Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/SnhR0ywSazNW_LooQ-7w3mnox3s.roa
File: SnhR0ywSazNW_LooQ-7w3mnox3s.roa (raw, json)
Hash identifier: sf6HWA102jlf5D1wHL5U+yeNTKyY8TOBcCejfejACe0=
Subject key identifier: 4A:78:51:D3:2C:12:6B:33:56:FC:BA:28:43:EE:F0:DE:69:E8:C7:7B
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 019C916479E26E8FFEF3692CEE6A71D0B68C
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/SnhR0ywSazNW_LooQ-7w3mnox3s.roa
Signing time: Tue 24 Feb 2026 20:43:26 +0000
ROA not before: Tue 24 Feb 2026 20:43:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42375
IP address blocks: 2a09:9440::/32 maxlen: 32
2a09:a200::/32 maxlen: 32
2a09:a201::/32 maxlen: 32
2a09:a202::/32 maxlen: 32
2a09:a500::/32 maxlen: 32
2a09:a502::/32 maxlen: 32
2a09:a504::/32 maxlen: 32
2a0a:b380::/32 maxlen: 32
2a0d:3c40::/32 maxlen: 32
2a0d:3c41::/32 maxlen: 32
2a0d:afc1::/32 maxlen: 32
2a0d:afc2::/32 maxlen: 32
2a0d:c100::/32 maxlen: 32
2a0d:c101::/32 maxlen: 32
2a0d:cdc3::/32 maxlen: 32
2a0d:fcc0::/32 maxlen: 32
2a0d:fcc1::/32 maxlen: 32
2a0d:fcc2::/32 maxlen: 32
2a0e:7f00::/32 maxlen: 32
2a0e:7f01::/32 maxlen: 32
2a0e:7f02::/32 maxlen: 32
2a0e:eec0::/32 maxlen: 32
2a0e:eec1::/32 maxlen: 32
2a0e:eec2::/32 maxlen: 32
2a0f:1800::/29 maxlen: 29
2a0f:9d01::/32 maxlen: 32
2a0f:9d02::/32 maxlen: 32
2a0f:9d03::/32 maxlen: 32
2a11:3c40::/32 maxlen: 32
2a11:3c41::/32 maxlen: 32
2a11:3c42::/32 maxlen: 32
2a11:4040::/29 maxlen: 29
2a11:6540::/29 maxlen: 29
2a11:6580::/29 maxlen: 29
2a11:6bc0::/32 maxlen: 32
2a11:6bc1::/32 maxlen: 32
2a11:6bc3::/32 maxlen: 32
2a11:84c0::/29 maxlen: 29
2a11:a180::/29 maxlen: 29
2a12:2fc0::/32 maxlen: 32
2a12:2fc1::/32 maxlen: 32
2a12:2fc2::/32 maxlen: 32
2a12:3040::/29 maxlen: 29
2a12:38c0::/29 maxlen: 29
2a12:39c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:91:64:79:e2:6e:8f:fe:f3:69:2c:ee:6a:71:d0:b6:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Feb 24 20:43:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4a7851d32c126b3356fcba2843eef0de69e8c77b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:82:01:cd:dc:4f:33:dc:76:ea:ca:71:52:7b:
70:39:a7:ae:ad:9a:d0:5c:76:c1:e2:02:f3:a5:ba:
19:95:93:7b:e1:5f:39:06:a6:a7:1e:16:0d:f2:f0:
32:8c:33:37:0e:14:78:e7:b9:d6:b7:2b:09:5f:0d:
a6:29:01:90:a4:c9:90:e8:2f:03:fe:16:cc:d4:d8:
7d:1b:dc:c9:05:2e:a9:a3:2f:63:73:d3:ee:be:d2:
e3:ca:ce:89:e2:0f:b8:31:e0:ba:54:25:52:f2:57:
9d:c3:4b:d7:91:6e:1f:aa:68:d9:78:9a:0a:0f:e6:
0a:b4:8a:b2:be:6e:f2:f8:fc:58:ad:7e:f5:f9:90:
fe:c2:5c:a1:f9:01:01:a9:58:7f:11:93:d8:38:c7:
75:26:d7:e4:c1:02:0b:11:14:a3:da:6f:29:99:49:
4f:08:1e:d4:dd:d1:35:87:e0:d3:53:75:16:24:8c:
fd:41:9b:fc:a0:71:cd:9b:de:32:85:8c:82:46:40:
6b:7e:5d:5e:00:76:7d:4d:83:b8:0c:b2:44:66:3f:
3d:22:77:d4:d2:60:66:dc:93:f0:6a:cd:88:a9:d7:
73:1b:7b:7a:99:92:fc:1c:79:11:84:c4:77:65:5a:
f1:2f:21:eb:56:e8:ef:0c:8f:d0:3a:ce:ed:29:4e:
8b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:78:51:D3:2C:12:6B:33:56:FC:BA:28:43:EE:F0:DE:69:E8:C7:7B
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/SnhR0ywSazNW_LooQ-7w3mnox3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:9440::/32
2a09:a200::-2a09:a202:ffff:ffff:ffff:ffff:ffff:ffff
2a09:a500::/32
2a09:a502::/32
