Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/c91f7f-c2fe-4e74-acf6-fbde3d7bb55c/1/q9r5Sa2pF-LAaTI2zR7haz9jOHw.roa
File: q9r5Sa2pF-LAaTI2zR7haz9jOHw.roa (raw, json)
Hash identifier: w1oiwYmUyslgOeSb1JpT0bOjSe/1ej94ia9AqsY8TDQ=
Subject key identifier: AB:DA:F9:49:AD:A9:17:E2:C0:69:32:36:CD:1E:E1:6B:3F:63:38:7C
Certificate issuer: /CN=c9fa161d7a1f050461c5be291e9fbe07fe4dd524
Certificate serial: 019C4771E6BEB6B9FAEA618D24958CD56816
Authority key identifier: C9:FA:16:1D:7A:1F:05:04:61:C5:BE:29:1E:9F:BE:07:FE:4D:D5:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yfoWHXofBQRhxb4pHp--B_5N1SQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/c91f7f-c2fe-4e74-acf6-fbde3d7bb55c/1/q9r5Sa2pF-LAaTI2zR7haz9jOHw.roa
Signing time: Tue 10 Feb 2026 12:06:12 +0000
ROA not before: Tue 10 Feb 2026 12:06:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57781
IP address blocks: 91.242.165.0/24 maxlen: 24
91.242.166.0/24 maxlen: 24
91.242.167.0/24 maxlen: 24
176.107.208.0/24 maxlen: 24
176.107.209.0/24 maxlen: 24
176.107.211.0/24 maxlen: 24
176.107.212.0/24 maxlen: 24
176.107.213.0/24 maxlen: 24
176.107.214.0/24 maxlen: 24
176.107.215.0/24 maxlen: 24
176.107.216.0/24 maxlen: 24
176.107.218.0/24 maxlen: 24
176.107.219.0/24 maxlen: 24
176.107.220.0/24 maxlen: 24
176.107.221.0/24 maxlen: 24
176.107.222.0/24 maxlen: 24
176.107.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/c91f7f-c2fe-4e74-acf6-fbde3d7bb55c/1/yfoWHXofBQRhxb4pHp--B_5N1SQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/c91f7f-c2fe-4e74-acf6-fbde3d7bb55c/1/yfoWHXofBQRhxb4pHp--B_5N1SQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/yfoWHXofBQRhxb4pHp--B_5N1SQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:47:71:e6:be:b6:b9:fa:ea:61:8d:24:95:8c:d5:68:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9fa161d7a1f050461c5be291e9fbe07fe4dd524
Validity
Not Before: Feb 10 12:06:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=abdaf949ada917e2c0693236cd1ee16b3f63387c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:dd:ef:9d:ee:b7:d4:91:90:67:f7:0c:04:97:
75:93:ff:10:9c:3d:ac:2e:4a:a3:11:c4:78:dc:9c:
6e:07:42:42:6e:41:b6:bc:e1:09:de:08:25:62:cc:
95:ff:8f:7c:96:75:00:2f:55:cc:8e:3c:00:01:80:
59:6b:e5:3f:64:28:96:b1:d0:e3:88:c9:62:47:ad:
87:2f:9d:e6:62:74:20:da:9a:5f:49:74:fa:d5:14:
81:82:2a:ee:0a:ad:4b:5b:24:e6:5e:0c:b3:a9:20:
e4:e0:4b:1f:27:3e:bf:6b:39:27:5d:41:be:63:d9:
a4:05:d0:31:b4:70:41:4b:03:c7:7c:04:36:f5:e6:
d3:a8:f9:60:52:a4:f0:cb:5e:01:bd:dc:a6:71:ee:
33:b6:01:da:10:3f:d2:f8:0d:e7:c5:05:cb:97:95:
c3:8c:e7:4a:49:05:78:f5:cb:ad:8a:78:cd:27:0d:
aa:81:cc:27:a2:2c:06:73:31:a3:43:c9:6f:63:a3:
2f:85:24:88:e0:2e:fc:cd:7a:63:31:09:df:eb:e0:
11:88:75:1c:5b:c0:fa:08:74:30:73:e7:40:f8:16:
26:c9:05:2b:39:14:4f:18:6e:9e:82:1e:dc:33:7a:
fb:a7:63:f2:61:14:7f:c8:14:72:a1:15:e9:46:ab:
df:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:DA:F9:49:AD:A9:17:E2:C0:69:32:36:CD:1E:E1:6B:3F:63:38:7C
X509v3 Authority Key Identifier:
