Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9e982d-ad5b-4100-8d9d-d1efceec34c1/1/ateB1eMixo1Q5bIvGLLCwGfK3Yk.roa
File: ateB1eMixo1Q5bIvGLLCwGfK3Yk.roa (raw, json)
Hash identifier: hmzWGsdutZHKJhCIH0ky2UAWl4Fsdp5ElC7q6jHDT04=
Subject key identifier: 6A:D7:81:D5:E3:22:C6:8D:50:E5:B2:2F:18:B2:C2:C0:67:CA:DD:89
Certificate issuer: /CN=99b0425b71c2b51cd7ebe47d3efe7cb9861b4d82
Certificate serial: 019B7F13DF6886D39E4D8E51A3ADF0756700
Authority key identifier: 99:B0:42:5B:71:C2:B5:1C:D7:EB:E4:7D:3E:FE:7C:B9:86:1B:4D:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mbBCW3HCtRzX6-R9Pv58uYYbTYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/9e982d-ad5b-4100-8d9d-d1efceec34c1/1/ateB1eMixo1Q5bIvGLLCwGfK3Yk.roa
Signing time: Fri 02 Jan 2026 14:19:27 +0000
ROA not before: Fri 02 Jan 2026 14:19:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208611
IP address blocks: 185.122.8.0/24 maxlen: 24
185.122.9.0/24 maxlen: 24
185.122.10.0/24 maxlen: 24
185.122.11.0/24 maxlen: 24
185.194.240.0/24 maxlen: 24
185.194.241.0/24 maxlen: 24
185.194.242.0/24 maxlen: 24
185.194.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/9e982d-ad5b-4100-8d9d-d1efceec34c1/1/mbBCW3HCtRzX6-R9Pv58uYYbTYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/9e982d-ad5b-4100-8d9d-d1efceec34c1/1/mbBCW3HCtRzX6-R9Pv58uYYbTYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/mbBCW3HCtRzX6-R9Pv58uYYbTYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7f:13:df:68:86:d3:9e:4d:8e:51:a3:ad:f0:75:67:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99b0425b71c2b51cd7ebe47d3efe7cb9861b4d82
Validity
Not Before: Jan 2 14:19:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6ad781d5e322c68d50e5b22f18b2c2c067cadd89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f7:42:62:7d:bc:32:89:d6:c3:bb:1a:5b:02:
6d:02:ee:af:72:f0:9a:03:60:80:cb:fc:78:75:97:
fc:2b:94:83:11:a9:b3:55:bd:d8:fb:dc:25:15:72:
ed:e9:da:98:dc:58:56:c8:23:9c:5f:6f:22:dc:83:
f3:4f:38:00:cf:68:7b:02:b0:dc:97:bc:c5:52:04:
a6:f0:64:1a:bb:5f:ce:9c:98:c4:08:67:50:8d:2f:
2e:7c:d1:bc:17:db:22:2d:34:84:97:70:b1:67:0e:
3a:5d:df:78:9e:97:e0:ad:7a:d1:c8:55:18:d9:2d:
b7:ea:04:95:44:d2:0d:fd:64:6e:7c:0c:12:d7:07:
27:96:4a:e4:79:75:6c:33:04:5a:26:aa:1d:af:de:
49:07:67:d1:95:30:62:90:4d:79:bd:1c:dd:c4:6c:
c5:74:84:4b:2d:41:2c:6c:a7:d9:47:c7:5d:cd:17:
8f:55:3f:bb:fa:25:11:be:60:dc:7e:85:35:60:2b:
66:88:65:fd:91:f8:61:34:75:55:a6:78:b8:f3:87:
d5:57:96:ed:d4:ae:c3:4c:ef:67:94:2a:54:06:d9:
59:10:8d:77:6e:b8:13:d8:f9:6f:a4:fd:b2:6f:8d:
3f:b0:20:1e:ff:ca:97:80:f6:2c:30:11:e4:54:6e:
1c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:D7:81:D5:E3:22:C6:8D:50:E5:B2:2F:18:B2:C2:C0:67:CA:DD:89
X509v3 Authority Key Identifier:
