Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/1-R3TJEB1D957QD1tYOh6D052f5Q.roa
File: 1-R3TJEB1D957QD1tYOh6D052f5Q.roa (raw, json)
Hash identifier: bF0D4wZ7s3Qqr3mXkvQEOoRSdwhhsjFFJKgc7cqZo8s=
Subject key identifier: F9:1D:D3:24:40:75:0F:DE:7B:40:3D:6D:60:E8:7A:0F:4E:76:7F:94
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 019C2D9EE155926C773271A669DDAEDADC5D
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/1-R3TJEB1D957QD1tYOh6D052f5Q.roa
Signing time: Thu 05 Feb 2026 11:45:12 +0000
ROA not before: Thu 05 Feb 2026 11:45:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25211
IP address blocks: 85.239.144.0/24 maxlen: 24
85.239.147.0/24 maxlen: 24
85.239.149.0/24 maxlen: 24
85.239.151.0/24 maxlen: 24
185.95.156.0/24 maxlen: 24
185.95.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:2d:9e:e1:55:92:6c:77:32:71:a6:69:dd:ae:da:dc:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Feb 5 11:45:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f91dd32440750fde7b403d6d60e87a0f4e767f94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:0f:dc:4a:60:04:15:0a:9d:29:09:fb:29:ab:
25:f8:52:62:8e:c5:43:4a:2a:1a:a2:73:16:ff:61:
62:51:1e:63:d1:cb:07:58:5c:e6:72:ea:f8:dc:95:
dd:9e:90:c6:5a:3c:07:62:73:9d:ad:af:81:a2:53:
ba:4c:40:43:62:55:52:59:f3:21:f9:82:27:a4:10:
2e:56:79:63:62:98:8e:1a:fb:d4:2b:46:18:36:cb:
0b:05:a2:eb:03:4a:41:2d:49:0e:58:c9:dd:09:fb:
7d:7e:b5:39:18:56:2b:bb:42:c1:38:9f:ea:4d:10:
ec:01:99:14:12:fb:b5:fb:3a:d2:f6:12:3b:c0:34:
db:31:ac:65:4b:11:82:a6:48:aa:60:36:4c:1a:fc:
7e:3f:cd:bd:f7:4e:98:fd:6c:2e:ea:9e:bb:3d:f9:
0e:05:23:01:95:1f:aa:00:31:a0:15:7e:5e:c2:1a:
79:b7:0f:73:14:54:c6:da:0d:99:ab:3f:f3:c8:5f:
6b:4f:1a:d8:34:4c:0b:d2:72:6b:1f:aa:e5:22:de:
97:f6:66:db:df:c0:f9:7f:43:10:5f:e6:fb:f1:93:
46:11:9d:d5:04:e1:9f:64:6e:69:75:a0:0f:d6:ca:
23:8b:b0:fa:cf:6c:61:a6:bb:2d:7f:02:d7:5c:19:
c9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:1D:D3:24:40:75:0F:DE:7B:40:3D:6D:60:E8:7A:0F:4E:76:7F:94
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/1-R3TJEB1D957QD1tYOh6D052f5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.144.0/24
85.239.147.0/24
85.239.149.0/24
85.239.151.0/24
185.95.156.0/24
185.95.159.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:4e:91:da:18:af:59:84:94:01:44:c7:8b:30:5f:22:b2:4a:
df:2f:62:68:91:cf:71:52:42:ed:c7:07:fd:8b:cf:f6:a3:db:
4b:96:e2:f6:a7:ed:1e:2d:20:a4:b8:bf:57:d7:5f:4b:64:fc:
13:24:2d:fc:a7:2d:5e:af:3d:2a:64:b8:b5:97:fd:1e:f2:87:
9a:f2:74:7c:c6:f4:99:0b:d2:02:9a:64:0f:98:d5:4c:dd:0f:
b9:91:c8:14:69:42:8c:d7:65:f0:87:c9:a9:1f:2c:3b:27:dc:
58:5f:00:0b:9e:a7:de:b0:b5:57:33:ad:86:09:8d:79:69:89:
8d:16:8b:72:ec:9e:93:a2:ee:72:94:73:74:d6:00:41:d6:36:
d2:65:2a:0d:b9:55:4a:83:ed:22:02:c0:51:e7:48:ce:bb:b2:
95:7f:0a:54:f0:3b:81:0a:b1:12:05:bf:b0:63:cc:76:4f:b0:
92:4f:bb:b1:7e:7c:39:4b:2e:39:23:23:67:c3:39:e0:21:1b:
e1:de:19:68:93:cd:43:3f:1e:26:9f:94:f1:ce:4d:cf:99:86:
b8:52:86:0a:bb:8d:8e:91:e4:c2:a8:7f:8a:2f:fa:e6:0e:e0:
a8:5f:4e:ff:78:74:4e:74:c0:47:9f:34:00:8e:0d:6b:74:62:
71:d9:a6:63
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZwtnuFVkmx3MnGmad2u2txdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjYwMjA1MTE0NTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTFkZDMyNDQwNzUwZmRlN2I0MDNkNmQ2MGU4N2EwZjRlNzY3Zjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyA/cSmAEFQqdKQn7Kasl+FJijsVD
SioaonMW/2FiUR5j0csHWFzmcur43JXdnpDGWjwHYnOdra+BolO6TEBDYlVSWfMh
+YInpBAuVnljYpiOGvvUK0YYNssLBaLrA0pBLUkOWMndCft9frU5GFYru0LBOJ/q
TRDsAZkUEvu1+zrS9hI7wDTbMaxlSxGCpkiqYDZMGvx+P829906Y/Wwu6p67PfkO
BSMBlR+qADGgFX5ewhp5tw9zFFTG2g2Zqz/zyF9rTxrYNEwL0nJrH6rlIt6X9mbb
38D5f0MQX+b78ZNGEZ3VBOGfZG5pdaAP1soji7D6z2xhprstfwLXXBnJTwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPkd0yRAdQ/ee0A9bWDoeg9Odn+UMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvMS1SM1RKRUIxRDk1N1FEMXRZT2g2RDA1MmY1US5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDcvZTVlYTk4LTk2MDEtNGFkZC1hN2Y4LTRmNTdkOWNmNWNh
YS8xL0tkTGFfeHhidGhvS3lMUEs2dFM0b2Zvb1RROC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAFXvkAME
AFXvkwMEAFXvlQMEAFXvlwMEALlfnAMEALlfnzANBgkqhkiG9w0BAQsFAAOCAQEA
w06R2hivWYSUAUTHizBfIrJK3y9iaJHPcVJC7ccH/YvP9qPbS5bi9qftHi0gpLi/
V9dfS2T8EyQt/KctXq89KmS4tZf9HvKHmvJ0fMb0mQvSAppkD5jVTN0PuZHIFGlC
jNdl8IfJqR8sOyfcWF8AC56n3rC1VzOthgmNeWmJjRaLcuyek6LucpRzdNYAQdY2
0mUqDblVSoPtIgLAUedIzruylX8KVPA7gQqxEgW/sGPMdk+wkk+7sX58OUsuOSMj
Z8M54CEb4d4ZaJPNQz8eJp+U8c5Nz5mGuFKGCruNjpHkwqh/ii/65g7gqF9O/3h0
TnTAR580AI4Na3RicdmmYw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:38:24 2026 by rpki-client