Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/3rWUuwFnWUvnzt0t37cfRp6ATrI.roa
File: 3rWUuwFnWUvnzt0t37cfRp6ATrI.roa (raw, json)
Hash identifier: iLWHoI9s+iYn9fLWHX/7Y+I5RqOLA6IP2YOzP01ZkYc=
Subject key identifier: DE:B5:94:BB:01:67:59:4B:E7:CE:DD:2D:DF:B7:1F:46:9E:80:4E:B2
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019C51F678A7A75D1ADD5C2EA53BDE128D17
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/3rWUuwFnWUvnzt0t37cfRp6ATrI.roa
Signing time: Thu 12 Feb 2026 13:07:13 +0000
ROA not before: Thu 12 Feb 2026 13:07:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199527
IP address blocks: 83.223.157.0/24 maxlen: 24
85.254.12.0/24 maxlen: 24
85.254.13.0/24 maxlen: 24
85.254.15.0/24 maxlen: 24
85.254.63.0/24 maxlen: 24
91.190.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:51:f6:78:a7:a7:5d:1a:dd:5c:2e:a5:3b:de:12:8d:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Feb 12 13:07:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=deb594bb0167594be7cedd2ddfb71f469e804eb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7f:b6:e5:f3:4a:ff:f5:bf:fb:92:56:04:2b:
6f:7d:50:36:ce:7d:eb:a9:0d:25:35:3d:c0:ae:8f:
e8:52:31:19:83:07:6f:f4:5f:80:d6:41:77:ac:bb:
c6:96:d9:cd:73:be:c0:19:8f:51:cc:72:38:34:5b:
c1:7a:38:e0:0c:ea:ab:cf:8f:59:19:26:39:60:69:
31:32:ca:2b:2a:43:f5:e1:6a:4e:3a:8b:4c:6c:20:
be:50:d0:79:5b:97:71:4f:fa:ef:b2:9c:cc:a0:18:
6d:df:c8:95:ee:b8:b6:3a:3f:c7:f6:8d:b9:82:d6:
ca:fa:45:46:94:9d:10:6a:9b:b6:3f:4b:c2:8d:b4:
76:2e:d7:0b:99:6f:60:a4:7b:65:0a:1a:d5:89:88:
65:8d:ee:19:34:73:e6:c0:88:2c:b5:13:cd:e7:da:
f5:1b:40:ed:dc:7f:65:ae:19:80:c7:f4:04:52:31:
7f:9b:10:96:6e:b0:3d:61:2f:b4:b3:09:ce:95:ef:
5c:8c:4c:db:99:bf:f2:c2:1f:c3:8d:f4:2b:98:9c:
d5:72:2b:17:b7:e8:85:a7:90:3f:77:d5:f9:d2:71:
5f:14:f7:66:ff:1f:87:6f:93:0d:e6:e9:75:c4:53:
9c:81:a6:6e:0f:13:f4:d4:ca:f5:8f:aa:9a:31:e6:
b0:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:B5:94:BB:01:67:59:4B:E7:CE:DD:2D:DF:B7:1F:46:9E:80:4E:B2
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/3rWUuwFnWUvnzt0t37cfRp6ATrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.223.157.0/24
85.254.12.0/23
85.254.15.0/24
85.254.63.0/24
91.190.61.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:52:2b:4a:c2:2f:be:8b:34:8f:33:c5:f8:05:a6:4a:fd:7c:
b7:da:3a:19:84:af:72:23:5b:b2:30:cd:43:cf:e5:0e:83:53:
91:9d:04:f5:2d:63:b5:e9:3d:0a:c5:7f:bd:4d:3e:2c:08:fe:
90:3f:3a:a8:e5:de:cc:cb:8c:e8:90:3c:4c:ab:77:f5:e6:26:
40:82:31:9c:16:e5:06:e6:b6:34:f7:24:30:62:ea:aa:50:1d:
a4:f4:aa:7c:f3:f1:1a:0a:73:b3:c2:3c:e0:12:ac:f3:69:81:
eb:3a:53:44:7d:14:e6:ee:e8:23:f8:f3:87:ae:00:36:cd:a6:
de:53:26:3c:f1:1c:b3:07:88:fd:3e:9d:45:56:37:73:b2:b1:
26:50:14:55:af:00:1b:0f:cb:fa:a7:67:59:cd:15:77:c4:77:
2c:fb:b7:b5:3b:ca:66:ff:43:88:43:46:0b:21:3f:ec:c2:02:
1f:74:25:83:0d:10:c2:86:72:77:6f:6e:41:b0:79:7d:f1:f6:
fd:97:01:6a:42:6b:b3:d4:7e:01:6e:59:42:aa:de:ad:d9:1f:
e2:68:ff:76:f9:7d:39:73:a5:ac:ed:44:f2:2a:f9:50:a4:7b:
56:8e:7a:1f:04:a1:b0:11:22:77:ee:0d:49:5a:e3:cd:df:8a:
86:8f:58:50
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZxR9ninp10a3VwupTveEo0XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjYwMjEyMTMwNzEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWI1OTRiYjAxNjc1OTRiZTdjZWRkMmRkZmI3MWY0NjllODA0ZWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1n+25fNK//W/+5JWBCtvfVA2zn3r
qQ0lNT3Aro/oUjEZgwdv9F+A1kF3rLvGltnNc77AGY9RzHI4NFvBejjgDOqrz49Z
GSY5YGkxMsorKkP14WpOOotMbCC+UNB5W5dxT/rvspzMoBht38iV7ri2Oj/H9o25
gtbK+kVGlJ0Qapu2P0vCjbR2LtcLmW9gpHtlChrViYhlje4ZNHPmwIgstRPN59r1
G0Dt3H9lrhmAx/QEUjF/mxCWbrA9YS+0swnOle9cjEzbmb/ywh/DjfQrmJzVcisX
t+iFp5A/d9X50nFfFPdm/x+Hb5MN5ul1xFOcgaZuDxP01Mr1j6qaMeawgwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFN61lLsBZ1lL587dLd+3H0aegE6yMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvM3JXVXV3Rm5XVXZuenQwdDM3Y2ZScDZBVHJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAU9+dAwQB
Vf4MAwQAVf4PAwQAVf4/AwQAW749MA0GCSqGSIb3DQEBCwUAA4IBAQClUitKwi++
izSPM8X4BaZK/Xy32joZhK9yI1uyMM1Dz+UOg1ORnQT1LWO16T0KxX+9TT4sCP6Q
Pzqo5d7My4zokDxMq3f15iZAgjGcFuUG5rY09yQwYuqqUB2k9Kp88/EaCnOzwjzg
EqzzaYHrOlNEfRTm7ugj+POHrgA2zabeUyY88RyzB4j9Pp1FVjdzsrEmUBRVrwAb
D8v6p2dZzRV3xHcs+7e1O8pm/0OIQ0YLIT/swgIfdCWDDRDChnJ3b25BsHl98fb9
lwFqQmuz1H4BbllCqt6t2R/iaP92+X05c6Ws7UTyKvlQpHtWjnofBKGwESJ37g1J
WuPN34qGj1hQ
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:41:01 2026 by rpki-client