Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/bfd0ff-845e-4e12-ac7c-588e0d923c15/1/V0dM0OGiOIRr_LANVdvcw5kopNw.roa
File: V0dM0OGiOIRr_LANVdvcw5kopNw.roa (raw, json)
Hash identifier: LNRzC3fIfmhFsLHaDaO4AM9qxVQUMv8ErtHtGjlMGJw=
Subject key identifier: 57:47:4C:D0:E1:A2:38:84:6B:FC:B0:0D:55:DB:DC:C3:99:28:A4:DC
Certificate issuer: /CN=dfd046af5edc11964096dc20f6af1de55d9c9030
Certificate serial: 019C767F7F151C2B3A8E1278A63377FF484A
Authority key identifier: DF:D0:46:AF:5E:DC:11:96:40:96:DC:20:F6:AF:1D:E5:5D:9C:90:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39BGr17cEZZAltwg9q8d5V2ckDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/bfd0ff-845e-4e12-ac7c-588e0d923c15/1/V0dM0OGiOIRr_LANVdvcw5kopNw.roa
Signing time: Thu 19 Feb 2026 15:23:12 +0000
ROA not before: Thu 19 Feb 2026 15:23:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213489
IP address blocks: 131.222.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/bfd0ff-845e-4e12-ac7c-588e0d923c15/1/39BGr17cEZZAltwg9q8d5V2ckDA.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/bfd0ff-845e-4e12-ac7c-588e0d923c15/1/39BGr17cEZZAltwg9q8d5V2ckDA.mft
rsync://rpki.ripe.net/repository/DEFAULT/39BGr17cEZZAltwg9q8d5V2ckDA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:76:7f:7f:15:1c:2b:3a:8e:12:78:a6:33:77:ff:48:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd046af5edc11964096dc20f6af1de55d9c9030
Validity
Not Before: Feb 19 15:23:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=57474cd0e1a238846bfcb00d55dbdcc39928a4dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:91:53:31:90:35:49:74:b3:42:75:c5:f8:b5:
20:5b:3d:18:29:66:13:a3:0c:45:ec:9f:4b:1c:0b:
32:10:6e:d9:4e:10:b5:30:eb:3f:fb:2a:2c:ef:3d:
07:66:b1:d9:5f:36:a1:f3:38:c6:6a:33:6d:d0:2a:
95:54:ae:dc:cb:e1:3e:0e:68:22:47:31:9d:b4:92:
0d:dd:cc:a7:d0:40:bb:db:46:db:98:60:b7:4a:aa:
99:86:60:dc:71:bd:6b:07:84:b0:2f:85:de:27:c2:
e4:f8:9a:b3:bd:ee:3a:5e:a1:e0:b2:1d:10:43:54:
8b:af:c5:77:86:9e:ef:f5:9b:04:b6:20:1e:8e:06:
5c:fb:1e:c7:d9:6d:3e:5c:54:a3:1f:49:a4:cd:ce:
83:a9:28:7f:e7:93:c0:6a:7c:a0:42:09:3a:13:0b:
de:20:0c:84:58:24:ec:6b:f2:10:e6:74:17:74:ab:
9a:83:51:7f:1e:5c:48:21:ef:c3:49:37:16:a2:ba:
76:7b:db:ad:b5:32:47:00:e1:1d:da:41:85:af:20:
8d:72:2c:05:5f:f6:3e:d1:bc:05:8d:5c:2b:10:04:
2f:8d:14:e0:1f:4d:5c:56:b4:65:13:dd:06:6f:38:
5f:10:a2:41:d4:85:d4:e0:0b:8d:29:10:dd:24:66:
5c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:47:4C:D0:E1:A2:38:84:6B:FC:B0:0D:55:DB:DC:C3:99:28:A4:DC
X509v3 Authority Key Identifier:
keyid:DF:D0:46:AF:5E:DC:11:96:40:96:DC:20:F6:AF:1D:E5:5D:9C:90:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39BGr17cEZZAltwg9q8d5V2ckDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bfd0ff-845e-4e12-ac7c-588e0d923c15/1/V0dM0OGiOIRr_LANVdvcw5kopNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bfd0ff-845e-4e12-ac7c-588e0d923c15/1/39BGr17cEZZAltwg9q8d5V2ckDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.222.243.0/24
