Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/9q3EYdZ3lfMQxLLXWr1Lu4GLDoA.roa
File: 9q3EYdZ3lfMQxLLXWr1Lu4GLDoA.roa (raw, json)
Hash identifier: 83WLeeOeZ990Jlz8T0MeqEiLs0USK5cXzUu6OTKmBQA=
Subject key identifier: F6:AD:C4:61:D6:77:95:F3:10:C4:B2:D7:5A:BD:4B:BB:81:8B:0E:80
Certificate issuer: /CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Certificate serial: 019C660952440D07730211AA33ADAE45111E
Authority key identifier: 0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/9q3EYdZ3lfMQxLLXWr1Lu4GLDoA.roa
Signing time: Mon 16 Feb 2026 10:40:12 +0000
ROA not before: Mon 16 Feb 2026 10:40:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8708
IP address blocks: 5.2.128.0/17 maxlen: 17
5.12.0.0/14 maxlen: 14
31.14.224.0/22 maxlen: 22
62.231.64.0/18 maxlen: 18
62.231.79.0/24 maxlen: 24
62.231.120.0/24 maxlen: 24
79.114.0.0/15 maxlen: 15
79.118.0.0/15 maxlen: 15
79.118.155.0/24 maxlen: 24
81.18.64.0/19 maxlen: 19
81.196.0.0/16 maxlen: 16
81.196.205.0/24 maxlen: 24
82.76.0.0/14 maxlen: 14
82.76.58.0/24 maxlen: 24
82.76.114.0/24 maxlen: 24
82.76.243.0/24 maxlen: 24
82.76.254.0/23 maxlen: 23
82.78.137.0/24 maxlen: 24
82.79.10.0/24 maxlen: 24
82.79.119.0/24 maxlen: 24
82.137.0.0/18 maxlen: 18
82.137.0.0/21 maxlen: 21
82.137.16.0/20 maxlen: 20
82.137.32.0/19 maxlen: 19
84.232.128.0/17 maxlen: 17
84.232.149.0/24 maxlen: 24
84.232.181.0/24 maxlen: 24
86.120.0.0/13 maxlen: 13
86.121.222.0/24 maxlen: 24
86.123.114.0/24 maxlen: 24
86.127.54.0/24 maxlen: 24
86.127.59.0/24 maxlen: 24
89.43.180.0/23 maxlen: 23
89.45.72.0/22 maxlen: 22
89.46.12.0/22 maxlen: 22
93.113.40.0/22 maxlen: 22
94.176.220.0/22 maxlen: 22
185.79.92.0/22 maxlen: 22
185.129.36.0/22 maxlen: 22
188.24.0.0/15 maxlen: 15
188.26.0.0/17 maxlen: 17
188.26.128.0/18 maxlen: 18
188.26.224.0/19 maxlen: 19
188.27.0.0/16 maxlen: 16
188.27.120.0/24 maxlen: 24
193.111.232.0/24 maxlen: 24
194.102.80.0/24 maxlen: 24
194.102.81.0/24 maxlen: 24
212.54.96.0/19 maxlen: 19
212.54.120.0/24 maxlen: 24
212.54.122.0/24 maxlen: 24
212.54.123.0/24 maxlen: 24
212.54.127.0/24 maxlen: 24
212.93.128.0/19 maxlen: 19
212.93.143.0/24 maxlen: 24
213.154.96.0/19 maxlen: 24
213.154.100.0/24 maxlen: 24
213.154.128.0/19 maxlen: 24
213.157.160.0/19 maxlen: 19
213.157.165.0/24 maxlen: 24
213.157.189.0/24 maxlen: 24
2a02:2f00::/28 maxlen: 28
2a02:2f01:100::/48 maxlen: 48
2a02:2f09:3100::/48 maxlen: 48
