0/19
213.109.32.0/20
IPv6:
2a00:10a0::/32
Signature Algorithm: sha256WithRSAEncryption
bc:ab:18:71:c6:16:0c:e1:4a:77:0d:81:b8:21:55:13:aa:77:
cc:51:fc:30:40:21:e4:2e:27:00:96:d4:a9:ac:74:4b:4a:3d:
f7:cf:f7:43:d6:2a:dd:36:23:0a:87:ba:15:56:b0:94:d9:80:
17:ad:6b:11:35:10:11:9f:79:ec:e5:74:83:5a:4f:ac:75:1e:
f5:1c:e3:3e:8c:ef:47:41:d7:ec:b6:af:2c:97:cf:5f:7c:e7:
b6:4e:bc:01:4f:87:0a:7b:0a:20:13:c1:79:25:a0:19:07:8c:
14:eb:23:d6:78:0e:16:c5:e8:0e:67:f2:32:62:7e:f8:17:f4:
b8:5d:39:9c:d4:00:86:6d:a9:9b:14:b0:a9:a7:3d:51:dc:fa:
5f:4b:be:42:f7:2e:63:ff:35:e0:2a:75:91:6f:ce:52:51:9e:
bc:31:6b:c2:76:e1:ee:0f:06:8c:ed:cc:e7:8b:33:b2:c6:3b:
37:3a:97:dc:c3:f8:39:51:56:33:da:54:e8:2b:77:cb:11:af:
30:f3:15:b6:34:03:99:ba:87:70:13:bf:48:bd:5f:01:7e:96:
8c:29:67:4f:4d:a9:a4:8b:27:99:1d:2d:f5:fa:de:03:c9:12:
00:84:23:69:99:d2:b9:c8:47:33:09:22:69:3f:cf:0a:74:69:
ef:9a:42:ff
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZ4bdMAKz1s4xIt7LC0G31qeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MWM3MjIxZWRlM2FmNWVlOTJlMzIwNmFmMmYxOGJkMDEw
ZDVkZDkwHhcNMjYwNTEyMDkxMTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjc4OWY4MzJmN2QzOTA5MDZjZDMxMWNhYmRjZGVhNTMzOGQyYjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwq+l3XW/OjgpokZ4Z8jHTWprd8h
/GqD9kvEYBXwGP1wJy88PmHr/2PkIFM/F9YJ9AHYFICtXdFuRbew/W1CqgGfTP1j
Ca+NeGDXGDjubzgVTyPrbFEXnYflZLyIs4pfd2cx6lxj0aEgr91z23UYQkVcdnZt
YUlqUoyDx8b66GKbk9T2bh0YO9DWJKQ3xXJdrzOX/z/BasaPw9+2Cff1h8rPqJ4U
KvWU2fOcmpWsAK6bfHyc3qE1y57O+JMKabbPO9hE1KBuU84/I5Vs4u2x9Y3XtuLD
70YhQS6aeEKRB1FctzaWkU7NfeELc/SF3JpBsnzDsBlmpPs7qYhGlqzfbQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFO94n4MvfTkJBs0xHKvc3qUzjSsUMB8GA1UdIwQY
MBaAFMQcciHt469e6S4yBq8vGL0BDV3ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEt
OTkzMGYyMTk0YTBlLzEvNzNpZmd5OTlPUWtHelRFY3E5emVwVE9OS3hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEtOTkzMGYyMTk0YTBl
LzEveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQEJYOgAwQE
LhQwAwQBW85sAwQAW9AyAwQEXa+AAwQEgH9QAwQCuQ/oAwQFvH3gAwQE1W0gMA0E
AgACMAcDBQAqABCgMA0GCSqGSIb3DQEBCwUAA4IBAQC8qxhxxhYM4Up3DYG4IVUT
qnfMUfwwQCHkLicAltSprHRLSj33z/dD1irdNiMKh7oVVrCU2YAXrWsRNRARn3ns
5XSDWk+sdR71HOM+jO9HQdfstq8sl89ffOe2TrwBT4cKewogE8F5JaAZB4wU6yPW
eA4WxegOZ/IyYn74F/S4XTmc1ACGbambFLCppz1R3PpfS75C9y5j/zXgKnWRb85S
UZ68MWvCduHuDwaM7cznizOyxjs3Opfcw/g5UVYz2lToK3fLEa8w8xW2NAOZuodw
E79IvV8BfpaMKWdPTamkiyeZHS31+t4DyRIAhCNpmdK5yEczCSJpP88KdGnvmkL/
-----END CERTIFICATE-----
Generated at Wed May 13 15:57:09 2026 by rpki-client