2a09:a504::/32
2a0a:b380::/32
2a0d:3c40::/31
2a0d:afc1::-2a0d:afc2:ffff:ffff:ffff:ffff:ffff:ffff
2a0d:c100::/31
2a0d:cdc3::/32
2a0d:fcc0::-2a0d:fcc2:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:7f00::-2a0e:7f02:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:eec0::-2a0e:eec2:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:1800::/29
2a0f:9d01::-2a0f:9d03:ffff:ffff:ffff:ffff:ffff:ffff
2a11:3c40::-2a11:3c42:ffff:ffff:ffff:ffff:ffff:ffff
2a11:4040::/29
2a11:6540::/29
2a11:6580::/29
2a11:6bc0::/31
2a11:6bc3::/32
2a11:84c0::/29
2a11:a180::/29
2a12:2fc0::-2a12:2fc2:ffff:ffff:ffff:ffff:ffff:ffff
2a12:3040::/29
2a12:38c0::/29
2a12:39c0::/29
Signature Algorithm: sha256WithRSAEncryption
62:e9:1f:a4:97:36:9d:5f:7f:06:ac:46:7f:bc:2b:5e:7b:63:
51:8c:70:26:8e:27:5c:48:24:22:ce:13:66:c0:7b:ab:e1:a7:
e4:08:c0:32:b4:2c:5c:3f:8c:5c:da:c9:12:05:74:14:ef:f4:
19:85:74:99:7e:27:6b:4e:bf:60:6a:28:de:97:28:14:6a:ea:
26:31:fe:02:f3:c4:7a:bd:5b:7e:59:bd:0b:2e:5f:96:c3:ff:
33:2b:23:3a:59:52:60:b1:d5:a1:94:b4:a4:06:07:8e:38:59:
76:88:70:af:a9:ba:4a:4c:a2:e6:39:0f:dc:3a:e0:80:9f:ab:
00:01:0f:ef:a9:a1:88:f1:82:c1:37:3e:70:45:ac:c2:08:b7:
3e:c7:cf:9f:03:3c:e7:0a:74:e9:6a:82:f9:21:d4:6d:d2:c3:
11:7c:89:cd:54:56:6d:bd:39:44:b9:da:4d:70:72:49:bb:3a:
b9:6f:60:78:51:3c:05:8d:70:36:7d:9d:3a:74:1d:b6:6f:7b:
16:7d:76:72:9b:7a:07:64:16:a5:3b:45:03:2a:b8:d3:73:d0:
86:0f:f2:3f:35:63:d7:fd:54:e3:40:38:f0:ec:6a:eb:e1:ad:
9a:d4:76:ed:8b:71:fd:d2:ab:07:67:c0:1e:b8:c8:35:80:cc:
85:cd:ae:f4
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgISAZyRZHnibo/+82ks7mpx0LaMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjYwMjI0MjA0MzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTc4NTFkMzJjMTI2YjMzNTZmY2JhMjg0M2VlZjBkZTY5ZThjNzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIIBzdxPM9x26spxUntwOaeurZrQ
XHbB4gLzpboZlZN74V85BqanHhYN8vAyjDM3DhR457nWtysJXw2mKQGQpMmQ6C8D
/hbM1Nh9G9zJBS6poy9jc9PuvtLjys6J4g+4MeC6VCVS8ledw0vXkW4fqmjZeJoK
D+YKtIqyvm7y+PxYrX71+ZD+wlyh+QEBqVh/EZPYOMd1JtfkwQILERSj2m8pmUlP
CB7U3dE1h+DTU3UWJIz9QZv8oHHNm94yhYyCRkBrfl1eAHZ9TYO4DLJEZj89InfU
0mBm3JPwas2IqddzG3t6mZL8HHkRhMR3ZVrxLyHrVujvDI/QOs7tKU6LKQIDAQAB
o4IDEDCCAwwwHQYDVR0OBBYEFEp4UdMsEmszVvy6KEPu8N5p6Md7MB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvU25oUjB5d1Nhek5XX0xvb1EtN3czbW5veDNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJAYIKwYBBQUHAQcBAf8EggETMIIBDzCCAQsEAgACMIIB
AwMFACoJlEAwDQMEASoJogMFACoJogIDBQAqCaUAAwUAKgmlAgMFACoJpQQDBQAq
CrOAAwUBKg08QDAOAwUAKg2vwQMFACoNr8IDBQEqDcEAAwUAKg3NwzAOAwUGKg38
wAMFACoN/MIwDQMEACoOfwMFACoOfwIwDgMFBioO7sADBQAqDu7CAwUDKg8YADAO
AwUAKg+dAQMFAioPnQAwDgMFBioRPEADBQAqETxCAwUDKhFAQAMFAyoRZUADBQMq
EWWAAwUBKhFrwAMFACoRa8MDBQMqEYTAAwUDKhGhgDAOAwUGKhIvwAMFACoSL8ID
BQMqEjBAAwUDKhI4wAMFAyoSOcAwDQYJKoZIhvcNAQELBQADggEBAGLpH6SXNp1f
fwasRn+8K157Y1GMcCaOJ1xIJCLOE2bAe6vhp+QIwDK0LFw/jFzayRIFdBTv9BmF
dJl+J2tOv2BqKN6XKBRq6iYx/gLzxHq9W35ZvQsuX5bD/zMrIzpZUmCx1aGUtKQG
B444WXaIcK+pukpMouY5D9w64ICfqwABD++poYjxgsE3PnBFrMIItz7Hz58DPOcK
dOlqgvkh1G3SwxF8ic1UVm29OUS52k1wckm7OrlvYHhRPAWNcDZ9nTp0HbZvexZ9
dnKbegdkFqU7RQMquNNz0IYP8j81Y9f9VONAOPDsauvhrZrUdu2Lcf3SqwdnwB64
yDWAzIXNrvQ=
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:02:13 2026 by rpki-client