Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/lN94pD7ai5OUJubsRp4mNzHp4U0.roa
File: lN94pD7ai5OUJubsRp4mNzHp4U0.roa (raw, json)
Hash identifier: Kg4NFToY9jwNR516lKmTZhRo725Vd2ZsUfAcCos3+og=
Subject key identifier: 94:DF:78:A4:3E:DA:8B:93:94:26:E6:EC:46:9E:26:37:31:E9:E1:4D
Certificate issuer: /CN=0ae4bc9401d9f87772c8c9c69834077512f42611
Certificate serial: 019C8B1F8DE5D4CE89D8E4C4A0291153F63B
Authority key identifier: 0A:E4:BC:94:01:D9:F8:77:72:C8:C9:C6:98:34:07:75:12:F4:26:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/lN94pD7ai5OUJubsRp4mNzHp4U0.roa
Signing time: Mon 23 Feb 2026 15:30:26 +0000
ROA not before: Mon 23 Feb 2026 15:30:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49791
IP address blocks: 81.85.73.0/24 maxlen: 24
185.5.74.0/24 maxlen: 24
185.9.27.0/24 maxlen: 24
185.28.175.0/24 maxlen: 24
213.155.29.0/24 maxlen: 24
217.179.50.0/24 maxlen: 24
217.179.51.0/24 maxlen: 24
2a11:2cc0:12::/47 maxlen: 47
2a11:2cc0:14::/47 maxlen: 47
2a11:2cc0:16::/47 maxlen: 47
2a11:2cc0:18::/47 maxlen: 47
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.mft
rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 10:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8b:1f:8d:e5:d4:ce:89:d8:e4:c4:a0:29:11:53:f6:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ae4bc9401d9f87772c8c9c69834077512f42611
Validity
Not Before: Feb 23 15:30:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=94df78a43eda8b939426e6ec469e263731e9e14d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:43:83:77:28:92:56:68:68:ef:d9:07:54:37:
13:77:57:38:99:9e:ab:5d:18:86:b9:e9:46:e4:7b:
57:d1:8a:48:10:ac:97:71:e6:f4:a9:50:37:20:f2:
95:b7:fd:92:c6:a5:8a:2a:b7:54:b6:9d:1b:af:15:
d4:94:7a:85:f7:f7:3e:0a:db:05:ad:6b:10:b3:a8:
f1:ca:f7:cc:2d:0f:b3:78:dd:dc:c7:5b:b0:e5:13:
8b:83:20:63:9c:1f:bf:bf:86:3e:27:25:e7:a7:b9:
e3:bb:06:de:ef:45:fe:30:98:43:9b:8f:91:a0:f8:
45:33:71:ea:73:2a:b6:9d:d3:e3:df:bc:40:2b:b8:
13:5a:2b:f2:7d:c1:b0:50:da:79:47:b8:4c:fb:9f:
93:df:a5:08:29:c5:20:38:5c:7d:a5:9e:96:f1:14:
2e:a0:8d:bb:3d:28:1c:1d:b5:32:8a:f5:38:5e:fe:
fc:4f:7a:23:0d:fb:1c:ba:7e:23:52:bb:4c:80:bc:
d6:d0:d4:8c:2e:71:5b:cf:1c:0e:3f:30:5b:00:df:
9a:74:07:dc:83:a3:7c:ad:05:50:c5:26:b7:00:72:
c5:9e:f8:dc:11:3a:fd:03:24:b0:11:33:1c:ac:92:
b8:51:67:a8:df:02:27:79:a7:1a:b6:21:66:91:e4:
30:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:DF:78:A4:3E:DA:8B:93:94:26:E6:EC:46:9E:26:37:31:E9:E1:4D
X509v3 Authority Key Identifier:
keyid:0A:E4:BC:94:01:D9:F8:77:72:C8:C9:C6:98:34:07:75:12:F4:26:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/lN94pD7ai5OUJubsRp4mNzHp4U0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.85.73.0/24
185.5.74.0/24
185.9.27.0/24
185.28.175.0/24
