Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/c937be-f5b1-43c6-9587-4e06621bd98a/1/_2TkYZ6m9S4gzCbJ7FSAH-2Y0_4.roa
File: _2TkYZ6m9S4gzCbJ7FSAH-2Y0_4.roa (raw, json)
Hash identifier: 29lPquUVvEOM2I/tYNxFjViie9vfaQqvcMnqW/106ho=
Subject key identifier: FF:64:E4:61:9E:A6:F5:2E:20:CC:26:C9:EC:54:80:1F:ED:98:D3:FE
Certificate issuer: /CN=9a92d30708b9d4e8c7c28c97f8037c8027144c47
Certificate serial: 019B7C8090DFD157D6E9299615323338783D
Authority key identifier: 9A:92:D3:07:08:B9:D4:E8:C7:C2:8C:97:F8:03:7C:80:27:14:4C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mpLTBwi51OjHwoyX-AN8gCcUTEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/c937be-f5b1-43c6-9587-4e06621bd98a/1/_2TkYZ6m9S4gzCbJ7FSAH-2Y0_4.roa
Signing time: Fri 02 Jan 2026 02:19:18 +0000
ROA not before: Fri 02 Jan 2026 02:19:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29170
IP address blocks: 46.19.224.0/21 maxlen: 24
46.19.224.0/24 maxlen: 24
46.19.225.0/24 maxlen: 24
46.19.226.0/24 maxlen: 24
46.19.227.0/24 maxlen: 24
46.19.228.0/24 maxlen: 24
46.19.229.0/24 maxlen: 24
46.19.230.0/24 maxlen: 24
82.114.64.0/19 maxlen: 19
82.114.64.0/24 maxlen: 24
82.114.65.0/24 maxlen: 24
82.114.66.0/24 maxlen: 24
82.114.67.0/24 maxlen: 24
82.114.68.0/24 maxlen: 24
82.114.69.0/24 maxlen: 24
82.114.70.0/24 maxlen: 24
82.114.71.0/24 maxlen: 24
82.114.72.0/24 maxlen: 24
82.114.73.0/24 maxlen: 24
82.114.74.0/24 maxlen: 24
82.114.75.0/24 maxlen: 24
82.114.76.0/24 maxlen: 24
82.114.77.0/24 maxlen: 24
82.114.78.0/24 maxlen: 24
82.114.79.0/24 maxlen: 24
82.114.80.0/24 maxlen: 24
82.114.81.0/24 maxlen: 24
82.114.82.0/24 maxlen: 24
82.114.83.0/24 maxlen: 24
82.114.84.0/24 maxlen: 24
82.114.85.0/24 maxlen: 24
82.114.86.0/24 maxlen: 24
82.114.87.0/24 maxlen: 24
82.114.88.0/24 maxlen: 24
82.114.89.0/24 maxlen: 24
82.114.90.0/24 maxlen: 24
82.114.91.0/24 maxlen: 24
82.114.92.0/24 maxlen: 24
82.114.93.0/24 maxlen: 24
82.114.94.0/24 maxlen: 24
82.114.95.0/24 maxlen: 24
178.132.216.0/21 maxlen: 21
178.132.216.0/24 maxlen: 24
178.132.217.0/24 maxlen: 24
178.132.218.0/24 maxlen: 24
178.132.219.0/24 maxlen: 24
178.132.220.0/24 maxlen: 24
178.132.221.0/24 maxlen: 24
178.132.222.0/24 maxlen: 24
178.132.223.0/24 maxlen: 24
185.67.176.0/22 maxlen: 22
185.67.176.0/24 maxlen: 24
185.67.177.0/24 maxlen: 24
185.67.178.0/24 maxlen: 24
185.67.179.0/24 maxlen: 24
185.190.132.0/22 maxlen: 22
185.190.132.0/24 maxlen: 24
