Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/48b50b-adfe-4dfb-ad80-103b206ba28b/1/gFVBldPsPJ9_Z3436EbOexrFKyQ.roa
File: gFVBldPsPJ9_Z3436EbOexrFKyQ.roa (raw, json)
Hash identifier: XpNUD5CKdNtgQ6f8YKYlS0lGIc67007/Bg5jHv80Qgc=
Subject key identifier: 80:55:41:95:D3:EC:3C:9F:7F:67:7E:37:E8:46:CE:7B:1A:C5:2B:24
Certificate issuer: /CN=f724cba521c080db72a6e54a1b8cf4495cbbc7d6
Certificate serial: 019C55D252E774EBA33131799B2CEF3C8425
Authority key identifier: F7:24:CB:A5:21:C0:80:DB:72:A6:E5:4A:1B:8C:F4:49:5C:BB:C7:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9yTLpSHAgNtypuVKG4z0SVy7x9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/48b50b-adfe-4dfb-ad80-103b206ba28b/1/gFVBldPsPJ9_Z3436EbOexrFKyQ.roa
Signing time: Fri 13 Feb 2026 07:06:12 +0000
ROA not before: Fri 13 Feb 2026 07:06:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211894
IP address blocks: 81.85.88.0/22 maxlen: 22
185.116.114.0/24 maxlen: 24
185.203.113.0/24 maxlen: 24
2a0a:5480::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/48b50b-adfe-4dfb-ad80-103b206ba28b/1/9yTLpSHAgNtypuVKG4z0SVy7x9Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/48b50b-adfe-4dfb-ad80-103b206ba28b/1/9yTLpSHAgNtypuVKG4z0SVy7x9Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/9yTLpSHAgNtypuVKG4z0SVy7x9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:55:d2:52:e7:74:eb:a3:31:31:79:9b:2c:ef:3c:84:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f724cba521c080db72a6e54a1b8cf4495cbbc7d6
Validity
Not Before: Feb 13 07:06:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=80554195d3ec3c9f7f677e37e846ce7b1ac52b24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:66:40:b9:e1:1a:bc:4e:6f:ba:5a:43:13:7a:
17:4c:58:26:e0:da:d9:44:f0:51:2f:b2:15:96:cf:
3d:3c:ce:b8:00:58:02:ad:23:8e:be:8f:0b:7d:92:
47:95:26:49:63:8c:bb:e2:82:9c:af:6a:b5:9a:af:
99:3a:09:97:c8:7c:4b:72:67:05:be:b7:4b:cc:18:
f3:e1:d8:85:8d:7b:d2:10:4d:cb:05:e7:18:d3:5b:
7d:86:f1:d5:07:c4:2a:12:7e:ae:3b:cd:e6:35:07:
91:4d:a3:18:99:e8:49:78:98:11:77:6e:44:53:db:
ab:41:eb:64:b0:4d:45:d6:69:d3:9e:37:07:7e:f4:
e0:f0:9f:6a:5b:42:68:3a:fe:c8:3f:02:eb:11:ee:
ae:60:60:2e:79:74:52:8f:53:8c:9b:01:08:53:d3:
1a:84:d7:48:7d:54:e4:40:44:00:f2:0e:d0:17:a3:
96:af:db:3d:d0:ac:8c:8d:9f:84:7b:40:c1:da:3c:
54:46:3b:7d:d8:fb:bf:a9:9d:04:55:79:d2:5e:72:
d6:c9:9e:b2:35:e7:2a:ea:e5:14:e4:fd:4b:64:d6:
ee:3e:cd:08:a7:78:29:42:02:57:b2:a7:78:a6:50:
04:37:05:01:f0:17:28:c5:f0:a2:7e:e8:cd:b0:e2:
11:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:55:41:95:D3:EC:3C:9F:7F:67:7E:37:E8:46:CE:7B:1A:C5:2B:24
X509v3 Authority Key Identifier:
keyid:F7:24:CB:A5:21:C0:80:DB:72:A6:E5:4A:1B:8C:F4:49:5C:BB:C7:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9yTLpSHAgNtypuVKG4z0SVy7x9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/48b50b-adfe-4dfb-ad80-103b206ba28b/1/gFVBldPsPJ9_Z3436EbOexrFKyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/48b50b-adfe-4dfb-ad80-103b206ba28b/1/9yTLpSHAgNtypuVKG4z0SVy7x9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.85.88.0/22
