Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/ce1491-d923-46ea-a2f1-51be2fcd5c8d/1/94Ul-dlVcZRF2dJCBpIs9n3-IPM.roa
File: 94Ul-dlVcZRF2dJCBpIs9n3-IPM.roa (raw, json)
Hash identifier: sLcPFuMyvVZeg7LZhaj49iRvaozRs1nQsDsfofbM+sY=
Subject key identifier: F7:85:25:F9:D9:55:71:94:45:D9:D2:42:06:92:2C:F6:7D:FE:20:F3
Certificate issuer: /CN=b6a497ebc791de433150033de2ddbfa48610c357
Certificate serial: 019C99179AFC1EDBCA5D20550FF8EC105D28
Authority key identifier: B6:A4:97:EB:C7:91:DE:43:31:50:03:3D:E2:DD:BF:A4:86:10:C3:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tqSX68eR3kMxUAM94t2_pIYQw1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/ce1491-d923-46ea-a2f1-51be2fcd5c8d/1/94Ul-dlVcZRF2dJCBpIs9n3-IPM.roa
Signing time: Thu 26 Feb 2026 08:36:26 +0000
ROA not before: Thu 26 Feb 2026 08:36:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20546
IP address blocks: 185.206.0.0/22 maxlen: 24
185.208.28.0/22 maxlen: 24
217.26.48.0/20 maxlen: 24
2a00:d70::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/ce1491-d923-46ea-a2f1-51be2fcd5c8d/1/tqSX68eR3kMxUAM94t2_pIYQw1c.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/ce1491-d923-46ea-a2f1-51be2fcd5c8d/1/tqSX68eR3kMxUAM94t2_pIYQw1c.mft
rsync://rpki.ripe.net/repository/DEFAULT/tqSX68eR3kMxUAM94t2_pIYQw1c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:99:17:9a:fc:1e:db:ca:5d:20:55:0f:f8:ec:10:5d:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6a497ebc791de433150033de2ddbfa48610c357
Validity
Not Before: Feb 26 08:36:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f78525f9d955719445d9d24206922cf67dfe20f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b7:80:98:06:9d:f5:62:86:21:74:07:4a:0e:
77:56:0a:94:ac:9b:e2:3f:b4:68:70:a5:3f:cc:96:
fd:c3:6f:77:66:7e:9b:62:ad:ab:e9:cd:c7:32:27:
f0:a1:38:63:c4:ba:5f:6b:ac:a1:6f:f0:a0:1c:b3:
81:65:9c:db:69:2d:c1:1f:58:d7:71:76:3e:03:25:
60:52:08:a8:ba:7d:0f:97:c3:f8:d4:16:db:89:af:
c6:c3:d4:2f:df:4d:c0:8c:8f:d0:24:36:fe:5a:bb:
2b:d6:75:60:e6:88:8a:03:38:f3:39:3d:ba:7d:e0:
3d:a9:bb:a2:e2:81:6e:ed:c1:ef:01:3f:c9:2e:d1:
0b:b5:ec:d5:70:ca:ed:c7:2f:c4:88:14:74:96:e4:
f3:ab:e5:eb:71:db:eb:0b:1f:44:72:45:01:fb:5c:
51:34:9b:bd:a3:01:2f:f7:58:35:71:04:cf:43:b2:
fd:f0:fb:3f:bf:99:db:d9:8c:35:8e:3b:63:52:6f:
2e:df:46:06:22:d8:99:27:31:57:b5:42:ba:2f:cd:
53:cc:47:c0:83:54:55:00:aa:14:a8:09:2d:e3:08:
59:41:b0:ca:61:25:84:cc:bc:bb:e8:41:fa:9a:4a:
e6:00:3e:d6:7b:8b:cc:37:0a:80:19:c0:0e:15:d6:
70:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:85:25:F9:D9:55:71:94:45:D9:D2:42:06:92:2C:F6:7D:FE:20:F3
X509v3 Authority Key Identifier:
keyid:B6:A4:97:EB:C7:91:DE:43:31:50:03:3D:E2:DD:BF:A4:86:10:C3:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tqSX68eR3kMxUAM94t2_pIYQw1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/ce1491-d923-46ea-a2f1-51be2fcd5c8d/1/94Ul-dlVcZRF2dJCBpIs9n3-IPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/ce1491-d923-46ea-a2f1-51be2fcd5c8d/1/tqSX68eR3kMxUAM94t2_pIYQw1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.0.0/22
