Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/R2uWMDmb1YfPEwjrPUSRr3_QEN8.roa
File: R2uWMDmb1YfPEwjrPUSRr3_QEN8.roa (raw, json)
Hash identifier: 6OW2Lx2+1h6iO9PfK83UIXHOzzd7YoT8ZZx73Dp3z4I=
Subject key identifier: 47:6B:96:30:39:9B:D5:87:CF:13:08:EB:3D:44:91:AF:7F:D0:10:DF
Certificate issuer: /CN=0563cb263df50d2d4d073c0f7db6cd2776302c9d
Certificate serial: 019C7650CD6446DDD0FED6EBCCC77F85F2EC
Authority key identifier: 05:63:CB:26:3D:F5:0D:2D:4D:07:3C:0F:7D:B6:CD:27:76:30:2C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/R2uWMDmb1YfPEwjrPUSRr3_QEN8.roa
Signing time: Thu 19 Feb 2026 14:32:12 +0000
ROA not before: Thu 19 Feb 2026 14:32:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34534
IP address blocks: 37.44.238.0/24 maxlen: 24
37.44.239.0/24 maxlen: 24
185.142.53.0/24 maxlen: 24
185.157.246.0/24 maxlen: 24
185.157.247.0/24 maxlen: 24
213.5.130.0/24 maxlen: 24
2a09:ca00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:76:50:cd:64:46:dd:d0:fe:d6:eb:cc:c7:7f:85:f2:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0563cb263df50d2d4d073c0f7db6cd2776302c9d
Validity
Not Before: Feb 19 14:32:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=476b9630399bd587cf1308eb3d4491af7fd010df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:da:a4:4a:2b:6b:a0:90:de:52:a1:53:31:f4:
42:e0:12:32:0d:f3:e3:6d:00:9f:cb:6f:5b:28:c2:
bc:0b:24:eb:6d:fd:d6:a3:28:f2:8f:f9:fe:a1:23:
1e:bd:eb:fd:b6:23:18:f9:16:5c:97:70:58:e8:15:
ad:a8:5c:f1:cb:99:b5:34:ba:63:13:54:9b:cc:e4:
52:3a:e5:ba:70:64:84:a8:75:c8:a6:00:aa:3b:3a:
7f:55:83:e1:cb:28:d3:58:11:3a:98:99:b4:65:ed:
b2:21:9a:2a:c2:c4:42:d9:90:56:3d:bc:5e:e1:3f:
a3:a4:04:f0:55:c5:27:c3:3e:46:06:b1:a1:3f:e8:
1b:97:65:6d:fe:85:71:c6:cf:16:11:e3:14:9c:34:
fb:30:43:96:48:fa:a0:20:36:f9:19:87:35:ca:19:
7c:87:64:35:5e:36:07:4a:83:49:22:38:7d:9b:7d:
f8:10:f3:bd:11:ee:d1:7f:d8:58:3e:0e:ea:7b:47:
97:9f:bb:ac:57:42:6e:f0:87:39:bc:b7:17:b6:0e:
59:8e:3d:d2:24:d6:19:5f:27:34:c4:59:ed:79:d5:
b7:c8:44:b1:cf:a5:2a:1a:dc:67:28:52:1a:3b:c7:
df:ce:0a:67:5f:e2:df:4c:33:06:a7:74:ae:5d:65:
bf:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:6B:96:30:39:9B:D5:87:CF:13:08:EB:3D:44:91:AF:7F:D0:10:DF
X509v3 Authority Key Identifier:
keyid:05:63:CB:26:3D:F5:0D:2D:4D:07:3C:0F:7D:B6:CD:27:76:30:2C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/R2uWMDmb1YfPEwjrPUSRr3_QEN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.238.0/23
185.142.53.0/24
185.157.246.0/23
213.5.130.0/24
IPv6:
2a09:ca00::/48
Signature Algorithm: sha256WithRSAEncryption