185.116.114.0/24
185.203.113.0/24
IPv6:
2a0a:5480::/29
Signature Algorithm: sha256WithRSAEncryption
8f:ab:26:73:57:f6:47:fb:a5:15:83:ea:90:b6:7f:72:0c:5a:
34:8b:e2:15:c4:7b:6a:23:a0:0b:54:8d:7e:c5:0e:ab:db:05:
9e:15:20:f2:68:ab:c9:78:96:2c:e7:a7:14:5d:09:c8:58:55:
ed:96:85:df:39:33:ef:16:85:df:93:d4:80:f3:ba:ad:a0:5f:
55:dd:4e:11:31:0c:ad:c7:78:a3:dc:75:ff:b0:86:03:8d:4f:
32:90:88:2c:6e:e9:06:fb:57:9c:06:3d:8f:e8:18:4c:75:31:
a0:09:75:8f:88:71:ed:33:ba:ea:48:27:d8:0a:18:7e:22:fd:
ac:3c:6e:dd:f4:72:f7:01:5d:f3:cf:f3:42:6a:3d:c2:c1:6f:
29:79:96:77:58:c2:fa:16:e7:de:51:f9:41:c9:4f:76:8c:25:
38:5c:92:76:bf:50:a4:e4:d1:85:b7:d6:db:2b:d8:8e:d8:ea:
03:29:4a:18:04:ae:9f:fe:00:e1:37:1e:11:10:74:12:ed:fa:
3b:8b:24:31:38:7e:de:80:7f:41:26:bb:cf:6e:a9:df:05:97:
45:6e:6f:58:0a:92:f8:96:e2:2b:5f:16:5f:56:17:ab:1d:9d:
49:36:3d:ed:0e:4c:0f:47:87:bf:85:a2:4a:d4:ae:22:be:84:
c1:4e:de:9b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZxV0lLndOujMTF5myzvPIQlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3MjRjYmE1MjFjMDgwZGI3MmE2ZTU0YTFiOGNmNDQ5NWNi
YmM3ZDYwHhcNMjYwMjEzMDcwNjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDU1NDE5NWQzZWMzYzlmN2Y2NzdlMzdlODQ2Y2U3YjFhYzUyYjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mZAueEavE5vulpDE3oXTFgm4NrZ
RPBRL7IVls89PM64AFgCrSOOvo8LfZJHlSZJY4y74oKcr2q1mq+ZOgmXyHxLcmcF
vrdLzBjz4diFjXvSEE3LBecY01t9hvHVB8QqEn6uO83mNQeRTaMYmehJeJgRd25E
U9urQetksE1F1mnTnjcHfvTg8J9qW0JoOv7IPwLrEe6uYGAueXRSj1OMmwEIU9Ma
hNdIfVTkQEQA8g7QF6OWr9s90KyMjZ+Ee0DB2jxURjt92Pu/qZ0EVXnSXnLWyZ6y
Necq6uUU5P1LZNbuPs0Ip3gpQgJXsqd4plAENwUB8BcoxfCifujNsOIRIwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIBVQZXT7Dyff2d+N+hGznsaxSskMB8GA1UdIwQY
MBaAFPcky6UhwIDbcqblShuM9Elcu8fWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXlUTHBTSEFnTnR5cHVWS0c0ejBTVnk3eDlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80OGI1MGItYWRmZS00ZGZiLWFkODAt
MTAzYjIwNmJhMjhiLzEvZ0ZWQmxkUHNQSjlfWjM0MzZFYk9leHJGS3lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80OGI1MGItYWRmZS00ZGZiLWFkODAtMTAzYjIwNmJhMjhi
LzEvOXlUTHBTSEFnTnR5cHVWS0c0ejBTVnk3eDlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCUVVYAwQA
uXRyAwQAuctxMA0EAgACMAcDBQMqClSAMA0GCSqGSIb3DQEBCwUAA4IBAQCPqyZz
V/ZH+6UVg+qQtn9yDFo0i+IVxHtqI6ALVI1+xQ6r2wWeFSDyaKvJeJYs56cUXQnI
WFXtloXfOTPvFoXfk9SA87qtoF9V3U4RMQytx3ij3HX/sIYDjU8ykIgsbukG+1ec
Bj2P6BhMdTGgCXWPiHHtM7rqSCfYChh+Iv2sPG7d9HL3AV3zz/NCaj3CwW8peZZ3
WML6FufeUflByU92jCU4XJJ2v1Ck5NGFt9bbK9iO2OoDKUoYBK6f/gDhNx4REHQS
7fo7iyQxOH7egH9BJrvPbqnfBZdFbm9YCpL4luIrXxZfVherHZ1JNj3tDkwPR4e/
haJK1K4ivoTBTt6b
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:20:03 2026 by rpki-client