keyid:99:B0:42:5B:71:C2:B5:1C:D7:EB:E4:7D:3E:FE:7C:B9:86:1B:4D:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mbBCW3HCtRzX6-R9Pv58uYYbTYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e982d-ad5b-4100-8d9d-d1efceec34c1/1/ateB1eMixo1Q5bIvGLLCwGfK3Yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e982d-ad5b-4100-8d9d-d1efceec34c1/1/mbBCW3HCtRzX6-R9Pv58uYYbTYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.8.0/22
185.194.240.0/22
Signature Algorithm: sha256WithRSAEncryption
20:c9:bb:b3:b9:3d:ea:a1:78:b6:50:d4:4d:19:88:98:d0:f3:
f1:75:bf:f2:34:ba:fe:14:bb:24:4e:6d:cc:e0:85:c4:60:81:
c2:90:b1:83:eb:6d:99:33:e8:ec:09:4d:1c:75:01:44:d6:b0:
42:03:eb:ef:19:90:5c:a4:a8:db:eb:f9:f5:65:68:95:f1:05:
4e:54:cc:e5:99:b6:3b:23:e0:1d:9c:db:59:bc:ad:92:fb:04:
e5:7b:45:ed:99:90:d6:5d:38:bb:bf:1c:fd:3e:52:d6:3a:e0:
df:6c:2c:85:36:98:77:bd:6c:84:82:f8:74:06:cd:7b:67:87:
13:5c:83:94:ea:47:c4:40:6b:77:ea:16:ba:15:c5:0a:37:89:
32:c7:b7:ff:2f:a5:bf:c6:3e:c9:c4:56:2e:e9:9d:a2:38:5a:
38:b8:46:36:ef:d0:c1:de:f0:ef:a8:38:ed:44:bb:b9:b3:f2:
70:c0:a1:c8:6c:8e:22:69:51:8b:29:be:00:a2:69:a4:78:b6:
09:e7:ba:48:3c:b3:db:a1:46:f9:80:39:5a:86:36:d4:e9:fd:
a2:66:92:50:69:a7:99:af:7c:6a:74:d6:1e:e2:94:c4:13:dc:
40:f8:b7:1e:d4:74:f8:20:4d:01:bf:99:da:46:89:76:03:d9:
c8:c2:2f:90
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZt/E99ohtOeTY5Ro63wdWcAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YjA0MjViNzFjMmI1MWNkN2ViZTQ3ZDNlZmU3Y2I5ODYx
YjRkODIwHhcNMjYwMTAyMTQxOTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWQ3ODFkNWUzMjJjNjhkNTBlNWIyMmYxOGIyYzJjMDY3Y2FkZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/dCYn28MonWw7saWwJtAu6vcvCa
A2CAy/x4dZf8K5SDEamzVb3Y+9wlFXLt6dqY3FhWyCOcX28i3IPzTzgAz2h7ArDc
l7zFUgSm8GQau1/OnJjECGdQjS8ufNG8F9siLTSEl3CxZw46Xd94npfgrXrRyFUY
2S236gSVRNIN/WRufAwS1wcnlkrkeXVsMwRaJqodr95JB2fRlTBikE15vRzdxGzF
dIRLLUEsbKfZR8ddzRePVT+7+iURvmDcfoU1YCtmiGX9kfhhNHVVpni484fVV5bt
1K7DTO9nlCpUBtlZEI13brgT2PlvpP2yb40/sCAe/8qXgPYsMBHkVG4cOQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGrXgdXjIsaNUOWyLxiywsBnyt2JMB8GA1UdIwQY
MBaAFJmwQltxwrUc1+vkfT7+fLmGG02CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWJCQ1czSEN0UnpYNi1SOVB2NTh1WVliVFlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZTk4MmQtYWQ1Yi00MTAwLThkOWQt
ZDFlZmNlZWMzNGMxLzEvYXRlQjFlTWl4bzFRNWJJdkdMTEN3R2ZLM1lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85ZTk4MmQtYWQ1Yi00MTAwLThkOWQtZDFlZmNlZWMzNGMx
LzEvbWJCQ1czSEN0UnpYNi1SOVB2NTh1WVliVFlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuXoIAwQC
ucLwMA0GCSqGSIb3DQEBCwUAA4IBAQAgybuzuT3qoXi2UNRNGYiY0PPxdb/yNLr+
FLskTm3M4IXEYIHCkLGD622ZM+jsCU0cdQFE1rBCA+vvGZBcpKjb6/n1ZWiV8QVO
VMzlmbY7I+AdnNtZvK2S+wTle0XtmZDWXTi7vxz9PlLWOuDfbCyFNph3vWyEgvh0
Bs17Z4cTXIOU6kfEQGt36ha6FcUKN4kyx7f/L6W/xj7JxFYu6Z2iOFo4uEY279DB
3vDvqDjtRLu5s/JwwKHIbI4iaVGLKb4AommkeLYJ57pIPLPboUb5gDlahjbU6f2i
ZpJQaaeZr3xqdNYe4pTEE9xA+Lce1HT4IE0Bv5naRol2A9nIwi+Q
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:36:06 2026 by rpki-client