Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/_1uT-dJdB4zjdJrrsneMD7wKcvI.roa
File: _1uT-dJdB4zjdJrrsneMD7wKcvI.roa (raw, json)
Hash identifier: ZF972oLTFfsetFH5TGdur7PAWOAqIPiOxk86Q4SVB40=
Subject key identifier: FF:5B:93:F9:D2:5D:07:8C:E3:74:9A:EB:B2:77:8C:0F:BC:0A:72:F2
Certificate issuer: /CN=2037512e5355e815acf064603f8ae3f5528a5e3b
Certificate serial: 019C8A1263E693DEF05FE654A89FD8C734A7
Authority key identifier: 20:37:51:2E:53:55:E8:15:AC:F0:64:60:3F:8A:E3:F5:52:8A:5E:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/_1uT-dJdB4zjdJrrsneMD7wKcvI.roa
Signing time: Mon 23 Feb 2026 10:36:26 +0000
ROA not before: Mon 23 Feb 2026 10:36:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 38913
IP address blocks: 88.214.28.0/22 maxlen: 22
88.214.28.0/24 maxlen: 24
88.214.31.0/24 maxlen: 24
2a09:8b00::/29 maxlen: 29
2a09:8b00:9999::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/IDdRLlNV6BWs8GRgP4rj9VKKXjs.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/IDdRLlNV6BWs8GRgP4rj9VKKXjs.mft
rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 13:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8a:12:63:e6:93:de:f0:5f:e6:54:a8:9f:d8:c7:34:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2037512e5355e815acf064603f8ae3f5528a5e3b
Validity
Not Before: Feb 23 10:36:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ff5b93f9d25d078ce3749aebb2778c0fbc0a72f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9e:3d:52:db:ee:6a:87:2b:ed:04:3a:5e:6a:
6e:f2:f1:68:f0:10:c9:49:f3:af:b9:23:97:ae:fc:
4e:04:c4:c5:ff:84:fb:a4:27:59:69:18:4f:2e:a6:
74:9a:53:f4:94:a1:ca:25:b7:e0:6a:30:76:68:99:
a3:a2:4e:79:32:61:3a:74:f9:18:3b:92:13:61:56:
0c:da:90:c4:d7:13:18:45:81:0b:2a:f5:be:16:3e:
22:f7:7d:b9:a3:78:0a:9b:58:be:a2:a1:5f:79:39:
ed:02:7b:3f:d5:3e:69:9a:b3:c4:55:3e:fc:05:23:
42:6c:fe:dd:57:e5:d4:72:95:d7:58:df:eb:01:e4:
f4:e3:1b:58:ce:c2:36:c6:1c:7c:f4:7b:90:af:7b:
bc:1a:59:d3:7f:9d:bb:7a:d8:da:97:ed:dd:db:40:
d6:3c:76:60:4d:9b:fe:ca:0e:54:05:7a:05:64:32:
e0:88:d8:24:46:d8:69:72:1e:2d:bf:d1:ed:1a:66:
48:7d:db:b1:18:4c:d8:6d:85:9c:74:03:40:0f:fc:
f9:97:c1:99:18:21:86:d5:ef:71:e1:c8:a4:ba:af:
f1:d2:12:57:ae:9d:18:4d:6e:14:b8:7c:8b:d6:64:
a0:59:b6:fc:c7:15:c9:d1:b4:95:96:fb:bb:26:7e:
3e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:5B:93:F9:D2:5D:07:8C:E3:74:9A:EB:B2:77:8C:0F:BC:0A:72:F2
X509v3 Authority Key Identifier:
keyid:20:37:51:2E:53:55:E8:15:AC:F0:64:60:3F:8A:E3:F5:52:8A:5E:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/_1uT-dJdB4zjdJrrsneMD7wKcvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/IDdRLlNV6BWs8GRgP4rj9VKKXjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.28.0/22
