Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/e26339-2c1c-4073-93ba-5b4231865fe6/1/tLe7pLUB1FbsxJodBjiaylvPWqY.roa
File: tLe7pLUB1FbsxJodBjiaylvPWqY.roa (raw, json)
Hash identifier: iCcIo0MXZAGo4QKL7jZTOf07lWCaTF9D6uBBNDm3oqw=
Subject key identifier: B4:B7:BB:A4:B5:01:D4:56:EC:C4:9A:1D:06:38:9A:CA:5B:CF:5A:A6
Certificate issuer: /CN=989adef1b1a979af372ec6755a0b5421a06771bb
Certificate serial: 019C701FCE82BC03A812E1E2472A606C0CFF
Authority key identifier: 98:9A:DE:F1:B1:A9:79:AF:37:2E:C6:75:5A:0B:54:21:A0:67:71:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mJre8bGpea83LsZ1WgtUIaBncbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/e26339-2c1c-4073-93ba-5b4231865fe6/1/tLe7pLUB1FbsxJodBjiaylvPWqY.roa
Signing time: Wed 18 Feb 2026 09:40:58 +0000
ROA not before: Wed 18 Feb 2026 09:40:58 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35062
IP address blocks: 80.87.112.0/20 maxlen: 20
80.87.118.0/24 maxlen: 24
80.87.119.0/24 maxlen: 24
80.87.122.0/24 maxlen: 24
2001:4c98::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/e26339-2c1c-4073-93ba-5b4231865fe6/1/mJre8bGpea83LsZ1WgtUIaBncbs.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/e26339-2c1c-4073-93ba-5b4231865fe6/1/mJre8bGpea83LsZ1WgtUIaBncbs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mJre8bGpea83LsZ1WgtUIaBncbs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:01:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:70:1f:ce:82:bc:03:a8:12:e1:e2:47:2a:60:6c:0c:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=989adef1b1a979af372ec6755a0b5421a06771bb
Validity
Not Before: Feb 18 09:40:58 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b4b7bba4b501d456ecc49a1d06389aca5bcf5aa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:0e:38:1c:90:c4:d0:ae:ff:b2:4f:c4:73:e3:
3e:a9:c7:75:83:0a:3d:51:1e:44:b3:9d:ea:ff:46:
ea:4c:84:ef:dd:c7:a9:34:f7:59:a5:c1:97:c7:76:
16:a8:76:83:e2:39:d7:94:59:13:62:fe:c2:54:9e:
83:ff:a6:1b:24:5a:d8:f3:5e:f0:54:a3:81:34:a0:
50:0a:81:7a:9d:5a:be:0f:bb:6e:6f:bd:fc:45:92:
28:9d:60:c5:86:3a:0e:c5:e8:4c:49:e1:a6:57:d6:
95:1e:fb:e9:da:72:57:cf:77:ef:ea:44:24:7b:5f:
e4:94:c7:fa:43:d5:0a:74:ee:41:f4:e2:8f:da:16:
a5:7c:7c:9c:92:73:9d:2f:55:0a:a5:d8:47:58:4a:
ee:b6:d0:3a:38:e3:f2:7f:0b:04:24:f1:cb:93:af:
66:73:d9:da:40:29:85:2f:bb:97:2b:9c:39:ca:bf:
0f:20:d0:bf:e6:97:cc:9a:9d:c0:d3:ce:36:23:e7:
be:99:c8:fb:dc:ba:d8:7b:ff:f3:f5:f5:44:0c:78:
6f:a6:5e:23:aa:1d:2f:18:34:00:f3:ad:01:ce:6c:
a3:42:71:fe:4b:3d:21:93:20:32:d7:dc:ae:d6:18:
e6:cd:09:1c:86:bb:96:80:94:94:e0:b1:b5:fd:05:
ea:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:B7:BB:A4:B5:01:D4:56:EC:C4:9A:1D:06:38:9A:CA:5B:CF:5A:A6
X509v3 Authority Key Identifier:
