Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/1-WmJXUzndEvurHNC9z-EdX-GqLg.roa
File: 1-WmJXUzndEvurHNC9z-EdX-GqLg.roa (raw, json)
Hash identifier: k4/qUPEWtP0yhAjTXryxItYMnfRgWY9Qd/ypPo+vPZA=
Subject key identifier: F9:69:89:5D:4C:E7:74:4B:EE:AC:73:42:F7:3F:84:75:7F:86:A8:B8
Certificate issuer: /CN=0467a56211b21e9ac7cdc8fb639f310a92c2104c
Certificate serial: 019C7B8A9B9BAF3F44085B3DEB9E8821862E
Authority key identifier: 04:67:A5:62:11:B2:1E:9A:C7:CD:C8:FB:63:9F:31:0A:92:C2:10:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BGelYhGyHprHzcj7Y58xCpLCEEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/1-WmJXUzndEvurHNC9z-EdX-GqLg.roa
Signing time: Fri 20 Feb 2026 14:53:27 +0000
ROA not before: Fri 20 Feb 2026 14:53:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49535
IP address blocks: 185.151.124.0/22 maxlen: 22
185.151.124.0/24 maxlen: 24
185.151.125.0/24 maxlen: 24
185.151.126.0/24 maxlen: 24
185.151.127.0/24 maxlen: 24
188.94.192.0/21 maxlen: 21
188.94.192.0/24 maxlen: 24
188.94.193.0/24 maxlen: 24
188.94.194.0/24 maxlen: 24
188.94.195.0/24 maxlen: 24
188.94.196.0/24 maxlen: 24
188.94.197.0/24 maxlen: 24
188.94.198.0/24 maxlen: 24
188.94.199.0/24 maxlen: 24
2a07:73c0::/29 maxlen: 29
2a07:73c0::/30 maxlen: 30
2a07:73c4::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/BGelYhGyHprHzcj7Y58xCpLCEEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/BGelYhGyHprHzcj7Y58xCpLCEEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BGelYhGyHprHzcj7Y58xCpLCEEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:7b:8a:9b:9b:af:3f:44:08:5b:3d:eb:9e:88:21:86:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0467a56211b21e9ac7cdc8fb639f310a92c2104c
Validity
Not Before: Feb 20 14:53:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f969895d4ce7744beeac7342f73f84757f86a8b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2d:33:cd:d4:7d:0f:79:dc:21:ef:80:5f:2e:
af:f3:23:04:86:21:8c:1d:23:30:e9:48:62:c1:53:
d4:eb:1f:3c:84:79:24:61:4b:9c:b5:2a:02:87:14:
fc:37:91:f6:5f:2f:ca:d6:a8:f7:2b:06:69:96:93:
88:cf:ef:22:3d:f6:c2:20:a0:d3:cd:c5:85:be:46:
7b:5e:09:25:00:e8:ff:f8:25:fb:e6:10:ce:d0:61:
97:7e:88:56:c4:3c:29:b3:12:62:a6:6c:89:22:bd:
80:94:be:1f:29:d9:fb:08:25:4e:34:ba:7f:92:78:
99:91:69:58:49:78:98:c4:c3:b9:dd:fb:e9:ae:55:
5e:99:8a:09:b8:e1:10:80:16:7b:9d:3b:d1:fc:d5:
54:e8:8a:bd:ec:6e:bf:5b:a6:ab:36:57:59:98:a9:
fd:49:78:31:2e:ae:2e:34:b4:44:46:68:e3:26:99:
d8:4c:fa:0d:9b:96:53:73:eb:11:a6:ec:78:9d:f9:
95:2f:8e:9c:71:ac:c8:24:57:0a:2d:dd:42:33:80:
68:d1:e0:07:b7:c1:da:a3:d9:4f:4c:3f:1c:5f:10:
46:85:94:a9:8b:a1:59:27:c7:3d:09:43:9c:1e:3b:
3c:56:f3:c7:74:b4:81:cd:a3:78:17:7f:18:fe:02:
df:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:69:89:5D:4C:E7:74:4B:EE:AC:73:42:F7:3F:84:75:7F:86:A8:B8
X509v3 Authority Key Identifier:
keyid:04:67:A5:62:11:B2:1E:9A:C7:CD:C8:FB:63:9F:31:0A:92:C2:10:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BGelYhGyHprHzcj7Y58xCpLCEEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/1-WmJXUzndEvurHNC9z-EdX-GqLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/BGelYhGyHprHzcj7Y58xCpLCEEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.124.0/22
188.94.192.0/21
IPv6:
2a07:73c0::/29
Signature Algorithm: sha256WithRSAEncryption
79:0b:9d:66:db:97:f8:28:82:f1:bc:f2:3c:88:59:db:2a:19:
dc:9b:f7:25:9e:80:c9:7b:14:88:f8:2c:ad:50:f2:df:cf:be:
e1:40:4f:4d:42:f9:b8:70:db:e3:59:cb:09:b2:bf:cf:c4:c8:
52:83:ed:29:8e:04:dd:30:3d:65:4f:72:48:62:94:05:4c:0e:
3c:c9:8a:ca:3b:ce:0b:a6:93:25:82:cb:e7:41:76:17:98:6c:
d9:4c:40:4d:fc:b7:0e:1b:a1:2d:2a:24:6f:53:81:84:84:41:
80:c3:bb:1b:2b:21:1c:47:47:1d:e9:75:c0:fd:dd:52:d2:a2:
da:21:03:58:c2:9c:0b:08:1b:6b:36:80:3c:a7:02:49:65:f1:
bf:4d:6b:15:36:69:fc:8f:db:31:7e:46:90:6a:bf:98:1e:93:
8f:8f:ae:cc:87:10:40:f8:32:08:82:91:cd:99:37:21:ff:7a:
72:93:2c:30:23:6e:56:ea:ad:fd:5f:28:2f:35:7b:01:92:3a:
08:24:92:b0:26:d1:c1:08:68:e3:99:d7:48:f4:08:1a:44:f4:
85:b9:d0:12:44:8c:ed:69:69:03:ea:6d:dc:c2:87:ac:3e:34:
28:c1:66:e5:31:d6:1b:a2:64:7a:40:77:03:72:a5:3a:6a:5c:
40:d2:78:d4
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZx7ipubrz9ECFs9656IIYYuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NjdhNTYyMTFiMjFlOWFjN2NkYzhmYjYzOWYzMTBhOTJj
MjEwNGMwHhcNMjYwMjIwMTQ1MzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTY5ODk1ZDRjZTc3NDRiZWVhYzczNDJmNzNmODQ3NTdmODZhOGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzi0zzdR9D3ncIe+AXy6v8yMEhiGM
HSMw6UhiwVPU6x88hHkkYUuctSoChxT8N5H2Xy/K1qj3KwZplpOIz+8iPfbCIKDT
zcWFvkZ7XgklAOj/+CX75hDO0GGXfohWxDwpsxJipmyJIr2AlL4fKdn7CCVONLp/
kniZkWlYSXiYxMO53fvprlVemYoJuOEQgBZ7nTvR/NVU6Iq97G6/W6arNldZmKn9
SXgxLq4uNLRERmjjJpnYTPoNm5ZTc+sRpux4nfmVL46ccazIJFcKLd1CM4Bo0eAH
t8Hao9lPTD8cXxBGhZSpi6FZJ8c9CUOcHjs8VvPHdLSBzaN4F38Y/gLfYQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPlpiV1M53RL7qxzQvc/hHV/hqi4MB8GA1UdIwQY
MBaAFARnpWIRsh6ax83I+2OfMQqSwhBMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkdlbFloR3lIcHJIemNqN1k1OHhDcExDRUV3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wNDVjNGItYzBkNy00Nzc4LTlmNDQt
ODIzYWQyYzJmNWYxLzEvMS1XbUpYVXpuZEV2dXJITkM5ei1FZFgtR3FMZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2QvMDQ1YzRiLWMwZDctNDc3OC05ZjQ0LTgyM2FkMmMyZjVm
MS8xL0JHZWxZaEd5SHBySHpjajdZNTh4Q3BMQ0VFdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArmXfAME
A7xewDANBAIAAjAHAwUDKgdzwDANBgkqhkiG9w0BAQsFAAOCAQEAeQudZtuX+CiC
8bzyPIhZ2yoZ3Jv3JZ6AyXsUiPgsrVDy38++4UBPTUL5uHDb41nLCbK/z8TIUoPt
KY4E3TA9ZU9ySGKUBUwOPMmKyjvOC6aTJYLL50F2F5hs2UxATfy3DhuhLSokb1OB
hIRBgMO7GyshHEdHHel1wP3dUtKi2iEDWMKcCwgbazaAPKcCSWXxv01rFTZp/I/b
MX5GkGq/mB6Tj4+uzIcQQPgyCIKRzZk3If96cpMsMCNuVuqt/V8oLzV7AZI6CCSS
sCbRwQho45nXSPQIGkT0hbnQEkSM7WlpA+pt3MKHrD40KMFm5THWG6JkekB3A3Kl
OmpcQNJ41A==
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:18:57 2026 by rpki-client