Signature Algorithm: sha256WithRSAEncryption
21:9b:5d:0c:c3:9e:e7:0f:ee:e3:3f:d0:68:7d:5e:44:fb:d8:
76:78:0a:13:16:21:4d:55:67:ce:5c:02:76:35:e3:89:7b:99:
5d:cd:21:d2:5c:ae:15:40:ec:fa:91:b5:57:e2:73:81:11:ed:
49:ab:7f:fc:94:56:2c:12:7b:00:e4:1f:dc:82:88:0b:2e:62:
24:d6:a3:7a:f0:bc:2f:e3:b0:e2:9b:ea:c0:d4:9b:7c:36:55:
eb:de:6a:ff:0b:05:21:71:a2:af:12:aa:19:53:75:13:cf:f3:
33:57:a9:70:de:8d:ad:08:ad:1c:40:6f:f1:17:32:f3:d2:4c:
2b:22:cd:14:ef:78:ba:a8:1e:b8:ce:af:a2:1c:30:85:0d:6e:
f1:f6:9f:e7:e9:a0:65:2f:2b:bb:59:ce:5e:95:0a:8e:b2:97:
89:28:92:07:34:25:8c:70:a6:15:5f:c2:be:a0:59:cb:15:57:
c4:5e:93:22:7d:98:c0:9b:d7:4d:66:95:a6:be:66:71:21:64:
9b:4e:51:ef:83:ee:31:fc:ed:c8:4b:57:25:72:40:bf:81:2c:
c5:6a:b0:1a:99:85:0f:32:9d:3c:70:d9:ae:09:27:61:e4:85:
aa:18:c1:79:ee:03:35:fd:75:88:a7:53:b6:6a:13:31:92:48:
23:39:5f:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZx2f38VHCs6jhJ4pjN3/0hKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDA0NmFmNWVkYzExOTY0MDk2ZGMyMGY2YWYxZGU1NWQ5
YzkwMzAwHhcNMjYwMjE5MTUyMzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzQ3NGNkMGUxYTIzODg0NmJmY2IwMGQ1NWRiZGNjMzk5MjhhNGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJFTMZA1SXSzQnXF+LUgWz0YKWYT
owxF7J9LHAsyEG7ZThC1MOs/+yos7z0HZrHZXzah8zjGajNt0CqVVK7cy+E+Dmgi
RzGdtJIN3cyn0EC720bbmGC3SqqZhmDccb1rB4SwL4XeJ8Lk+Jqzve46XqHgsh0Q
Q1SLr8V3hp7v9ZsEtiAejgZc+x7H2W0+XFSjH0mkzc6DqSh/55PAanygQgk6Ewve
IAyEWCTsa/IQ5nQXdKuag1F/HlxIIe/DSTcWorp2e9uttTJHAOEd2kGFryCNciwF
X/Y+0bwFjVwrEAQvjRTgH01cVrRlE90GbzhfEKJB1IXU4AuNKRDdJGZcHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFdHTNDhojiEa/ywDVXb3MOZKKTcMB8GA1UdIwQY
MBaAFN/QRq9e3BGWQJbcIPavHeVdnJAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzlCR3IxN2NFWlpBbHR3ZzlxOGQ1VjJja0RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iZmQwZmYtODQ1ZS00ZTEyLWFjN2Mt
NTg4ZTBkOTIzYzE1LzEvVjBkTTBPR2lPSVJyX0xBTlZkdmN3NWtvcE53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iZmQwZmYtODQ1ZS00ZTEyLWFjN2MtNTg4ZTBkOTIzYzE1
LzEvMzlCR3IxN2NFWlpBbHR3ZzlxOGQ1VjJja0RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAg97zMA0G
CSqGSIb3DQEBCwUAA4IBAQAhm10Mw57nD+7jP9BofV5E+9h2eAoTFiFNVWfOXAJ2
NeOJe5ldzSHSXK4VQOz6kbVX4nOBEe1Jq3/8lFYsEnsA5B/cgogLLmIk1qN68Lwv
47Dim+rA1Jt8NlXr3mr/CwUhcaKvEqoZU3UTz/MzV6lw3o2tCK0cQG/xFzLz0kwr
Is0U73i6qB64zq+iHDCFDW7x9p/n6aBlLyu7Wc5elQqOspeJKJIHNCWMcKYVX8K+
oFnLFVfEXpMifZjAm9dNZpWmvmZxIWSbTlHvg+4x/O3IS1clckC/gSzFarAamYUP
Mp08cNmuCSdh5IWqGMF57gM1/XWIp1O2ahMxkkgjOV+N
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:08:29 2026 by rpki-client