Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/Aijv6XZAKQc84v4d9T5PajRwQDU.roa
File: Aijv6XZAKQc84v4d9T5PajRwQDU.roa (raw, json)
Hash identifier: X515bCbnHs/cmD025sq9+yOw62QSOQsn6w/2fBjMAW0=
Subject key identifier: 02:28:EF:E9:76:40:29:07:3C:E2:FE:1D:F5:3E:4F:6A:34:70:40:35
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 019C6B3F409CA46F55FB3C7C873B219AAC7F
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/Aijv6XZAKQc84v4d9T5PajRwQDU.roa
Signing time: Tue 17 Feb 2026 10:57:13 +0000
ROA not before: Tue 17 Feb 2026 10:57:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200019
IP address blocks: 2.59.219.0/24 maxlen: 24
45.93.8.0/24 maxlen: 24
45.93.9.0/24 maxlen: 24
45.148.244.0/24 maxlen: 24
78.40.116.0/24 maxlen: 24
78.40.117.0/24 maxlen: 24
81.177.213.0/24 maxlen: 24
93.157.106.0/24 maxlen: 24
93.185.167.0/24 maxlen: 24
94.103.188.0/24 maxlen: 24
94.231.223.0/24 maxlen: 24
171.22.181.0/24 maxlen: 24
176.116.0.0/24 maxlen: 24
176.125.240.0/24 maxlen: 24
176.125.241.0/24 maxlen: 24
176.125.242.0/24 maxlen: 24
176.125.243.0/24 maxlen: 24
185.234.9.0/24 maxlen: 24
193.27.90.0/24 maxlen: 24
213.232.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:6b:3f:40:9c:a4:6f:55:fb:3c:7c:87:3b:21:9a:ac:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Feb 17 10:57:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0228efe9764029073ce2fe1df53e4f6a34704035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:5c:eb:8c:f1:dd:51:c8:76:11:99:99:d2:fb:
28:0f:22:8e:8b:5e:68:a1:88:55:f4:e3:4e:fe:d5:
e0:2b:78:10:cb:0b:a1:e7:c0:35:ff:26:c0:70:cf:
f9:47:de:5c:06:71:d2:11:4f:e4:f6:6c:4a:cb:08:
b9:0a:15:91:d2:cc:ea:eb:e7:4d:10:94:10:be:d8:
dd:fe:4c:eb:1c:93:89:5c:69:c4:86:b5:9b:b8:b6:
d6:58:e4:d7:9f:28:fd:ce:29:3e:24:0f:e9:dc:af:
2a:d1:89:ca:af:66:e7:b0:ad:ba:03:4a:94:eb:0d:
6d:d1:22:da:f4:aa:d1:a0:b6:5b:bf:02:b8:b2:d9:
e9:49:e0:e8:4f:37:fb:e1:92:0c:f7:26:1d:bb:63:
77:82:98:89:85:74:0d:15:06:a6:63:66:fe:fd:95:
dc:48:ec:ba:d5:0a:ce:59:a2:58:96:58:e4:3f:ac:
b6:33:00:c0:05:96:6c:27:fe:47:c8:ce:c4:0d:a0:
5c:29:c3:81:de:fe:a9:ed:24:10:e0:3a:3d:c5:78:
f7:f6:78:f3:bb:8b:0d:18:c4:d0:a8:36:2f:ee:84:
2f:32:66:47:b6:11:ca:38:43:27:56:1a:40:a8:94:
ef:0d:79:a3:03:ad:b7:c9:d2:92:15:42:98:7f:b2:
02:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:28:EF:E9:76:40:29:07:3C:E2:FE:1D:F5:3E:4F:6A:34:70:40:35
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/Aijv6XZAKQc84v4d9T5PajRwQDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.219.0/24
