Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/J6BzaoEADEU3mnLpaeWB28tTH_I.roa
File: J6BzaoEADEU3mnLpaeWB28tTH_I.roa (raw, json)
Hash identifier: LmZ8HNRZsz6o3yc1qdlURwkpFlRv54OEGoGiLtspLgg=
Subject key identifier: 27:A0:73:6A:81:00:0C:45:37:9A:72:E9:69:E5:81:DB:CB:53:1F:F2
Certificate issuer: /CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Certificate serial: 019C564B2C373A79284DA46F688AF33A30A9
Authority key identifier: 70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/J6BzaoEADEU3mnLpaeWB28tTH_I.roa
Signing time: Fri 13 Feb 2026 09:18:12 +0000
ROA not before: Fri 13 Feb 2026 09:18:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200738
IP address blocks: 45.129.20.0/24 maxlen: 24
45.129.21.0/24 maxlen: 24
45.129.22.0/24 maxlen: 24
45.129.23.0/24 maxlen: 24
77.83.124.0/22 maxlen: 22
92.114.56.0/22 maxlen: 22
93.114.240.0/22 maxlen: 22
109.230.222.0/24 maxlen: 24
176.100.208.0/22 maxlen: 22
176.100.212.0/22 maxlen: 22
176.100.224.0/20 maxlen: 20
176.100.224.0/24 maxlen: 24
176.100.225.0/24 maxlen: 24
185.97.168.0/22 maxlen: 22
185.159.252.0/22 maxlen: 22
185.170.147.0/24 maxlen: 24
188.215.8.0/22 maxlen: 22
193.31.36.0/22 maxlen: 22
193.35.14.0/23 maxlen: 23
193.35.26.0/23 maxlen: 23
2a06:6c0::/48 maxlen: 48
2a06:6c0:1::/48 maxlen: 48
2a06:6c0:2::/48 maxlen: 48
2a06:6c0:3::/48 maxlen: 48
2a06:6c0:11::/48 maxlen: 48
2a06:6c0:12::/48 maxlen: 48
2a06:6c0:13::/48 maxlen: 48
2a06:6c0:21::/48 maxlen: 48
2a06:6c0:22::/48 maxlen: 48
2a06:6c0:23::/48 maxlen: 48
2a06:6c0:24::/48 maxlen: 48
2a06:6c0:25::/48 maxlen: 48
2a06:6c0:26::/48 maxlen: 48
2a06:6c0:254::/48 maxlen: 48
2a06:6c0:255::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.mft
rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:56:4b:2c:37:3a:79:28:4d:a4:6f:68:8a:f3:3a:30:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Validity
Not Before: Feb 13 09:18:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=27a0736a81000c45379a72e969e581dbcb531ff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3e:39:6a:68:65:73:35:bd:be:65:a1:3a:71:
c0:80:30:bc:8a:04:04:07:03:a7:95:38:37:e8:7a:
18:c7:57:a4:5f:07:04:12:49:4c:c8:ce:f3:86:05:
51:4f:ef:ce:f5:ae:ae:d1:25:49:2f:1d:06:94:15:
b3:6d:68:86:11:a6:f0:89:80:b6:e6:1b:b5:02:21:
22:38:e9:4c:69:14:e5:80:da:fd:49:57:58:7c:a6:
d9:f5:41:7b:d1:31:3f:a0:65:1f:8d:42:ff:6d:ac:
41:15:a5:3f:28:61:87:6c:50:31:d5:fd:d9:22:cb:
ae:fc:d1:38:4a:27:2c:b3:fb:32:e6:e0:c6:25:3e:
f5:bb:66:00:8d:c4:77:21:ae:98:ef:a2:ad:6c:a1:
75:b6:65:bb:53:dd:5e:83:c7:1a:ce:af:84:1c:45:
f2:a7:26:ea:23:2f:96:ac:2b:69:13:e0:80:2a:1f:
3b:53:bf:e7:0a:1b:78:16:3d:df:b5:9e:e4:b0:45:
1a:9e:2a:1d:bc:95:8c:c7:af:fe:d3:b5:64:22:4c:
65:ae:42:ef:5b:23:f6:c1:ca:d2:1d:ac:9d:7a:45:
1e:79:cf:c7:06:23:bf:57:89:d4:c6:80:ad:ba:ea:
f4:5f:b2:2e:57:8b:e7:7a:ee:20:71:b7:96:d6:c6:
3c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:A0:73:6A:81:00:0C:45:37:9A:72:E9:69:E5:81:DB:CB:53:1F:F2
X509v3 Authority Key Identifier:
keyid:70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/J6BzaoEADEU3mnLpaeWB28tTH_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.20.0/22
77.83.124.0/22
92.114.56.0/22
93.114.240.0/22
109.230.222.0/24
176.100.208.0/21
176.100.224.0/20
185.97.168.0/22
185.159.252.0/22
185.170.147.0/24
188.215.8.0/22
193.31.36.0/22
193.35.14.0/23
193.35.26.0/23
IPv6:
2a06:6c0::/46
2a06:6c0:11::-2a06:6c0:13:ffff:ffff:ffff:ffff:ffff
2a06:6c0:21::-2a06:6c0:26:ffff:ffff:ffff:ffff:ffff
2a06:6c0:254::/47
Signature Algorithm: sha256WithRSAEncryption
64:4a:aa:13:4f:73:eb:7c:83:d8:21:cc:83:59:40:f2:3c:a3:
fd:5d:04:25:0e:52:86:7c:4f:32:fb:b9:21:33:27:85:ec:e0:
96:95:3d:e2:26:a4:61:78:9a:b9:63:19:1b:99:e0:2d:87:72:
77:61:aa:50:20:70:2d:cd:b9:e6:ff:49:63:6f:f6:3b:e8:26:
68:ad:66:77:e4:e6:4a:bd:c7:bc:92:25:1b:14:17:1e:7b:05:
f7:5e:2b:14:5a:e7:7d:5f:e9:60:f6:f1:72:71:2f:ce:de:c0:
55:8f:b4:47:cb:f1:dc:b2:c4:43:cf:7e:f9:ce:b9:ef:03:12:
b6:b0:fc:32:3c:27:55:0d:6a:e3:68:3b:67:9d:fd:b7:f4:b6:
c5:2d:4e:82:73:80:95:aa:72:6f:e4:5b:58:fc:c7:35:54:3d:
f6:7a:79:05:13:33:a7:ee:bd:c2:3a:2d:da:f9:70:53:85:1a:
db:b8:33:6d:0a:c2:77:7a:e3:29:62:c7:68:02:78:62:f4:22:
ab:50:32:05:92:da:97:c2:1d:ad:af:a6:74:22:b9:b6:72:aa:
c0:d7:42:c2:65:73:d1:7e:2c:75:fb:cc:ce:c2:5f:c2:9f:69:
08:dd:ad:1a:01:0c:d8:ac:36:86:5f:c6:27:31:73:f8:a7:de:
6f:94:6e:f5
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAZxWSyw3OnkoTaRvaIrzOjCpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOTRhNDI1NTk1ZTkyM2M0YjUzYjljMDAwYWE4ZjE5YWQ5
MjNmMjAwHhcNMjYwMjEzMDkxODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2EwNzM2YTgxMDAwYzQ1Mzc5YTcyZTk2OWU1ODFkYmNiNTMxZmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwj45amhlczW9vmWhOnHAgDC8igQE
BwOnlTg36HoYx1ekXwcEEklMyM7zhgVRT+/O9a6u0SVJLx0GlBWzbWiGEabwiYC2
5hu1AiEiOOlMaRTlgNr9SVdYfKbZ9UF70TE/oGUfjUL/baxBFaU/KGGHbFAx1f3Z
Isuu/NE4Sicss/sy5uDGJT71u2YAjcR3Ia6Y76KtbKF1tmW7U91eg8cazq+EHEXy
pybqIy+WrCtpE+CAKh87U7/nCht4Fj3ftZ7ksEUaniodvJWMx6/+07VkIkxlrkLv
WyP2wcrSHaydekUeec/HBiO/V4nUxoCtuur0X7IuV4vneu4gcbeW1sY8vQIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFCegc2qBAAxFN5py6WnlgdvLUx/yMB8GA1UdIwQY
MBaAFHCUpCVZXpI8S1O5wACqjxmtkj8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUt
Nzc3MzczZTYwNTVlLzEvSjZCemFvRUFERVUzbW5McGFlV0IyOHRUSF9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUtNzc3MzczZTYwNTVl
LzEvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjBaBAIAATBUAwQCLYEU
AwQCTVN8AwQCXHI4AwQCXXLwAwQAbebeAwQDsGTQAwQEsGTgAwQCuWGoAwQCuZ/8
AwQAuaqTAwQCvNcIAwQCwR8kAwQBwSMOAwQBwSMaMEAEAgACMDoDBwIqBgbAAAAw
EgMHACoGBsAAEQMHAioGBsAAEDASAwcAKgYGwAAhAwcAKgYGwAAmAwcBKgYGwAJU
MA0GCSqGSIb3DQEBCwUAA4IBAQBkSqoTT3PrfIPYIcyDWUDyPKP9XQQlDlKGfE8y
+7khMyeF7OCWlT3iJqRheJq5YxkbmeAth3J3YapQIHAtzbnm/0ljb/Y76CZorWZ3
5OZKvce8kiUbFBceewX3XisUWud9X+lg9vFycS/O3sBVj7RHy/HcssRDz375zrnv
AxK2sPwyPCdVDWrjaDtnnf239LbFLU6Cc4CVqnJv5FtY/Mc1VD32enkFEzOn7r3C
Oi3a+XBThRrbuDNtCsJ3euMpYsdoAnhi9CKrUDIFktqXwh2tr6Z0Irm2cqrA10LC
ZXPRfix1+8zOwl/Cn2kI3a0aAQzYrDaGX8YnMXP4p95vlG71
-----END CERTIFICATE-----
Generated at Mon Mar 2 21:20:00 2026 by rpki-client