Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/PwG6kgE4pgXJJkL8ugwSTM2yxbE.roa
File: PwG6kgE4pgXJJkL8ugwSTM2yxbE.roa (raw, json)
Hash identifier: DDzmamajStjqmhcsDYxm8w9Zc5fmsm1zJsTmwujf+jw=
Subject key identifier: 3F:01:BA:92:01:38:A6:05:C9:26:42:FC:BA:0C:12:4C:CD:B2:C5:B1
Certificate issuer: /CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Certificate serial: 019C6595F7784F56846B6ED17470237098F5
Authority key identifier: B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/PwG6kgE4pgXJJkL8ugwSTM2yxbE.roa
Signing time: Mon 16 Feb 2026 08:34:12 +0000
ROA not before: Mon 16 Feb 2026 08:34:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60175
IP address blocks: 89.63.0.0/18 maxlen: 18
89.63.0.0/20 maxlen: 20
89.63.16.0/20 maxlen: 20
89.63.20.0/24 maxlen: 24
89.63.32.0/19 maxlen: 19
89.63.32.0/24 maxlen: 24
89.63.240.0/20 maxlen: 20
185.35.12.0/22 maxlen: 24
185.35.12.0/24 maxlen: 24
185.35.14.0/23 maxlen: 23
195.4.128.0/19 maxlen: 19
195.4.145.0/24 maxlen: 24
195.4.160.0/20 maxlen: 20
195.4.184.0/21 maxlen: 21
195.4.192.0/20 maxlen: 20
195.4.199.0/24 maxlen: 24
195.4.208.0/21 maxlen: 21
2a00:dca0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.mft
rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 05:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:65:95:f7:78:4f:56:84:6b:6e:d1:74:70:23:70:98:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Validity
Not Before: Feb 16 08:34:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3f01ba920138a605c92642fcba0c124ccdb2c5b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4f:5f:0b:31:d5:6b:c6:98:fa:30:66:61:8a:
3e:c7:92:e1:86:ba:db:52:42:3b:be:f0:1d:4e:22:
72:97:33:ab:30:47:fe:46:8f:cf:87:35:77:44:1d:
d7:5e:28:12:a7:2b:97:49:16:6d:42:d2:2a:07:34:
9b:e4:30:10:b9:56:5e:b8:e9:af:07:a1:fd:c5:77:
a2:00:92:02:d5:e1:56:54:7e:eb:cd:ab:05:d7:e2:
52:c2:55:df:b7:1b:ca:19:73:29:c5:01:3a:b0:40:
c2:b1:5d:0e:5f:da:da:5d:46:73:a2:dd:da:0e:f7:
b8:e6:e2:e9:27:37:0a:84:5e:52:3e:a2:ac:71:02:
07:e6:df:59:d7:e1:60:d3:7c:ea:cb:d9:33:d8:21:
6a:6f:89:58:03:37:8b:a2:b4:ba:3c:fb:3d:a3:d6:
5e:9b:fd:d5:74:ea:d2:fb:02:64:02:d0:3d:c8:46:
ba:79:76:d0:87:5a:b6:c9:8d:c2:1c:8a:9d:c4:59:
d6:c9:ce:14:13:39:53:a6:61:10:ac:11:c1:5d:7e:
c4:ca:5b:b5:36:5f:e5:34:f3:f6:5e:85:6b:b8:8a:
c6:69:ed:db:79:3d:ec:52:09:be:79:f3:4f:c3:bb:
a7:55:5b:ee:69:5d:2f:cb:02:57:93:d9:47:cc:ce:
cb:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:01:BA:92:01:38:A6:05:C9:26:42:FC:BA:0C:12:4C:CD:B2:C5:B1
X509v3 Authority Key Identifier:
keyid:B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/PwG6kgE4pgXJJkL8ugwSTM2yxbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.63.0.0/18
