Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/dd15b4-3cdb-4a7a-92b1-d16895e0e18e/1/858uWq_tQRrXc7iZcCwhWyvGF0k.roa
File: 858uWq_tQRrXc7iZcCwhWyvGF0k.roa (raw, json)
Hash identifier: dF9xX4pAhExQ/y0aM6MdARmLhtwSBXO+tE9ECgeEaus=
Subject key identifier: F3:9F:2E:5A:AF:ED:41:1A:D7:73:B8:99:70:2C:21:5B:2B:C6:17:49
Certificate issuer: /CN=8e8223edf0ae42560e8f0c2cb059e3c8f5ae4d1a
Certificate serial: 019D9181DC7CE260CEDB2E6C18B8B662F0D7
Authority key identifier: 8E:82:23:ED:F0:AE:42:56:0E:8F:0C:2C:B0:59:E3:C8:F5:AE:4D:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/joIj7fCuQlYOjwwssFnjyPWuTRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/dd15b4-3cdb-4a7a-92b1-d16895e0e18e/1/858uWq_tQRrXc7iZcCwhWyvGF0k.roa
Signing time: Wed 15 Apr 2026 14:18:20 +0000
ROA not before: Wed 15 Apr 2026 14:18:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57008
IP address blocks: 85.198.88.0/22 maxlen: 22
85.198.88.0/24 maxlen: 24
85.198.89.0/24 maxlen: 24
85.198.90.0/24 maxlen: 24
85.198.91.0/24 maxlen: 24
90.156.222.0/23 maxlen: 23
90.156.222.0/24 maxlen: 24
90.156.223.0/24 maxlen: 24
176.123.180.0/22 maxlen: 22
176.123.180.0/24 maxlen: 24
176.123.181.0/24 maxlen: 24
176.123.182.0/24 maxlen: 24
176.123.183.0/24 maxlen: 24
185.36.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/dd15b4-3cdb-4a7a-92b1-d16895e0e18e/1/joIj7fCuQlYOjwwssFnjyPWuTRo.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/dd15b4-3cdb-4a7a-92b1-d16895e0e18e/1/joIj7fCuQlYOjwwssFnjyPWuTRo.mft
rsync://rpki.ripe.net/repository/DEFAULT/joIj7fCuQlYOjwwssFnjyPWuTRo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:91:81:dc:7c:e2:60:ce:db:2e:6c:18:b8:b6:62:f0:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e8223edf0ae42560e8f0c2cb059e3c8f5ae4d1a
Validity
Not Before: Apr 15 14:18:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f39f2e5aafed411ad773b899702c215b2bc61749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:31:6a:18:ac:6f:e2:b7:f8:22:2b:e3:ff:2c:
73:e6:a7:31:ae:73:6d:9c:7a:c0:0a:56:5d:29:3b:
75:ef:3b:3a:d3:ff:4c:e4:84:b9:3e:2b:1d:a0:5b:
f6:da:72:62:77:f3:75:7f:8b:6c:02:31:83:d7:91:
f8:48:ca:b3:9d:55:3e:b6:c5:41:64:64:4c:a4:d9:
13:a0:67:00:8a:5e:9e:ab:3e:b9:4a:36:2e:2a:dd:
62:0e:a2:7c:d0:56:a2:e1:67:25:dd:87:37:7e:eb:
f2:ca:17:07:7a:da:b9:ee:b0:c2:89:7c:d7:4e:3f:
00:1a:b3:a7:de:f6:4f:83:b1:76:7d:ac:0d:43:de:
89:5d:9f:02:b4:16:64:66:83:da:cd:31:fc:90:1a:
82:38:b6:1b:ab:76:08:29:52:5e:17:fb:fa:9b:f1:
7e:36:70:c5:9f:c3:da:dd:a9:67:b6:15:da:91:89:
02:92:59:94:50:65:cf:a1:40:ce:91:b2:8e:ba:46:
1d:07:13:f6:90:02:a1:95:ba:ff:ff:db:ed:b1:3b:
8c:d5:4f:3f:37:50:b2:21:e1:91:b6:03:5f:5e:dd:
d2:4e:89:94:ed:ee:19:af:73:1f:83:2e:18:04:06:
8f:83:d7:c3:5e:24:7c:dd:e3:45:16:56:30:da:2e:
a5:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:9F:2E:5A:AF:ED:41:1A:D7:73:B8:99:70:2C:21:5B:2B:C6:17:49
X509v3 Authority Key Identifier:
