Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/s7RpgA0R3vsueY42eei_AImOBO8.roa
File: s7RpgA0R3vsueY42eei_AImOBO8.roa (raw, json)
Hash identifier: oNHuHZnEL0RPbJZPYJUj7x33aVQEtQSGkU5sfC19kPM=
Subject key identifier: B3:B4:69:80:0D:11:DE:FB:2E:79:8E:36:79:E8:BF:00:89:8E:04:EF
Certificate issuer: /CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Certificate serial: 019C9421C656D3BAC3F2F34A0FC55BC04131
Authority key identifier: 18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/s7RpgA0R3vsueY42eei_AImOBO8.roa
Signing time: Wed 25 Feb 2026 09:29:27 +0000
ROA not before: Wed 25 Feb 2026 09:29:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48716
IP address blocks: 46.247.40.0/23 maxlen: 24
77.240.38.0/23 maxlen: 24
77.243.80.0/23 maxlen: 24
78.40.108.0/23 maxlen: 24
82.115.40.0/22 maxlen: 24
85.202.194.0/23 maxlen: 24
89.219.32.0/22 maxlen: 24
91.147.92.0/22 maxlen: 22
91.147.92.0/24 maxlen: 24
91.147.93.0/24 maxlen: 24
91.147.94.0/24 maxlen: 24
91.147.95.0/24 maxlen: 24
91.147.104.0/22 maxlen: 24
91.201.214.0/23 maxlen: 24
91.215.136.0/22 maxlen: 24
91.215.136.0/24 maxlen: 24
91.215.137.0/24 maxlen: 32
91.215.139.0/24 maxlen: 32
94.247.128.0/21 maxlen: 24
109.233.108.0/22 maxlen: 32
185.4.180.0/22 maxlen: 24
185.22.64.0/22 maxlen: 24
185.35.222.0/23 maxlen: 24
185.102.72.0/22 maxlen: 24
185.146.0.0/22 maxlen: 24
194.32.140.0/22 maxlen: 24
194.39.64.0/22 maxlen: 24
194.39.64.0/23 maxlen: 24
194.39.66.0/24 maxlen: 24
194.39.67.0/24 maxlen: 24
194.110.54.0/23 maxlen: 24
195.49.208.0/21 maxlen: 21
195.49.209.0/24 maxlen: 24
195.49.210.0/23 maxlen: 23
195.49.210.0/24 maxlen: 24
195.49.211.0/24 maxlen: 24
195.49.212.0/22 maxlen: 22
195.49.212.0/24 maxlen: 24
195.49.213.0/24 maxlen: 24
195.49.214.0/24 maxlen: 24
195.49.215.0/24 maxlen: 24
195.93.152.0/23 maxlen: 24
195.210.46.0/23 maxlen: 24
213.155.20.0/23 maxlen: 23
213.155.20.0/24 maxlen: 24
213.155.21.0/24 maxlen: 24
2a00:5da0::/36 maxlen: 48
2a00:5da0:1000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.mft
rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 06:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:94:21:c6:56:d3:ba:c3:f2:f3:4a:0f:c5:5b:c0:41:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Validity
Not Before: Feb 25 09:29:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b3b469800d11defb2e798e3679e8bf00898e04ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a5:9f:7d:88:f9:11:11:a4:9f:50:30:ab:e5:
74:25:96:cd:f9:77:9d:9f:9d:8e:70:14:d0:56:35:
94:3e:9c:64:ea:a4:b6:5b:67:f0:00:d4:f9:7c:7e:
e1:c4:21:68:26:b2:12:d7:29:ec:e9:ef:8a:d8:f0:
e5:b9:3d:da:c4:fe:d3:93:ab:11:c9:a4:fc:4f:b7:
90:21:81:6a:40:48:b3:d8:ec:bb:3f:e6:de:b2:9e:
71:71:d0:19:2b:ab:4a:de:64:35:a0:2b:cf:78:b6:
7f:1a:78:b8:1a:63:d7:8a:ca:5a:ab:c6:01:ac:be:
94:20:32:d7:22:69:2a:48:da:b9:6f:9b:35:a8:f5:
e4:f8:20:79:5c:38:da:42:3d:0e:70:43:e3:52:5f:
1b:68:77:91:1b:4d:00:eb:86:13:4a:7b:0e:87:fa:
8a:3a:37:31:54:1b:7c:03:d4:97:d2:8d:e3:01:35:
14:c7:36:87:06:ab:2f:c3:04:9b:41:da:4e:5c:c1:
6a:b0:88:a0:3e:79:aa:4a:40:85:b5:39:48:49:f0:
87:cf:3c:c0:16:1d:e6:f4:1d:18:71:fd:20:ed:8e:
2d:8f:e1:d3:26:9c:40:71:44:42:3c:bc:a0:93:c2:
48:ff:f5:69:f2:81:a5:00:4b:2d:46:a9:24:c9:23:
94:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:B4:69:80:0D:11:DE:FB:2E:79:8E:36:79:E8:BF:00:89:8E:04:EF
X509v3 Authority Key Identifier:
keyid:18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/s7RpgA0R3vsueY42eei_AImOBO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.247.40.0/23
77.240.38.0/23
77.243.80.0/23
78.40.108.0/23
82.115.40.0/22
85.202.194.0/23
89.219.32.0/22
91.147.92.0/22
91.147.104.0/22
91.201.214.0/23
91.215.136.0/22
94.247.128.0/21
109.233.108.0/22
185.4.180.0/22
185.22.64.0/22
185.35.222.0/23
185.102.72.0/22
185.146.0.0/22
194.32.140.0/22
194.39.64.0/22
194.110.54.0/23
195.49.208.0/21
195.93.152.0/23
195.210.46.0/23
213.155.20.0/23
IPv6:
2a00:5da0::/35
Signature Algorithm: sha256WithRSAEncryption
26:56:30:1a:1c:e7:dd:fa:0c:e5:88:fa:63:a7:56:b4:aa:93:
53:0b:54:2c:5c:92:94:20:54:e0:6d:94:a2:62:91:f4:f4:2a:
97:42:6d:92:77:92:d7:6f:cb:93:31:36:83:e6:c3:ea:03:41:
46:88:0e:6b:36:6f:a1:5c:58:72:36:18:2a:1d:24:e5:1d:11:
e2:c4:df:a9:46:19:8e:16:cb:77:b4:af:1e:6d:a1:57:b3:dc:
ad:49:21:12:ab:27:f2:a7:97:5a:07:c9:78:ff:d4:89:ce:85:
21:12:01:70:74:4d:2e:ae:de:6e:9e:f9:b1:df:c6:35:c6:f6:
a6:62:d3:3b:53:86:2f:56:71:ea:29:60:97:0a:29:f6:64:bd:
e9:fa:00:17:ec:d4:e5:9d:01:97:25:9f:63:6d:7e:56:48:30:
d7:a1:56:da:fa:ac:a0:df:1d:9b:d8:21:b7:9f:cb:2f:c5:b8:
92:78:46:ab:6b:e5:20:cf:da:3d:b5:8e:90:e1:db:0c:1f:67:
36:3a:3d:69:f6:f9:95:c5:ee:70:18:80:42:60:7c:5c:2c:51:
ed:2b:59:88:8e:8b:af:c8:ef:3c:2a:a2:b6:02:03:b9:c2:a9:
34:fd:86:67:4b:f0:63:9e:ad:3d:bd:ec:ee:75:ce:71:c1:15:
c4:bc:c0:e7
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAZyUIcZW07rD8vNKD8VbwEExMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NDdiNTlkMjFlYTM2YjMwNjJmY2E4MGNlNzVjMTYxNmFm
NTExOWEwHhcNMjYwMjI1MDkyOTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2I0Njk4MDBkMTFkZWZiMmU3OThlMzY3OWU4YmYwMDg5OGUwNGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKWffYj5ERGkn1Awq+V0JZbN+Xed
n52OcBTQVjWUPpxk6qS2W2fwANT5fH7hxCFoJrIS1yns6e+K2PDluT3axP7Tk6sR
yaT8T7eQIYFqQEiz2Oy7P+besp5xcdAZK6tK3mQ1oCvPeLZ/Gni4GmPXispaq8YB
rL6UIDLXImkqSNq5b5s1qPXk+CB5XDjaQj0OcEPjUl8baHeRG00A64YTSnsOh/qK
OjcxVBt8A9SX0o3jATUUxzaHBqsvwwSbQdpOXMFqsIigPnmqSkCFtTlISfCHzzzA
Fh3m9B0Ycf0g7Y4tj+HTJpxAcURCPLygk8JI//Vp8oGlAEstRqkkySOUqQIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFLO0aYANEd77LnmONnnovwCJjgTvMB8GA1UdIwQY
MBaAFBhHtZ0h6jazBi/KgM51wWFq9RGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTIt
ZjkxYmI1MTc5MjE3LzEvczdScGdBMFIzdnN1ZVk0MmVlaV9BSW1PQk84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTItZjkxYmI1MTc5MjE3
LzEvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBnQQCAAEwgZYDBAEu
9ygDBAFN8CYDBAFN81ADBAFOKGwDBAJScygDBAFVysIDBAJZ2yADBAJbk1wDBAJb
k2gDBAFbydYDBAJb14gDBANe94ADBAJt6WwDBAK5BLQDBAK5FkADBAG5I94DBAK5
ZkgDBAK5kgADBALCIIwDBALCJ0ADBAHCbjYDBAPDMdADBAHDXZgDBAHD0i4DBAHV
mxQwDgQCAAIwCAMGBSoAXaAAMA0GCSqGSIb3DQEBCwUAA4IBAQAmVjAaHOfd+gzl
iPpjp1a0qpNTC1QsXJKUIFTgbZSiYpH09CqXQm2Sd5LXb8uTMTaD5sPqA0FGiA5r
Nm+hXFhyNhgqHSTlHRHixN+pRhmOFst3tK8ebaFXs9ytSSESqyfyp5daB8l4/9SJ
zoUhEgFwdE0urt5unvmx38Y1xvamYtM7U4YvVnHqKWCXCin2ZL3p+gAX7NTlnQGX
JZ9jbX5WSDDXoVba+qyg3x2b2CG3n8svxbiSeEara+Ugz9o9tY6Q4dsMH2c2Oj1p
9vmVxe5wGIBCYHxcLFHtK1mIjouvyO88KqK2AgO5wqk0/YZnS/Bjnq09vezudc5x
wRXEvMDn
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:51:46 2026 by rpki-client