185.208.28.0/22
217.26.48.0/20
IPv6:
2a00:d70::/32
Signature Algorithm: sha256WithRSAEncryption
87:7f:f2:96:f1:e6:f1:62:54:6e:59:a8:2e:6a:c0:9c:d0:a8:
64:44:c2:dc:e8:c1:36:0f:7a:a9:87:f5:a0:8a:c5:a0:c8:b3:
86:a6:fc:71:3b:1d:4d:85:67:41:bd:51:c3:a1:4c:99:51:c3:
ff:a1:6d:e1:1b:49:9f:49:9a:32:49:c0:f7:c9:df:e9:17:b9:
b4:28:8c:1b:83:48:d0:be:bf:86:50:73:0d:16:a1:42:ee:50:
01:39:7b:d0:84:7b:a8:6f:60:c5:0d:42:f7:93:ae:51:3d:bb:
61:6c:f8:4c:b5:0c:e1:4f:b6:23:97:da:7a:e2:75:e0:8a:4e:
71:e0:1e:a6:e9:81:a4:a1:39:9b:66:99:ff:f0:15:e0:87:9c:
1e:cb:97:49:61:b8:31:0e:8e:7b:04:e8:c5:b5:08:79:ea:55:
62:42:be:39:84:28:eb:3b:9c:9b:02:77:86:4a:4a:24:cf:85:
6a:aa:4e:16:f8:d1:d7:e5:6e:c9:ac:8b:c7:7c:69:58:ee:da:
e4:26:62:a1:3d:90:b9:c9:4b:4c:d3:b0:64:bb:f2:4c:6d:59:
b6:e2:0d:51:b6:ca:89:23:0d:ec:3a:90:a5:eb:0d:15:b8:22:
02:bc:92:d3:38:f2:58:61:a5:c3:da:33:e1:34:7f:0e:f0:fc:
d8:10:df:2d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZyZF5r8HtvKXSBVD/jsEF0oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2YTQ5N2ViYzc5MWRlNDMzMTUwMDMzZGUyZGRiZmE0ODYx
MGMzNTcwHhcNMjYwMjI2MDgzNjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzg1MjVmOWQ5NTU3MTk0NDVkOWQyNDIwNjkyMmNmNjdkZmUyMGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2reAmAad9WKGIXQHSg53VgqUrJvi
P7RocKU/zJb9w293Zn6bYq2r6c3HMifwoThjxLpfa6yhb/CgHLOBZZzbaS3BH1jX
cXY+AyVgUgioun0Pl8P41Bbbia/Gw9Qv303AjI/QJDb+Wrsr1nVg5oiKAzjzOT26
feA9qbui4oFu7cHvAT/JLtELtezVcMrtxy/EiBR0luTzq+XrcdvrCx9EckUB+1xR
NJu9owEv91g1cQTPQ7L98Ps/v5nb2Yw1jjtjUm8u30YGItiZJzFXtUK6L81TzEfA
g1RVAKoUqAkt4whZQbDKYSWEzLy76EH6mkrmAD7We4vMNwqAGcAOFdZwZwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPeFJfnZVXGURdnSQgaSLPZ9/iDzMB8GA1UdIwQY
MBaAFLakl+vHkd5DMVADPeLdv6SGEMNXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHFTWDY4ZVIza014VUFNOTR0Ml9wSVlRdzFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9jZTE0OTEtZDkyMy00NmVhLWEyZjEt
NTFiZTJmY2Q1YzhkLzEvOTRVbC1kbFZjWlJGMmRKQ0JwSXM5bjMtSVBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9jZTE0OTEtZDkyMy00NmVhLWEyZjEtNTFiZTJmY2Q1Yzhk
LzEvdHFTWDY4ZVIza014VUFNOTR0Ml9wSVlRdzFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuc4AAwQC
udAcAwQE2RowMA0EAgACMAcDBQAqAA1wMA0GCSqGSIb3DQEBCwUAA4IBAQCHf/KW
8ebxYlRuWaguasCc0KhkRMLc6ME2D3qph/WgisWgyLOGpvxxOx1NhWdBvVHDoUyZ
UcP/oW3hG0mfSZoyScD3yd/pF7m0KIwbg0jQvr+GUHMNFqFC7lABOXvQhHuob2DF
DUL3k65RPbthbPhMtQzhT7Yjl9p64nXgik5x4B6m6YGkoTmbZpn/8BXgh5wey5dJ
YbgxDo57BOjFtQh56lViQr45hCjrO5ybAneGSkokz4Vqqk4W+NHX5W7JrIvHfGlY
7trkJmKhPZC5yUtM07Bku/JMbVm24g1RtsqJIw3sOpCl6w0VuCICvJLTOPJYYaXD
2jPhNH8O8PzYEN8t
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:57:46 2026 by rpki-client