Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/3aqbZBSeiuyKD2hqa2YlF0D0q5I.roa
File: 3aqbZBSeiuyKD2hqa2YlF0D0q5I.roa (raw, json)
Hash identifier: wFsp0CRPZFEEnCWYV5VRG02GAE0GA/Z8PYL0c/7ITnY=
Subject key identifier: DD:AA:9B:64:14:9E:8A:EC:8A:0F:68:6A:6B:66:25:17:40:F4:AB:92
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019C274AAA8F0545432351F8850B689C64EB
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/3aqbZBSeiuyKD2hqa2YlF0D0q5I.roa
Signing time: Wed 04 Feb 2026 06:15:30 +0000
ROA not before: Wed 04 Feb 2026 06:15:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212477
IP address blocks: 89.125.50.0/24 maxlen: 24
89.125.69.0/24 maxlen: 24
89.125.187.0/24 maxlen: 24
89.125.209.0/24 maxlen: 24
89.125.255.0/24 maxlen: 24
103.245.231.0/24 maxlen: 24
185.198.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:27:4a:aa:8f:05:45:43:23:51:f8:85:0b:68:9c:64:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Feb 4 06:15:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ddaa9b64149e8aec8a0f686a6b66251740f4ab92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:b2:7d:77:ac:3a:6f:b7:e8:a0:65:59:6e:97:
d8:50:28:e4:89:f3:42:2a:91:7a:b3:d9:de:b5:b8:
2e:b2:91:30:db:eb:a3:f8:11:e6:92:58:f1:4d:39:
d9:da:26:8c:db:ce:d5:cc:7a:66:a0:83:32:69:1d:
bd:b5:4f:07:57:a5:c5:34:52:3f:4c:8e:fc:e6:33:
b5:dd:10:95:da:52:5a:cb:70:99:72:a5:74:d4:10:
3b:d8:fc:73:56:71:d4:ff:9e:ab:2c:08:90:82:43:
19:23:d4:ac:94:ce:f4:e2:db:f8:2f:89:80:a4:de:
b0:d9:22:42:c8:2d:99:2a:c9:24:dd:ec:15:09:fd:
65:c9:3d:62:c1:b5:2d:e9:b3:36:cf:d9:32:f5:bc:
2c:f4:7b:48:43:8a:e4:57:c2:5d:0c:f7:fd:f1:79:
00:18:53:dd:d6:15:e9:96:5c:1e:79:13:8c:ef:55:
83:7f:e1:c7:dd:0b:eb:9e:fb:2a:ae:57:ba:fd:fb:
de:bc:f3:b8:cb:b5:cb:08:ef:81:7d:14:e4:f5:71:
b5:4b:0b:2a:d1:b6:e5:de:99:c4:e8:b9:c2:bc:9b:
d3:eb:4d:4a:04:95:88:e8:e2:72:25:ff:64:68:ea:
cc:fb:52:36:6a:2a:b5:76:ea:3f:5b:3f:c7:49:6f:
d2:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:AA:9B:64:14:9E:8A:EC:8A:0F:68:6A:6B:66:25:17:40:F4:AB:92
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/3aqbZBSeiuyKD2hqa2YlF0D0q5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.125.50.0/24
89.125.69.0/24
89.125.187.0/24
89.125.209.0/24
89.125.255.0/24
103.245.231.0/24
185.198.234.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:10:ea:1e:9c:90:62:ac:1a:1e:41:55:0a:86:1f:d2:c8:17:
da:43:61:66:64:87:55:34:c9:b8:84:a9:1d:84:68:45:a4:da:
a1:76:ca:a3:09:29:f5:1c:60:45:20:5a:0a:94:1b:16:85:1c:
61:d8:5e:23:22:af:95:1d:07:20:44:41:e5:06:b2:68:71:e0:
86:1d:59:9e:d4:9d:59:a5:54:a8:9d:a5:d3:91:86:3b:5a:b5:
40:ef:91:c3:86:0d:49:03:fb:ff:23:fe:cb:85:f3:b6:64:f0:
16:58:7a:7c:39:49:ea:04:f3:6f:3b:3b:8a:06:b6:0f:6d:1f:
2f:b5:9e:83:fc:51:e3:d0:22:16:c3:6d:61:99:de:23:a8:9e:
d6:26:68:ba:84:b1:9f:b8:2e:2b:6b:c7:3d:0f:bc:72:79:06:
05:28:ad:94:0a:44:09:78:dd:8c:eb:73:ae:6f:8f:69:84:98:
5d:df:51:20:8e:c4:90:fb:b6:17:d4:2d:6a:4e:82:86:33:de:
14:a7:99:19:c9:d0:8e:fd:e8:da:b6:09:13:6c:b0:d6:6d:74:
56:ee:fd:47:e9:de:49:de:9b:ec:d7:02:f5:fd:41:fa:b0:3e:
31:3f:28:77:c0:17:21:c7:2b:3d:22:60:19:54:8c:a1:37:23:
a4:eb:cb:8c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZwnSqqPBUVDI1H4hQtonGTrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwMjA0MDYxNTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGFhOWI2NDE0OWU4YWVjOGEwZjY4NmE2YjY2MjUxNzQwZjRhYjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA77J9d6w6b7fooGVZbpfYUCjkifNC
KpF6s9netbguspEw2+uj+BHmkljxTTnZ2iaM287VzHpmoIMyaR29tU8HV6XFNFI/
TI785jO13RCV2lJay3CZcqV01BA72PxzVnHU/56rLAiQgkMZI9SslM704tv4L4mA
pN6w2SJCyC2ZKskk3ewVCf1lyT1iwbUt6bM2z9ky9bws9HtIQ4rkV8JdDPf98XkA
GFPd1hXpllweeROM71WDf+HH3Qvrnvsqrle6/fvevPO4y7XLCO+BfRTk9XG1Swsq
0bbl3pnE6LnCvJvT601KBJWI6OJyJf9kaOrM+1I2aiq1duo/Wz/HSW/SbwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFN2qm2QUnorsig9oamtmJRdA9KuSMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvM2FxYlpCU2VpdXlLRDJocWEyWWxGMEQwcTVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAWX0yAwQA
WX1FAwQAWX27AwQAWX3RAwQAWX3/AwQAZ/XnAwQAucbqMA0GCSqGSIb3DQEBCwUA
A4IBAQBOEOoenJBirBoeQVUKhh/SyBfaQ2FmZIdVNMm4hKkdhGhFpNqhdsqjCSn1
HGBFIFoKlBsWhRxh2F4jIq+VHQcgREHlBrJoceCGHVme1J1ZpVSonaXTkYY7WrVA
75HDhg1JA/v/I/7LhfO2ZPAWWHp8OUnqBPNvOzuKBrYPbR8vtZ6D/FHj0CIWw21h
md4jqJ7WJmi6hLGfuC4ra8c9D7xyeQYFKK2UCkQJeN2M63Oub49phJhd31EgjsSQ
+7YX1C1qToKGM94Up5kZydCO/ejatgkTbLDWbXRW7v1H6d5J3pvs1wL1/UH6sD4x
Pyh3wBchxys9ImAZVIyhNyOk68uM
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:04:17 2026 by rpki-client