2a02:2f0c:8002::/48 maxlen: 48
2a02:2f0f:309::/48 maxlen: 48
2a02:2f0f:571::/48 maxlen: 48
2a03:9c20::/32 maxlen: 32
2a03:9c20:1000::/48 maxlen: 48
2a03:9c20:f000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.mft
rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 07:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:66:09:52:44:0d:07:73:02:11:aa:33:ad:ae:45:11:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Validity
Not Before: Feb 16 10:40:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f6adc461d67795f310c4b2d75abd4bbb818b0e80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e7:dd:ab:ee:d3:94:5d:d3:6b:c4:97:ff:55:
de:ee:c4:d6:b2:63:15:55:5c:d6:09:bf:46:fa:b7:
6d:72:42:d6:c4:32:76:8e:be:e5:29:d3:0d:34:ee:
57:4b:a0:5f:66:f6:33:e2:ae:21:17:39:62:4d:79:
ab:89:0e:1f:c8:21:c6:1c:4d:90:52:75:37:bf:f1:
38:9b:15:2f:6d:dd:23:24:3c:d7:84:c8:8b:62:d3:
5d:02:42:f6:64:a5:47:a3:6a:0e:4b:af:22:4e:af:
2d:b2:76:22:8b:ad:23:49:cf:77:22:cb:8d:8f:a1:
ed:0c:d2:ba:7b:4a:35:af:15:0e:59:1e:fe:43:a9:
9e:ba:4d:0e:95:34:d4:b7:9b:2f:25:2e:86:d2:54:
62:e9:1c:13:f2:2c:5d:28:5a:af:0c:1a:cb:23:ed:
ed:0a:2d:74:c4:41:c1:22:6b:b5:fc:33:15:1b:1c:
ff:ab:d4:2f:1f:cc:c5:09:a3:a5:c0:5a:d5:43:29:
7c:1c:b3:91:a9:fc:96:f4:70:31:9e:e8:72:0b:c4:
3a:c6:42:ba:e8:0f:fd:ca:b6:f3:0a:eb:63:b4:37:
2c:71:90:18:e8:80:70:e9:84:1c:a6:81:df:1f:b5:
95:9e:21:74:c9:9f:c1:8d:f2:5b:22:d4:87:6f:12:
e4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:AD:C4:61:D6:77:95:F3:10:C4:B2:D7:5A:BD:4B:BB:81:8B:0E:80
X509v3 Authority Key Identifier:
keyid:0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/9q3EYdZ3lfMQxLLXWr1Lu4GLDoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.128.0/17
5.12.0.0/14
31.14.224.0/22
62.231.64.0/18
79.114.0.0/15
79.118.0.0/15
81.18.64.0/19
81.196.0.0/16
82.76.0.0/14
82.137.0.0/18
84.232.128.0/17
86.120.0.0/13
89.43.180.0/23
89.45.72.0/22
89.46.12.0/22
93.113.40.0/22
94.176.220.0/22
185.79.92.0/22
185.129.36.0/22
188.24.0.0-188.26.191.255
188.26.224.0-188.27.255.255
193.111.232.0/24
194.102.80.0/23
212.54.96.0/19
212.93.128.0/19
213.154.96.0-213.154.159.255
213.157.160.0/19
IPv6:
2a02:2f00::/28
2a03:9c20::/32
Signature Algorithm: sha256WithRSAEncryption
08:e7:fd:35:d5:12:a6:b5:e6:52:41:e0:93:24:3d:78:25:4e:
8b:71:1c:d5:c3:f4:b4:d5:b6:74:80:2b:9f:c8:d6:c5:09:95:
e0:1d:f8:ba:18:a0:f2:8c:df:56:5c:bb:d6:48:e6:7b:bd:47:
5c:a4:ae:20:61:f5:dd:0c:b1:2b:f5:72:12:54:e8:37:d5:01:
29:b8:d2:f1:53:aa:58:94:db:5a:90:af:08:39:f4:37:7a:b6:
28:31:6e:e1:eb:05:22:57:ef:ee:8a:ed:af:f5:cd:72:2e:d5:
56:49:4a:46:9b:9c:cb:b1:64:92:e2:56:c5:82:3f:9f:4d:e3:
bd:7c:dd:49:1a:f6:39:78:2e:3f:5b:24:7d:f2:64:17:62:f4:
5e:7f:b5:72:5d:ea:0b:9e:13:45:ad:eb:0c:e9:07:4a:bc:2e:
8d:cb:24:4b:b3:ec:5a:78:fc:e3:ce:7d:8d:ab:30:f1:54:dd:
4d:3d:0c:ae:42:19:1c:24:0b:16:af:3f:de:58:e3:bb:6b:d2:
b3:3e:eb:81:ef:4a:bd:5a:99:eb:6b:9b:18:39:95:34:65:0b:
dd:b6:dc:99:1b:a9:42:cb:df:c7:8b:4c:97:90:55:da:e5:72:
84:ae:e4:bc:8f:2d:f2:ba:48:15:62:36:3c:36:27:45:af:aa:
d5:ca:15:ac
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAZxmCVJEDQdzAhGqM62uRREeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNTU2YWNiNWYzYjk2MWI1Y2MyNGEyOTk1ZjM0ZWU5MWY3
OWRjMTYwHhcNMjYwMjE2MTA0MDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmFkYzQ2MWQ2Nzc5NWYzMTBjNGIyZDc1YWJkNGJiYjgxOGIwZTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+fdq+7TlF3Ta8SX/1Xe7sTWsmMV
VVzWCb9G+rdtckLWxDJ2jr7lKdMNNO5XS6BfZvYz4q4hFzliTXmriQ4fyCHGHE2Q
UnU3v/E4mxUvbd0jJDzXhMiLYtNdAkL2ZKVHo2oOS68iTq8tsnYii60jSc93IsuN
j6HtDNK6e0o1rxUOWR7+Q6meuk0OlTTUt5svJS6G0lRi6RwT8ixdKFqvDBrLI+3t
Ci10xEHBImu1/DMVGxz/q9QvH8zFCaOlwFrVQyl8HLORqfyW9HAxnuhyC8Q6xkK6
6A/9yrbzCutjtDcscZAY6IBw6YQcpoHfH7WVniF0yZ/BjfJbItSHbxLkkwIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFPatxGHWd5XzEMSy11q9S7uBiw6AMB8GA1UdIwQY
MBaAFAtVastfO5YbXMJKKZXzTukfedwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEt
ZDJiYmYzN2RhYmI0LzEvOXEzRVlkWjNsZk1ReExMWFdyMUx1NEdMRG9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEtZDJiYmYzN2RhYmI0
LzEvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBuQQCAAEwgbIDBAcF
AoADAwIFDAMEAh8O4AMEBj7nQAMDAU9yAwMBT3YDBAVREkADAwBRxAMDAlJMAwQG
UokAAwQHVOiAAwMDVngDBAFZK7QDBAJZLUgDBAJZLgwDBAJdcSgDBAJesNwDBAK5
T1wDBAK5gSQwCwMDA7wYAwQGvBqAMAsDBAW8GuADAwK8GAMEAMFv6AMEAcJmUAME
BdQ2YAMEBdRdgDAMAwQF1ZpgAwQF1ZqAAwQF1Z2gMBQEAgACMA4DBQQqAi8AAwUA
KgOcIDANBgkqhkiG9w0BAQsFAAOCAQEACOf9NdUSprXmUkHgkyQ9eCVOi3Ec1cP0
tNW2dIArn8jWxQmV4B34uhig8ozfVly71kjme71HXKSuIGH13QyxK/VyElToN9UB
KbjS8VOqWJTbWpCvCDn0N3q2KDFu4esFIlfv7ortr/XNci7VVklKRpucy7FkkuJW
xYI/n03jvXzdSRr2OXguP1skffJkF2L0Xn+1cl3qC54TRa3rDOkHSrwujcskS7Ps
Wnj84859jasw8VTdTT0MrkIZHCQLFq8/3ljju2vSsz7rge9KvVqZ62ubGDmVNGUL
3bbcmRupQsvfx4tMl5BV2uVyhK7kvI8t8rpIFWI2PDYnRa+q1coVrA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:09:17 2026 by rpki-client