Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/Z9B94VUuwMzLp1J1_UmV3P3-Bog.roa
File: Z9B94VUuwMzLp1J1_UmV3P3-Bog.roa (raw, json)
Hash identifier: b0gWVuQa3wcBnwLUc4jIKMufXEjkfGFHau8pBV9DYlo=
Subject key identifier: 67:D0:7D:E1:55:2E:C0:CC:CB:A7:52:75:FD:49:95:DC:FD:FE:06:88
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 019DAAD4D035D2139DC51CCDF32178F9AA9E
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/Z9B94VUuwMzLp1J1_UmV3P3-Bog.roa
Signing time: Mon 20 Apr 2026 12:19:26 +0000
ROA not before: Mon 20 Apr 2026 12:19:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8737
IP address blocks: 62.216.0.0/19 maxlen: 19
84.39.0.0/19 maxlen: 19
109.72.32.0/20 maxlen: 20
128.127.32.0/20 maxlen: 20
195.64.64.0/19 maxlen: 19
195.64.80.0/20 maxlen: 20
195.121.0.0/16 maxlen: 16
195.121.0.0/17 maxlen: 17
195.121.64.0/18 maxlen: 18
195.121.128.0/17 maxlen: 17
212.182.128.0/18 maxlen: 18
213.75.0.0/16 maxlen: 16
213.75.0.0/17 maxlen: 17
213.75.128.0/17 maxlen: 17
213.148.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 21:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:aa:d4:d0:35:d2:13:9d:c5:1c:cd:f3:21:78:f9:aa:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Apr 20 12:19:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=67d07de1552ec0cccba75275fd4995dcfdfe0688
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:4e:ae:a5:ab:1e:f3:74:e5:76:d5:3f:21:b4:
b6:14:e3:58:7a:84:a5:6a:94:f2:08:15:3c:65:e8:
0a:5a:f9:6a:a2:48:22:5c:94:d8:28:08:8b:64:91:
49:65:ce:56:62:13:38:77:41:25:2e:7f:3c:98:76:
f7:3c:c4:04:e1:f7:8a:a2:84:02:ce:bb:f0:f6:fa:
11:2c:35:3d:4e:14:f2:21:6a:84:1a:33:74:aa:fd:
31:85:71:a5:c7:59:45:ca:23:f2:d9:0e:a5:78:5b:
96:e1:11:e1:0e:7a:26:d0:9e:cc:75:a6:2e:ad:f3:
e0:7d:e2:b0:dd:33:46:f3:18:41:59:02:67:7c:be:
87:07:b3:3b:ba:a3:64:9f:ca:8b:9f:6c:dc:eb:37:
d0:bb:b9:dc:8d:c9:d1:5e:a6:82:d5:a6:04:d0:c8:
32:89:9c:8a:66:8f:0c:d9:f4:fa:83:88:69:08:c9:
27:7b:ea:55:92:47:77:10:79:7e:6a:75:6d:50:5a:
97:3c:94:01:68:2c:b4:78:8a:55:9c:9d:eb:54:a1:
81:6e:6e:17:6c:b8:ad:da:04:4e:3e:af:88:4a:10:
e1:31:e8:46:ff:b9:80:ed:8f:96:f9:96:d9:67:1a:
51:f3:e6:fb:bf:dd:62:43:f0:f2:03:b3:13:63:d1:
16:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:D0:7D:E1:55:2E:C0:CC:CB:A7:52:75:FD:49:95:DC:FD:FE:06:88
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/Z9B94VUuwMzLp1J1_UmV3P3-Bog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.216.0.0/19