keyid:C9:FA:16:1D:7A:1F:05:04:61:C5:BE:29:1E:9F:BE:07:FE:4D:D5:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yfoWHXofBQRhxb4pHp--B_5N1SQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/c91f7f-c2fe-4e74-acf6-fbde3d7bb55c/1/q9r5Sa2pF-LAaTI2zR7haz9jOHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/c91f7f-c2fe-4e74-acf6-fbde3d7bb55c/1/yfoWHXofBQRhxb4pHp--B_5N1SQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.165.0-91.242.167.255
176.107.208.0/23
176.107.211.0-176.107.216.255
176.107.218.0-176.107.223.255
Signature Algorithm: sha256WithRSAEncryption
91:70:f1:7c:2f:20:33:20:03:a7:be:46:71:6a:c4:71:17:c8:
1b:e5:aa:ed:bf:6f:86:c9:d7:f3:22:b5:5b:45:a8:48:a0:ca:
5e:e8:1c:61:7d:5c:33:56:32:56:ce:07:ae:f9:ce:ba:dc:0d:
87:92:94:22:6f:9a:cc:a8:aa:08:cc:bc:df:10:a8:87:dd:93:
36:0f:48:cc:47:63:3f:f6:69:e5:64:90:2e:70:00:9d:72:24:
3f:a8:03:1d:87:c7:ea:f3:ed:be:c1:47:fb:54:3a:8d:f7:fc:
6d:dd:db:17:c7:a2:38:7e:9a:9e:91:46:b4:d0:78:11:d0:1c:
4a:8f:2a:49:8a:0b:97:b5:e3:37:ea:68:89:72:80:33:cb:e8:
96:64:c1:24:16:31:1c:f5:4a:81:ff:65:65:27:08:a0:3a:0c:
7e:dc:64:a2:4e:47:8d:e5:d2:65:a2:d1:14:f0:12:c3:4d:06:
df:40:70:5a:cf:3d:2c:77:b4:4b:dc:75:9d:c3:4d:e3:f7:50:
09:94:07:3f:67:73:3e:06:8c:10:1c:f7:61:5e:21:e6:26:92:
64:ee:67:62:74:4a:4d:c4:fb:9d:fd:bd:1f:75:c8:da:c6:48:
80:53:d5:eb:57:1d:7e:c3:20:15:b0:07:10:d2:c5:05:0d:7d:
5b:4f:fd:31
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZxHcea+trn66mGNJJWM1WgWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZmExNjFkN2ExZjA1MDQ2MWM1YmUyOTFlOWZiZTA3ZmU0
ZGQ1MjQwHhcNMjYwMjEwMTIwNjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmRhZjk0OWFkYTkxN2UyYzA2OTMyMzZjZDFlZTE2YjNmNjMzODdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAst3vne631JGQZ/cMBJd1k/8QnD2s
LkqjEcR43JxuB0JCbkG2vOEJ3gglYsyV/498lnUAL1XMjjwAAYBZa+U/ZCiWsdDj
iMliR62HL53mYnQg2ppfSXT61RSBgiruCq1LWyTmXgyzqSDk4EsfJz6/azknXUG+
Y9mkBdAxtHBBSwPHfAQ29ebTqPlgUqTwy14Bvdymce4ztgHaED/S+A3nxQXLl5XD
jOdKSQV49cutinjNJw2qgcwnoiwGczGjQ8lvY6MvhSSI4C78zXpjMQnf6+ARiHUc
W8D6CHQwc+dA+BYmyQUrORRPGG6egh7cM3r7p2PyYRR/yBRyoRXpRqvf7QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKva+UmtqRfiwGkyNs0e4Ws/Yzh8MB8GA1UdIwQY
MBaAFMn6Fh16HwUEYcW+KR6fvgf+TdUkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWZvV0hYb2ZCUVJoeGI0cEhwLS1CXzVOMVNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9jOTFmN2YtYzJmZS00ZTc0LWFjZjYt
ZmJkZTNkN2JiNTVjLzEvcTlyNVNhMnBGLUxBYVRJMnpSN2hhejlqT0h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9jOTFmN2YtYzJmZS00ZTc0LWFjZjYtZmJkZTNkN2JiNTVj
LzEveWZvV0hYb2ZCUVJoeGI0cEhwLS1CXzVOMVNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwMAwDBABb8qUD
BANb8qADBAGwa9AwDAMEALBr0wMEALBr2DAMAwQBsGvaAwQFsGvAMA0GCSqGSIb3
DQEBCwUAA4IBAQCRcPF8LyAzIAOnvkZxasRxF8gb5artv2+GydfzIrVbRahIoMpe
6BxhfVwzVjJWzgeu+c663A2HkpQib5rMqKoIzLzfEKiH3ZM2D0jMR2M/9mnlZJAu
cACdciQ/qAMdh8fq8+2+wUf7VDqN9/xt3dsXx6I4fpqekUa00HgR0BxKjypJiguX
teM36miJcoAzy+iWZMEkFjEc9UqB/2VlJwigOgx+3GSiTkeN5dJlotEU8BLDTQbf
QHBazz0sd7RL3HWdw03j91AJlAc/Z3M+BowQHPdhXiHmJpJk7mdidEpNxPud/b0f
dcjaxkiAU9XrVx1+wyAVsAcQ0sUFDX1bT/0x
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:02:53 2026 by rpki-client