Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/qJJ0wcWXHtXGbw82Hr-JWQr4AsU.roa
File: qJJ0wcWXHtXGbw82Hr-JWQr4AsU.roa (raw, json)
Hash identifier: GTpJtd9njL4o/WVli2fbOv6n9dmdweWLp2jvbliePk8=
Subject key identifier: A8:92:74:C1:C5:97:1E:D5:C6:6F:0F:36:1E:BF:89:59:0A:F8:02:C5
Certificate issuer: /CN=dc90e0aee1ecc31066cb744f8a7feedefb3f7930
Certificate serial: 019C7110CF96AA90BD0001CF3EC40EED7BB6
Authority key identifier: DC:90:E0:AE:E1:EC:C3:10:66:CB:74:4F:8A:7F:EE:DE:FB:3F:79:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JDgruHswxBmy3RPin_u3vs_eTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/qJJ0wcWXHtXGbw82Hr-JWQr4AsU.roa
Signing time: Wed 18 Feb 2026 14:04:13 +0000
ROA not before: Wed 18 Feb 2026 14:04:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58073
IP address blocks: 37.220.35.0/24 maxlen: 24
45.145.252.0/22 maxlen: 22
185.38.12.0/24 maxlen: 24
185.38.13.0/24 maxlen: 24
185.38.15.0/24 maxlen: 24
2a02:2a38::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/3JDgruHswxBmy3RPin_u3vs_eTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/3JDgruHswxBmy3RPin_u3vs_eTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JDgruHswxBmy3RPin_u3vs_eTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 05:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:71:10:cf:96:aa:90:bd:00:01:cf:3e:c4:0e:ed:7b:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc90e0aee1ecc31066cb744f8a7feedefb3f7930
Validity
Not Before: Feb 18 14:04:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a89274c1c5971ed5c66f0f361ebf89590af802c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ab:55:fb:95:8e:49:7d:3f:1d:0f:2d:a8:ef:
15:ca:03:4c:8f:77:c2:e0:f4:04:0f:8b:3f:46:2a:
d3:71:2b:f0:cf:c4:e0:bc:d6:13:3e:b0:bb:91:cd:
db:1f:4e:d4:a0:29:a4:56:79:11:4e:7b:47:79:cd:
16:28:63:df:67:33:c7:66:a8:ce:7a:23:28:2a:09:
1c:b0:ba:2b:84:a8:48:cd:1c:39:ae:87:df:08:f4:
1f:52:07:91:7e:b2:c6:f4:02:2f:ec:13:f2:8e:02:
f5:2b:08:d3:1e:1c:10:11:12:be:13:14:2f:37:ff:
3b:8f:e1:b6:ea:01:91:17:73:36:e1:9e:10:04:db:
82:74:de:6f:89:6b:5a:ac:3c:39:81:b2:fa:92:47:
76:e6:a7:ec:e4:a6:21:2d:79:5a:87:4e:61:33:8c:
cd:0e:4d:62:5f:3e:4a:f0:99:af:aa:dd:f0:0f:a9:
e3:96:5f:b4:9c:75:9d:46:96:43:8f:6b:0e:e0:67:
17:1c:84:81:0e:87:7f:82:e7:ee:be:26:92:1f:c3:
30:da:d2:7f:5e:59:f9:02:a8:fa:75:cb:d6:c0:65:
bb:aa:41:c7:44:de:da:a4:3f:2d:fe:b6:62:6f:21:
45:1f:6e:32:48:e5:6b:70:c5:2d:b1:81:76:2b:06:
dc:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:92:74:C1:C5:97:1E:D5:C6:6F:0F:36:1E:BF:89:59:0A:F8:02:C5
X509v3 Authority Key Identifier:
keyid:DC:90:E0:AE:E1:EC:C3:10:66:CB:74:4F:8A:7F:EE:DE:FB:3F:79:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JDgruHswxBmy3RPin_u3vs_eTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/qJJ0wcWXHtXGbw82Hr-JWQr4AsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/3JDgruHswxBmy3RPin_u3vs_eTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.35.0/24
