Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/pSxnjIW1LZcD5sf9hc-QWRMlCXs.roa
File: pSxnjIW1LZcD5sf9hc-QWRMlCXs.roa (raw, json)
Hash identifier: 7NT+wNW4fQoKhVSO5fHIZEZW19pRVLnmVJ2E4i3ZHTo=
Subject key identifier: A5:2C:67:8C:85:B5:2D:97:03:E6:C7:FD:85:CF:90:59:13:25:09:7B
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 019C5AD1508D112DD750D342B8C668E0C8F6
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/pSxnjIW1LZcD5sf9hc-QWRMlCXs.roa
Signing time: Sat 14 Feb 2026 06:23:12 +0000
ROA not before: Sat 14 Feb 2026 06:23:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214922
IP address blocks: 45.94.213.0/24 maxlen: 24
45.94.214.0/24 maxlen: 24
45.94.215.0/24 maxlen: 24
89.44.240.0/24 maxlen: 24
89.44.241.0/24 maxlen: 24
188.212.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 11:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:5a:d1:50:8d:11:2d:d7:50:d3:42:b8:c6:68:e0:c8:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Feb 14 06:23:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a52c678c85b52d9703e6c7fd85cf90591325097b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:3e:87:33:cb:b2:d6:13:27:f6:08:ff:f9:26:
d9:ce:c3:37:83:bf:c2:61:68:b1:7d:7d:17:e3:7c:
de:cc:75:78:da:bc:26:b8:80:07:a6:e8:25:48:73:
6a:0c:d1:09:23:28:69:b9:bf:0e:5f:1b:0e:b1:81:
6f:18:d5:45:9c:7e:b3:d2:97:a0:e3:e8:fb:f1:49:
66:14:39:ca:bb:a4:11:73:19:b8:bd:38:c7:6b:a3:
a9:18:f7:d8:58:af:67:7f:d7:86:33:f6:e8:9b:71:
fe:62:00:76:ae:31:83:4f:82:43:aa:b1:5d:73:19:
50:fc:26:d6:a7:55:36:52:b6:2a:93:1b:2f:80:ff:
71:8f:6e:27:d4:b7:85:f5:f9:ad:f1:d4:23:fa:65:
01:eb:16:8e:01:68:7b:50:bd:bf:7f:31:b3:8e:64:
9b:1c:fe:a4:5c:25:47:44:7a:1c:fe:28:b2:d7:cb:
4e:70:4b:bb:0f:b5:e0:e7:46:00:01:c8:d5:87:98:
94:05:a4:dc:d8:ff:ca:12:65:8e:ec:ff:09:d2:5e:
b8:02:e6:3f:1a:2f:88:fa:c3:08:54:58:b1:02:30:
cb:0e:6e:91:f9:f0:fd:c5:51:f5:45:75:d5:c8:54:
29:1d:24:c3:2a:e8:35:a3:90:6c:11:9b:3b:3d:3b:
c3:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:2C:67:8C:85:B5:2D:97:03:E6:C7:FD:85:CF:90:59:13:25:09:7B
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/pSxnjIW1LZcD5sf9hc-QWRMlCXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.213.0-45.94.215.255
89.44.240.0/23
188.212.96.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:78:47:6a:e5:99:61:19:32:93:8f:ad:15:32:cd:8a:cc:ca:
f4:02:46:fc:80:9d:08:6a:c6:a4:8a:bc:00:31:8b:57:f7:7b:
44:17:19:94:62:9d:70:84:12:6a:a7:c4:a5:63:c0:2e:3a:7a:
5f:52:7d:4e:dc:d7:1f:04:d5:ab:a4:4a:4e:7a:27:7f:36:6f:
53:44:8c:8a:b2:d5:91:45:20:f0:2b:88:5c:6a:24:6d:82:07:
6e:e5:6d:8a:bf:b1:bb:a5:75:fe:31:41:d4:f5:b2:9b:c5:14:
4a:3a:2e:92:00:cf:45:98:b2:19:bd:d6:9b:1f:60:07:fb:c4:
80:a8:98:52:51:3c:13:f7:d8:5d:1c:a4:07:71:4e:3d:2b:e9:
dd:d3:0a:74:11:79:58:3c:87:88:c3:7a:24:76:be:a2:4f:ec:
bc:0a:11:12:ff:70:6f:fe:88:74:bd:d8:0b:30:f2:f0:b4:47:
1f:57:ff:dd:0d:53:40:3d:6c:07:40:fb:71:66:4f:74:97:1a:
8c:69:a8:32:d7:1b:f7:74:e0:ff:53:55:c9:74:4c:72:b5:50:
1a:80:62:9b:28:cd:a8:15:91:a3:cc:14:ea:e9:eb:16:36:e0:
e8:1f:91:d5:64:45:d1:cc:48:26:4e:7f:51:0e:8e:13:ff:11:
ed:cf:82:a3
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZxa0VCNES3XUNNCuMZo4Mj2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjYwMjE0MDYyMzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTJjNjc4Yzg1YjUyZDk3MDNlNmM3ZmQ4NWNmOTA1OTEzMjUwOTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8T6HM8uy1hMn9gj/+SbZzsM3g7/C
YWixfX0X43zezHV42rwmuIAHpuglSHNqDNEJIyhpub8OXxsOsYFvGNVFnH6z0peg
4+j78UlmFDnKu6QRcxm4vTjHa6OpGPfYWK9nf9eGM/bom3H+YgB2rjGDT4JDqrFd
cxlQ/CbWp1U2UrYqkxsvgP9xj24n1LeF9fmt8dQj+mUB6xaOAWh7UL2/fzGzjmSb
HP6kXCVHRHoc/iiy18tOcEu7D7Xg50YAAcjVh5iUBaTc2P/KEmWO7P8J0l64AuY/
Gi+I+sMIVFixAjDLDm6R+fD9xVH1RXXVyFQpHSTDKug1o5BsEZs7PTvDyQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKUsZ4yFtS2XA+bH/YXPkFkTJQl7MB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvcFN4bmpJVzFMWmNENXNmOWhjLVFXUk1sQ1hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAtXtUD
BAMtXtADBAFZLPADBAC81GAwDQYJKoZIhvcNAQELBQADggEBADx4R2rlmWEZMpOP
rRUyzYrMyvQCRvyAnQhqxqSKvAAxi1f3e0QXGZRinXCEEmqnxKVjwC46el9SfU7c
1x8E1aukSk56J382b1NEjIqy1ZFFIPAriFxqJG2CB27lbYq/sbuldf4xQdT1spvF
FEo6LpIAz0WYshm91psfYAf7xIComFJRPBP32F0cpAdxTj0r6d3TCnQReVg8h4jD
eiR2vqJP7LwKERL/cG/+iHS92Asw8vC0Rx9X/90NU0A9bAdA+3FmT3SXGoxpqDLX
G/d04P9TVcl0THK1UBqAYpsozagVkaPMFOrp6xY24OgfkdVkRdHMSCZOf1EOjhP/
Ee3PgqM=
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:21:49 2026 by rpki-client