4f:8c:ad:bd:29:54:cb:25:6a:8d:26:f7:ce:47:da:2e:bc:98:
61:35:37:8d:61:76:3a:0c:c5:80:6d:d7:5b:8b:f5:7e:66:d7:
33:ec:27:ac:a3:57:6a:5b:14:05:6f:f0:f3:3d:b4:0e:d8:54:
6b:50:a8:b2:7c:7f:0a:62:f7:e8:8f:a8:ad:94:0b:a4:53:c5:
9e:1a:79:73:b3:23:54:25:10:c8:22:c1:21:c9:e5:5b:97:68:
ff:10:c7:ae:6c:b4:c5:ef:b8:74:54:aa:aa:f5:2d:45:b9:8b:
f1:34:66:e5:78:c3:3b:7a:99:82:d2:39:3c:7c:c9:d7:28:4e:
c1:1b:f0:88:fb:ff:78:78:96:b6:7a:10:e2:40:84:e6:a9:87:
d5:6f:8b:9b:c2:5d:a5:14:5c:07:4e:bb:26:2b:cd:e8:d3:25:
05:b3:43:99:f0:41:7c:00:b6:18:f1:f3:44:6a:c9:fc:b7:3a:
6b:3d:2e:78:a2:d4:af:b6:3d:e4:e6:aa:c0:cc:9a:bc:cd:95:
67:d3:12:50:d8:10:04:4c:ef:43:51:e0:cf:92:4f:d2:28:a4:
bb:dc:d6:16:ab:b1:89:aa:b4:15:e6:c4:ca:1e:2d:dc:d3:84:
73:4f:2e:b7:7a:e1:34:25:b8:f8:4a:43:23:dc:c5:51:fe:23:
2d:2f:d8:bd
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZx2UM1kRt3Q/tbrzMd/hfLsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjNjYjI2M2RmNTBkMmQ0ZDA3M2MwZjdkYjZjZDI3NzYz
MDJjOWQwHhcNMjYwMjE5MTQzMjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzZiOTYzMDM5OWJkNTg3Y2YxMzA4ZWIzZDQ0OTFhZjdmZDAxMGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNqkSitroJDeUqFTMfRC4BIyDfPj
bQCfy29bKMK8CyTrbf3Woyjyj/n+oSMevev9tiMY+RZcl3BY6BWtqFzxy5m1NLpj
E1SbzORSOuW6cGSEqHXIpgCqOzp/VYPhyyjTWBE6mJm0Ze2yIZoqwsRC2ZBWPbxe
4T+jpATwVcUnwz5GBrGhP+gbl2Vt/oVxxs8WEeMUnDT7MEOWSPqgIDb5GYc1yhl8
h2Q1XjYHSoNJIjh9m334EPO9Ee7Rf9hYPg7qe0eXn7usV0Ju8Ic5vLcXtg5Zjj3S
JNYZXyc0xFntedW3yESxz6UqGtxnKFIaO8ffzgpnX+LfTDMGp3SuXWW/9wIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFEdrljA5m9WHzxMI6z1Eka9/0BDfMB8GA1UdIwQY
MBaAFAVjyyY99Q0tTQc8D322zSd2MCydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldQTEpqMzFEUzFOQnp3UGZiYk5KM1l3TEowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi82MmU1ZjItMjViMy00NTU3LWFhOTQt
MTUwMzU0YjAwZTU1LzEvUjJ1V01EbWIxWWZQRXdqclBVU1JyM19RRU44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi82MmU1ZjItMjViMy00NTU3LWFhOTQtMTUwMzU0YjAwZTU1
LzEvQldQTEpqMzFEUzFOQnp3UGZiYk5KM1l3TEowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQBJSzuAwQA
uY41AwQBuZ32AwQA1QWCMA8EAgACMAkDBwAqCcoAAAAwDQYJKoZIhvcNAQELBQAD
ggEBAE+Mrb0pVMslao0m985H2i68mGE1N41hdjoMxYBt11uL9X5m1zPsJ6yjV2pb
FAVv8PM9tA7YVGtQqLJ8fwpi9+iPqK2UC6RTxZ4aeXOzI1QlEMgiwSHJ5VuXaP8Q
x65stMXvuHRUqqr1LUW5i/E0ZuV4wzt6mYLSOTx8ydcoTsEb8Ij7/3h4lrZ6EOJA
hOaph9Vvi5vCXaUUXAdOuyYrzejTJQWzQ5nwQXwAthjx80Rqyfy3Oms9Lnii1K+2
PeTmqsDMmrzNlWfTElDYEARM70NR4M+ST9IopLvc1harsYmqtBXmxMoeLdzThHNP
Lrd64TQluPhKQyPcxVH+Iy0v2L0=
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:28:12 2026 by rpki-client