Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/IgU1SMM7-nOlzFq6oUholf4Lj7s.roa
File: IgU1SMM7-nOlzFq6oUholf4Lj7s.roa (raw, json)
Hash identifier: cCFVr2T46b0aIcF7eYJsFGDyvPtnIAe6D+4kfTWz1Yc=
Subject key identifier: 22:05:35:48:C3:3B:FA:73:A5:CC:5A:BA:A1:48:68:95:FE:0B:8F:BB
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019C765F75F8C4FB626E5BAEAAE863506F0C
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/IgU1SMM7-nOlzFq6oUholf4Lj7s.roa
Signing time: Thu 19 Feb 2026 14:48:13 +0000
ROA not before: Thu 19 Feb 2026 14:48:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 150716
IP address blocks: 5.231.76.0/24 maxlen: 24
77.90.48.0/24 maxlen: 24
85.118.166.0/24 maxlen: 24
94.249.242.0/24 maxlen: 24
178.18.151.0/24 maxlen: 24
185.47.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:76:5f:75:f8:c4:fb:62:6e:5b:ae:aa:e8:63:50:6f:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Feb 19 14:48:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=22053548c33bfa73a5cc5abaa1486895fe0b8fbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:54:b7:60:ac:e0:35:eb:e0:1b:8b:26:6a:0f:
ba:3b:d9:05:9c:87:fe:ff:7b:10:b5:99:a5:5f:fd:
19:2b:21:82:2f:c3:81:2b:56:57:31:b7:4c:4e:6b:
4d:27:f5:f1:2e:36:35:4c:3b:91:d7:bb:c6:62:d1:
a7:bf:45:69:ea:a8:9e:b1:11:44:64:af:0a:b3:9f:
da:96:80:cb:e3:d4:29:0d:7c:99:81:70:0e:a8:ca:
1a:54:2a:c1:86:8d:2a:03:50:76:ab:60:21:70:34:
93:dc:ae:7f:77:b0:00:5d:fa:74:6f:e6:68:cf:55:
84:ab:6c:2e:15:2c:f8:f7:2e:b9:99:fb:10:0d:d0:
d2:df:16:24:2e:fd:6e:6f:16:b9:13:21:75:25:d8:
d9:10:d5:66:b4:9b:94:b7:81:bb:c0:bb:2c:15:2d:
c4:82:4a:79:0b:2a:dd:28:36:b2:ee:64:18:c0:44:
5d:1a:88:e9:6c:34:ac:48:ae:bc:44:6d:6d:04:ad:
27:43:3b:b3:40:8b:9e:67:fb:f8:47:fb:8e:4f:0c:
f8:fe:cd:c8:14:7b:64:f0:02:32:d5:6f:98:d7:c7:
8f:ca:dc:ba:b8:be:da:6f:00:6a:c0:75:9f:53:d2:
2b:37:93:09:e1:83:99:75:f4:16:37:2d:04:f1:2e:
65:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:05:35:48:C3:3B:FA:73:A5:CC:5A:BA:A1:48:68:95:FE:0B:8F:BB
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/IgU1SMM7-nOlzFq6oUholf4Lj7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.76.0/24
77.90.48.0/24
85.118.166.0/24
94.249.242.0/24
178.18.151.0/24
185.47.140.0/24
Signature Algorithm: sha256WithRSAEncryption
49:3e:e5:4c:be:a0:17:6b:d0:fc:27:e8:f1:cb:3f:16:d0:a6:
d1:05:05:fa:aa:b8:f4:4c:ce:25:e5:e4:b5:2f:34:58:ef:7f:
8d:68:71:f5:1c:9b:52:00:04:8b:6e:e1:3f:ee:a1:95:d3:3f:
79:a3:78:5b:6c:3f:c9:81:90:75:d7:2c:be:3f:eb:ab:0c:79:
e8:c1:5c:f0:c5:83:6b:98:8d:95:80:ec:e4:a6:73:71:b7:29:
d8:10:f2:93:78:ff:56:e9:67:8c:cb:09:96:68:34:86:8c:6b:
62:1c:b4:05:5d:20:0b:c2:65:b3:c6:6e:53:b0:3c:18:9b:6a:
29:24:a6:d5:e6:1f:79:49:3b:ef:66:a7:01:12:6a:af:25:82:
13:e1:74:0c:d0:ae:d7:a6:5b:55:ee:23:73:9b:30:40:0a:30:
ae:92:7a:81:83:27:4e:1e:36:0c:b5:77:76:48:e0:1c:b3:9d:
3c:7a:b2:d3:9e:34:94:c0:62:f0:79:e0:b8:48:f9:5c:c3:4f:
2c:8b:e5:48:19:18:31:97:5e:e1:93:03:5f:d5:c9:71:95:f7:
d3:46:7a:8e:11:b5:1d:66:0a:c1:8b:d8:ef:fd:d7:58:1e:f2:
b5:53:6f:e9:71:94:f6:0a:23:8f:d6:cc:96:0b:d7:e5:49:a4:
fe:39:84:3a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZx2X3X4xPtibluuquhjUG8MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwMjE5MTQ0ODEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjA1MzU0OGMzM2JmYTczYTVjYzVhYmFhMTQ4Njg5NWZlMGI4ZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8VS3YKzgNevgG4smag+6O9kFnIf+
/3sQtZmlX/0ZKyGCL8OBK1ZXMbdMTmtNJ/XxLjY1TDuR17vGYtGnv0Vp6qiesRFE
ZK8Ks5/aloDL49QpDXyZgXAOqMoaVCrBho0qA1B2q2AhcDST3K5/d7AAXfp0b+Zo
z1WEq2wuFSz49y65mfsQDdDS3xYkLv1ubxa5EyF1JdjZENVmtJuUt4G7wLssFS3E
gkp5CyrdKDay7mQYwERdGojpbDSsSK68RG1tBK0nQzuzQIueZ/v4R/uOTwz4/s3I
FHtk8AIy1W+Y18ePyty6uL7abwBqwHWfU9IrN5MJ4YOZdfQWNy0E8S5liQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCIFNUjDO/pzpcxauqFIaJX+C4+7MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvSWdVMVNNTTctbk9sekZxNm9VaG9sZjRMajdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABedMAwQA
TVowAwQAVXamAwQAXvnyAwQAshKXAwQAuS+MMA0GCSqGSIb3DQEBCwUAA4IBAQBJ
PuVMvqAXa9D8J+jxyz8W0KbRBQX6qrj0TM4l5eS1LzRY73+NaHH1HJtSAASLbuE/
7qGV0z95o3hbbD/JgZB11yy+P+urDHnowVzwxYNrmI2VgOzkpnNxtynYEPKTeP9W
6WeMywmWaDSGjGtiHLQFXSALwmWzxm5TsDwYm2opJKbV5h95STvvZqcBEmqvJYIT
4XQM0K7XpltV7iNzmzBACjCuknqBgydOHjYMtXd2SOAcs508erLTnjSUwGLweeC4
SPlcw08si+VIGRgxl17hkwNf1clxlffTRnqOEbUdZgrBi9jv/ddYHvK1U2/pcZT2
CiOP1syWC9flSaT+OYQ6
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:23:02 2026 by rpki-client