Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/R79MMWqMhAeiK4cE_HoKeqc5Lhc.roa
File: R79MMWqMhAeiK4cE_HoKeqc5Lhc.roa (raw, json)
Hash identifier: YuUsVLYj+eH8mbIonSZX2vSgiRvZ//m45NH39yq7gx4=
Subject key identifier: 47:BF:4C:31:6A:8C:84:07:A2:2B:87:04:FC:7A:0A:7A:A7:39:2E:17
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 019DDAED2A64844054D5362A08E196F3C6C0
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/R79MMWqMhAeiK4cE_HoKeqc5Lhc.roa
Signing time: Wed 29 Apr 2026 20:27:49 +0000
ROA not before: Wed 29 Apr 2026 20:27:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
85.115.210.0/23 maxlen: 24
213.145.68.0/23 maxlen: 23
213.145.70.0/23 maxlen: 24
213.145.72.0/21 maxlen: 24
213.145.82.0/24 maxlen: 24
213.145.84.0/23 maxlen: 23
213.145.86.0/23 maxlen: 23
213.145.87.0/24 maxlen: 24
213.145.88.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.mft
rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:da:ed:2a:64:84:40:54:d5:36:2a:08:e1:96:f3:c6:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Apr 29 20:27:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=47bf4c316a8c8407a22b8704fc7a0a7aa7392e17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:51:bb:a6:9a:8d:85:d3:3b:87:be:4c:72:95:
de:b2:d0:a1:11:2b:ac:13:a9:59:25:40:c4:9f:5f:
9c:1f:31:a5:69:7b:f2:f9:10:1b:f2:40:4a:d8:12:
ee:d7:ba:4a:d8:aa:04:65:25:ad:60:19:e6:49:da:
2c:43:4e:4b:c6:8a:1d:64:6c:4f:57:ef:fe:50:1d:
36:21:57:fe:a9:dc:1e:09:88:64:fa:cb:96:0f:41:
f9:36:b7:0c:ee:a7:19:9b:6a:32:f3:88:38:3c:13:
52:0d:06:b9:23:f6:b4:d4:27:9b:87:4b:94:a8:80:
e3:9d:e5:2c:0e:f7:ad:16:1d:fd:6b:f8:de:40:38:
9b:df:5c:e2:60:10:55:33:8d:e9:60:f2:6a:77:65:
56:39:07:02:fb:15:74:4d:3a:0e:14:23:f0:8a:ba:
4e:ed:a7:55:ec:cf:5a:60:05:7d:dd:b9:be:36:34:
c8:9a:6b:83:0c:31:17:22:cf:7f:15:00:3a:65:aa:
bd:7b:81:48:0b:36:d3:da:d7:cb:0f:8c:dd:69:87:
0d:15:8f:2b:7e:fe:b2:d9:e4:b5:e1:25:2c:f9:3b:
c4:5a:43:12:9a:a5:28:7f:4e:b3:da:2b:bd:3c:e8:
ec:55:c2:18:11:72:31:6c:21:c5:a3:8f:8e:24:11:
80:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:BF:4C:31:6A:8C:84:07:A2:2B:87:04:FC:7A:0A:7A:A7:39:2E:17
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/R79MMWqMhAeiK4cE_HoKeqc5Lhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/22
213.145.68.0-213.145.79.255
213.145.82.0/24
213.145.84.0-213.145.89.255
Signature Algorithm: sha256WithRSAEncryption
0c:af:70:06:5c:2e:d7:09:cb:7d:fa:a7:63:a6:40:70:3d:2f:
6c:24:37:6f:b0:9a:63:25:1b:b5:bb:a2:4f:f3:b8:3e:98:91:
ad:3f:e9:91:40:14:4a:71:0f:8b:52:5b:f2:28:f5:06:8d:f5:
65:43:b8:2b:eb:b4:dc:a3:3e:ec:43:a8:40:6e:e2:64:17:f0:
66:1d:df:f2:a7:68:e6:f6:d3:58:ae:28:30:36:9f:a5:20:d6:
6b:0b:6b:a9:60:bc:b4:c7:f6:57:98:4b:e9:f6:2f:5b:50:e7:
d3:9b:6c:86:fc:12:6e:09:bf:d1:89:53:cc:f0:f5:72:1a:ef:
9a:19:da:eb:fc:e5:57:85:50:a1:d8:65:d8:7d:96:fc:40:51:
81:69:99:91:98:21:5a:1a:be:cb:c8:94:d0:40:f6:d0:7a:bf:
a4:d8:9c:e1:cb:95:77:5a:dc:fd:e3:eb:70:3e:eb:b3:57:8c:
f7:e8:2d:78:86:8d:ec:16:3e:4f:f6:47:d0:f8:2e:0f:cd:4e:
69:30:99:4d:b1:2b:4f:72:ae:88:64:87:27:9a:f5:fa:16:7f:
70:11:39:b8:d5:a3:07:ee:53:3e:84:52:01:96:26:9c:12:e6:
97:dd:6a:fa:0d:9e:d8:7e:8a:0a:2c:21:da:0b:92:7d:f1:fc:
d8:0b:eb:39
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZ3a7SpkhEBU1TYqCOGW88bAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjYwNDI5MjAyNzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2JmNGMzMTZhOGM4NDA3YTIyYjg3MDRmYzdhMGE3YWE3MzkyZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFG7ppqNhdM7h75McpXestChESus
E6lZJUDEn1+cHzGlaXvy+RAb8kBK2BLu17pK2KoEZSWtYBnmSdosQ05LxoodZGxP
V+/+UB02IVf+qdweCYhk+suWD0H5NrcM7qcZm2oy84g4PBNSDQa5I/a01Cebh0uU
qIDjneUsDvetFh39a/jeQDib31ziYBBVM43pYPJqd2VWOQcC+xV0TToOFCPwirpO
7adV7M9aYAV93bm+NjTImmuDDDEXIs9/FQA6Zaq9e4FICzbT2tfLD4zdaYcNFY8r
fv6y2eS14SUs+TvEWkMSmqUof06z2iu9POjsVcIYEXIxbCHFo4+OJBGAbwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFEe/TDFqjIQHoiuHBPx6CnqnOS4XMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvUjc5TU1XcU1oQWVpSzRjRV9Ib0tlcWM1TGhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQCVXPQMAwD
BALVkUQDBATVkUADBADVkVIwDAMEAtWRVAMEAdWRWDANBgkqhkiG9w0BAQsFAAOC
AQEADK9wBlwu1wnLffqnY6ZAcD0vbCQ3b7CaYyUbtbuiT/O4PpiRrT/pkUAUSnEP
i1Jb8ij1Bo31ZUO4K+u03KM+7EOoQG7iZBfwZh3f8qdo5vbTWK4oMDafpSDWawtr
qWC8tMf2V5hL6fYvW1Dn05tshvwSbgm/0YlTzPD1chrvmhna6/zlV4VQodhl2H2W
/EBRgWmZkZghWhq+y8iU0ED20Hq/pNic4cuVd1rc/ePrcD7rs1eM9+gteIaN7BY+
T/ZH0PguD81OaTCZTbErT3KuiGSHJ5r1+hZ/cBE5uNWjB+5TPoRSAZYmnBLml91q
+g2e2H6KCiwh2guSffH82AvrOQ==
-----END CERTIFICATE-----
Generated at Tue May 12 22:32:42 2026 by rpki-client