Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/G9tw8jKx7wTMyDuNd2qb_H6hpNU.roa
File: G9tw8jKx7wTMyDuNd2qb_H6hpNU.roa (raw, json)
Hash identifier: opR+k5RZTYscrZyxD30IJbbJ7G543ejAX342CRSIXqE=
Subject key identifier: 1B:DB:70:F2:32:B1:EF:04:CC:C8:3B:8D:77:6A:9B:FC:7E:A1:A4:D5
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019C52226D7B3EBB2E2E1E1D69B7C9A72BBF
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/G9tw8jKx7wTMyDuNd2qb_H6hpNU.roa
Signing time: Thu 12 Feb 2026 13:55:13 +0000
ROA not before: Thu 12 Feb 2026 13:55:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3257
IP address blocks: 5.180.4.0/22 maxlen: 22
5.182.28.0/22 maxlen: 22
45.86.16.0/22 maxlen: 22
89.39.242.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.73.0/24 maxlen: 24
91.242.74.0/23 maxlen: 23
91.242.94.0/24 maxlen: 24
91.242.95.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
94.231.198.0/24 maxlen: 24
178.175.176.0/22 maxlen: 22
185.180.145.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
194.50.206.0/23 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/22 maxlen: 22
195.138.105.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
195.138.112.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.138.122.0/23 maxlen: 23
195.138.124.0/22 maxlen: 22
195.138.124.0/24 maxlen: 24
195.216.156.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:52:22:6d:7b:3e:bb:2e:2e:1e:1d:69:b7:c9:a7:2b:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Feb 12 13:55:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1bdb70f232b1ef04ccc83b8d776a9bfc7ea1a4d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ef:d6:7d:cc:1d:58:73:50:a4:f3:65:9a:2a:
c4:ba:10:38:9e:af:ce:83:be:1f:88:7f:c9:cd:c7:
40:f4:10:60:82:ac:00:4f:9a:8a:ed:e6:af:e3:bd:
65:ed:46:88:5f:41:85:80:6c:bb:a6:fc:29:3f:08:
94:21:d2:63:1e:8d:6d:4f:9e:c1:bc:c7:2a:93:fa:
e6:23:39:24:a6:1b:47:cc:f9:23:54:c7:7b:01:5a:
72:6c:de:34:fc:42:dc:88:c6:cb:dc:1d:32:84:05:
5a:49:92:3d:36:e5:36:93:0c:d4:28:0b:1a:7b:9c:
8a:23:a6:f0:30:9b:3a:17:89:84:37:ec:57:18:5e:
3c:ed:7c:02:56:33:1b:28:94:42:4c:04:60:f5:2c:
40:9d:86:b5:45:df:c0:b8:b1:3a:3f:e9:d0:cf:49:
6a:be:b8:88:24:c4:88:b0:30:63:01:d4:92:c0:07:
50:e3:cf:71:03:fa:2e:90:30:60:48:8c:6a:b7:d9:
1a:09:79:cd:e1:0f:4c:83:45:7c:56:87:40:31:86:
8a:96:ca:f2:1d:b5:e6:01:bb:2f:0b:fc:f2:7c:9c:
7a:c8:d9:65:6c:c4:66:56:04:b4:ad:60:5a:b1:25:
9e:53:60:c1:6d:82:f1:e3:8b:79:a2:27:7b:a1:0a:
ae:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:DB:70:F2:32:B1:EF:04:CC:C8:3B:8D:77:6A:9B:FC:7E:A1:A4:D5
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/G9tw8jKx7wTMyDuNd2qb_H6hpNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.4.0/22
