Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/3d11d8-fae0-4b97-afdf-9c2bbd8c9496/1/Il9HTm1cbmAODNYnWgviSsE98jM.roa
File: Il9HTm1cbmAODNYnWgviSsE98jM.roa (raw, json)
Hash identifier: 1b1CWbUFPO+dEyWsVHF8SzkLadyx+wcJAfCiROD6bO0=
Subject key identifier: 22:5F:47:4E:6D:5C:6E:60:0E:0C:D6:27:5A:0B:E2:4A:C1:3D:F2:33
Certificate issuer: /CN=a60d129401b2693a38d5b4373dc7607bf85b8a6e
Certificate serial: 019B7D5BC48B4C4B3DCEAD060F6325375A0F
Authority key identifier: A6:0D:12:94:01:B2:69:3A:38:D5:B4:37:3D:C7:60:7B:F8:5B:8A:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pg0SlAGyaTo41bQ3Pcdge_hbim4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/3d11d8-fae0-4b97-afdf-9c2bbd8c9496/1/Il9HTm1cbmAODNYnWgviSsE98jM.roa
Signing time: Fri 02 Jan 2026 06:18:44 +0000
ROA not before: Fri 02 Jan 2026 06:18:44 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204260
IP address blocks: 185.109.8.0/22 maxlen: 22
185.109.8.0/23 maxlen: 23
185.109.8.0/24 maxlen: 24
185.109.9.0/24 maxlen: 24
185.109.10.0/23 maxlen: 23
185.109.10.0/24 maxlen: 24
185.109.11.0/24 maxlen: 24
194.34.0.0/21 maxlen: 21
194.34.0.0/22 maxlen: 22
194.34.0.0/24 maxlen: 24
194.34.1.0/24 maxlen: 24
194.34.2.0/24 maxlen: 24
194.34.3.0/24 maxlen: 24
194.34.4.0/22 maxlen: 22
194.34.4.0/24 maxlen: 24
194.34.5.0/24 maxlen: 24
194.34.6.0/24 maxlen: 24
194.34.7.0/24 maxlen: 24
2a02:e600::/30 maxlen: 30
2a02:e600::/48 maxlen: 48
2a02:e600:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/3d11d8-fae0-4b97-afdf-9c2bbd8c9496/1/pg0SlAGyaTo41bQ3Pcdge_hbim4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/3d11d8-fae0-4b97-afdf-9c2bbd8c9496/1/pg0SlAGyaTo41bQ3Pcdge_hbim4.mft
rsync://rpki.ripe.net/repository/DEFAULT/pg0SlAGyaTo41bQ3Pcdge_hbim4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7d:5b:c4:8b:4c:4b:3d:ce:ad:06:0f:63:25:37:5a:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a60d129401b2693a38d5b4373dc7607bf85b8a6e
Validity
Not Before: Jan 2 06:18:44 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=225f474e6d5c6e600e0cd6275a0be24ac13df233
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5c:f0:00:35:2a:5c:98:47:fe:30:53:8d:eb:
3b:e4:d6:15:92:dd:d4:3b:dc:24:02:af:09:7c:b9:
90:19:30:f3:8c:df:00:36:e8:e4:7c:54:75:a3:4a:
15:f4:57:d8:7f:43:f5:88:fb:2b:92:99:30:a1:fe:
14:66:05:2d:f1:f5:99:86:7e:7f:57:69:66:a7:5e:
dd:87:7d:42:7d:b7:13:38:15:c3:97:17:5a:04:c7:
b6:d6:99:6e:de:0b:71:cb:eb:a4:53:cf:5d:06:92:
cd:93:68:26:29:df:fe:1f:2c:5d:79:be:18:32:f2:
3c:90:c0:3d:6e:3b:48:fd:7d:75:6d:70:ab:d0:ee:
e4:f1:d4:30:c4:6c:d9:f0:8d:2c:b7:47:19:9b:88:
6f:a0:15:35:a3:3e:a0:e6:4b:00:f6:5f:dc:8c:71:
8d:b7:26:14:4c:96:f5:50:1c:9c:4e:b8:8a:a8:42:
2f:50:a3:6d:6d:44:17:89:e7:df:68:36:5b:ba:13:
8d:e7:2b:09:61:6c:c7:71:3f:b0:5b:7e:f5:28:47:
f3:6a:e6:d0:2f:89:21:16:da:ad:1c:59:e2:9a:8e:
13:66:50:90:36:5c:b0:01:f7:78:b7:92:9f:83:45:
d8:ac:cb:05:28:e3:da:7a:4a:a2:c1:29:ec:15:fb:
2b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:5F:47:4E:6D:5C:6E:60:0E:0C:D6:27:5A:0B:E2:4A:C1:3D:F2:33
X509v3 Authority Key Identifier:
keyid:A6:0D:12:94:01:B2:69:3A:38:D5:B4:37:3D:C7:60:7B:F8:5B:8A:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pg0SlAGyaTo41bQ3Pcdge_hbim4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/3d11d8-fae0-4b97-afdf-9c2bbd8c9496/1/Il9HTm1cbmAODNYnWgviSsE98jM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/3d11d8-fae0-4b97-afdf-9c2bbd8c9496/1/pg0SlAGyaTo41bQ3Pcdge_hbim4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.8.0/22
194.34.0.0/21
IPv6:
2a02:e600::/30
Signature Algorithm: sha256WithRSAEncryption
3a:19:79:5c:25:f4:0b:77:8f:70:dd:29:1c:61:9c:9c:95:fa:
80:6a:be:50:54:35:a1:c4:90:d9:16:e4:67:83:b2:d0:3d:46:
2a:c0:ee:53:1f:6d:7f:4f:12:f9:3e:73:c7:ca:4a:35:dc:6d:
bd:39:c2:3a:65:52:2b:66:cd:59:ff:71:df:3f:9e:ae:b0:96:
4e:11:64:36:f6:f1:99:bb:9e:b6:32:9f:3a:87:41:7c:6c:7e:
85:14:55:f8:a9:0c:fe:4e:76:7e:08:c0:57:75:13:26:dc:bf:
d1:da:ed:ea:d0:e5:90:fa:0f:a4:fb:44:fd:40:c4:9e:7e:a3:
0d:a4:63:85:39:e1:1d:83:e8:4d:a3:15:7c:dd:a1:4e:41:2b:
aa:7d:34:7b:4f:18:ec:98:d8:cc:1e:0f:8b:66:a4:1b:8f:ba:
3a:de:06:54:8f:dd:14:78:9c:f0:eb:03:a2:4d:0c:03:a2:6d:
35:f5:7f:9a:ab:b7:d8:85:27:57:dd:62:b5:3e:91:df:44:56:
d6:4f:ba:86:29:f4:74:9e:dd:c2:a0:0d:f0:db:61:43:60:12:
4a:49:74:3d:a8:76:5a:20:c2:f4:9c:4e:a1:1f:0c:f4:d8:03:
25:57:b4:86:39:36:68:b3:63:2d:07:ac:75:f2:bf:1d:4e:97:
24:cc:31:2a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZt9W8SLTEs9zq0GD2MlN1oPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MGQxMjk0MDFiMjY5M2EzOGQ1YjQzNzNkYzc2MDdiZjg1
YjhhNmUwHhcNMjYwMTAyMDYxODQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjVmNDc0ZTZkNWM2ZTYwMGUwY2Q2Mjc1YTBiZTI0YWMxM2RmMjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1zwADUqXJhH/jBTjes75NYVkt3U
O9wkAq8JfLmQGTDzjN8ANujkfFR1o0oV9FfYf0P1iPsrkpkwof4UZgUt8fWZhn5/
V2lmp17dh31CfbcTOBXDlxdaBMe21plu3gtxy+ukU89dBpLNk2gmKd/+Hyxdeb4Y
MvI8kMA9bjtI/X11bXCr0O7k8dQwxGzZ8I0st0cZm4hvoBU1oz6g5ksA9l/cjHGN
tyYUTJb1UBycTriKqEIvUKNtbUQXieffaDZbuhON5ysJYWzHcT+wW371KEfzaubQ
L4khFtqtHFnimo4TZlCQNlywAfd4t5Kfg0XYrMsFKOPaekqiwSnsFfsrvQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCJfR05tXG5gDgzWJ1oL4krBPfIzMB8GA1UdIwQY
MBaAFKYNEpQBsmk6ONW0Nz3HYHv4W4puMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGcwU2xBR3lhVG80MWJRM1BjZGdlX2hiaW00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS8zZDExZDgtZmFlMC00Yjk3LWFmZGYt
OWMyYmJkOGM5NDk2LzEvSWw5SFRtMWNibUFPRE5ZbldndmlTc0U5OGpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS8zZDExZDgtZmFlMC00Yjk3LWFmZGYtOWMyYmJkOGM5NDk2
LzEvcGcwU2xBR3lhVG80MWJRM1BjZGdlX2hiaW00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuW0IAwQD
wiIAMA0EAgACMAcDBQIqAuYAMA0GCSqGSIb3DQEBCwUAA4IBAQA6GXlcJfQLd49w
3SkcYZyclfqAar5QVDWhxJDZFuRng7LQPUYqwO5TH21/TxL5PnPHyko13G29OcI6
ZVIrZs1Z/3HfP56usJZOEWQ29vGZu562Mp86h0F8bH6FFFX4qQz+TnZ+CMBXdRMm
3L/R2u3q0OWQ+g+k+0T9QMSefqMNpGOFOeEdg+hNoxV83aFOQSuqfTR7TxjsmNjM
Hg+LZqQbj7o63gZUj90UeJzw6wOiTQwDom019X+aq7fYhSdX3WK1PpHfRFbWT7qG
KfR0nt3CoA3w22FDYBJKSXQ9qHZaIML0nE6hHwz02AMlV7SGOTZos2MtB6x18r8d
TpckzDEq
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:53:26 2026 by rpki-client