Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/SPPjM71nmOX7eNj2-mIx6bdne7g.roa
File: SPPjM71nmOX7eNj2-mIx6bdne7g.roa (raw, json)
Hash identifier: 249oKopn9OQM2f/WdGlFxfhN6nAjP3z88ppnooYTHME=
Subject key identifier: 48:F3:E3:33:BD:67:98:E5:FB:78:D8:F6:FA:62:31:E9:B7:67:7B:B8
Certificate issuer: /CN=1027a8a61299b80a3e71d1a981427ec00b849d17
Certificate serial: 019C09974A20BCC124DE05501775FB33E17E
Authority key identifier: 10:27:A8:A6:12:99:B8:0A:3E:71:D1:A9:81:42:7E:C0:0B:84:9D:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/SPPjM71nmOX7eNj2-mIx6bdne7g.roa
Signing time: Thu 29 Jan 2026 11:50:35 +0000
ROA not before: Thu 29 Jan 2026 11:50:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8455
IP address blocks: 31.22.80.0/21 maxlen: 21
31.22.84.0/24 maxlen: 24
45.148.184.0/22 maxlen: 22
45.148.187.0/24 maxlen: 24
95.142.96.0/20 maxlen: 20
130.193.4.0/24 maxlen: 24
178.237.32.0/20 maxlen: 20
178.237.34.0/24 maxlen: 24
178.237.42.0/24 maxlen: 24
178.237.43.0/24 maxlen: 24
185.27.16.0/22 maxlen: 22
193.22.161.0/24 maxlen: 24
2a00:1188::/29 maxlen: 29
2a00:1188:8::/48 maxlen: 48
2a00:1188:9::/48 maxlen: 48
2a00:1188:a::/48 maxlen: 48
2a00:1188:b::/48 maxlen: 48
2a00:1188:c::/48 maxlen: 48
2a00:1188:d::/48 maxlen: 48
2a00:1188:13::/48 maxlen: 48
2a00:1188:19::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:09:97:4a:20:bc:c1:24:de:05:50:17:75:fb:33:e1:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1027a8a61299b80a3e71d1a981427ec00b849d17
Validity
Not Before: Jan 29 11:50:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=48f3e333bd6798e5fb78d8f6fa6231e9b7677bb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e4:43:df:d0:12:00:5f:0a:86:c1:ca:c0:e0:
39:75:56:57:66:c3:07:88:69:cd:1f:fe:15:90:2a:
4c:fd:a4:6e:9a:45:1c:fc:03:32:7e:5e:bd:2b:ee:
03:ab:aa:29:10:91:16:5d:51:9d:3a:0b:60:cc:67:
6f:cd:eb:46:d9:df:80:bc:1e:c1:10:f2:79:30:71:
a8:8a:14:9e:bb:22:1f:e7:09:83:59:4e:f6:12:1b:
76:d6:46:65:39:a0:c4:5c:8d:f0:02:6b:b8:73:2f:
72:29:af:a8:20:39:a6:b5:4d:5a:6c:ac:c7:13:3a:
63:13:1d:05:79:1a:98:60:db:a4:eb:73:21:40:2d:
c8:7e:0a:1b:04:ca:22:bc:e0:6e:a4:e2:52:e1:c9:
db:ec:93:24:43:a7:be:cb:fb:88:5d:5b:0f:0f:d4:
4f:03:d7:f4:9f:d1:66:8a:7f:95:fc:2c:8e:f6:58:
b9:94:b3:22:7f:54:90:3b:72:80:f3:10:23:ba:b6:
d0:a5:f9:81:05:0c:fc:91:25:9c:b5:f4:91:7e:df:
11:e7:d7:70:75:da:d4:e5:25:96:72:54:e6:50:35:
ba:5a:4d:15:f3:9a:7f:ae:c5:a5:9e:57:07:ec:33:
f2:2b:b7:39:d6:12:fa:97:4d:9e:cc:54:a5:36:35:
3a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:F3:E3:33:BD:67:98:E5:FB:78:D8:F6:FA:62:31:E9:B7:67:7B:B8
X509v3 Authority Key Identifier:
keyid:10:27:A8:A6:12:99:B8:0A:3E:71:D1:A9:81:42:7E:C0:0B:84:9D:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/SPPjM71nmOX7eNj2-mIx6bdne7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.80.0/21