keyid:98:9A:DE:F1:B1:A9:79:AF:37:2E:C6:75:5A:0B:54:21:A0:67:71:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mJre8bGpea83LsZ1WgtUIaBncbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/e26339-2c1c-4073-93ba-5b4231865fe6/1/tLe7pLUB1FbsxJodBjiaylvPWqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/e26339-2c1c-4073-93ba-5b4231865fe6/1/mJre8bGpea83LsZ1WgtUIaBncbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.87.112.0/20
IPv6:
2001:4c98::/32
Signature Algorithm: sha256WithRSAEncryption
3a:7a:ea:ac:64:cc:48:03:eb:42:fc:df:1b:57:9d:66:40:bd:
32:7f:78:fd:aa:93:0b:d7:5d:2a:b4:1c:33:ee:86:0e:14:32:
b6:33:81:59:36:44:68:6a:7c:74:ff:32:5e:a3:99:46:d8:d3:
82:ea:63:4e:67:5f:e1:ab:29:40:c4:11:2d:ea:b0:1e:e3:c4:
95:5d:96:b2:07:0a:f0:af:ce:d2:a3:ec:89:a0:05:12:d1:55:
07:35:04:e8:2f:89:e8:dc:d5:07:51:91:c1:af:aa:bb:ca:5a:
eb:55:59:65:ae:d4:4f:c9:be:a4:b1:a7:fb:32:c7:e1:2d:02:
0e:f7:bb:5a:61:0d:00:70:22:81:ff:c9:8f:e6:16:f3:90:7f:
12:96:c9:0a:1a:a7:70:76:ea:b1:f9:57:ca:e0:fd:1f:53:9a:
3f:a8:b1:88:f9:2a:a9:1e:c4:c9:7d:a9:fa:dd:41:d8:a7:40:
d1:e6:37:9a:e2:0b:5b:f8:2c:2b:8d:28:6f:e3:d5:9d:11:a3:
f6:f0:8a:50:bf:d5:59:02:7f:92:26:be:99:de:94:47:5c:a2:
90:1d:a0:49:03:50:72:67:df:09:e5:e8:e9:35:21:d3:f4:2a:
78:2e:3a:be:60:3d:70:4b:a1:0e:11:d5:b8:10:70:ed:27:b7:
f7:ad:61:f7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZxwH86CvAOoEuHiRypgbAz/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4OWFkZWYxYjFhOTc5YWYzNzJlYzY3NTVhMGI1NDIxYTA2
NzcxYmIwHhcNMjYwMjE4MDk0MDU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGI3YmJhNGI1MDFkNDU2ZWNjNDlhMWQwNjM4OWFjYTViY2Y1YWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmA44HJDE0K7/sk/Ec+M+qcd1gwo9
UR5Es53q/0bqTITv3cepNPdZpcGXx3YWqHaD4jnXlFkTYv7CVJ6D/6YbJFrY817w
VKOBNKBQCoF6nVq+D7tub738RZIonWDFhjoOxehMSeGmV9aVHvvp2nJXz3fv6kQk
e1/klMf6Q9UKdO5B9OKP2halfHycknOdL1UKpdhHWEruttA6OOPyfwsEJPHLk69m
c9naQCmFL7uXK5w5yr8PINC/5pfMmp3A0842I+e+mcj73LrYe//z9fVEDHhvpl4j
qh0vGDQA860BzmyjQnH+Sz0hkyAy19yu1hjmzQkchruWgJSU4LG1/QXq4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLS3u6S1AdRW7MSaHQY4mspbz1qmMB8GA1UdIwQY
MBaAFJia3vGxqXmvNy7GdVoLVCGgZ3G7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUpyZThiR3BlYTgzTHNaMVdndFVJYUJuY2JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9lMjYzMzktMmMxYy00MDczLTkzYmEt
NWI0MjMxODY1ZmU2LzEvdExlN3BMVUIxRmJzeEpvZEJqaWF5bHZQV3FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9lMjYzMzktMmMxYy00MDczLTkzYmEtNWI0MjMxODY1ZmU2
LzEvbUpyZThiR3BlYTgzTHNaMVdndFVJYUJuY2JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUFdwMA0E
AgACMAcDBQAgAUyYMA0GCSqGSIb3DQEBCwUAA4IBAQA6euqsZMxIA+tC/N8bV51m
QL0yf3j9qpML110qtBwz7oYOFDK2M4FZNkRoanx0/zJeo5lG2NOC6mNOZ1/hqylA
xBEt6rAe48SVXZayBwrwr87So+yJoAUS0VUHNQToL4no3NUHUZHBr6q7ylrrVVll
rtRPyb6ksaf7MsfhLQIO97taYQ0AcCKB/8mP5hbzkH8SlskKGqdwduqx+VfK4P0f
U5o/qLGI+SqpHsTJfan63UHYp0DR5jea4gtb+CwrjShv49WdEaP28IpQv9VZAn+S
Jr6Z3pRHXKKQHaBJA1ByZ98J5ejpNSHT9Cp4Ljq+YD1wS6EOEdW4EHDtJ7f3rWH3
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:36:08 2026 by rpki-client