5.182.28.0/22
45.86.16.0/22
89.39.242.0/24
91.242.72.0/22
91.242.94.0/23
91.242.103.0/24
94.231.198.0/24
178.175.176.0/22
185.180.145.0/24
185.212.11.0/24
194.50.206.0/23
195.138.103.0-195.138.107.255
195.138.112.0/24
195.138.120.0/24
195.138.122.0-195.138.127.255
195.216.156.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:25:6f:03:87:50:a6:e4:8e:d6:eb:36:a6:39:6f:bd:8f:5e:
4a:e6:8d:8c:fa:b2:d6:98:c9:94:18:28:d4:fb:38:8f:50:24:
b6:a7:0b:21:49:df:ed:6f:32:c0:56:8b:91:25:6d:a6:c0:bc:
b4:78:ac:a1:82:26:91:b3:ea:29:de:cb:10:59:47:79:75:a9:
a9:c3:e9:46:fc:a6:ee:a5:74:35:df:a8:be:9f:47:03:75:fd:
cf:b0:36:af:fa:5c:7b:d3:92:7c:d4:8e:b3:1e:6c:f4:56:f3:
14:fd:89:40:e0:dd:8e:c2:a6:b1:a2:06:a8:91:f0:c2:64:6a:
b8:4c:da:f9:a8:3f:b0:4f:9d:a9:9b:95:7f:96:e9:dd:d7:ea:
3e:1a:ae:01:cc:91:c1:67:81:62:fc:49:5a:6d:5f:d1:1e:95:
4d:fd:0a:7f:a6:50:aa:bc:26:38:d6:01:df:d3:49:cc:21:5b:
39:2d:cb:6a:90:ff:94:d3:55:9d:38:5d:0f:61:f4:5d:cd:24:
b4:ab:ec:11:c2:b8:b1:c7:31:40:63:15:41:4c:35:0d:43:ff:
cd:7b:46:d6:70:5d:23:52:aa:47:2e:93:14:99:54:8f:c9:35:
1a:2f:5d:db:44:ba:f6:a4:c6:ba:b1:28:e8:57:9e:c6:e3:7f:
a6:86:a5:cd
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZxSIm17PrsuLh4dabfJpyu/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjYwMjEyMTM1NTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmRiNzBmMjMyYjFlZjA0Y2NjODNiOGQ3NzZhOWJmYzdlYTFhNGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApO/WfcwdWHNQpPNlmirEuhA4nq/O
g74fiH/JzcdA9BBggqwAT5qK7eav471l7UaIX0GFgGy7pvwpPwiUIdJjHo1tT57B
vMcqk/rmIzkkphtHzPkjVMd7AVpybN40/ELciMbL3B0yhAVaSZI9NuU2kwzUKAsa
e5yKI6bwMJs6F4mEN+xXGF487XwCVjMbKJRCTARg9SxAnYa1Rd/AuLE6P+nQz0lq
vriIJMSIsDBjAdSSwAdQ489xA/oukDBgSIxqt9kaCXnN4Q9Mg0V8VodAMYaKlsry
HbXmAbsvC/zyfJx6yNllbMRmVgS0rWBasSWeU2DBbYLx44t5oid7oQqulQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFBvbcPIyse8EzMg7jXdqm/x+oaTVMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvRzl0dzhqS3g3d1RNeUR1TmQycWJfSDZocE5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAIFtAQD
BAIFthwDBAItVhADBABZJ/IDBAJb8kgDBAFb8l4DBABb8mcDBABe58YDBAKyr7AD
BAC5tJEDBAC51AsDBAHCMs4wDAMEAMOKZwMEAsOKaAMEAMOKcAMEAMOKeDAMAwQB
w4p6AwQHw4oAAwQCw9icMA0GCSqGSIb3DQEBCwUAA4IBAQBdJW8Dh1Cm5I7W6zam
OW+9j15K5o2M+rLWmMmUGCjU+ziPUCS2pwshSd/tbzLAVouRJW2mwLy0eKyhgiaR
s+op3ssQWUd5dampw+lG/KbupXQ136i+n0cDdf3PsDav+lx705J81I6zHmz0VvMU
/YlA4N2OwqaxogaokfDCZGq4TNr5qD+wT52pm5V/lund1+o+Gq4BzJHBZ4Fi/Ela
bV/RHpVN/Qp/plCqvCY41gHf00nMIVs5LctqkP+U01WdOF0PYfRdzSS0q+wRwrix
xzFAYxVBTDUNQ//Ne0bWcF0jUqpHLpMUmVSPyTUaL13bRLr2pMa6sSjoV57G43+m
hqXN
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:11:36 2026 by rpki-client