Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/e0d8mNV4IQCUxs2jzud1MKVtc5o.roa
File: e0d8mNV4IQCUxs2jzud1MKVtc5o.roa (raw, json)
Hash identifier: X8Xxk4PHsxGy5G+6YOij6+7R9UtoEBsJllzoG/Vd5BE=
Subject key identifier: 7B:47:7C:98:D5:78:21:00:94:C6:CD:A3:CE:E7:75:30:A5:6D:73:9A
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019C8A9FADF79FE4F02B7222E4D21C914C98
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/e0d8mNV4IQCUxs2jzud1MKVtc5o.roa
Signing time: Mon 23 Feb 2026 13:10:46 +0000
ROA not before: Mon 23 Feb 2026 13:10:46 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 45.139.6.0/23 maxlen: 24
82.115.9.0/24 maxlen: 24
89.251.10.0/24 maxlen: 24
159.255.32.0/22 maxlen: 22
159.255.36.0/22 maxlen: 22
185.231.172.0/24 maxlen: 24
188.209.156.0/22 maxlen: 24
195.96.135.0/24 maxlen: 24
202.133.90.0/23 maxlen: 24
212.90.100.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8a:9f:ad:f7:9f:e4:f0:2b:72:22:e4:d2:1c:91:4c:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Feb 23 13:10:46 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7b477c98d578210094c6cda3cee77530a56d739a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ee:65:cc:6e:f5:d5:14:4c:e1:7d:e6:78:64:
9d:da:a6:1e:7e:65:4d:a2:90:5c:0c:e8:fc:36:45:
7b:5c:a0:72:dc:b1:cf:e0:b1:f2:10:33:58:c5:3b:
60:d8:eb:ef:4e:eb:e2:6a:71:97:2f:89:d2:c8:c8:
49:c8:37:9f:b8:63:9c:11:ca:1f:e5:3a:d8:a2:e2:
81:a5:14:38:af:0c:97:21:16:1c:59:97:2c:3f:87:
82:18:30:8f:d5:06:3b:df:d7:6f:85:d6:ed:64:f5:
50:bc:bb:fa:16:37:2c:93:da:86:3b:5a:d6:7a:6f:
3b:77:69:5a:3c:9f:5b:4f:1c:99:76:16:c1:e8:35:
51:b9:45:34:ab:d7:16:db:93:7f:65:2d:67:5a:8c:
ce:07:8e:cb:1a:8d:d9:3f:6d:9d:e2:9a:8c:b2:8b:
dd:b1:b8:23:57:52:00:af:17:88:98:76:dc:79:9b:
d4:57:9f:0e:5e:d9:82:fe:b0:fb:40:50:e5:66:68:
5c:fa:fe:b9:6f:95:02:f0:62:30:1d:31:b3:d8:5a:
ac:ac:24:bd:0a:43:b8:18:f9:25:fd:01:2f:37:38:
81:91:42:5c:91:a6:17:c2:0f:fb:dc:3f:c6:b2:4b:
5c:77:ff:bb:81:2f:2c:d5:52:46:e5:b4:c4:a9:99:
36:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:47:7C:98:D5:78:21:00:94:C6:CD:A3:CE:E7:75:30:A5:6D:73:9A
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/e0d8mNV4IQCUxs2jzud1MKVtc5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.6.0/23
82.115.9.0/24
89.251.10.0/24
159.255.32.0/21
185.231.172.0/24
188.209.156.0/22
195.96.135.0/24
202.133.90.0/23
212.90.100.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:31:76:ae:a7:af:0b:05:43:33:8d:01:8e:80:1f:31:04:a5:
53:24:ac:49:1b:d7:c2:6d:18:c2:60:3b:54:4b:91:37:1a:f0:
71:67:82:67:2c:4f:c5:f7:99:a1:fd:c8:65:08:76:dd:b8:1e:
92:64:45:12:19:9d:03:c5:31:fa:e2:ae:37:79:4a:6e:35:e3:
06:3b:bb:e2:90:57:9d:b3:91:af:28:a3:c1:ad:b1:7f:e4:9f:
63:cf:05:f0:05:0a:c2:af:9a:46:9c:be:7c:a6:c9:e0:a8:75:
8c:92:2e:99:64:7d:ab:39:80:9c:7b:e8:39:e5:ce:e3:32:4a:
bb:a9:bf:63:af:32:70:55:ac:f0:eb:2d:e3:c4:2c:80:9e:29:
d3:cc:cc:3b:06:35:10:fc:d1:22:e5:c4:71:ee:19:fe:32:dc:
d6:9c:4e:70:a4:e1:93:d9:26:10:6e:8a:6f:2b:0b:06:11:1f:
83:58:dc:0f:95:eb:75:f7:ac:df:50:5c:5c:d9:8e:4b:07:eb:
c0:2e:81:b6:ab:33:7e:30:27:08:c2:19:5d:49:5b:28:2b:76:
34:bc:7b:b9:5e:66:50:19:4a:6e:4f:44:e9:14:ac:52:e3:f7:
1e:9c:ae:49:6c:57:b3:f4:5e:6a:4d:ae:84:d1:7b:0e:5f:9a:
4a:a1:14:64
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZyKn633n+TwK3Ii5NIckUyYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjYwMjIzMTMxMDQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjQ3N2M5OGQ1NzgyMTAwOTRjNmNkYTNjZWU3NzUzMGE1NmQ3MzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApu5lzG711RRM4X3meGSd2qYefmVN
opBcDOj8NkV7XKBy3LHP4LHyEDNYxTtg2OvvTuvianGXL4nSyMhJyDefuGOcEcof
5TrYouKBpRQ4rwyXIRYcWZcsP4eCGDCP1QY739dvhdbtZPVQvLv6Fjcsk9qGO1rW
em87d2laPJ9bTxyZdhbB6DVRuUU0q9cW25N/ZS1nWozOB47LGo3ZP22d4pqMsovd
sbgjV1IArxeImHbceZvUV58OXtmC/rD7QFDlZmhc+v65b5UC8GIwHTGz2FqsrCS9
CkO4GPkl/QEvNziBkUJckaYXwg/73D/Gsktcd/+7gS8s1VJG5bTEqZk2FQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHtHfJjVeCEAlMbNo87ndTClbXOaMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvZTBkOG1OVjRJUUNVeHMyanp1ZDFNS1Z0YzVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBLYsGAwQA
UnMJAwQAWfsKAwQDn/8gAwQAueesAwQCvNGcAwQAw2CHAwQByoVaAwQC1FpkMA0G
CSqGSIb3DQEBCwUAA4IBAQC0MXaup68LBUMzjQGOgB8xBKVTJKxJG9fCbRjCYDtU
S5E3GvBxZ4JnLE/F95mh/chlCHbduB6SZEUSGZ0DxTH64q43eUpuNeMGO7vikFed
s5GvKKPBrbF/5J9jzwXwBQrCr5pGnL58psngqHWMki6ZZH2rOYCce+g55c7jMkq7
qb9jrzJwVazw6y3jxCyAninTzMw7BjUQ/NEi5cRx7hn+MtzWnE5wpOGT2SYQbopv
KwsGER+DWNwPlet196zfUFxc2Y5LB+vALoG2qzN+MCcIwhldSVsoK3Y0vHu5XmZQ
GUpuT0TpFKxS4/cenK5JbFez9F5qTa6E0XsOX5pKoRRk
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:24:36 2026 by rpki-client