Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/B-PozvmFMyLnuPzwX8TKXQtkZCM.roa
File: B-PozvmFMyLnuPzwX8TKXQtkZCM.roa (raw, json)
Hash identifier: hXeRgtNRGQQo7/GPzPkJvKVugcu+O6EbwgNJUkKXhTA=
Subject key identifier: 07:E3:E8:CE:F9:85:33:22:E7:B8:FC:F0:5F:C4:CA:5D:0B:64:64:23
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019C84F27386D8C1FB2B0B4077191A7D1774
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/B-PozvmFMyLnuPzwX8TKXQtkZCM.roa
Signing time: Sun 22 Feb 2026 10:43:27 +0000
ROA not before: Sun 22 Feb 2026 10:43:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210644
IP address blocks: 147.45.40.0/22 maxlen: 32
147.45.68.0/22 maxlen: 32
147.45.72.0/21 maxlen: 24
185.103.101.0/24 maxlen: 24
185.103.102.0/24 maxlen: 24
185.103.103.0/24 maxlen: 24
193.233.133.0/24 maxlen: 24
193.233.232.0/24 maxlen: 24
193.233.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:84:f2:73:86:d8:c1:fb:2b:0b:40:77:19:1a:7d:17:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Feb 22 10:43:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=07e3e8cef9853322e7b8fcf05fc4ca5d0b646423
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e5:39:5b:f0:5c:2d:cd:f8:39:8d:74:68:1a:
08:5c:67:79:8b:45:23:92:66:a2:66:e7:c5:2d:60:
ad:28:b6:f3:fd:fd:6f:84:9f:dd:17:a4:80:77:bd:
cd:63:d7:13:36:11:98:1d:56:40:5a:bf:7e:69:ad:
c9:f5:8d:14:ee:18:aa:87:53:23:f9:a0:94:e9:5d:
c6:15:58:75:c1:52:6e:d7:18:f6:01:c7:5e:10:e1:
28:3f:39:1d:a3:54:77:32:59:84:c1:6c:70:17:40:
d1:e3:4d:3b:8b:10:66:26:01:6f:f6:f8:cd:27:6e:
99:bf:79:e4:a3:1c:b4:fb:03:6b:4f:28:dc:00:b0:
13:6c:83:c8:4e:eb:61:02:db:94:fd:0f:ff:66:08:
69:48:17:92:1d:0c:73:af:3b:a1:f0:35:3f:a5:9e:
b1:99:e2:7e:dd:45:09:9d:f2:87:e3:e3:2b:e1:5c:
a0:97:e2:07:b0:34:77:d9:a8:ab:81:34:15:3f:38:
21:eb:9f:da:7a:74:1e:d2:89:b0:b9:7b:1e:8e:14:
1f:7d:f5:c5:ae:84:6b:e6:f8:5a:d8:28:40:b9:a7:
2e:30:a1:6d:f1:35:92:95:b9:8a:26:cc:57:3b:42:
91:95:8c:46:16:bc:87:a4:cf:1c:a4:aa:23:cf:08:
fd:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:E3:E8:CE:F9:85:33:22:E7:B8:FC:F0:5F:C4:CA:5D:0B:64:64:23
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/B-PozvmFMyLnuPzwX8TKXQtkZCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.40.0/22
147.45.68.0-147.45.79.255
185.103.101.0-185.103.103.255
193.233.133.0/24
193.233.232.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:56:bb:d9:c7:c2:8a:4f:a1:c7:4f:d4:95:e6:ac:38:d9:5b:
23:ca:25:e1:89:a8:c3:1f:04:73:43:dd:c5:7f:0b:c4:15:7c:
f7:7b:fe:90:b9:dd:77:45:f3:19:a5:14:ae:6d:2f:30:1f:c7:
5c:b0:d7:c8:56:34:ad:f2:5d:52:0f:91:c3:e4:65:c1:93:8a:
ae:27:ce:b8:12:4b:97:58:14:af:c0:5c:b4:29:dd:d7:9a:c4:
27:4a:af:f2:dd:ea:ae:2d:d5:d4:ca:60:80:a1:0e:5e:46:c0:
0f:c2:45:5b:e4:9a:8b:c6:08:45:02:68:24:2b:26:be:f1:82:
98:cc:30:97:fd:0b:2d:5f:51:6b:d2:47:86:4e:52:86:df:37:
8a:66:a0:c9:12:42:e9:2f:8f:d6:33:4f:30:61:e1:56:38:fe:
43:18:4d:8b:21:be:cd:b0:84:99:5f:81:1a:76:a6:70:3b:af:
8e:68:e7:22:f9:1f:4c:1a:dc:11:e1:d5:30:02:12:90:0f:51:
b1:55:4f:e3:c7:1e:cb:98:80:16:be:3f:a1:be:10:82:67:2b:
b1:cf:90:a7:be:c5:e4:b6:ad:60:40:db:e0:11:c1:87:53:eb:
f9:e0:06:ef:11:76:03:c2:91:c2:b1:78:26:04:60:c3:58:d4:
22:6f:1a:d1
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZyE8nOG2MH7KwtAdxkafRd0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjYwMjIyMTA0MzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2UzZThjZWY5ODUzMzIyZTdiOGZjZjA1ZmM0Y2E1ZDBiNjQ2NDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeU5W/BcLc34OY10aBoIXGd5i0Uj
kmaiZufFLWCtKLbz/f1vhJ/dF6SAd73NY9cTNhGYHVZAWr9+aa3J9Y0U7hiqh1Mj
+aCU6V3GFVh1wVJu1xj2AcdeEOEoPzkdo1R3MlmEwWxwF0DR4007ixBmJgFv9vjN
J26Zv3nkoxy0+wNrTyjcALATbIPITuthAtuU/Q//ZghpSBeSHQxzrzuh8DU/pZ6x
meJ+3UUJnfKH4+Mr4Vygl+IHsDR32airgTQVPzgh65/aenQe0omwuXsejhQfffXF
roRr5vha2ChAuacuMKFt8TWSlbmKJsxXO0KRlYxGFryHpM8cpKojzwj9CwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFAfj6M75hTMi57j88F/Eyl0LZGQjMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvQi1Qb3p2bUZNeUxudVB6d1g4VEtYUXRrWkNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQCky0oMAwD
BAKTLUQDBASTLUAwDAMEALlnZQMEA7lnYAMEAMHphQMEAcHp6DANBgkqhkiG9w0B
AQsFAAOCAQEAjFa72cfCik+hx0/UleasONlbI8ol4Ymowx8Ec0PdxX8LxBV893v+
kLndd0XzGaUUrm0vMB/HXLDXyFY0rfJdUg+Rw+RlwZOKrifOuBJLl1gUr8BctCnd
15rEJ0qv8t3qri3V1MpggKEOXkbAD8JFW+Sai8YIRQJoJCsmvvGCmMwwl/0LLV9R
a9JHhk5Sht83imagyRJC6S+P1jNPMGHhVjj+QxhNiyG+zbCEmV+BGnamcDuvjmjn
IvkfTBrcEeHVMAISkA9RsVVP48cey5iAFr4/ob4Qgmcrsc+Qp77F5LatYEDb4BHB
h1Pr+eAG7xF2A8KRwrF4JgRgw1jUIm8a0Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:49:08 2026 by rpki-client