Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/b02cb6-86c7-4f6d-99d1-90776f84c9b7/1/12ZQ62nPJwBHdDipttw3dUMZnqY.roa
File: 12ZQ62nPJwBHdDipttw3dUMZnqY.roa (raw, json)
Hash identifier: mj44+gLUBC8dy/BsSB97lGlEqLGL0epooCBx2VlfKb0=
Subject key identifier: D7:66:50:EB:69:CF:27:00:47:74:38:A9:B6:DC:37:75:43:19:9E:A6
Certificate issuer: /CN=f79fcfd2875abdf61e19d3270eafe1effadc6662
Certificate serial: 019C5725FB3EDA55C7E35AB569E76E6CF7A5
Authority key identifier: F7:9F:CF:D2:87:5A:BD:F6:1E:19:D3:27:0E:AF:E1:EF:FA:DC:66:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/95_P0odavfYeGdMnDq_h7_rcZmI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/b02cb6-86c7-4f6d-99d1-90776f84c9b7/1/12ZQ62nPJwBHdDipttw3dUMZnqY.roa
Signing time: Fri 13 Feb 2026 13:17:12 +0000
ROA not before: Fri 13 Feb 2026 13:17:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207160
IP address blocks: 185.98.25.0/24 maxlen: 24
2a14:d100::/32 maxlen: 32
2a14:d102:3::/48 maxlen: 48
2a14:d102:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/b02cb6-86c7-4f6d-99d1-90776f84c9b7/1/95_P0odavfYeGdMnDq_h7_rcZmI.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/b02cb6-86c7-4f6d-99d1-90776f84c9b7/1/95_P0odavfYeGdMnDq_h7_rcZmI.mft
rsync://rpki.ripe.net/repository/DEFAULT/95_P0odavfYeGdMnDq_h7_rcZmI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:57:25:fb:3e:da:55:c7:e3:5a:b5:69:e7:6e:6c:f7:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f79fcfd2875abdf61e19d3270eafe1effadc6662
Validity
Not Before: Feb 13 13:17:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d76650eb69cf2700477438a9b6dc377543199ea6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:6a:f3:a7:34:9a:04:1a:2b:52:33:37:c5:4d:
6f:0a:bc:e1:f1:39:ff:d2:7c:74:9e:8f:15:21:a9:
05:c1:73:a8:41:2a:3c:a5:d7:1e:ab:64:c7:c9:54:
ce:11:55:d6:17:c6:07:e5:b6:e4:f3:a0:0a:6b:13:
e1:67:27:3b:b9:2e:1d:5b:34:68:aa:ea:e3:12:0e:
b0:1d:64:04:ed:78:6d:aa:dc:42:7f:30:78:27:0c:
ca:ba:f7:da:11:94:48:7f:a6:0b:30:36:49:52:a3:
c7:e7:e1:60:21:3c:44:ea:2a:0c:70:10:43:5e:59:
b0:f1:5c:04:84:f2:ce:cc:10:95:30:3a:db:08:b1:
bf:81:47:1f:8f:c1:c1:e6:78:59:3a:ce:34:20:47:
44:94:19:ec:f0:10:a9:03:dc:44:77:7b:a1:cd:e4:
32:0b:df:d0:26:20:3c:2d:03:5f:ff:c7:ff:0b:72:
32:f9:c7:a5:49:ac:c4:68:e7:d7:32:09:05:bb:28:
d1:8d:ca:5f:26:7b:a4:0a:e4:44:93:15:60:f2:09:
db:da:12:35:c8:6b:54:99:2c:2f:0e:07:b6:12:af:
69:e1:06:55:a0:6e:7a:d2:79:c3:46:0f:0e:cb:15:
03:9a:5b:23:7e:67:9b:d6:6a:03:24:c2:75:bb:17:
70:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:66:50:EB:69:CF:27:00:47:74:38:A9:B6:DC:37:75:43:19:9E:A6
X509v3 Authority Key Identifier:
keyid:F7:9F:CF:D2:87:5A:BD:F6:1E:19:D3:27:0E:AF:E1:EF:FA:DC:66:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/95_P0odavfYeGdMnDq_h7_rcZmI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b02cb6-86c7-4f6d-99d1-90776f84c9b7/1/12ZQ62nPJwBHdDipttw3dUMZnqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b02cb6-86c7-4f6d-99d1-90776f84c9b7/1/95_P0odavfYeGdMnDq_h7_rcZmI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.25.0/24
