Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/unIU6ua6HUnZMkaiiyaVGW282c4.roa
File: unIU6ua6HUnZMkaiiyaVGW282c4.roa (raw, json)
Hash identifier: FaAM7DvIIw5oZC8J0pDY2WDx4oPP9+5oos8AGvZZxug=
Subject key identifier: BA:72:14:EA:E6:BA:1D:49:D9:32:46:A2:8B:26:95:19:6D:BC:D9:CE
Certificate issuer: /CN=85aaadc568f6c928fd764d421d42c71cf5791954
Certificate serial: 019C42DEF237C331753AB3564B2469BF57E3
Authority key identifier: 85:AA:AD:C5:68:F6:C9:28:FD:76:4D:42:1D:42:C7:1C:F5:79:19:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/haqtxWj2ySj9dk1CHULHHPV5GVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/unIU6ua6HUnZMkaiiyaVGW282c4.roa
Signing time: Mon 09 Feb 2026 14:47:12 +0000
ROA not before: Mon 09 Feb 2026 14:47:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44092
IP address blocks: 31.25.32.0/21 maxlen: 24
45.145.200.0/22 maxlen: 22
45.145.200.0/24 maxlen: 24
45.145.201.0/24 maxlen: 24
45.145.202.0/24 maxlen: 24
45.145.203.0/24 maxlen: 24
77.242.128.0/20 maxlen: 24
77.242.128.0/24 maxlen: 24
77.242.129.0/24 maxlen: 24
77.242.130.0/24 maxlen: 24
77.242.131.0/24 maxlen: 24
77.242.132.0/24 maxlen: 24
77.242.133.0/24 maxlen: 24
77.242.134.0/24 maxlen: 24
77.242.135.0/24 maxlen: 24
77.242.136.0/24 maxlen: 24
77.242.137.0/24 maxlen: 24
77.242.138.0/24 maxlen: 24
77.242.139.0/24 maxlen: 24
77.242.140.0/24 maxlen: 24
77.242.141.0/24 maxlen: 24
77.242.142.0/24 maxlen: 24
77.242.143.0/24 maxlen: 24
79.108.208.0/21 maxlen: 24
85.208.200.0/22 maxlen: 22
85.208.200.0/24 maxlen: 24
85.208.201.0/24 maxlen: 24
85.208.202.0/24 maxlen: 24
85.208.203.0/24 maxlen: 24
89.37.70.0/23 maxlen: 24
89.37.70.0/24 maxlen: 24
89.37.71.0/24 maxlen: 24
178.23.8.0/21 maxlen: 24
178.210.232.0/21 maxlen: 24
185.56.156.0/22 maxlen: 24
185.71.244.0/22 maxlen: 24
185.71.244.0/24 maxlen: 24
185.71.246.0/24 maxlen: 24
185.171.232.0/22 maxlen: 22
185.171.232.0/24 maxlen: 24
185.171.233.0/24 maxlen: 24
185.171.234.0/24 maxlen: 24
185.171.235.0/24 maxlen: 24
185.178.252.0/22 maxlen: 24
185.191.104.0/22 maxlen: 22
185.191.104.0/24 maxlen: 24
185.191.105.0/24 maxlen: 24
185.191.106.0/24 maxlen: 24
185.191.107.0/24 maxlen: 24
185.215.144.0/22 maxlen: 22
185.215.144.0/24 maxlen: 24
185.215.145.0/24 maxlen: 24
185.215.146.0/24 maxlen: 24
185.215.147.0/24 maxlen: 24
185.219.116.0/22 maxlen: 22
185.219.116.0/24 maxlen: 24
185.219.117.0/24 maxlen: 24
185.219.118.0/24 maxlen: 24
185.219.119.0/24 maxlen: 24
185.236.48.0/23 maxlen: 23
185.248.227.0/24 maxlen: 24
185.255.29.0/24 maxlen: 24
188.191.56.0/22 maxlen: 24
188.191.56.0/24 maxlen: 24
188.191.57.0/24 maxlen: 24
188.191.58.0/24 maxlen: 24
188.191.59.0/24 maxlen: 24
212.28.168.0/21 maxlen: 21
