Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/t5Q7vrW58nKQv7ViLBmnIpgythA.roa
File: t5Q7vrW58nKQv7ViLBmnIpgythA.roa (raw, json)
Hash identifier: tC/8YcnfPYx2FNscpuKBKjRGEsp8wn5FWOkcN0h5Iug=
Subject key identifier: B7:94:3B:BE:B5:B9:F2:72:90:BF:B5:62:2C:19:A7:22:98:32:B6:10
Certificate issuer: /CN=f0c113413d0df5b8fa069011eeb109f067b5579a
Certificate serial: 019C424F359ADFFEFC639C656126ABBFFA8A
Authority key identifier: F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/t5Q7vrW58nKQv7ViLBmnIpgythA.roa
Signing time: Mon 09 Feb 2026 12:10:12 +0000
ROA not before: Mon 09 Feb 2026 12:10:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58172
IP address blocks: 85.116.176.0/24 maxlen: 24
85.116.177.0/24 maxlen: 24
85.116.178.0/24 maxlen: 24
85.116.179.0/24 maxlen: 24
85.116.180.0/24 maxlen: 24
85.116.181.0/24 maxlen: 24
85.116.183.0/24 maxlen: 24
85.116.184.0/24 maxlen: 24
85.116.185.0/24 maxlen: 24
85.116.186.0/23 maxlen: 23
85.116.188.0/23 maxlen: 23
85.116.190.0/24 maxlen: 24
85.116.191.0/24 maxlen: 24
91.132.148.0/24 maxlen: 24
91.132.149.0/24 maxlen: 24
91.132.150.0/24 maxlen: 24
91.132.151.0/24 maxlen: 24
91.239.101.0/24 maxlen: 24
128.127.96.0/24 maxlen: 24
128.127.97.0/24 maxlen: 24
128.127.98.0/24 maxlen: 24
128.127.99.0/24 maxlen: 24
128.127.100.0/24 maxlen: 24
128.127.101.0/24 maxlen: 24
128.127.102.0/24 maxlen: 24
128.127.103.0/24 maxlen: 24
178.20.176.0/24 maxlen: 24
178.20.177.0/24 maxlen: 24
178.20.178.0/24 maxlen: 24
178.20.179.0/24 maxlen: 24
178.20.180.0/24 maxlen: 24
178.20.181.0/24 maxlen: 24
178.20.182.0/24 maxlen: 24
178.20.183.0/24 maxlen: 24
2a04:3b00::/36 maxlen: 36
2a04:3b00:100::/48 maxlen: 48
2a04:3b00:1000::/37 maxlen: 37
2a04:3b00:1800::/37 maxlen: 37
2a04:3b00:2000::/37 maxlen: 37
2a04:3b00:2800::/37 maxlen: 37
2a04:3b00:3000::/37 maxlen: 37
2a04:3b00:3800::/37 maxlen: 37
2a04:3b00:4000::/37 maxlen: 37
2a04:3b00:4800::/37 maxlen: 37
2a04:3b00:5000::/37 maxlen: 37
2a04:3b00:5800::/37 maxlen: 37
2a04:3b00:6000::/37 maxlen: 37
2a04:3b00:6800::/37 maxlen: 37
2a04:3b00:7000::/37 maxlen: 37
2a04:3b00:7800::/37 maxlen: 37
2a04:3b00:8000::/37 maxlen: 37
2a04:3b00:8800::/37 maxlen: 37
2a04:3b00:9000::/37 maxlen: 37
2a04:3b00:9800::/37 maxlen: 37
2a04:3b00:a000::/37 maxlen: 37
2a04:3b01::/44 maxlen: 44
2a04:3b01:1800::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/8METQT0N9bj6BpAR7rEJ8Ge1V5o.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/8METQT0N9bj6BpAR7rEJ8Ge1V5o.mft
rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:42:4f:35:9a:df:fe:fc:63:9c:65:61:26:ab:bf:fa:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c113413d0df5b8fa069011eeb109f067b5579a
Validity
Not Before: Feb 9 12:10:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b7943bbeb5b9f27290bfb5622c19a7229832b610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a3:6c:c4:ef:35:a0:4e:d0:a0:12:59:2e:37:
2c:57:fe:e0:07:0d:15:4f:38:ac:53:a9:74:ac:7c:
b2:14:0c:a2:b4:44:06:50:ea:18:38:c6:e9:36:b3:
ad:48:54:f2:8c:67:96:a1:a2:cd:93:9d:fe:64:4e:
f0:08:27:ae:1b:b8:a3:4f:8b:cb:06:79:6c:38:21:
23:6f:1f:fc:a3:ba:b1:66:5e:74:dc:40:63:bf:f5:
47:4b:34:7c:c6:e7:ae:3a:cb:7f:b2:47:8c:93:06:
00:ba:10:78:62:c0:e0:15:8c:ae:4a:8e:1d:aa:26:
c4:a8:3b:e9:5d:fc:42:1c:83:17:a0:fc:d3:88:88:
42:3e:0a:18:92:32:8e:d0:9a:93:a7:93:19:00:4a:
10:ce:8e:75:a8:d5:c1:b5:c8:0a:bd:8d:ff:d2:a0:
4b:df:24:68:23:92:e6:8a:63:cb:12:7c:54:c0:0b:
dd:af:72:72:8a:e0:fd:b6:88:58:33:2a:ba:13:0b:
44:93:f7:14:3a:67:8b:38:50:33:4c:d7:2d:4f:e1:
c4:2c:1c:8f:c0:72:5d:69:26:d5:da:37:58:84:a5:
c1:bf:4d:83:1d:16:2a:7f:14:28:99:aa:1d:32:f5:
e7:e5:e4:28:6c:8a:c2:f9:67:ac:5d:19:c3:56:d5:
12:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:94:3B:BE:B5:B9:F2:72:90:BF:B5:62:2C:19:A7:22:98:32:B6:10
X509v3 Authority Key Identifier:
keyid:F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/t5Q7vrW58nKQv7ViLBmnIpgythA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/8METQT0N9bj6BpAR7rEJ8Ge1V5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.176.0-85.116.181.255
85.116.183.0-85.116.191.255
91.132.148.0/22
91.239.101.0/24
128.127.96.0/21
178.20.176.0/21
IPv6:
2a04:3b00::-2a04:3b00:a7ff:ffff:ffff:ffff:ffff:ffff
2a04:3b01::/44
2a04:3b01:1800::/44
Signature Algorithm: sha256WithRSAEncryption
4d:30:84:b9:a6:79:f1:0b:f0:df:3b:f0:34:8e:a0:22:23:be:
30:f9:64:1e:33:26:33:42:34:3d:73:f5:06:e3:39:a9:72:2e:
9b:38:e3:3f:eb:63:98:c5:61:4e:66:3e:1b:c8:91:ad:09:b9:
4a:21:b9:b0:fd:53:c9:22:8d:4b:91:09:e9:b8:4a:e0:85:b6:
04:34:e4:e1:12:90:62:52:2d:ac:64:59:44:a7:42:bf:5c:8d:
78:29:6c:2f:57:21:be:48:5f:5f:7f:cf:de:af:49:9c:d3:c4:
40:33:da:0a:73:b3:7f:e8:a5:97:33:40:01:23:b8:b1:ff:b8:
4e:b8:44:84:34:08:f7:f3:c5:5b:7f:f4:14:16:84:09:51:7e:
7a:07:8f:0a:51:00:c4:72:98:27:13:d0:a2:7f:43:01:89:21:
fa:2f:82:65:8e:83:63:47:df:f0:cb:a4:35:21:7b:18:15:e8:
aa:5b:3d:10:7b:47:59:7f:6c:4b:15:f3:51:39:de:eb:5b:ae:
3d:9f:5b:0f:b1:ce:ea:55:ca:e8:b2:03:43:a5:a8:32:21:6a:
37:de:c5:9a:6c:1b:9d:e5:20:3a:f5:a0:53:51:0f:11:5f:e0:
be:f6:b3:61:37:be:73:9c:64:c0:ef:e4:5d:ac:0f:99:92:57:
f0:61:e2:d1
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZxCTzWa3/78Y5xlYSarv/qKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzExMzQxM2QwZGY1YjhmYTA2OTAxMWVlYjEwOWYwNjdi
NTU3OWEwHhcNMjYwMjA5MTIxMDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzk0M2JiZWI1YjlmMjcyOTBiZmI1NjIyYzE5YTcyMjk4MzJiNjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaNsxO81oE7QoBJZLjcsV/7gBw0V
TzisU6l0rHyyFAyitEQGUOoYOMbpNrOtSFTyjGeWoaLNk53+ZE7wCCeuG7ijT4vL
BnlsOCEjbx/8o7qxZl503EBjv/VHSzR8xueuOst/skeMkwYAuhB4YsDgFYyuSo4d
qibEqDvpXfxCHIMXoPzTiIhCPgoYkjKO0JqTp5MZAEoQzo51qNXBtcgKvY3/0qBL
3yRoI5LmimPLEnxUwAvdr3JyiuD9tohYMyq6EwtEk/cUOmeLOFAzTNctT+HELByP
wHJdaSbV2jdYhKXBv02DHRYqfxQomaodMvXn5eQobIrC+WesXRnDVtUSDwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFLeUO761ufJykL+1YiwZpyKYMrYQMB8GA1UdIwQY
MBaAFPDBE0E9DfW4+gaQEe6xCfBntVeaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUt
NTAyNjFiMTE5MTZiLzEvdDVRN3ZyVzU4bktRdjdWaUxCbW5JcGd5dGhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUtNTAyNjFiMTE5MTZi
LzEvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjA6BAIAATA0MAwDBARVdLAD
BAFVdLQwDAMEAFV0twMEBlV0gAMEAluElAMEAFvvZQMEA4B/YAMEA7IUsDAoBAIA
AjAiMA4DBAAqBDsDBgMqBDsAoAMHBCoEOwEAAAMHBCoEOwEYADANBgkqhkiG9w0B
AQsFAAOCAQEATTCEuaZ58Qvw3zvwNI6gIiO+MPlkHjMmM0I0PXP1BuM5qXIumzjj
P+tjmMVhTmY+G8iRrQm5SiG5sP1TySKNS5EJ6bhK4IW2BDTk4RKQYlItrGRZRKdC
v1yNeClsL1chvkhfX3/P3q9JnNPEQDPaCnOzf+illzNAASO4sf+4TrhEhDQI9/PF
W3/0FBaECVF+egePClEAxHKYJxPQon9DAYkh+i+CZY6DY0ff8MukNSF7GBXoqls9
EHtHWX9sSxXzUTne61uuPZ9bD7HO6lXK6LIDQ6WoMiFqN97FmmwbneUgOvWgU1EP
EV/gvvazYTe+c5xkwO/kXawPmZJX8GHi0Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:08:15 2026 by rpki-client