45.148.184.0/22
95.142.96.0/20
130.193.4.0/24
178.237.32.0/20
185.27.16.0/22
193.22.161.0/24
IPv6:
2a00:1188::/29
Signature Algorithm: sha256WithRSAEncryption
1e:43:d0:fb:d0:b5:d3:28:31:90:ff:1b:4e:95:9f:6e:7d:bd:
66:5f:c1:3d:28:39:dc:3e:6b:c3:bb:c0:dc:0f:35:93:ab:6f:
5b:e3:21:cb:d4:06:75:1b:38:eb:1c:f4:67:4a:9a:7d:0a:b1:
15:c3:03:63:56:ce:5f:43:e7:1d:f8:d0:ee:85:ae:d6:bd:46:
26:66:6d:02:10:90:f7:b8:ab:e8:3f:fb:41:fe:66:af:ae:75:
53:aa:27:dc:f9:b3:6c:97:f4:6e:cc:34:f1:42:3f:40:54:2a:
1a:1f:cf:9f:27:57:fd:82:f7:fd:79:3c:66:2b:bc:4b:df:8b:
7f:90:0b:9c:99:a1:51:f1:1f:5a:98:5f:d9:6b:6c:83:21:de:
7e:a7:de:f8:d8:b5:24:56:02:64:cb:c8:15:e6:fc:d5:03:4d:
84:e9:1c:b7:ad:c6:0d:62:43:37:51:c3:0e:eb:bc:52:20:91:
1d:d7:17:40:99:8a:30:5c:d9:e0:17:fc:95:76:b5:55:98:6e:
cc:e1:7f:b3:39:53:d3:9d:01:5e:c4:0b:4d:35:33:89:37:00:
05:19:86:65:91:8f:f2:bf:72:39:08:15:52:6d:a0:0d:58:0f:
54:92:01:91:b7:c2:76:20:9c:ab:b6:e0:46:f5:5f:c0:f9:2d:
08:ee:9c:7f
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZwJl0ogvMEk3gVQF3X7M+F+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMjdhOGE2MTI5OWI4MGEzZTcxZDFhOTgxNDI3ZWMwMGI4
NDlkMTcwHhcNMjYwMTI5MTE1MDM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGYzZTMzM2JkNjc5OGU1ZmI3OGQ4ZjZmYTYyMzFlOWI3Njc3YmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+RD39ASAF8KhsHKwOA5dVZXZsMH
iGnNH/4VkCpM/aRumkUc/AMyfl69K+4Dq6opEJEWXVGdOgtgzGdvzetG2d+AvB7B
EPJ5MHGoihSeuyIf5wmDWU72Eht21kZlOaDEXI3wAmu4cy9yKa+oIDmmtU1abKzH
EzpjEx0FeRqYYNuk63MhQC3IfgobBMoivOBupOJS4cnb7JMkQ6e+y/uIXVsPD9RP
A9f0n9Fmin+V/CyO9li5lLMif1SQO3KA8xAjurbQpfmBBQz8kSWctfSRft8R59dw
ddrU5SWWclTmUDW6Wk0V85p/rsWlnlcH7DPyK7c51hL6l02ezFSlNjU6hwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFEjz4zO9Z5jl+3jY9vpiMem3Z3u4MB8GA1UdIwQY
MBaAFBAnqKYSmbgKPnHRqYFCfsALhJ0XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUNlb3BoS1p1QW8tY2RHcGdVSi13QXVFblJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYTlkMTMtOGNhNi00NTc3LWE1OWMt
OWRkOTk3ZWVmNGVmLzEvU1BQak03MW5tT1g3ZU5qMi1tSXg2YmRuZTdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYTlkMTMtOGNhNi00NTc3LWE1OWMtOWRkOTk3ZWVmNGVm
LzEvRUNlb3BoS1p1QW8tY2RHcGdVSi13QXVFblJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDHxZQAwQC
LZS4AwQEX45gAwQAgsEEAwQEsu0gAwQCuRsQAwQAwRahMA0EAgACMAcDBQMqABGI
MA0GCSqGSIb3DQEBCwUAA4IBAQAeQ9D70LXTKDGQ/xtOlZ9ufb1mX8E9KDncPmvD
u8DcDzWTq29b4yHL1AZ1GzjrHPRnSpp9CrEVwwNjVs5fQ+cd+NDuha7WvUYmZm0C
EJD3uKvoP/tB/mavrnVTqifc+bNsl/RuzDTxQj9AVCoaH8+fJ1f9gvf9eTxmK7xL
34t/kAucmaFR8R9amF/Za2yDId5+p9742LUkVgJky8gV5vzVA02E6Ry3rcYNYkM3
UcMO67xSIJEd1xdAmYowXNngF/yVdrVVmG7M4X+zOVPTnQFexAtNNTOJNwAFGYZl
kY/yv3I5CBVSbaANWA9UkgGRt8J2IJyrtuBG9V/A+S0I7px/
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:43:11 2026 by rpki-client