Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/y72ee53UZ9UgTPW0y3NPzxnhvyk.roa
File: y72ee53UZ9UgTPW0y3NPzxnhvyk.roa (raw, json)
Hash identifier: zPgIOrxYdKywPGN4Z7npd7H8FKOgP+RhMcc1jQPwBns=
Subject key identifier: CB:BD:9E:7B:9D:D4:67:D5:20:4C:F5:B4:CB:73:4F:CF:19:E1:BF:29
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019CDB4F44A1A3B9D5D724FC0CBB37D162AC
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/y72ee53UZ9UgTPW0y3NPzxnhvyk.roa
Signing time: Wed 11 Mar 2026 05:12:11 +0000
ROA not before: Wed 11 Mar 2026 05:12:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9123
IP address blocks: 89.23.96.0/24 maxlen: 24
89.23.97.0/24 maxlen: 24
89.23.98.0/24 maxlen: 24
89.23.99.0/24 maxlen: 24
89.23.100.0/24 maxlen: 24
89.23.101.0/24 maxlen: 24
89.23.102.0/24 maxlen: 24
89.23.112.0/24 maxlen: 24
89.23.115.0/24 maxlen: 24
89.23.116.0/24 maxlen: 24
89.23.117.0/24 maxlen: 24
89.23.118.0/24 maxlen: 24
185.39.206.0/24 maxlen: 24
212.67.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 02:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:db:4f:44:a1:a3:b9:d5:d7:24:fc:0c:bb:37:d1:62:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Mar 11 05:12:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cbbd9e7b9dd467d5204cf5b4cb734fcf19e1bf29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f9:58:3c:25:ed:be:1d:a6:45:e7:c4:c5:0e:
09:85:b1:c0:8a:39:e5:4b:91:b8:2e:7d:7f:72:ae:
de:ef:56:db:dc:ca:64:d0:94:b7:a5:68:19:f5:10:
29:43:f2:ac:88:08:ee:35:05:89:6f:ec:84:52:15:
5b:2f:71:69:1d:a6:07:ed:3c:96:af:44:af:15:f6:
4b:e4:88:12:5c:23:78:2f:1b:f3:a0:c3:33:e0:af:
22:a8:72:83:88:dd:52:f2:1c:3e:ab:51:ef:b0:23:
94:79:a8:b8:a0:82:d4:a5:0f:ba:f6:9c:7a:f3:07:
16:cd:81:50:8d:21:9c:a4:bc:6d:fe:61:5f:1e:ba:
40:87:2b:62:af:ca:d9:9f:46:b4:4c:e3:44:ac:22:
8e:89:c6:55:85:67:ae:5a:8a:8b:2a:e1:ea:9e:e2:
23:ec:56:a5:fa:85:26:d3:da:3a:ab:09:ef:d9:ac:
5d:85:eb:eb:30:0a:a9:40:d5:d1:06:47:af:2d:47:
e2:28:1b:f5:55:e3:d9:cd:20:29:b6:b0:e5:dd:10:
6e:34:f1:09:2e:4f:08:0b:7c:16:03:51:eb:3e:9b:
49:a5:30:46:ce:04:14:2f:6c:f8:44:ff:bf:f6:dc:
68:c6:b0:d3:70:60:77:5c:44:fa:61:f8:c8:c1:46:
f5:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:BD:9E:7B:9D:D4:67:D5:20:4C:F5:B4:CB:73:4F:CF:19:E1:BF:29
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/y72ee53UZ9UgTPW0y3NPzxnhvyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.96.0-89.23.102.255