84.39.0.0/19
109.72.32.0/20
128.127.32.0/20
195.64.64.0/19
195.121.0.0/16
212.182.128.0/18
213.75.0.0/16
213.148.224.0/19
Signature Algorithm: sha256WithRSAEncryption
11:50:82:e1:6c:fe:7d:2c:e3:4e:21:4b:ca:26:17:8f:6e:3d:
4f:ec:73:9c:00:62:fb:b9:4e:9d:ff:90:5d:29:c6:00:53:f9:
2e:66:bb:66:c8:e7:25:d7:d1:70:26:c0:40:84:03:3f:80:26:
dc:57:6f:83:da:63:11:49:a5:b8:18:03:2a:25:1c:7f:d9:ea:
df:f3:83:5b:86:70:b3:6b:87:17:1a:1b:dd:0d:50:49:ae:f5:
ca:ca:4b:bf:0c:01:32:a2:62:50:14:52:14:17:19:43:38:a3:
b0:d9:61:ee:55:80:32:41:87:22:f5:26:5a:68:57:d7:48:6d:
e8:65:b3:74:03:a7:6c:61:5c:06:6a:4f:7d:97:34:da:3e:67:
2d:bf:04:1e:c1:7d:ae:9f:85:3a:e6:67:5e:22:87:7f:2a:6f:
89:ea:2e:ed:d6:f1:d7:ff:da:cd:49:ce:09:11:51:ec:f8:19:
da:83:f6:6d:5d:1b:80:6d:aa:1e:25:fd:f9:8d:07:da:1f:10:
3e:f7:fc:3c:e3:fc:0a:24:f8:c4:7d:b4:f2:05:79:16:8f:ad:
da:49:72:5b:80:30:70:be:6d:9c:e5:ba:3a:b7:b8:86:36:59:
bb:53:64:e5:ec:8d:ad:f1:71:07:04:77:a8:82:f3:ad:13:c3:
a1:66:1a:ea
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZ2q1NA10hOdxRzN8yF4+aqeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjYwNDIwMTIxOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2QwN2RlMTU1MmVjMGNjY2JhNzUyNzVmZDQ5OTVkY2ZkZmUwNjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyU6upase83TldtU/IbS2FONYeoSl
apTyCBU8ZegKWvlqokgiXJTYKAiLZJFJZc5WYhM4d0ElLn88mHb3PMQE4feKooQC
zrvw9voRLDU9ThTyIWqEGjN0qv0xhXGlx1lFyiPy2Q6leFuW4RHhDnom0J7MdaYu
rfPgfeKw3TNG8xhBWQJnfL6HB7M7uqNkn8qLn2zc6zfQu7ncjcnRXqaC1aYE0Mgy
iZyKZo8M2fT6g4hpCMkne+pVkkd3EHl+anVtUFqXPJQBaCy0eIpVnJ3rVKGBbm4X
bLit2gROPq+IShDhMehG/7mA7Y+W+ZbZZxpR8+b7v91iQ/DyA7MTY9EWWwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFGfQfeFVLsDMy6dSdf1Jldz9/gaIMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvWjlCOTRWVXV3TXpMcDFKMV9VbVYzUDMtQm9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQFPtgAAwQF
VCcAAwQEbUggAwQEgH8gAwQFw0BAAwMAw3kDBAbUtoADAwDVSwMEBdWU4DANBgkq
hkiG9w0BAQsFAAOCAQEAEVCC4Wz+fSzjTiFLyiYXj249T+xznABi+7lOnf+QXSnG
AFP5Lma7ZsjnJdfRcCbAQIQDP4Am3Fdvg9pjEUmluBgDKiUcf9nq3/ODW4Zws2uH
Fxob3Q1QSa71yspLvwwBMqJiUBRSFBcZQzijsNlh7lWAMkGHIvUmWmhX10ht6GWz
dAOnbGFcBmpPfZc02j5nLb8EHsF9rp+FOuZnXiKHfypvieou7dbx1//azUnOCRFR
7PgZ2oP2bV0bgG2qHiX9+Y0H2h8QPvf8POP8CiT4xH208gV5Fo+t2klyW4AwcL5t
nOW6Ore4hjZZu1Nk5eyNrfFxBwR3qILzrRPDoWYa6g==
-----END CERTIFICATE-----
Generated at Wed May 13 05:43:29 2026 by rpki-client