185.190.133.0/24 maxlen: 24
185.190.134.0/24 maxlen: 24
185.190.135.0/24 maxlen: 24
2a04:3080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/c937be-f5b1-43c6-9587-4e06621bd98a/1/mpLTBwi51OjHwoyX-AN8gCcUTEc.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/c937be-f5b1-43c6-9587-4e06621bd98a/1/mpLTBwi51OjHwoyX-AN8gCcUTEc.mft
rsync://rpki.ripe.net/repository/DEFAULT/mpLTBwi51OjHwoyX-AN8gCcUTEc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:80:90:df:d1:57:d6:e9:29:96:15:32:33:38:78:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a92d30708b9d4e8c7c28c97f8037c8027144c47
Validity
Not Before: Jan 2 02:19:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ff64e4619ea6f52e20cc26c9ec54801fed98d3fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:91:79:ac:d7:29:49:fe:4c:9a:25:3e:9b:a0:
19:15:d4:55:c3:c5:0b:41:b3:c9:7d:5c:eb:93:2b:
36:cf:c2:3c:47:f7:35:3c:21:86:a7:c0:ab:e3:74:
0f:03:d5:a7:bc:c9:7c:f0:a5:40:80:7f:ca:c8:5d:
fc:3f:9b:27:f0:e1:a5:db:0b:f3:3a:a0:69:20:67:
84:af:e6:2c:47:8b:c5:82:98:1d:f6:ba:f4:93:e0:
96:b4:59:7a:c8:c5:1b:1a:8d:4e:36:56:64:98:c5:
08:e2:a2:dd:5d:1b:b7:32:57:15:56:f0:2b:34:e2:
bc:92:db:73:8a:35:cf:8d:38:30:d6:5d:05:10:5d:
c4:92:9f:58:de:e1:eb:7c:72:26:98:d1:4d:66:e9:
26:6c:80:d8:77:43:05:67:83:2d:cc:09:34:9d:d9:
55:54:07:ec:98:ad:73:07:6c:e9:c5:9c:d8:0c:df:
94:0d:ae:52:e4:0d:13:f9:cf:06:af:58:47:c2:a4:
6e:88:9e:8a:1b:bc:9e:4a:44:9c:df:71:17:90:63:
73:21:66:dd:b1:0b:af:21:f6:cb:37:70:83:b1:bf:
70:60:a3:d9:85:5d:82:17:7b:d4:65:14:28:fe:a6:
e1:ed:f5:79:02:93:6f:e1:88:fc:cb:0b:5d:10:6a:
0e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:64:E4:61:9E:A6:F5:2E:20:CC:26:C9:EC:54:80:1F:ED:98:D3:FE
X509v3 Authority Key Identifier:
keyid:9A:92:D3:07:08:B9:D4:E8:C7:C2:8C:97:F8:03:7C:80:27:14:4C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mpLTBwi51OjHwoyX-AN8gCcUTEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/c937be-f5b1-43c6-9587-4e06621bd98a/1/_2TkYZ6m9S4gzCbJ7FSAH-2Y0_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/c937be-f5b1-43c6-9587-4e06621bd98a/1/mpLTBwi51OjHwoyX-AN8gCcUTEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.224.0/21
82.114.64.0/19
178.132.216.0/21
185.67.176.0/22
185.190.132.0/22
IPv6:
2a04:3080::/29
Signature Algorithm: sha256WithRSAEncryption
0d:97:06:17:1c:e8:81:5a:8b:41:a6:99:0d:03:c0:e7:c0:a9:
0f:21:2c:16:7c:ed:bb:42:a2:59:8a:b7:23:62:5e:83:b6:04:
55:f6:73:74:9c:c9:5d:06:05:48:d9:4c:3e:e8:01:8e:cb:a4:
83:48:27:46:46:dd:f1:d7:28:f5:ca:77:40:24:b5:6f:0b:52:
75:08:dd:ac:3e:8e:9b:b6:b9:02:65:e9:b9:eb:95:4f:33:f9:
36:e8:7d:02:67:d8:00:c1:35:69:2b:88:fd:1e:fd:e6:ab:23:
4d:09:bc:53:c0:a6:85:78:aa:40:f2:91:ce:2c:47:70:c6:7e:
c5:5b:7e:b5:73:ed:71:7f:c2:59:da:38:de:45:a3:da:50:62:
c1:7e:e0:4d:14:82:de:2d:10:85:e4:23:d1:d1:06:4b:58:14:
55:ba:37:41:44:5b:00:59:f5:35:c5:f3:38:3a:b7:de:3f:fb:
62:fe:e4:f9:f5:46:b2:96:6a:56:94:c5:6e:95:fc:5c:82:3c:
ec:5c:d7:69:36:76:86:1f:5c:81:00:70:be:05:d2:3b:27:fb:
5c:61:44:26:11:ee:ed:26:80:36:67:53:f7:3f:ce:b5:48:bc:
98:72:f0:d4:08:f1:73:68:10:3e:d6:4e:9a:98:ec:38:6f:77:
b8:96:c2:69
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZt8gJDf0VfW6SmWFTIzOHg9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhOTJkMzA3MDhiOWQ0ZThjN2MyOGM5N2Y4MDM3YzgwMjcx
NDRjNDcwHhcNMjYwMTAyMDIxOTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjY0ZTQ2MTllYTZmNTJlMjBjYzI2YzllYzU0ODAxZmVkOThkM2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZF5rNcpSf5MmiU+m6AZFdRVw8UL
QbPJfVzrkys2z8I8R/c1PCGGp8Cr43QPA9WnvMl88KVAgH/KyF38P5sn8OGl2wvz
OqBpIGeEr+YsR4vFgpgd9rr0k+CWtFl6yMUbGo1ONlZkmMUI4qLdXRu3MlcVVvAr
NOK8kttzijXPjTgw1l0FEF3Ekp9Y3uHrfHImmNFNZukmbIDYd0MFZ4MtzAk0ndlV
VAfsmK1zB2zpxZzYDN+UDa5S5A0T+c8Gr1hHwqRuiJ6KG7yeSkSc33EXkGNzIWbd
sQuvIfbLN3CDsb9wYKPZhV2CF3vUZRQo/qbh7fV5ApNv4Yj8ywtdEGoOXQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFP9k5GGepvUuIMwmyexUgB/tmNP+MB8GA1UdIwQY
MBaAFJqS0wcIudTox8KMl/gDfIAnFExHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXBMVEJ3aTUxT2pId295WC1BTjhnQ2NVVEVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jOTM3YmUtZjViMS00M2M2LTk1ODct
NGUwNjYyMWJkOThhLzEvXzJUa1laNm05UzRnekNiSjdGU0FILTJZMF80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jOTM3YmUtZjViMS00M2M2LTk1ODctNGUwNjYyMWJkOThh
LzEvbXBMVEJ3aTUxT2pId295WC1BTjhnQ2NVVEVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDLhPgAwQF
UnJAAwQDsoTYAwQCuUOwAwQCub6EMA0EAgACMAcDBQMqBDCAMA0GCSqGSIb3DQEB
CwUAA4IBAQANlwYXHOiBWotBppkNA8DnwKkPISwWfO27QqJZircjYl6DtgRV9nN0
nMldBgVI2Uw+6AGOy6SDSCdGRt3x1yj1yndAJLVvC1J1CN2sPo6btrkCZem565VP
M/k26H0CZ9gAwTVpK4j9Hv3mqyNNCbxTwKaFeKpA8pHOLEdwxn7FW361c+1xf8JZ
2jjeRaPaUGLBfuBNFILeLRCF5CPR0QZLWBRVujdBRFsAWfU1xfM4OrfeP/ti/uT5
9UaylmpWlMVulfxcgjzsXNdpNnaGH1yBAHC+BdI7J/tcYUQmEe7tJoA2Z1P3P861
SLyYcvDUCPFzaBA+1k6amOw4b3e4lsJp
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:35:16 2026 by rpki-client