45.145.252.0/22
185.38.12.0/23
185.38.15.0/24
IPv6:
2a02:2a38::/32
Signature Algorithm: sha256WithRSAEncryption
8b:e5:0a:bc:28:b2:b5:36:eb:9e:c3:fc:17:7f:e7:09:61:92:
1f:d2:ab:64:50:ca:6b:28:38:97:43:d5:97:4a:a9:cb:00:41:
68:66:67:17:19:f5:e5:89:46:7e:b3:87:2a:16:78:88:4f:a3:
a3:87:f9:b7:db:b8:42:36:17:2c:93:66:ff:ab:f6:13:10:ce:
20:36:e1:4c:61:6b:d3:f1:83:ff:06:50:20:d7:8f:8c:d7:2d:
96:00:28:19:7b:f0:80:c5:21:6c:e3:20:d4:58:38:9b:47:fb:
98:09:2c:80:7d:e9:b7:35:28:03:1b:8f:5b:d0:25:af:3b:0a:
6c:94:d7:b7:ec:8c:1a:91:6f:b0:46:39:33:48:0f:1f:ec:5d:
f8:9c:ef:a0:9f:e6:4d:0a:36:d1:f1:2b:15:d8:02:1e:0f:50:
11:38:2e:b7:2a:bb:1d:e4:bb:5b:55:c1:cb:8f:74:55:e9:2d:
a8:f3:57:b0:70:28:cb:b6:d0:cb:63:dd:e7:2b:6f:f8:75:01:
90:52:f6:3e:61:7a:82:77:b9:d6:47:92:40:53:1f:1c:97:1d:
cc:eb:d9:af:3b:6b:ab:d9:b0:c3:72:c1:69:68:d0:18:9c:70:
5f:22:1a:ad:10:91:d1:15:a6:79:29:7b:64:72:1c:20:c1:07:
2f:3a:fb:1b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZxxEM+WqpC9AAHPPsQO7Xu2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOTBlMGFlZTFlY2MzMTA2NmNiNzQ0ZjhhN2ZlZWRlZmIz
Zjc5MzAwHhcNMjYwMjE4MTQwNDEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODkyNzRjMWM1OTcxZWQ1YzY2ZjBmMzYxZWJmODk1OTBhZjgwMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKtV+5WOSX0/HQ8tqO8VygNMj3fC
4PQED4s/RirTcSvwz8TgvNYTPrC7kc3bH07UoCmkVnkRTntHec0WKGPfZzPHZqjO
eiMoKgkcsLorhKhIzRw5roffCPQfUgeRfrLG9AIv7BPyjgL1KwjTHhwQERK+ExQv
N/87j+G26gGRF3M24Z4QBNuCdN5viWtarDw5gbL6kkd25qfs5KYhLXlah05hM4zN
Dk1iXz5K8Jmvqt3wD6njll+0nHWdRpZDj2sO4GcXHISBDod/gufuviaSH8Mw2tJ/
Xln5Aqj6dcvWwGW7qkHHRN7apD8t/rZibyFFH24ySOVrcMUtsYF2Kwbc7QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKiSdMHFlx7Vxm8PNh6/iVkK+ALFMB8GA1UdIwQY
MBaAFNyQ4K7h7MMQZst0T4p/7t77P3kwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0pEZ3J1SHN3eEJteTNSUGluX3UzdnNfZVRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84N2IyNjctNDljMi00MjY5LTlmNjYt
MDBiY2Q5YjkxYzFiLzEvcUpKMHdjV1hIdFhHYnc4MkhyLUpXUXI0QXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84N2IyNjctNDljMi00MjY5LTlmNjYtMDBiY2Q5YjkxYzFi
LzEvM0pEZ3J1SHN3eEJteTNSUGluX3UzdnNfZVRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAJdwjAwQC
LZH8AwQBuSYMAwQAuSYPMA0EAgACMAcDBQAqAio4MA0GCSqGSIb3DQEBCwUAA4IB
AQCL5Qq8KLK1Nuuew/wXf+cJYZIf0qtkUMprKDiXQ9WXSqnLAEFoZmcXGfXliUZ+
s4cqFniIT6Ojh/m327hCNhcsk2b/q/YTEM4gNuFMYWvT8YP/BlAg14+M1y2WACgZ
e/CAxSFs4yDUWDibR/uYCSyAfem3NSgDG49b0CWvOwpslNe37IwakW+wRjkzSA8f
7F34nO+gn+ZNCjbR8SsV2AIeD1AROC63Krsd5LtbVcHLj3RV6S2o81ewcCjLttDL
Y93nK2/4dQGQUvY+YXqCd7nWR5JAUx8clx3M69mvO2ur2bDDcsFpaNAYnHBfIhqt
EJHRFaZ5KXtkchwgwQcvOvsb
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:57:18 2026 by rpki-client