89.23.112.0/24
89.23.115.0-89.23.118.255
185.39.206.0/24
212.67.17.0/24
Signature Algorithm: sha256WithRSAEncryption
72:4f:3c:b0:09:1e:a5:24:7b:15:1c:36:93:fa:bf:04:a2:ea:
3d:43:26:9b:de:59:ee:cc:44:1c:0b:6d:05:01:c4:7e:12:f6:
32:8c:33:e3:95:b0:77:c4:7e:87:fa:6c:95:bf:9d:91:bf:6c:
4a:35:fe:f1:fa:b4:13:54:20:37:58:a3:c8:0b:16:cf:a6:50:
90:52:6c:0a:07:fd:64:b1:68:b7:6b:66:a9:58:6b:dd:3d:67:
67:55:db:dc:33:e0:66:6f:38:5b:85:c1:42:7d:94:2a:87:45:
a2:c8:5b:bb:d2:21:9f:6e:15:16:78:34:cb:69:86:11:27:f2:
fc:85:fb:ff:76:f8:a2:29:ce:f3:57:89:70:26:73:9d:80:a6:
8a:bb:81:56:72:96:da:34:5f:88:09:5b:7b:e3:c7:6f:f4:ff:
84:16:da:cb:07:17:36:47:54:54:52:42:f1:87:37:12:b9:79:
9e:d0:09:73:f1:ea:e9:69:75:eb:a1:ec:31:82:fb:8f:5e:c1:
fb:7c:02:c3:e5:30:2c:ae:21:df:bd:2b:39:59:15:79:3e:cb:
86:d9:71:c0:80:72:6f:aa:15:63:da:40:0b:ff:ad:c9:ea:17:
c0:0e:ba:93:30:2b:aa:ef:91:03:6a:fd:78:34:af:69:81:44:
8a:5b:a7:15
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZzbT0Sho7nV1yT8DLs30WKsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjYwMzExMDUxMjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmJkOWU3YjlkZDQ2N2Q1MjA0Y2Y1YjRjYjczNGZjZjE5ZTFiZjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvlYPCXtvh2mRefExQ4JhbHAijnl
S5G4Ln1/cq7e71bb3Mpk0JS3pWgZ9RApQ/KsiAjuNQWJb+yEUhVbL3FpHaYH7TyW
r0SvFfZL5IgSXCN4LxvzoMMz4K8iqHKDiN1S8hw+q1HvsCOUeai4oILUpQ+69px6
8wcWzYFQjSGcpLxt/mFfHrpAhytir8rZn0a0TONErCKOicZVhWeuWoqLKuHqnuIj
7Fal+oUm09o6qwnv2axdhevrMAqpQNXRBkevLUfiKBv1VePZzSAptrDl3RBuNPEJ
Lk8IC3wWA1HrPptJpTBGzgQUL2z4RP+/9txoxrDTcGB3XET6YfjIwUb1LQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFMu9nnud1GfVIEz1tMtzT88Z4b8pMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEveTcyZWU1M1VaOVVnVFBXMHkzTlB6eG5odnlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAVZF2AD
BABZF2YDBABZF3AwDAMEAFkXcwMEAFkXdgMEALknzgMEANRDETANBgkqhkiG9w0B
AQsFAAOCAQEAck88sAkepSR7FRw2k/q/BKLqPUMmm95Z7sxEHAttBQHEfhL2Mowz
45Wwd8R+h/pslb+dkb9sSjX+8fq0E1QgN1ijyAsWz6ZQkFJsCgf9ZLFot2tmqVhr
3T1nZ1Xb3DPgZm84W4XBQn2UKodFoshbu9Ihn24VFng0y2mGESfy/IX7/3b4oinO
81eJcCZznYCmiruBVnKW2jRfiAlbe+PHb/T/hBbaywcXNkdUVFJC8Yc3Erl5ntAJ
c/Hq6Wl166HsMYL7j17B+3wCw+UwLK4h370rOVkVeT7LhtlxwIByb6oVY9pAC/+t
yeoXwA66kzArqu+RA2r9eDSvaYFEilunFQ==
-----END CERTIFICATE-----
Generated at Sat Mar 28 12:15:28 2026 by rpki-client