Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/tzdUVDYS3OHwMrXXdtLM-vAaw8M.roa
File: tzdUVDYS3OHwMrXXdtLM-vAaw8M.roa (raw, json)
Hash identifier: uF0Li5lv3J1pHIyW/fznYQy0uM8WILwKnjHcwOAJFEM=
Subject key identifier: B7:37:54:54:36:12:DC:E1:F0:32:B5:D7:76:D2:CC:FA:F0:1A:C3:C3
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 019C684931535DA4E38DDA67D4C8F87651DA
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/tzdUVDYS3OHwMrXXdtLM-vAaw8M.roa
Signing time: Mon 16 Feb 2026 21:09:13 +0000
ROA not before: Mon 16 Feb 2026 21:09:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209439
IP address blocks: 149.232.189.0/24 maxlen: 24
2a00:8b80::/32 maxlen: 32
2a09:3dc0::/30 maxlen: 30
2a09:3dc4::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:68:49:31:53:5d:a4:e3:8d:da:67:d4:c8:f8:76:51:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Feb 16 21:09:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b73754543612dce1f032b5d776d2ccfaf01ac3c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:af:e2:f8:f6:df:d0:69:fa:df:c1:f3:ad:52:
a6:59:07:41:52:9e:be:6c:ef:71:67:ff:07:5a:13:
dc:da:41:f5:37:1c:f6:88:55:36:3f:d6:22:d4:5e:
15:95:dc:af:78:f0:d1:49:2b:8c:9c:10:3a:79:82:
3a:99:30:5a:71:21:a9:5b:1f:81:8b:b5:fc:68:3f:
fe:aa:59:d2:da:b6:e8:ff:59:09:58:5f:e8:a6:3c:
1d:11:ce:60:28:61:82:06:6e:fd:2a:ac:30:27:87:
89:fa:e2:95:b0:8c:88:42:b0:e5:51:0b:49:21:db:
fd:23:80:c6:e0:39:05:76:c4:bf:94:49:d5:68:4b:
03:cd:c5:5f:71:0f:32:05:14:43:96:cb:de:a0:57:
5f:29:9a:b4:90:89:b8:5e:91:0b:db:29:3b:58:45:
df:71:4f:af:b8:63:68:29:4d:12:92:c9:50:9c:4a:
65:5a:1a:2e:2e:c7:41:92:c7:82:75:1b:95:2a:ff:
83:3f:b4:24:77:b4:3e:36:74:50:5a:22:75:a5:00:
bf:b3:90:57:db:33:a9:f4:1e:e2:48:0f:df:65:d1:
26:65:bd:81:b5:ad:95:0a:ab:af:3e:8b:84:cd:3e:
c7:ac:9e:28:9d:b5:92:ce:c6:46:3a:8f:d3:17:69:
44:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:37:54:54:36:12:DC:E1:F0:32:B5:D7:76:D2:CC:FA:F0:1A:C3:C3
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/tzdUVDYS3OHwMrXXdtLM-vAaw8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.232.189.0/24
IPv6:
2a00:8b80::/32
2a09:3dc0::/29
Signature Algorithm: sha256WithRSAEncryption
8f:12:32:b4:ee:31:b8:49:f2:b2:eb:7f:cf:93:9a:07:ba:4e:
51:16:cd:09:05:3f:5e:fb:d5:a9:32:8c:f9:5a:32:c5:6e:b8:
f1:0e:dd:8c:47:b3:11:ac:94:61:3a:f9:89:ac:0d:e4:7e:d9:
57:9a:48:8c:25:7b:31:1a:69:b2:00:8d:d5:81:14:a5:e1:d0:
de:20:ff:69:49:e2:e8:3b:ee:6a:88:51:21:97:14:ff:38:d5:
b3:85:94:94:9e:db:c3:3e:3b:69:67:10:f0:ae:bf:da:0d:a5:
d1:6a:95:cd:8c:91:e5:f5:71:2a:01:75:2a:bb:a7:11:39:7e:
f4:42:a2:bd:c5:1c:2b:5f:ba:f5:31:70:3a:0f:f0:d5:ad:29:
f3:39:34:e2:7e:d4:de:a3:31:cb:7d:f1:c0:bc:3b:98:6b:ff:
a6:3f:1a:2c:d2:9c:cf:d7:14:d7:1e:d4:fc:b1:f1:83:2b:3b:
ab:ae:15:2e:e7:e9:1a:77:f1:da:9b:51:e5:50:78:ad:dd:14:
dc:47:d0:59:a5:99:df:c3:d1:0d:b0:11:34:9a:c1:75:32:d6:
15:8e:93:43:66:5e:1f:49:0e:37:36:d3:c5:72:f3:f2:62:60:
30:83:08:e0:62:b9:a8:a6:11:61:fe:3b:c7:76:62:68:69:ac:
d4:b0:60:f6
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZxoSTFTXaTjjdpn1Mj4dlHaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjYwMjE2MjEwOTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzM3NTQ1NDM2MTJkY2UxZjAzMmI1ZDc3NmQyY2NmYWYwMWFjM2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuq/i+Pbf0Gn638HzrVKmWQdBUp6+
bO9xZ/8HWhPc2kH1Nxz2iFU2P9Yi1F4VldyvePDRSSuMnBA6eYI6mTBacSGpWx+B
i7X8aD/+qlnS2rbo/1kJWF/opjwdEc5gKGGCBm79KqwwJ4eJ+uKVsIyIQrDlUQtJ
Idv9I4DG4DkFdsS/lEnVaEsDzcVfcQ8yBRRDlsveoFdfKZq0kIm4XpEL2yk7WEXf
cU+vuGNoKU0SkslQnEplWhouLsdBkseCdRuVKv+DP7Qkd7Q+NnRQWiJ1pQC/s5BX
2zOp9B7iSA/fZdEmZb2Bta2VCquvPouEzT7HrJ4onbWSzsZGOo/TF2lEdwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLc3VFQ2Etzh8DK113bSzPrwGsPDMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvdHpkVVZEWVMzT0h3TXJYWGR0TE0tdkFhdzhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQAlei9MBQE
AgACMA4DBQAqAIuAAwUDKgk9wDANBgkqhkiG9w0BAQsFAAOCAQEAjxIytO4xuEny
sut/z5OaB7pOURbNCQU/XvvVqTKM+VoyxW648Q7djEezEayUYTr5iawN5H7ZV5pI
jCV7MRppsgCN1YEUpeHQ3iD/aUni6DvuaohRIZcU/zjVs4WUlJ7bwz47aWcQ8K6/
2g2l0WqVzYyR5fVxKgF1KrunETl+9EKivcUcK1+69TFwOg/w1a0p8zk04n7U3qMx
y33xwLw7mGv/pj8aLNKcz9cU1x7U/LHxgys7q64VLufpGnfx2ptR5VB4rd0U3EfQ
WaWZ38PRDbARNJrBdTLWFY6TQ2ZeH0kONzbTxXLz8mJgMIMI4GK5qKYRYf47x3Zi
aGms1LBg9g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:45:04 2026 by rpki-client