Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f1b74c-16ac-4831-b6c5-f1c6bf1e4ba7/1/9zHlW6xfmyURsAXTYq0PK9oPUEA.roa
File: 9zHlW6xfmyURsAXTYq0PK9oPUEA.roa (raw, json)
Hash identifier: CPYRyV7yCkjWy3aVUIMVZcjIfqBkbNBK6TsEp1SL/Vk=
Subject key identifier: F7:31:E5:5B:AC:5F:9B:25:11:B0:05:D3:62:AD:0F:2B:DA:0F:50:40
Certificate issuer: /CN=3c1f14d37fbdc87ae7c9c7b9153eaea5d4c5549b
Certificate serial: 019C8E5A467D26064466F74B1B93695B1CC0
Authority key identifier: 3C:1F:14:D3:7F:BD:C8:7A:E7:C9:C7:B9:15:3E:AE:A5:D4:C5:54:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PB8U03-9yHrnyce5FT6updTFVJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/f1b74c-16ac-4831-b6c5-f1c6bf1e4ba7/1/9zHlW6xfmyURsAXTYq0PK9oPUEA.roa
Signing time: Tue 24 Feb 2026 06:33:26 +0000
ROA not before: Tue 24 Feb 2026 06:33:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215272
IP address blocks: 45.128.205.0/24 maxlen: 24
62.182.102.0/24 maxlen: 24
155.212.244.0/24 maxlen: 24
185.244.50.0/24 maxlen: 24
185.251.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/f1b74c-16ac-4831-b6c5-f1c6bf1e4ba7/1/PB8U03-9yHrnyce5FT6updTFVJs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/f1b74c-16ac-4831-b6c5-f1c6bf1e4ba7/1/PB8U03-9yHrnyce5FT6updTFVJs.mft
rsync://rpki.ripe.net/repository/DEFAULT/PB8U03-9yHrnyce5FT6updTFVJs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 06:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8e:5a:46:7d:26:06:44:66:f7:4b:1b:93:69:5b:1c:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c1f14d37fbdc87ae7c9c7b9153eaea5d4c5549b
Validity
Not Before: Feb 24 06:33:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f731e55bac5f9b2511b005d362ad0f2bda0f5040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9e:f1:ac:43:26:ef:3e:87:8e:df:c8:f2:db:
b7:a7:b5:f5:53:9e:92:99:29:a0:4f:17:1f:e7:7b:
7a:18:f0:74:24:ab:02:ef:5e:fe:14:92:c7:71:f0:
95:4a:3a:37:84:b0:a2:c5:05:92:e0:34:4a:bc:f5:
e7:6e:7d:73:c3:de:ed:03:76:3b:fd:e1:de:b0:39:
fd:1e:5f:3a:a5:84:36:e3:ec:44:d8:c9:c0:a0:77:
50:73:54:e1:1b:44:0e:a7:f9:0c:17:80:04:87:70:
d9:d1:c8:b4:44:3e:68:e8:b0:5b:f1:26:8e:a0:d3:
89:9e:f6:36:b2:04:7f:d9:4a:fb:9c:f3:85:96:56:
8a:99:28:66:05:25:4e:b2:cf:57:8d:da:98:bf:fd:
a6:1f:07:32:7d:12:e1:01:0e:e0:ad:2d:78:f1:84:
4d:4f:38:50:a0:51:65:f0:7a:7f:de:79:43:07:f3:
dd:2f:6a:bb:53:e3:41:41:d9:19:41:e5:0a:08:88:
5b:f2:0e:4f:48:72:42:c1:61:9c:7f:5b:80:11:d6:
f8:db:10:62:35:1f:9f:df:65:05:ea:09:70:d3:de:
85:ed:d1:73:1e:af:57:ae:0c:19:56:85:e2:d6:b3:
40:83:ca:65:41:d2:f6:33:15:c8:fb:11:61:25:53:
6d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:31:E5:5B:AC:5F:9B:25:11:B0:05:D3:62:AD:0F:2B:DA:0F:50:40
X509v3 Authority Key Identifier:
keyid:3C:1F:14:D3:7F:BD:C8:7A:E7:C9:C7:B9:15:3E:AE:A5:D4:C5:54:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PB8U03-9yHrnyce5FT6updTFVJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f1b74c-16ac-4831-b6c5-f1c6bf1e4ba7/1/9zHlW6xfmyURsAXTYq0PK9oPUEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f1b74c-16ac-4831-b6c5-f1c6bf1e4ba7/1/PB8U03-9yHrnyce5FT6updTFVJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.205.0/24
62.182.102.0/24
155.212.244.0/24
185.244.50.0/24
185.251.38.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:22:a8:46:1b:8b:e5:43:29:91:f4:5b:cc:97:d3:ca:2f:99:
79:d3:c1:40:97:da:d1:cb:ae:74:ab:ba:d5:64:68:0f:58:78:
45:45:41:13:22:62:6f:fd:46:4d:98:94:4a:15:01:b6:e3:86:
ab:0b:cc:91:5a:c7:fe:4e:3f:ea:64:cd:77:e9:2f:09:26:da:
27:43:e2:ea:b7:68:21:21:2f:5c:db:42:83:b7:56:76:74:e9:
d4:8f:62:98:cc:25:b8:b9:bc:3d:b0:99:a1:c5:9f:67:03:c2:
a1:9a:52:04:5f:b6:9b:f6:00:3d:be:c0:61:6f:09:23:92:41:
6b:dc:59:39:c4:f3:48:25:ce:82:96:4c:f2:ce:01:65:84:f0:
c2:83:75:2c:a8:32:7b:84:21:fd:d6:81:ac:fe:46:89:09:77:
e7:84:a5:48:7e:db:17:91:92:68:19:a1:55:17:f0:b6:63:da:
cc:63:c5:78:0f:ee:c7:1b:99:56:c0:e9:cf:16:d5:c8:d0:d2:
67:b9:1c:90:7c:93:e3:f9:42:62:15:17:86:9b:ec:68:f8:92:
ce:ec:69:ac:78:db:8d:02:7a:4b:19:f2:ad:6e:45:71:a9:b2:
d8:9e:3b:59:34:99:6f:60:04:0e:d2:83:c9:20:49:e5:44:1f:
bb:2c:ec:df
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZyOWkZ9JgZEZvdLG5NpWxzAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMWYxNGQzN2ZiZGM4N2FlN2M5YzdiOTE1M2VhZWE1ZDRj
NTU0OWIwHhcNMjYwMjI0MDYzMzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzMxZTU1YmFjNWY5YjI1MTFiMDA1ZDM2MmFkMGYyYmRhMGY1MDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZ7xrEMm7z6Hjt/I8tu3p7X1U56S
mSmgTxcf53t6GPB0JKsC717+FJLHcfCVSjo3hLCixQWS4DRKvPXnbn1zw97tA3Y7
/eHesDn9Hl86pYQ24+xE2MnAoHdQc1ThG0QOp/kMF4AEh3DZ0ci0RD5o6LBb8SaO
oNOJnvY2sgR/2Ur7nPOFllaKmShmBSVOss9XjdqYv/2mHwcyfRLhAQ7grS148YRN
TzhQoFFl8Hp/3nlDB/PdL2q7U+NBQdkZQeUKCIhb8g5PSHJCwWGcf1uAEdb42xBi
NR+f32UF6glw096F7dFzHq9XrgwZVoXi1rNAg8plQdL2MxXI+xFhJVNt5QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPcx5VusX5slEbAF02KtDyvaD1BAMB8GA1UdIwQY
MBaAFDwfFNN/vch658nHuRU+rqXUxVSbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEI4VTAzLTl5SHJueWNlNUZUNnVwZFRGVkpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mMWI3NGMtMTZhYy00ODMxLWI2YzUt
ZjFjNmJmMWU0YmE3LzEvOXpIbFc2eGZteVVSc0FYVFlxMFBLOW9QVUVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9mMWI3NGMtMTZhYy00ODMxLWI2YzUtZjFjNmJmMWU0YmE3
LzEvUEI4VTAzLTl5SHJueWNlNUZUNnVwZFRGVkpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALYDNAwQA
PrZmAwQAm9T0AwQAufQyAwQAufsmMA0GCSqGSIb3DQEBCwUAA4IBAQCbIqhGG4vl
QymR9FvMl9PKL5l508FAl9rRy650q7rVZGgPWHhFRUETImJv/UZNmJRKFQG244ar
C8yRWsf+Tj/qZM136S8JJtonQ+Lqt2ghIS9c20KDt1Z2dOnUj2KYzCW4ubw9sJmh
xZ9nA8KhmlIEX7ab9gA9vsBhbwkjkkFr3Fk5xPNIJc6ClkzyzgFlhPDCg3UsqDJ7
hCH91oGs/kaJCXfnhKVIftsXkZJoGaFVF/C2Y9rMY8V4D+7HG5lWwOnPFtXI0NJn
uRyQfJPj+UJiFReGm+xo+JLO7GmseNuNAnpLGfKtbkVxqbLYnjtZNJlvYAQO0oPJ
IEnlRB+7LOzf
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:57:52 2026 by rpki-client