217.28.64.0/22 maxlen: 22
217.28.64.0/24 maxlen: 24
217.28.65.0/24 maxlen: 24
217.28.66.0/24 maxlen: 24
217.28.67.0/24 maxlen: 24
2a02:53e0::/32 maxlen: 32
2a05:3680::/29 maxlen: 29
2a0b:7b80::/29 maxlen: 29
2a0f:de80::/29 maxlen: 29
2a13:56c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/haqtxWj2ySj9dk1CHULHHPV5GVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/haqtxWj2ySj9dk1CHULHHPV5GVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/haqtxWj2ySj9dk1CHULHHPV5GVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:42:de:f2:37:c3:31:75:3a:b3:56:4b:24:69:bf:57:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85aaadc568f6c928fd764d421d42c71cf5791954
Validity
Not Before: Feb 9 14:47:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ba7214eae6ba1d49d93246a28b2695196dbcd9ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c7:ef:b5:c9:f1:92:01:71:5d:00:88:b6:eb:
d3:7a:1b:64:e1:5b:17:fd:57:ed:54:a7:60:3f:b5:
c3:6a:01:f1:f1:1d:ff:34:fb:fa:0c:92:7f:69:57:
da:d6:6d:1b:c8:1b:f2:d9:58:7a:a7:6d:44:1b:38:
26:ad:93:26:23:d6:41:cb:98:d3:0f:cf:80:44:fe:
b8:8e:8c:c9:2a:2c:5d:94:8b:79:e9:18:b4:0b:26:
31:db:3e:df:61:b0:e8:0d:0a:89:36:d8:53:a7:7f:
60:c2:a6:f7:5f:a5:d8:9b:d3:9c:de:25:69:d1:6b:
3c:97:ae:f2:05:18:91:6b:1c:1e:88:4e:07:d9:7d:
ac:e8:6b:25:35:4b:5b:ae:d0:27:63:50:e5:22:88:
af:5b:57:89:86:bf:f2:12:90:ce:e7:81:c2:b8:db:
13:01:96:04:64:a4:cb:13:76:ef:2c:94:48:ad:84:
3b:d3:08:19:bb:68:04:b3:cb:b3:92:67:22:98:f6:
6f:d7:0f:e0:84:1c:a4:f9:f7:52:09:34:f1:2e:d6:
2a:a2:da:95:dd:b4:58:87:c0:10:67:d7:0f:2c:97:
cb:4c:5a:1f:df:d5:e3:60:8f:17:50:7c:da:72:ad:
31:a2:b4:6f:cd:24:e1:0e:95:e5:69:0c:f2:d8:bc:
92:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:72:14:EA:E6:BA:1D:49:D9:32:46:A2:8B:26:95:19:6D:BC:D9:CE
X509v3 Authority Key Identifier:
keyid:85:AA:AD:C5:68:F6:C9:28:FD:76:4D:42:1D:42:C7:1C:F5:79:19:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/haqtxWj2ySj9dk1CHULHHPV5GVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/unIU6ua6HUnZMkaiiyaVGW282c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/haqtxWj2ySj9dk1CHULHHPV5GVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.32.0/21
45.145.200.0/22
77.242.128.0/20
79.108.208.0/21
85.208.200.0/22
89.37.70.0/23
178.23.8.0/21
178.210.232.0/21
185.56.156.0/22
185.71.244.0/22
185.171.232.0/22
185.178.252.0/22
185.191.104.0/22
185.215.144.0/22
185.219.116.0/22
185.236.48.0/23
185.248.227.0/24
185.255.29.0/24
188.191.56.0/22
212.28.168.0/21
217.28.64.0/22
IPv6:
2a02:53e0::/32
2a05:3680::/29
2a0b:7b80::/29
2a0f:de80::/29
2a13:56c0::/29
Signature Algorithm: sha256WithRSAEncryption
52:49:7f:3c:0d:24:5b:fa:a9:cc:92:46:85:a3:89:05:fe:6c:
e8:6d:3f:f5:c3:e6:a0:63:14:7c:95:c8:46:4f:6c:77:79:d2:
00:2c:e3:60:b7:26:7b:50:01:0d:83:42:19:13:53:b4:c7:4d:
f9:16:0a:47:74:49:79:b8:ef:2f:8c:32:65:27:fa:40:19:39:
2c:c7:45:5e:56:5e:32:73:75:85:80:8b:91:46:11:9d:f8:37:
4a:a5:7e:49:b5:ff:66:4f:f1:58:8f:15:8c:fd:62:05:c9:c7:
30:09:b2:8a:f5:24:24:85:34:4e:e7:33:5a:98:f4:e2:12:78:
4d:cb:aa:e0:c2:08:72:cc:dd:0d:10:25:8f:79:de:e9:af:47:
62:7a:61:8c:cf:bd:1d:ab:2a:2f:de:98:78:f7:d7:e5:ce:34:
47:0c:5a:95:21:61:04:21:73:9d:90:3b:8c:d6:51:8e:55:25:
bd:78:41:34:8d:76:86:50:6a:7f:ca:79:60:a1:6e:a1:a2:87:
a7:df:99:15:2f:03:d7:64:f5:d5:f3:f2:e8:fd:0a:68:9f:7d:
8d:f2:36:4f:38:5b:32:af:ce:0b:bd:25:d4:39:06:da:41:40:
39:12:0f:b0:d4:8a:f2:18:79:03:0f:52:d4:55:59:09:1e:fc:
60:e3:1e:e1
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAZxC3vI3wzF1OrNWSyRpv1fjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YWFhZGM1NjhmNmM5MjhmZDc2NGQ0MjFkNDJjNzFjZjU3
OTE5NTQwHhcNMjYwMjA5MTQ0NzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTcyMTRlYWU2YmExZDQ5ZDkzMjQ2YTI4YjI2OTUxOTZkYmNkOWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsfvtcnxkgFxXQCItuvTehtk4VsX
/VftVKdgP7XDagHx8R3/NPv6DJJ/aVfa1m0byBvy2Vh6p21EGzgmrZMmI9ZBy5jT
D8+ARP64jozJKixdlIt56Ri0CyYx2z7fYbDoDQqJNthTp39gwqb3X6XYm9Oc3iVp
0Ws8l67yBRiRaxweiE4H2X2s6GslNUtbrtAnY1DlIoivW1eJhr/yEpDO54HCuNsT
AZYEZKTLE3bvLJRIrYQ70wgZu2gEs8uzkmcimPZv1w/ghByk+fdSCTTxLtYqotqV
3bRYh8AQZ9cPLJfLTFof39XjYI8XUHzacq0xorRvzSThDpXlaQzy2LySQwIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFLpyFOrmuh1J2TJGoosmlRltvNnOMB8GA1UdIwQY
MBaAFIWqrcVo9sko/XZNQh1Cxxz1eRlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGFxdHhXajJ5U2o5ZGsxQ0hVTEhIUFY1R1ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wZWJkZDQtMjYxNy00ZDMxLWE4YzMt
NDVlYTM4ZGEyMjE4LzEvdW5JVTZ1YTZIVW5aTWthaWl5YVZHVzI4MmM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8wZWJkZDQtMjYxNy00ZDMxLWE4YzMtNDVlYTM4ZGEyMjE4
LzEvaGFxdHhXajJ5U2o5ZGsxQ0hVTEhIUFY1R1ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBhAQCAAEwfgMEAx8Z
IAMEAi2RyAMEBE3ygAMEA09s0AMEAlXQyAMEAVklRgMEA7IXCAMEA7LS6AMEArk4
nAMEArlH9AMEArmr6AMEArmy/AMEArm/aAMEArnXkAMEArnbdAMEAbnsMAMEALn4
4wMEALn/HQMEAry/OAMEA9QcqAMEAtkcQDApBAIAAjAjAwUAKgJT4AMFAyoFNoAD
BQMqC3uAAwUDKg/egAMFAyoTVsAwDQYJKoZIhvcNAQELBQADggEBAFJJfzwNJFv6
qcySRoWjiQX+bOhtP/XD5qBjFHyVyEZPbHd50gAs42C3JntQAQ2DQhkTU7THTfkW
Ckd0SXm47y+MMmUn+kAZOSzHRV5WXjJzdYWAi5FGEZ34N0qlfkm1/2ZP8ViPFYz9
YgXJxzAJsor1JCSFNE7nM1qY9OISeE3LquDCCHLM3Q0QJY953umvR2J6YYzPvR2r
Ki/emHj31+XONEcMWpUhYQQhc52QO4zWUY5VJb14QTSNdoZQan/KeWChbqGih6ff
mRUvA9dk9dXz8uj9CmiffY3yNk84WzKvzgu9JdQ5BtpBQDkSD7DUivIYeQMPUtRV
WQke/GDjHuE=
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:32:14 2026 by rpki-client