213.155.29.0/24
217.179.50.0/23
IPv6:
2a11:2cc0:12::-2a11:2cc0:19:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6b:43:84:6e:30:7b:6e:06:a4:8b:31:82:2b:69:2f:b1:9a:c7:
2d:60:eb:9c:2d:c8:90:13:67:a4:b5:a9:08:8e:02:3d:cd:ff:
d4:f9:fc:f8:a6:f9:1c:87:a3:5f:89:f0:e2:b3:68:11:fa:2f:
b6:93:29:48:0e:d6:a7:0b:57:01:ef:4a:61:05:f5:eb:c7:32:
6d:09:0e:e9:aa:01:64:80:45:d6:a0:1b:1d:b7:bf:f6:d0:87:
c9:cf:9f:6d:fb:ff:52:65:54:ec:7e:3d:d0:67:7a:00:d9:31:
0b:59:4a:1b:b8:2d:0c:91:7a:76:74:97:bc:8c:9b:18:89:19:
42:a2:8e:9c:22:31:bc:61:4d:78:34:6b:83:ce:7d:b6:6f:b2:
cb:75:70:67:4d:21:cc:00:a9:aa:69:33:1d:8f:d7:e9:f1:f6:
80:5d:5f:ed:8a:12:d1:1f:bc:d5:0c:8c:0d:e5:3f:9d:e9:7d:
1a:28:2f:bd:b1:d3:30:61:cd:7a:7a:f2:7f:74:c7:1d:11:a3:
1d:05:cb:38:4d:d7:b6:1a:e9:7f:7e:d8:5c:95:1b:da:a1:49:
a3:5c:68:59:6b:5f:64:77:57:20:26:c3:43:4d:4b:df:99:13:
52:86:23:b2:fe:14:50:3b:32:7d:e7:37:ec:14:72:6f:9f:b6:
0d:23:3a:7d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZyLH43l1M6J2OTEoCkRU/Y7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZTRiYzk0MDFkOWY4Nzc3MmM4YzljNjk4MzQwNzc1MTJm
NDI2MTEwHhcNMjYwMjIzMTUzMDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGRmNzhhNDNlZGE4YjkzOTQyNmU2ZWM0NjllMjYzNzMxZTllMTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUODdyiSVmho79kHVDcTd1c4mZ6r
XRiGuelG5HtX0YpIEKyXceb0qVA3IPKVt/2SxqWKKrdUtp0brxXUlHqF9/c+CtsF
rWsQs6jxyvfMLQ+zeN3cx1uw5ROLgyBjnB+/v4Y+JyXnp7njuwbe70X+MJhDm4+R
oPhFM3Hqcyq2ndPj37xAK7gTWivyfcGwUNp5R7hM+5+T36UIKcUgOFx9pZ6W8RQu
oI27PSgcHbUyivU4Xv78T3ojDfscun4jUrtMgLzW0NSMLnFbzxwOPzBbAN+adAfc
g6N8rQVQxSa3AHLFnvjcETr9AySwETMcrJK4UWeo3wIneacatiFmkeQw1wIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFJTfeKQ+2ouTlCbm7EaeJjcx6eFNMB8GA1UdIwQY
MBaAFArkvJQB2fh3csjJxpg0B3US9CYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3VTOGxBSFotSGR5eU1uR21EUUhkUkwwSmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9hNDA3YTAtOGJjMS00NDE2LTk0Mzct
MjQyNDY2ODJiZjAwLzEvbE45NHBEN2FpNU9VSnVic1JwNG1OekhwNFUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9hNDA3YTAtOGJjMS00NDE2LTk0MzctMjQyNDY2ODJiZjAw
LzEvQ3VTOGxBSFotSGR5eU1uR21EUUhkUkwwSmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAqBAIAATAkAwQAUVVJAwQA
uQVKAwQAuQkbAwQAuRyvAwQA1ZsdAwQB2bMyMBoEAgACMBQwEgMHASoRLMAAEgMH
ASoRLMAAGDANBgkqhkiG9w0BAQsFAAOCAQEAa0OEbjB7bgakizGCK2kvsZrHLWDr
nC3IkBNnpLWpCI4CPc3/1Pn8+Kb5HIejX4nw4rNoEfovtpMpSA7WpwtXAe9KYQX1
68cybQkO6aoBZIBF1qAbHbe/9tCHyc+fbfv/UmVU7H490Gd6ANkxC1lKG7gtDJF6
dnSXvIybGIkZQqKOnCIxvGFNeDRrg859tm+yy3VwZ00hzACpqmkzHY/X6fH2gF1f
7YoS0R+81QyMDeU/nel9GigvvbHTMGHNenryf3THHRGjHQXLOE3Xthrpf37YXJUb
2qFJo1xoWWtfZHdXICbDQ01L35kTUoYjsv4UUDsyfec37BRyb5+2DSM6fQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:10:20 2026 by rpki-client