Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/542603-5462-4b8d-8bc4-535cc0c102f0/1/bAhXIw4o-K6aXN8tJ7hf4z8mRUo.roa
File: bAhXIw4o-K6aXN8tJ7hf4z8mRUo.roa (raw, json)
Hash identifier: uotsY5ugmiZrSYWh3ucoWfhUQq8CHWPejt75nystkiU=
Subject key identifier: 6C:08:57:23:0E:28:F8:AE:9A:5C:DF:2D:27:B8:5F:E3:3F:26:45:4A
Certificate issuer: /CN=c2fd2c74ad6fae2ddd0f6e9c39fde831893ae6f9
Certificate serial: 019B797F254BB7657CD55E6ABE1F6D84D27B
Authority key identifier: C2:FD:2C:74:AD:6F:AE:2D:DD:0F:6E:9C:39:FD:E8:31:89:3A:E6:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wv0sdK1vri3dD26cOf3oMYk65vk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/542603-5462-4b8d-8bc4-535cc0c102f0/1/bAhXIw4o-K6aXN8tJ7hf4z8mRUo.roa
Signing time: Thu 01 Jan 2026 12:18:54 +0000
ROA not before: Thu 01 Jan 2026 12:18:54 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 21409
IP address blocks: 185.110.64.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/542603-5462-4b8d-8bc4-535cc0c102f0/1/wv0sdK1vri3dD26cOf3oMYk65vk.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/542603-5462-4b8d-8bc4-535cc0c102f0/1/wv0sdK1vri3dD26cOf3oMYk65vk.mft
rsync://rpki.ripe.net/repository/DEFAULT/wv0sdK1vri3dD26cOf3oMYk65vk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 03:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:79:7f:25:4b:b7:65:7c:d5:5e:6a:be:1f:6d:84:d2:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2fd2c74ad6fae2ddd0f6e9c39fde831893ae6f9
Validity
Not Before: Jan 1 12:18:54 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6c0857230e28f8ae9a5cdf2d27b85fe33f26454a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:cf:c4:ea:f8:9a:c9:2b:79:20:df:25:26:ae:
c3:05:56:5a:b3:4b:d0:88:64:eb:83:a2:46:ec:65:
1d:87:d7:4e:e4:7e:ec:c0:29:1f:85:3e:e4:e2:83:
fb:21:21:7c:5b:25:c5:56:19:b4:d5:87:c4:37:97:
18:d6:30:ea:86:66:fa:53:b3:31:13:e2:9a:25:84:
96:65:e1:53:64:17:96:38:29:3f:ba:dc:90:75:b8:
99:45:e8:64:fb:96:93:52:ba:95:3b:fb:24:a1:3a:
c5:0f:c2:a3:a6:68:06:6e:78:15:86:9f:23:49:18:
f2:ea:0f:50:97:dd:1d:5e:d3:86:ad:af:d4:16:e6:
46:b1:89:34:92:13:dd:c2:17:44:62:af:dd:7d:71:
e7:94:e4:a3:5b:76:c0:aa:1b:f2:b5:78:62:43:b1:
9a:25:a3:cd:71:fa:6f:52:13:b5:ab:63:af:1b:58:
7f:b8:8b:9c:ff:7e:2f:0a:55:dc:5d:99:07:7a:b5:
2e:87:25:20:3f:2f:05:81:f8:36:80:30:2a:cb:fa:
f0:b8:19:c4:d1:e7:86:04:7e:f3:83:60:36:1c:7d:
4d:fb:52:25:69:7a:45:f5:b3:48:68:28:16:c8:da:
ff:b2:65:2c:8b:3c:40:f1:00:f5:80:68:38:71:fd:
6a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:08:57:23:0E:28:F8:AE:9A:5C:DF:2D:27:B8:5F:E3:3F:26:45:4A
X509v3 Authority Key Identifier:
keyid:C2:FD:2C:74:AD:6F:AE:2D:DD:0F:6E:9C:39:FD:E8:31:89:3A:E6:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wv0sdK1vri3dD26cOf3oMYk65vk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/542603-5462-4b8d-8bc4-535cc0c102f0/1/bAhXIw4o-K6aXN8tJ7hf4z8mRUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/542603-5462-4b8d-8bc4-535cc0c102f0/1/wv0sdK1vri3dD26cOf3oMYk65vk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.64.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:07:b9:92:da:f1:41:54:8d:71:93:b5:7b:b5:50:99:e2:9d:
85:f5:43:48:07:b6:92:96:23:a5:ee:ce:96:1d:20:bc:25:89:
62:78:87:a1:76:e8:ed:35:09:ce:cc:c4:23:90:e9:34:ec:57:
8c:8a:e5:49:92:50:7e:b4:ae:47:7e:5b:b4:6d:27:a1:91:c1:
3f:ea:11:b7:51:69:8c:8d:46:80:15:42:f7:20:c0:09:c8:7b:
e0:02:ef:75:d6:0d:f3:8c:ec:e1:f0:60:f0:45:b7:0f:b0:f5:
3c:c0:9d:37:6a:dc:1c:3f:e7:d5:e8:1e:a9:e7:e6:76:02:41:
38:81:75:cb:80:30:7c:c4:4f:17:b9:1d:13:b8:3a:e4:f3:e5:
88:e9:9a:51:84:36:ab:53:a0:f5:c9:9d:ff:57:63:46:04:7b:
51:c8:fe:62:70:5a:18:a2:7d:93:5d:ba:7a:58:6e:57:85:b5:
a5:9f:c5:2c:33:6a:2a:49:90:3e:aa:2b:91:45:00:da:3d:8a:
69:1f:9a:1d:fa:0f:53:84:64:f4:fd:ad:19:d8:b3:e8:15:a0:
7f:8d:92:68:7e:46:15:47:e9:2e:2c:b5:87:64:ef:39:f9:be:
3a:c5:39:be:67:bc:39:c2:e5:28:19:ce:ea:be:24:fd:fd:c0:
55:9b:b5:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5fyVLt2V81V5qvh9thNJ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZmQyYzc0YWQ2ZmFlMmRkZDBmNmU5YzM5ZmRlODMxODkz
YWU2ZjkwHhcNMjYwMTAxMTIxODU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzA4NTcyMzBlMjhmOGFlOWE1Y2RmMmQyN2I4NWZlMzNmMjY0NTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAos/E6viaySt5IN8lJq7DBVZas0vQ
iGTrg6JG7GUdh9dO5H7swCkfhT7k4oP7ISF8WyXFVhm01YfEN5cY1jDqhmb6U7Mx
E+KaJYSWZeFTZBeWOCk/utyQdbiZRehk+5aTUrqVO/skoTrFD8KjpmgGbngVhp8j
SRjy6g9Ql90dXtOGra/UFuZGsYk0khPdwhdEYq/dfXHnlOSjW3bAqhvytXhiQ7Ga
JaPNcfpvUhO1q2OvG1h/uIuc/34vClXcXZkHerUuhyUgPy8Fgfg2gDAqy/rwuBnE
0eeGBH7zg2A2HH1N+1IlaXpF9bNIaCgWyNr/smUsizxA8QD1gGg4cf1qOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGwIVyMOKPiumlzfLSe4X+M/JkVKMB8GA1UdIwQY
MBaAFML9LHStb64t3Q9unDn96DGJOub5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3Ywc2RLMXZyaTNkRDI2Y09mM29NWWs2NXZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS81NDI2MDMtNTQ2Mi00YjhkLThiYzQt
NTM1Y2MwYzEwMmYwLzEvYkFoWEl3NG8tSzZhWE44dEo3aGY0ejhtUlVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS81NDI2MDMtNTQ2Mi00YjhkLThiYzQtNTM1Y2MwYzEwMmYw
LzEvd3Ywc2RLMXZyaTNkRDI2Y09mM29NWWs2NXZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuW5AMA0G
CSqGSIb3DQEBCwUAA4IBAQCkB7mS2vFBVI1xk7V7tVCZ4p2F9UNIB7aSliOl7s6W
HSC8JYlieIehdujtNQnOzMQjkOk07FeMiuVJklB+tK5Hflu0bSehkcE/6hG3UWmM
jUaAFUL3IMAJyHvgAu911g3zjOzh8GDwRbcPsPU8wJ03atwcP+fV6B6p5+Z2AkE4
gXXLgDB8xE8XuR0TuDrk8+WI6ZpRhDarU6D1yZ3/V2NGBHtRyP5icFoYon2TXbp6
WG5XhbWln8UsM2oqSZA+qiuRRQDaPYppH5od+g9ThGT0/a0Z2LPoFaB/jZJofkYV
R+kuLLWHZO85+b46xTm+Z7w5wuUoGc7qviT9/cBVm7X0
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:56:43 2026 by rpki-client