89.63.240.0/20
185.35.12.0/22
195.4.128.0-195.4.175.255
195.4.184.0-195.4.215.255
IPv6:
2a00:dca0::/29
Signature Algorithm: sha256WithRSAEncryption
16:d1:bc:73:43:99:d5:d6:32:8a:4b:09:0f:0e:2f:09:8f:2b:
53:23:1c:ad:15:c6:00:a2:43:b9:5c:fc:15:3c:30:80:91:02:
8e:8e:dd:df:14:22:41:10:27:34:76:f5:44:7e:42:94:01:a8:
cb:0f:a8:38:aa:ef:82:07:ab:b4:18:c7:8e:cd:d0:30:ba:1b:
46:ca:68:db:a3:a2:b9:6a:86:b1:85:c9:18:83:b2:f9:8d:7a:
82:51:bb:8c:92:9c:b9:90:b8:f4:09:91:53:5a:ca:4f:c0:f5:
60:41:aa:b3:76:67:20:fb:fc:23:cd:63:14:f0:68:a8:b9:6a:
d0:e6:52:fd:7f:de:58:1c:ae:aa:20:42:18:6a:de:b7:1f:eb:
b5:36:ca:81:1e:7c:19:1b:a8:ba:38:da:07:5b:ea:74:af:25:
6a:3b:d0:bb:8a:a3:65:20:ab:ca:6b:64:71:18:97:a4:2f:5e:
e8:a9:74:5d:14:0a:d7:0e:41:57:10:05:d3:60:43:26:7c:46:
45:78:4a:71:19:a9:14:88:4e:9d:37:82:eb:93:c0:7d:89:de:
77:a0:88:4c:20:ac:56:51:0d:70:57:22:1b:e2:b0:48:1f:45:
fc:b4:fe:44:1d:45:a8:88:a6:b6:bb:93:3b:87:59:c4:6b:2c:
3d:3d:d7:21
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAZxllfd4T1aEa27RdHAjcJj1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmVlMmIzOTcxMjM3N2I0YmZlYzllNjZhYzdlNmU5MDhl
ZmNlZWMwHhcNMjYwMjE2MDgzNDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjAxYmE5MjAxMzhhNjA1YzkyNjQyZmNiYTBjMTI0Y2NkYjJjNWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwE9fCzHVa8aY+jBmYYo+x5Lhhrrb
UkI7vvAdTiJylzOrMEf+Ro/PhzV3RB3XXigSpyuXSRZtQtIqBzSb5DAQuVZeuOmv
B6H9xXeiAJIC1eFWVH7rzasF1+JSwlXftxvKGXMpxQE6sEDCsV0OX9raXUZzot3a
Dve45uLpJzcKhF5SPqKscQIH5t9Z1+Fg03zqy9kz2CFqb4lYAzeLorS6PPs9o9Ze
m/3VdOrS+wJkAtA9yEa6eXbQh1q2yY3CHIqdxFnWyc4UEzlTpmEQrBHBXX7Eylu1
Nl/lNPP2XoVruIrGae3beT3sUgm+efNPw7unVVvuaV0vywJXk9lHzM7LsQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFD8BupIBOKYFySZC/LoMEkzNssWxMB8GA1UdIwQY
MBaAFLMu4rOXEjd7S/7J5mrH5ukI787sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMt
ZjAxNmNhNWRhMjE5LzEvUHdHNmtnRTRwZ1hKSmtMOHVnd1NUTTJ5eGJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMtZjAxNmNhNWRhMjE5
LzEvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTA0BAIAATAuAwQGWT8AAwQE
WT/wAwQCuSMMMAwDBAfDBIADBATDBKAwDAMEA8MEuAMEA8ME0DANBAIAAjAHAwUD
KgDcoDANBgkqhkiG9w0BAQsFAAOCAQEAFtG8c0OZ1dYyiksJDw4vCY8rUyMcrRXG
AKJDuVz8FTwwgJECjo7d3xQiQRAnNHb1RH5ClAGoyw+oOKrvggertBjHjs3QMLob
Rspo26OiuWqGsYXJGIOy+Y16glG7jJKcuZC49AmRU1rKT8D1YEGqs3ZnIPv8I81j
FPBoqLlq0OZS/X/eWByuqiBCGGretx/rtTbKgR58GRuoujjaB1vqdK8lajvQu4qj
ZSCrymtkcRiXpC9e6Kl0XRQK1w5BVxAF02BDJnxGRXhKcRmpFIhOnTeC65PAfYne
d6CITCCsVlENcFciG+KwSB9F/LT+RB1FqIimtruTO4dZxGssPT3XIQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:13:18 2026 by rpki-client