IPv6:
2a14:d100::/32
2a14:d102:3::-2a14:d102:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
28:fa:21:6b:c3:b0:50:28:55:15:7d:14:e9:c0:f9:f8:52:4f:
c8:12:ef:31:c9:b6:75:57:01:df:ed:a1:13:c7:76:a8:94:cb:
47:3f:80:a9:51:f7:0d:f1:b2:b8:af:1f:35:61:6e:bb:a1:a8:
65:a3:99:8b:2a:7c:5e:88:c4:93:ec:f4:19:19:69:8b:27:74:
37:e2:75:63:b0:a4:12:43:07:ab:2f:86:48:af:fd:2a:6a:a7:
8d:31:98:db:87:09:8a:63:0c:6c:9b:38:2f:e3:16:c7:66:ad:
1d:a8:93:b1:4d:34:5a:6b:71:4a:10:c5:47:ee:73:7e:18:ff:
69:ac:9d:21:6a:fa:bf:ca:3d:0f:c5:ff:d0:8d:06:ce:d1:ae:
73:e5:d7:16:df:89:17:9e:35:9a:72:27:7e:bc:ee:c8:18:a8:
15:c0:d0:e7:d4:74:56:1c:8b:9e:0e:14:fe:c3:84:96:6f:ab:
66:f9:8c:b8:3a:57:0d:0e:55:63:c6:ee:24:7a:fe:f7:88:6f:
a9:76:b6:c7:a2:d8:ce:ae:9a:59:11:88:82:8c:82:d8:ce:21:
14:d0:55:2a:5f:de:70:e7:98:04:cc:82:69:b2:bf:6f:e5:87:
b8:db:41:79:2c:a1:37:49:18:05:ff:97:fc:02:80:c5:12:82:
65:2e:16:80
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZxXJfs+2lXH41q1aedubPelMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3OWZjZmQyODc1YWJkZjYxZTE5ZDMyNzBlYWZlMWVmZmFk
YzY2NjIwHhcNMjYwMjEzMTMxNzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzY2NTBlYjY5Y2YyNzAwNDc3NDM4YTliNmRjMzc3NTQzMTk5ZWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWrzpzSaBBorUjM3xU1vCrzh8Tn/
0nx0no8VIakFwXOoQSo8pdceq2THyVTOEVXWF8YH5bbk86AKaxPhZyc7uS4dWzRo
qurjEg6wHWQE7XhtqtxCfzB4JwzKuvfaEZRIf6YLMDZJUqPH5+FgITxE6ioMcBBD
Xlmw8VwEhPLOzBCVMDrbCLG/gUcfj8HB5nhZOs40IEdElBns8BCpA9xEd3uhzeQy
C9/QJiA8LQNf/8f/C3Iy+celSazEaOfXMgkFuyjRjcpfJnukCuREkxVg8gnb2hI1
yGtUmSwvDge2Eq9p4QZVoG560nnDRg8OyxUDmlsjfmeb1moDJMJ1uxdwWwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFNdmUOtpzycAR3Q4qbbcN3VDGZ6mMB8GA1UdIwQY
MBaAFPefz9KHWr32HhnTJw6v4e/63GZiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTVfUDBvZGF2ZlllR2RNbkRxX2g3X3JjWm1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iMDJjYjYtODZjNy00ZjZkLTk5ZDEt
OTA3NzZmODRjOWI3LzEvMTJaUTYyblBKd0JIZERpcHR0dzNkVU1abnFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iMDJjYjYtODZjNy00ZjZkLTk5ZDEtOTA3NzZmODRjOWI3
LzEvOTVfUDBvZGF2ZlllR2RNbkRxX2g3X3JjWm1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQAuWIZMCEE
AgACMBsDBQAqFNEAMBIDBwAqFNECAAMDBwAqFNECAAQwDQYJKoZIhvcNAQELBQAD
ggEBACj6IWvDsFAoVRV9FOnA+fhST8gS7zHJtnVXAd/toRPHdqiUy0c/gKlR9w3x
srivHzVhbruhqGWjmYsqfF6IxJPs9BkZaYsndDfidWOwpBJDB6svhkiv/Spqp40x
mNuHCYpjDGybOC/jFsdmrR2ok7FNNFprcUoQxUfuc34Y/2msnSFq+r/KPQ/F/9CN
Bs7RrnPl1xbfiReeNZpyJ3687sgYqBXA0OfUdFYci54OFP7DhJZvq2b5jLg6Vw0O
VWPG7iR6/veIb6l2tsei2M6umlkRiIKMgtjOIRTQVSpf3nDnmATMgmmyv2/lh7jb
QXksoTdJGAX/l/wCgMUSgmUuFoA=
-----END CERTIFICATE-----
Generated at Sun Mar 1 14:43:06 2026 by rpki-client