keyid:8E:82:23:ED:F0:AE:42:56:0E:8F:0C:2C:B0:59:E3:C8:F5:AE:4D:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/joIj7fCuQlYOjwwssFnjyPWuTRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/dd15b4-3cdb-4a7a-92b1-d16895e0e18e/1/858uWq_tQRrXc7iZcCwhWyvGF0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/dd15b4-3cdb-4a7a-92b1-d16895e0e18e/1/joIj7fCuQlYOjwwssFnjyPWuTRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.198.88.0/22
90.156.222.0/23
176.123.180.0/22
185.36.144.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:76:5f:37:ca:6f:9c:92:8c:a9:4a:02:0a:b7:34:ff:95:a8:
15:05:2e:7f:3a:f4:be:74:ed:c6:fd:89:ed:fa:6b:8f:36:fb:
ec:68:a2:8b:e9:89:b3:e2:bc:38:fa:0b:ad:01:b3:29:44:93:
34:c6:ac:b5:17:00:76:7f:b9:b2:df:26:06:94:82:05:ff:4b:
6b:e3:6a:1d:a4:ea:58:58:ad:74:77:37:b0:30:b4:7f:ef:1d:
77:22:28:aa:25:dc:91:47:fb:64:05:20:b2:f5:be:98:7f:f4:
3a:e0:ec:f1:0f:b3:90:b6:1e:47:c8:41:36:e0:f7:68:53:35:
6b:09:6d:90:2c:82:d8:a4:b0:ad:ab:7b:1e:08:41:e5:8c:e2:
b0:1b:14:71:88:41:7f:e0:c7:8e:9b:0e:bf:62:da:2d:eb:7d:
da:e2:4b:7d:9d:4e:d1:c4:2e:df:40:69:6b:4b:51:ec:03:b7:
44:b1:81:53:59:5e:6f:57:98:6f:c0:4f:ea:61:b2:7e:d3:49:
fc:fa:2f:9e:ac:97:ae:db:1e:e3:73:83:14:10:18:5c:ff:8c:
54:19:ac:90:56:d9:38:6b:0e:07:dc:eb:ff:08:13:9c:77:33:
ba:79:38:b4:f0:67:f9:74:8d:94:7c:03:26:15:e1:40:0d:b5:
2f:ee:4c:55
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ2Rgdx84mDO2y5sGLi2YvDXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlODIyM2VkZjBhZTQyNTYwZThmMGMyY2IwNTllM2M4ZjVh
ZTRkMWEwHhcNMjYwNDE1MTQxODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzlmMmU1YWFmZWQ0MTFhZDc3M2I4OTk3MDJjMjE1YjJiYzYxNzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DFqGKxv4rf4Iivj/yxz5qcxrnNt
nHrAClZdKTt17zs60/9M5IS5PisdoFv22nJid/N1f4tsAjGD15H4SMqznVU+tsVB
ZGRMpNkToGcAil6eqz65SjYuKt1iDqJ80Fai4Wcl3Yc3fuvyyhcHetq57rDCiXzX
Tj8AGrOn3vZPg7F2fawNQ96JXZ8CtBZkZoPazTH8kBqCOLYbq3YIKVJeF/v6m/F+
NnDFn8Pa3alnthXakYkCklmUUGXPoUDOkbKOukYdBxP2kAKhlbr//9vtsTuM1U8/
N1CyIeGRtgNfXt3STomU7e4Zr3Mfgy4YBAaPg9fDXiR83eNFFlYw2i6lhQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPOfLlqv7UEa13O4mXAsIVsrxhdJMB8GA1UdIwQY
MBaAFI6CI+3wrkJWDo8MLLBZ48j1rk0aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam9JajdmQ3VRbFlPand3c3NGbmp5UFd1VFJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZDE1YjQtM2NkYi00YTdhLTkyYjEt
ZDE2ODk1ZTBlMThlLzEvODU4dVdxX3RRUnJYYzdpWmNDd2hXeXZHRjBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZDE1YjQtM2NkYi00YTdhLTkyYjEtZDE2ODk1ZTBlMThl
LzEvam9JajdmQ3VRbFlPand3c3NGbmp5UFd1VFJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCVcZYAwQB
WpzeAwQCsHu0AwQAuSSQMA0GCSqGSIb3DQEBCwUAA4IBAQCbdl83ym+ckoypSgIK
tzT/lagVBS5/OvS+dO3G/Ynt+muPNvvsaKKL6Ymz4rw4+gutAbMpRJM0xqy1FwB2
f7my3yYGlIIF/0tr42odpOpYWK10dzewMLR/7x13IiiqJdyRR/tkBSCy9b6Yf/Q6
4OzxD7OQth5HyEE24PdoUzVrCW2QLILYpLCtq3seCEHljOKwGxRxiEF/4MeOmw6/
Ytot633a4kt9nU7RxC7fQGlrS1HsA7dEsYFTWV5vV5hvwE/qYbJ+00n8+i+erJeu
2x7jc4MUEBhc/4xUGayQVtk4aw4H3Ov/CBOcdzO6eTi08Gf5dI2UfAMmFeFADbUv
7kxV
-----END CERTIFICATE-----
Generated at Sun Apr 19 11:13:14 2026 by rpki-client