Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/eX-mxCe4aOVRvqfABXD3XD44-Q0.roa
File: eX-mxCe4aOVRvqfABXD3XD44-Q0.roa (raw, json)
Hash identifier: WteYUUqDb29xXfLR9yOCxZhFZTrxf/JEk97tf2HnzV4=
Subject key identifier: 79:7F:A6:C4:27:B8:68:E5:51:BE:A7:C0:05:70:F7:5C:3E:38:F9:0D
Certificate issuer: /CN=6525d8b7f19e2fb75cb7f95789d9118f6b1b9705
Certificate serial: 019C4C4E1A63EF66F003BDC7C19F2DA1E90F
Authority key identifier: 65:25:D8:B7:F1:9E:2F:B7:5C:B7:F9:57:89:D9:11:8F:6B:1B:97:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZSXYt_GeL7dct_lXidkRj2sblwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/eX-mxCe4aOVRvqfABXD3XD44-Q0.roa
Signing time: Wed 11 Feb 2026 10:45:12 +0000
ROA not before: Wed 11 Feb 2026 10:45:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8393
IP address blocks: 80.92.192.0/24 maxlen: 24
80.92.193.0/24 maxlen: 24
80.92.194.0/24 maxlen: 24
80.92.195.0/24 maxlen: 24
80.92.196.0/24 maxlen: 24
80.92.197.0/24 maxlen: 24
80.92.198.0/24 maxlen: 24
80.92.199.0/24 maxlen: 24
91.203.20.0/24 maxlen: 24
91.203.21.0/24 maxlen: 24
91.203.22.0/24 maxlen: 24
93.183.96.0/24 maxlen: 24
93.183.97.0/24 maxlen: 24
149.154.190.0/23 maxlen: 23
185.209.88.0/24 maxlen: 24
185.217.16.0/24 maxlen: 24
185.217.17.0/24 maxlen: 24
185.217.18.0/24 maxlen: 24
185.217.19.0/24 maxlen: 24
193.193.224.0/24 maxlen: 24
193.193.225.0/24 maxlen: 24
193.193.226.0/24 maxlen: 24
193.193.227.0/24 maxlen: 24
193.193.228.0/24 maxlen: 24
193.193.229.0/24 maxlen: 24
193.193.230.0/24 maxlen: 24
193.193.231.0/24 maxlen: 24
193.193.232.0/24 maxlen: 24
193.193.233.0/24 maxlen: 24
193.193.234.0/24 maxlen: 24
193.193.235.0/24 maxlen: 24
193.193.236.0/24 maxlen: 24
193.193.237.0/24 maxlen: 24
193.193.238.0/24 maxlen: 24
193.193.239.0/24 maxlen: 24
193.193.240.0/24 maxlen: 24
193.193.241.0/24 maxlen: 24
193.193.242.0/24 maxlen: 24
193.193.243.0/24 maxlen: 24
193.193.244.0/24 maxlen: 24
193.193.245.0/24 maxlen: 24
193.193.246.0/24 maxlen: 24
193.193.247.0/24 maxlen: 24
193.193.248.0/24 maxlen: 24
193.193.249.0/24 maxlen: 24
193.193.250.0/24 maxlen: 24
193.193.251.0/24 maxlen: 24
193.193.252.0/23 maxlen: 23
193.193.254.0/24 maxlen: 24
193.193.255.0/24 maxlen: 24
213.157.32.0/24 maxlen: 24
213.157.33.0/24 maxlen: 24
213.157.34.0/24 maxlen: 24
213.157.35.0/24 maxlen: 24
213.157.36.0/24 maxlen: 24
213.157.37.0/24 maxlen: 24
213.157.38.0/24 maxlen: 24
213.157.39.0/24 maxlen: 24
213.157.40.0/24 maxlen: 24
213.157.41.0/24 maxlen: 24
213.157.42.0/24 maxlen: 24
213.157.43.0/24 maxlen: 24
213.157.44.0/24 maxlen: 24
213.157.45.0/24 maxlen: 24
