Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/G82Ov7iHpHtbEmGAlfck4a8uFvk.roa
File: G82Ov7iHpHtbEmGAlfck4a8uFvk.roa (raw, json)
Hash identifier: WdECelJGsygjpNxmJtikv+WopKisHmEKlYbe+Ovt83o=
Subject key identifier: 1B:CD:8E:BF:B8:87:A4:7B:5B:12:61:80:95:F7:24:E1:AF:2E:16:F9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019C65DD631E17A7F47EB383D487A45170F9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/G82Ov7iHpHtbEmGAlfck4a8uFvk.roa
Signing time: Mon 16 Feb 2026 09:52:13 +0000
ROA not before: Mon 16 Feb 2026 09:52:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25198
IP address blocks: 193.124.205.0/24 maxlen: 24
194.87.122.0/24 maxlen: 24
195.133.58.0/24 maxlen: 24
212.193.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:65:dd:63:1e:17:a7:f4:7e:b3:83:d4:87:a4:51:70:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 16 09:52:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1bcd8ebfb887a47b5b12618095f724e1af2e16f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ec:a3:9c:49:8c:85:2c:78:08:a5:73:21:06:
53:ea:93:60:ce:c7:be:4f:8e:a1:f5:1a:5d:0f:08:
56:f1:1b:81:14:d7:06:ad:b4:bf:53:ac:ba:de:13:
ca:79:51:a4:bf:e9:6e:3f:41:e5:83:93:ef:ed:23:
cd:da:54:be:98:cf:51:1b:35:56:34:94:fd:57:ab:
db:2f:28:32:f5:40:e3:32:3f:ec:1b:80:37:84:12:
1e:45:bf:9c:98:a0:10:0b:3f:ac:4c:35:f7:e1:39:
de:4d:e8:02:e0:c9:03:c3:54:e9:6a:49:0e:07:6b:
0d:09:63:99:8c:f7:0b:7a:69:b6:4b:c7:68:52:97:
c2:0c:a9:d5:6b:bb:0b:8b:e8:c2:c3:6a:68:c7:f9:
ad:26:16:8d:9f:cb:0c:aa:c7:e0:4f:8d:19:54:16:
b6:ae:65:56:88:7e:46:e7:eb:ad:c8:b2:61:6e:05:
f4:a8:38:c1:9e:99:09:09:ce:f0:01:bc:82:6f:9b:
fd:50:fc:35:d1:cf:77:ec:e5:e9:a6:38:9d:11:81:
6a:ba:f9:68:01:94:96:5c:5d:5e:0b:ab:70:17:5b:
d3:45:08:29:84:1f:f7:0e:af:03:66:3a:f5:aa:5c:
d8:24:37:98:bb:fc:1d:a6:aa:fc:5a:e1:cd:c4:95:
28:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:CD:8E:BF:B8:87:A4:7B:5B:12:61:80:95:F7:24:E1:AF:2E:16:F9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/G82Ov7iHpHtbEmGAlfck4a8uFvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.205.0/24
194.87.122.0/24
195.133.58.0/24
212.193.9.0/24
Signature Algorithm: sha256WithRSAEncryption
61:86:2a:12:f5:c4:b7:3b:aa:87:d4:ff:8e:61:fc:45:c0:75:
2c:52:e4:d3:30:cc:14:e6:3b:da:b3:31:04:43:3b:17:64:d6:
76:7c:89:92:0a:c0:2e:ae:11:e4:5c:49:67:59:16:ea:94:67:
d8:eb:60:35:2f:26:fd:83:cc:0c:53:45:64:f1:56:9d:bf:0d:
91:2a:6e:e6:39:08:1d:bc:b0:2e:04:80:7f:11:a9:28:dd:95:
49:1c:51:d9:e2:be:ce:00:cb:38:8e:51:51:c9:60:ec:7e:f2:
d4:f1:84:91:c2:06:7e:81:40:0b:0d:8c:6c:c8:f2:2c:16:8f:
ad:ba:ff:f4:7e:ed:b4:f3:fb:4d:57:9e:d7:f1:ec:02:ee:d5:
6d:f9:d2:45:6d:7d:38:86:da:48:7e:cd:df:44:e3:19:89:05:
14:19:e3:ad:7c:f3:99:28:f1:24:40:02:1a:e0:5a:51:ed:1d:
40:45:e4:ab:fb:b6:81:a4:52:26:d4:c0:15:4b:13:85:62:24:
89:bd:cb:17:82:8c:f9:65:ec:81:4d:93:a8:b1:8d:db:6b:18:
41:93:a3:48:71:de:2a:0d:aa:96:39:5e:13:46:21:2e:0d:06:
f7:6c:c3:e9:10:1a:02:93:48:b6:41:7b:d6:aa:05:f3:2f:46:
2b:a7:4b:03
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZxl3WMeF6f0frOD1IekUXD5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjYwMjE2MDk1MjEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmNkOGViZmI4ODdhNDdiNWIxMjYxODA5NWY3MjRlMWFmMmUxNmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+yjnEmMhSx4CKVzIQZT6pNgzse+
T46h9RpdDwhW8RuBFNcGrbS/U6y63hPKeVGkv+luP0Hlg5Pv7SPN2lS+mM9RGzVW
NJT9V6vbLygy9UDjMj/sG4A3hBIeRb+cmKAQCz+sTDX34TneTegC4MkDw1TpakkO
B2sNCWOZjPcLemm2S8doUpfCDKnVa7sLi+jCw2pox/mtJhaNn8sMqsfgT40ZVBa2
rmVWiH5G5+utyLJhbgX0qDjBnpkJCc7wAbyCb5v9UPw10c937OXppjidEYFquvlo
AZSWXF1eC6twF1vTRQgphB/3Dq8DZjr1qlzYJDeYu/wdpqr8WuHNxJUo4wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBvNjr+4h6R7WxJhgJX3JOGvLhb5MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRzgyT3Y3aUhwSHRiRW1HQWxmY2s0YTh1RnZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXzNAwQA
wld6AwQAw4U6AwQA1MEJMA0GCSqGSIb3DQEBCwUAA4IBAQBhhioS9cS3O6qH1P+O
YfxFwHUsUuTTMMwU5jvaszEEQzsXZNZ2fImSCsAurhHkXElnWRbqlGfY62A1Lyb9
g8wMU0Vk8Vadvw2RKm7mOQgdvLAuBIB/Eako3ZVJHFHZ4r7OAMs4jlFRyWDsfvLU
8YSRwgZ+gUALDYxsyPIsFo+tuv/0fu208/tNV57X8ewC7tVt+dJFbX04htpIfs3f
ROMZiQUUGeOtfPOZKPEkQAIa4FpR7R1AReSr+7aBpFIm1MAVSxOFYiSJvcsXgoz5
ZeyBTZOosY3baxhBk6NIcd4qDaqWOV4TRiEuDQb3bMPpEBoCk0i2QXvWqgXzL0Yr
p0sD
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:33:03 2026 by rpki-client