45.93.8.0/23
45.148.244.0/24
78.40.116.0/23
81.177.213.0/24
93.157.106.0/24
93.185.167.0/24
94.103.188.0/24
94.231.223.0/24
171.22.181.0/24
176.116.0.0/24
176.125.240.0/22
185.234.9.0/24
193.27.90.0/24
213.232.235.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:5f:0f:1f:4b:d8:f3:e7:68:01:0b:8a:d7:d8:c3:b7:b5:09:
36:a9:8b:a7:b9:cb:f2:85:ca:31:a8:66:45:2c:49:41:ef:c1:
3a:a6:61:6e:5d:65:06:f3:be:6b:9e:0c:30:7a:f0:32:d1:7f:
f0:b7:ba:d2:7c:56:ab:6f:35:07:e7:aa:7e:0c:d3:25:77:42:
a0:89:97:05:f8:6b:50:08:a6:60:ed:b1:38:dc:5e:93:b6:15:
97:1d:a9:ef:f8:00:05:c3:8b:93:94:fe:25:d4:ac:b0:7b:11:
1a:fe:25:49:1d:76:c8:80:9f:cd:13:ef:03:9f:0f:ba:fd:cd:
24:e4:40:cd:a6:1a:03:d2:8e:44:db:48:ab:50:7b:8c:0a:af:
df:37:16:40:97:ed:67:6b:8f:fa:5c:f4:6a:81:3b:8f:25:3f:
00:53:58:45:76:86:37:7b:bf:5a:9d:bc:64:d0:55:72:cf:65:
31:ca:2d:ed:36:eb:57:12:70:05:e9:bb:5c:04:f1:4b:77:a9:
d1:db:fc:50:8d:f8:79:d9:72:8d:99:1b:eb:d3:52:3f:27:41:
ac:2c:ec:54:86:57:9e:59:2d:43:71:40:74:83:04:02:20:1b:
64:01:12:5b:9f:1a:16:46:6f:9b:dd:23:84:24:e3:27:13:17:
80:85:56:4f
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZxrP0CcpG9V+zx8hzshmqx/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjYwMjE3MTA1NzEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjI4ZWZlOTc2NDAyOTA3M2NlMmZlMWRmNTNlNGY2YTM0NzA0MDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1zrjPHdUch2EZmZ0vsoDyKOi15o
oYhV9ONO/tXgK3gQywuh58A1/ybAcM/5R95cBnHSEU/k9mxKywi5ChWR0szq6+dN
EJQQvtjd/kzrHJOJXGnEhrWbuLbWWOTXnyj9zik+JA/p3K8q0YnKr2bnsK26A0qU
6w1t0SLa9KrRoLZbvwK4stnpSeDoTzf74ZIM9yYdu2N3gpiJhXQNFQamY2b+/ZXc
SOy61QrOWaJYlljkP6y2MwDABZZsJ/5HyM7EDaBcKcOB3v6p7SQQ4Do9xXj39njz
u4sNGMTQqDYv7oQvMmZHthHKOEMnVhpAqJTvDXmjA623ydKSFUKYf7IClQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFAIo7+l2QCkHPOL+HfU+T2o0cEA1MB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvQWlqdjZYWkFLUWM4NHY0ZDlUNVBhalJ3UURVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAAjvbAwQB
LV0IAwQALZT0AwQBTih0AwQAUbHVAwQAXZ1qAwQAXbmnAwQAXme8AwQAXuffAwQA
qxa1AwQAsHQAAwQCsH3wAwQAueoJAwQAwRtaAwQA1ejrMA0GCSqGSIb3DQEBCwUA
A4IBAQDUXw8fS9jz52gBC4rX2MO3tQk2qYunucvyhcoxqGZFLElB78E6pmFuXWUG
875rngwwevAy0X/wt7rSfFarbzUH56p+DNMld0KgiZcF+GtQCKZg7bE43F6TthWX
Hanv+AAFw4uTlP4l1KywexEa/iVJHXbIgJ/NE+8Dnw+6/c0k5EDNphoD0o5E20ir
UHuMCq/fNxZAl+1na4/6XPRqgTuPJT8AU1hFdoY3e79anbxk0FVyz2Uxyi3tNutX
EnAF6btcBPFLd6nR2/xQjfh52XKNmRvr01I/J0GsLOxUhleeWS1DcUB0gwQCIBtk
ARJbnxoWRm+b3SOEJOMnExeAhVZP
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:32:39 2026 by rpki-client