213.157.46.0/24 maxlen: 24
213.157.47.0/24 maxlen: 24
213.157.48.0/24 maxlen: 24
213.157.49.0/24 maxlen: 24
213.157.50.0/24 maxlen: 24
213.157.51.0/24 maxlen: 24
213.157.52.0/24 maxlen: 24
213.157.53.0/24 maxlen: 24
213.157.54.0/23 maxlen: 23
213.157.56.0/24 maxlen: 24
213.157.57.0/24 maxlen: 24
213.157.58.0/23 maxlen: 23
213.157.60.0/24 maxlen: 24
213.157.61.0/24 maxlen: 24
213.157.62.0/24 maxlen: 24
213.157.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/ZSXYt_GeL7dct_lXidkRj2sblwU.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/ZSXYt_GeL7dct_lXidkRj2sblwU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZSXYt_GeL7dct_lXidkRj2sblwU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 13:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:4c:4e:1a:63:ef:66:f0:03:bd:c7:c1:9f:2d:a1:e9:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6525d8b7f19e2fb75cb7f95789d9118f6b1b9705
Validity
Not Before: Feb 11 10:45:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=797fa6c427b868e551bea7c00570f75c3e38f90d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7a:f6:2e:50:3b:94:8f:44:34:3b:4e:de:53:
26:1d:7c:21:02:aa:51:33:e4:82:c6:30:bf:42:b3:
54:c4:56:72:06:21:cb:53:88:da:9a:b0:e0:34:2f:
8b:25:57:e2:46:f3:71:20:d9:45:ba:58:d3:c6:b6:
71:21:fc:14:4c:74:8d:4e:19:78:5a:7b:23:45:97:
f9:49:a4:2e:48:6f:1d:d3:c1:7f:e4:35:8b:49:01:
d8:da:ac:92:99:62:b5:54:f2:19:0f:16:28:87:c4:
7b:40:43:c9:aa:e6:34:8b:e2:28:de:33:e6:14:b8:
e8:07:fa:34:9b:7d:0f:c6:7e:15:d4:7b:9a:fb:3d:
77:df:eb:3b:38:7c:34:2c:50:f2:e3:e5:e1:5f:92:
98:00:f7:7a:90:27:c9:c1:fc:4e:64:49:60:f3:2d:
05:87:67:b3:ee:f3:9a:bf:7f:5f:ce:9a:d1:29:9b:
1b:f2:62:74:2d:59:ae:ed:0f:ad:58:b4:0f:a6:2a:
47:94:f0:20:55:dd:d7:ce:e7:93:5f:88:16:96:d7:
d6:d2:05:c4:ae:99:29:e1:c3:62:5e:d5:22:8a:32:
26:52:d2:da:4d:48:25:ab:9f:10:8a:7c:1a:67:f1:
c3:7e:2f:48:1d:0e:d9:6a:94:53:f9:c1:6a:fd:6c:
95:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:7F:A6:C4:27:B8:68:E5:51:BE:A7:C0:05:70:F7:5C:3E:38:F9:0D
X509v3 Authority Key Identifier:
keyid:65:25:D8:B7:F1:9E:2F:B7:5C:B7:F9:57:89:D9:11:8F:6B:1B:97:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZSXYt_GeL7dct_lXidkRj2sblwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/eX-mxCe4aOVRvqfABXD3XD44-Q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/ZSXYt_GeL7dct_lXidkRj2sblwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.92.192.0/21
91.203.20.0-91.203.22.255
93.183.96.0/23
149.154.190.0/23
185.209.88.0/24
185.217.16.0/22
193.193.224.0/19
213.157.32.0/19
Signature Algorithm: sha256WithRSAEncryption