IPv6:
2a09:8b00::/29
Signature Algorithm: sha256WithRSAEncryption
3b:70:c4:f2:14:6b:2f:bd:3f:cf:e6:c5:88:81:9c:20:07:d3:
cd:22:e3:06:ca:ef:52:71:c8:a5:c6:c7:b2:ce:32:53:6e:38:
4b:a0:49:76:12:c7:b3:bc:41:45:9b:7b:55:26:48:90:10:5b:
1e:82:4e:9f:55:ed:e5:3a:5d:49:a0:4f:62:4b:7e:b7:e9:04:
d0:70:2f:5d:a4:bc:5b:2c:16:d2:d1:db:b9:61:b6:80:7e:57:
e2:70:37:f3:39:77:97:df:a4:87:f1:34:59:2a:53:c3:df:b3:
d9:29:d7:ac:c8:64:d4:ed:ee:0f:ec:9f:f3:a2:d9:58:32:64:
ce:38:24:03:56:a4:de:1a:98:42:cf:77:4e:e9:97:7a:02:44:
09:8e:f7:b7:92:39:de:3d:33:ab:4f:ed:46:63:50:d6:9a:20:
bc:cc:5e:74:c0:53:77:fa:ff:a6:fe:ff:ba:e0:3a:52:d0:fe:
04:38:a8:a8:4e:2f:89:32:f2:aa:18:b6:66:72:29:ca:f5:e1:
da:76:83:74:78:32:d0:52:d0:46:f0:16:ba:23:b6:24:5b:4b:
30:3c:41:2f:62:01:5b:72:b7:3e:3b:1f:72:04:77:81:e5:d8:
3f:8c:3e:de:e3:8e:57:6d:0f:20:81:29:76:79:f5:f9:d5:19:
52:99:6b:3a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZyKEmPmk97wX+ZUqJ/YxzSnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMzc1MTJlNTM1NWU4MTVhY2YwNjQ2MDNmOGFlM2Y1NTI4
YTVlM2IwHhcNMjYwMjIzMTAzNjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjViOTNmOWQyNWQwNzhjZTM3NDlhZWJiMjc3OGMwZmJjMGE3MmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwp49Utvuaocr7QQ6Xmpu8vFo8BDJ
SfOvuSOXrvxOBMTF/4T7pCdZaRhPLqZ0mlP0lKHKJbfgajB2aJmjok55MmE6dPkY
O5ITYVYM2pDE1xMYRYELKvW+Fj4i9325o3gKm1i+oqFfeTntAns/1T5pmrPEVT78
BSNCbP7dV+XUcpXXWN/rAeT04xtYzsI2xhx89HuQr3u8GlnTf527etjal+3d20DW
PHZgTZv+yg5UBXoFZDLgiNgkRthpch4tv9HtGmZIfduxGEzYbYWcdANAD/z5l8GZ
GCGG1e9x4cikuq/x0hJXrp0YTW4UuHyL1mSgWbb8xxXJ0bSVlvu7Jn4+NwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP9bk/nSXQeM43Sa67J3jA+8CnLyMB8GA1UdIwQY
MBaAFCA3US5TVegVrPBkYD+K4/VSil47MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSURkUkxsTlY2QldzOEdSZ1A0cmo5VktLWGpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9iMTQ3NWQtZmNjMi00OGJiLWFlMDEt
YzJiYTI0NjUzZjdiLzEvXzF1VC1kSmRCNHpqZEpycnNuZU1EN3dLY3ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9iMTQ3NWQtZmNjMi00OGJiLWFlMDEtYzJiYTI0NjUzZjdi
LzEvSURkUkxsTlY2QldzOEdSZ1A0cmo5VktLWGpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCWNYcMA0E
AgACMAcDBQMqCYsAMA0GCSqGSIb3DQEBCwUAA4IBAQA7cMTyFGsvvT/P5sWIgZwg
B9PNIuMGyu9SccilxseyzjJTbjhLoEl2EsezvEFFm3tVJkiQEFsegk6fVe3lOl1J
oE9iS3636QTQcC9dpLxbLBbS0du5YbaAflficDfzOXeX36SH8TRZKlPD37PZKdes
yGTU7e4P7J/zotlYMmTOOCQDVqTeGphCz3dO6Zd6AkQJjve3kjnePTOrT+1GY1DW
miC8zF50wFN3+v+m/v+64DpS0P4EOKioTi+JMvKqGLZmcinK9eHadoN0eDLQUtBG
8Ba6I7YkW0swPEEvYgFbcrc+Ox9yBHeB5dg/jD7e445XbQ8ggSl2efX51RlSmWs6
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:20:01 2026 by rpki-client