Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/Do8ZWi5wRkzUbHiuWY6xyyu6Umk.roa
File: Do8ZWi5wRkzUbHiuWY6xyyu6Umk.roa (raw, json)
Hash identifier: PuAJjDmbBoo7o/pla7ua9I7iN5RDD8DEEIzSyX/sauY=
Subject key identifier: 0E:8F:19:5A:2E:70:46:4C:D4:6C:78:AE:59:8E:B1:CB:2B:BA:52:69
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 019C70569A22C56D26F8FB1D23A725DE1C1B
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/Do8ZWi5wRkzUbHiuWY6xyyu6Umk.roa
Signing time: Wed 18 Feb 2026 10:40:49 +0000
ROA not before: Wed 18 Feb 2026 10:40:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 30058
IP address blocks: 62.105.210.0/23 maxlen: 23
62.105.212.0/23 maxlen: 23
62.192.98.0/23 maxlen: 23
62.192.104.0/23 maxlen: 23
62.192.116.0/23 maxlen: 23
62.192.118.0/23 maxlen: 23
213.169.216.0/23 maxlen: 23
213.169.246.0/23 maxlen: 23
213.169.250.0/23 maxlen: 23
213.169.252.0/23 maxlen: 23
217.117.172.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:70:56:9a:22:c5:6d:26:f8:fb:1d:23:a7:25:de:1c:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Feb 18 10:40:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0e8f195a2e70464cd46c78ae598eb1cb2bba5269
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:90:8d:42:79:71:c1:98:31:6c:2c:1d:6e:88:
e4:e4:c3:f5:9f:e7:05:b8:d5:0f:c5:2d:bb:00:8b:
ef:05:88:75:c2:cf:e5:3b:72:69:ed:76:f1:9f:29:
b6:4f:b6:29:9c:69:09:5f:76:a3:f1:0c:21:c9:71:
d0:bd:c5:fe:ad:c7:b8:6d:08:0e:6a:c5:0e:0e:ef:
b8:c6:4d:5b:d4:fe:0a:6c:4a:64:fa:5d:e1:46:b4:
7b:4e:e0:e1:83:f8:59:ae:0d:84:a9:71:2f:6a:be:
8c:97:87:41:94:27:4f:10:70:fe:6f:cb:f6:86:39:
f8:b7:6b:43:57:b0:37:28:3b:1a:9d:c1:47:89:5a:
bc:62:b8:6e:7a:04:54:9a:27:18:c0:60:1d:0d:2f:
fb:05:62:b4:41:a1:36:20:f9:13:69:f3:b8:a8:6c:
16:5f:01:a6:19:9c:c5:eb:09:d1:6d:41:cb:19:ea:
f6:7e:ce:77:00:9d:95:1c:eb:d7:59:f1:8a:ac:94:
d8:17:6b:2b:1e:93:cb:47:39:9c:e9:84:42:56:eb:
c2:ae:45:d5:e3:47:3d:6b:06:4d:a3:5e:bd:7a:3a:
06:82:0a:c9:c7:14:4e:d7:fd:92:f7:77:e1:6d:89:
94:d4:82:e5:c5:6f:96:0d:c4:c7:7c:f0:af:65:57:
95:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:8F:19:5A:2E:70:46:4C:D4:6C:78:AE:59:8E:B1:CB:2B:BA:52:69
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/Do8ZWi5wRkzUbHiuWY6xyyu6Umk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.105.210.0-62.105.213.255
62.192.98.0/23
62.192.104.0/23
62.192.116.0/22
213.169.216.0/23
213.169.246.0/23
213.169.250.0-213.169.253.255
217.117.172.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:cf:a5:e6:a4:c0:75:b9:00:ac:a4:31:1e:70:8d:b8:6f:01:
6a:7e:73:b4:90:25:b8:08:d8:25:30:68:ac:7e:e7:c2:87:c6:
68:d7:20:d6:34:f1:a0:12:ca:ce:cb:22:e1:20:13:51:98:9b:
0d:32:ef:94:fd:e3:13:d3:ad:44:b5:d8:72:ea:13:51:a8:75:
ae:3e:77:61:fe:22:39:62:e8:ad:51:e9:34:19:60:ce:4e:25:
b3:1f:87:65:d3:d2:7d:86:ef:8f:35:8c:09:88:e1:2c:6c:ec:
6a:c5:06:50:64:86:a0:5a:d9:35:73:c8:4d:63:cf:39:de:0e:
ed:cd:2b:4c:8e:c6:2f:f3:9c:79:41:5f:73:9d:59:38:b4:9d:
38:38:23:b4:44:91:fb:7e:3c:7e:b0:8f:18:05:8d:c9:98:60:
25:38:12:ef:fd:c8:34:3b:f4:bc:a5:4d:4a:89:00:98:7b:8d:
d0:8a:f1:4a:67:c7:df:a7:e9:8f:9b:1c:c3:ce:b3:c6:7d:f3:
6d:a4:32:93:5a:6c:ad:c8:2b:e0:75:f4:b8:8b:a8:e5:b0:22:
85:3d:be:9f:e9:6d:d3:2e:a5:bc:fa:6b:7a:c6:e9:76:2f:88:
37:8e:44:05:97:24:c5:3a:5d:67:6d:af:ff:61:95:f9:c1:e2:
b3:91:6b:64
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZxwVpoixW0m+PsdI6cl3hwbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjYwMjE4MTA0MDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZThmMTk1YTJlNzA0NjRjZDQ2Yzc4YWU1OThlYjFjYjJiYmE1MjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJCNQnlxwZgxbCwdbojk5MP1n+cF
uNUPxS27AIvvBYh1ws/lO3Jp7Xbxnym2T7YpnGkJX3aj8QwhyXHQvcX+rce4bQgO
asUODu+4xk1b1P4KbEpk+l3hRrR7TuDhg/hZrg2EqXEvar6Ml4dBlCdPEHD+b8v2
hjn4t2tDV7A3KDsancFHiVq8YrhuegRUmicYwGAdDS/7BWK0QaE2IPkTafO4qGwW
XwGmGZzF6wnRbUHLGer2fs53AJ2VHOvXWfGKrJTYF2srHpPLRzmc6YRCVuvCrkXV
40c9awZNo169ejoGggrJxxRO1/2S93fhbYmU1ILlxW+WDcTHfPCvZVeVsQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFA6PGVoucEZM1Gx4rlmOscsrulJpMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvRG84WldpNXdSa3pVYkhpdVdZNnh5eXU2VW1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAMAwDBAE+adID
BAE+adQDBAE+wGIDBAE+wGgDBAI+wHQDBAHVqdgDBAHVqfYwDAMEAdWp+gMEAdWp
/AMEAtl1rDANBgkqhkiG9w0BAQsFAAOCAQEAes+l5qTAdbkArKQxHnCNuG8Ban5z
tJAluAjYJTBorH7nwofGaNcg1jTxoBLKzssi4SATUZibDTLvlP3jE9OtRLXYcuoT
Uah1rj53Yf4iOWLorVHpNBlgzk4lsx+HZdPSfYbvjzWMCYjhLGzsasUGUGSGoFrZ
NXPITWPPOd4O7c0rTI7GL/OceUFfc51ZOLSdODgjtESR+348frCPGAWNyZhgJTgS
7/3INDv0vKVNSokAmHuN0IrxSmfH36fpj5scw86zxn3zbaQyk1psrcgr4HX0uIuo
5bAihT2+n+lt0y6lvPpresbpdi+IN45EBZckxTpdZ22v/2GV+cHis5FrZA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:02:27 2026 by rpki-client