18:3d:b3:ef:95:10:71:6d:e7:b0:c9:e9:28:e9:54:32:53:f0:
4b:80:50:2c:55:0a:0d:a4:1b:8d:c7:82:b0:0d:de:23:be:b0:
12:77:18:75:e5:d6:98:ef:eb:34:11:ad:7f:af:69:30:f4:05:
27:a4:32:cf:d6:99:cb:be:6e:50:ed:99:64:e6:be:ea:d5:6a:
03:98:2b:01:67:9a:98:36:42:49:72:01:b2:7b:9b:e7:eb:30:
cc:ae:cc:f7:74:e6:0a:cf:cd:39:2d:c4:bb:80:55:3f:83:6c:
37:8e:81:fb:36:55:22:22:04:c3:d4:f9:5d:83:41:07:1b:45:
b1:af:da:32:bf:c8:b3:86:96:aa:42:2e:e3:94:42:db:e9:4a:
39:2a:19:90:5d:86:0d:79:a9:7f:78:9e:6f:ee:29:d3:98:5c:
c4:6e:6f:25:de:01:95:19:43:1c:b4:b1:37:ca:c0:4a:3c:d7:
e4:14:75:aa:a9:d0:ed:35:c1:b5:21:f6:ed:1c:b1:d8:80:89:
30:d5:05:01:aa:79:79:a6:12:ae:9c:d0:0b:ed:82:df:06:82:
38:e9:79:48:e6:f8:bc:fe:47:5a:52:b9:a5:d1:cd:05:f5:11:
e6:7e:b8:8d:35:96:44:db:7d:dd:e1:77:2c:e4:13:c8:ad:42:
c1:0a:a6:13
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZxMThpj72bwA73HwZ8toekPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MjVkOGI3ZjE5ZTJmYjc1Y2I3Zjk1Nzg5ZDkxMThmNmIx
Yjk3MDUwHhcNMjYwMjExMTA0NTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTdmYTZjNDI3Yjg2OGU1NTFiZWE3YzAwNTcwZjc1YzNlMzhmOTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Hr2LlA7lI9ENDtO3lMmHXwhAqpR
M+SCxjC/QrNUxFZyBiHLU4jamrDgNC+LJVfiRvNxINlFuljTxrZxIfwUTHSNThl4
WnsjRZf5SaQuSG8d08F/5DWLSQHY2qySmWK1VPIZDxYoh8R7QEPJquY0i+Io3jPm
FLjoB/o0m30Pxn4V1Hua+z133+s7OHw0LFDy4+XhX5KYAPd6kCfJwfxOZElg8y0F
h2ez7vOav39fzprRKZsb8mJ0LVmu7Q+tWLQPpipHlPAgVd3XzueTX4gWltfW0gXE
rpkp4cNiXtUiijImUtLaTUglq58QinwaZ/HDfi9IHQ7ZapRT+cFq/WyV2QIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFHl/psQnuGjlUb6nwAVw91w+OPkNMB8GA1UdIwQY
MBaAFGUl2Lfxni+3XLf5V4nZEY9rG5cFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlNYWXRfR2VMN2RjdF9sWGlka1JqMnNibHdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9jYWEzODUtYjJhNS00MzIzLWFkYzUt
NDY2MDNkZTgwNWVjLzEvZVgtbXhDZTRhT1ZSdnFmQUJYRDNYRDQ0LVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9jYWEzODUtYjJhNS00MzIzLWFkYzUtNDY2MDNkZTgwNWVj
LzEvWlNYWXRfR2VMN2RjdF9sWGlka1JqMnNibHdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQDUFzAMAwD
BAJbyxQDBABbyxYDBAFdt2ADBAGVmr4DBAC50VgDBAK52RADBAXBweADBAXVnSAw
DQYJKoZIhvcNAQELBQADggEBABg9s++VEHFt57DJ6SjpVDJT8EuAUCxVCg2kG43H
grAN3iO+sBJ3GHXl1pjv6zQRrX+vaTD0BSekMs/Wmcu+blDtmWTmvurVagOYKwFn
mpg2QklyAbJ7m+frMMyuzPd05grPzTktxLuAVT+DbDeOgfs2VSIiBMPU+V2DQQcb
RbGv2jK/yLOGlqpCLuOUQtvpSjkqGZBdhg15qX94nm/uKdOYXMRubyXeAZUZQxy0
sTfKwEo81+QUdaqp0O01wbUh9u0csdiAiTDVBQGqeXmmEq6c0Avtgt8GgjjpeUjm
+Lz+R1pSuaXRzQX1EeZ+uI01lkTbfd3hdyzkE8itQsEKphM=
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:26:18 2026 by rpki-client