Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/VMv0dRf33W1wrs_OpoB6KztNOWI.roa
File: VMv0dRf33W1wrs_OpoB6KztNOWI.roa (raw, json)
Hash identifier: aWZFboenFph6+NpGEetbi88BDQtRIqEXfVrgP4t3tHI=
Subject key identifier: 54:CB:F4:75:17:F7:DD:6D:70:AE:CF:CE:A6:80:7A:2B:3B:4D:39:62
Certificate issuer: /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Certificate serial: 019C7C4ADE6A42EA0892E2726E180CAB24FD
Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/VMv0dRf33W1wrs_OpoB6KztNOWI.roa
Signing time: Fri 20 Feb 2026 18:23:27 +0000
ROA not before: Fri 20 Feb 2026 18:23:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34304
IP address blocks: 86.107.57.0/24 maxlen: 24
86.107.60.0/23 maxlen: 23
89.35.224.0/24 maxlen: 24
89.35.229.0/24 maxlen: 24
89.35.232.0/24 maxlen: 24
89.35.235.0/24 maxlen: 24
89.35.236.0/24 maxlen: 24
89.35.238.0/24 maxlen: 24
89.47.0.0/24 maxlen: 24
89.47.12.0/24 maxlen: 24
89.47.14.0/24 maxlen: 24
188.211.164.0/23 maxlen: 23
193.138.192.0/23 maxlen: 23
193.138.194.0/24 maxlen: 24
2a05:8880::/30 maxlen: 30
2a05:8884::/30 maxlen: 30
2a0f:55c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:7c:4a:de:6a:42:ea:08:92:e2:72:6e:18:0c:ab:24:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Validity
Not Before: Feb 20 18:23:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=54cbf47517f7dd6d70aecfcea6807a2b3b4d3962
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:d7:3e:b9:56:dc:e2:df:d4:83:9d:0e:52:f0:
aa:8b:67:32:01:10:4d:c3:ff:e4:d2:7a:c1:30:15:
94:df:92:4e:fe:c2:a2:40:9a:9f:d6:b6:2d:7c:69:
fd:99:25:bd:a1:cc:6a:b3:39:87:71:26:fa:f9:af:
27:65:6a:1c:3d:a1:28:50:98:53:e0:96:bf:80:34:
38:97:85:17:b8:e4:d6:75:e7:b6:a8:da:43:82:c0:
d6:30:37:5c:75:86:32:5a:f8:9c:96:ca:5c:1b:2d:
1e:c7:5b:6a:8d:c7:a9:d9:7e:2c:a2:28:c5:4f:db:
b7:5b:43:87:3d:e7:8f:f8:20:0c:a7:8d:e6:b5:55:
8b:84:09:36:35:1c:94:49:e8:d5:4c:23:b7:0e:a5:
4c:b8:6e:fa:e2:f7:69:8d:c2:f7:67:b1:ec:54:4d:
7e:5d:ca:f6:dc:fb:d2:a2:38:76:ec:d0:b3:05:6c:
7e:b1:1b:4e:d0:1c:fb:03:51:4c:d8:b4:9d:d7:af:
66:49:a0:2c:42:90:e1:c5:3e:01:7a:cf:5e:2e:ef:
48:81:73:a7:8a:09:5e:12:3f:0c:12:05:18:2c:ab:
07:fa:d8:fd:6d:8b:82:cf:21:93:5c:22:25:f4:98:
8b:9c:a5:fd:17:68:a1:9b:52:53:5a:34:99:89:72:
85:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:CB:F4:75:17:F7:DD:6D:70:AE:CF:CE:A6:80:7A:2B:3B:4D:39:62
X509v3 Authority Key Identifier:
keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/VMv0dRf33W1wrs_OpoB6KztNOWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.57.0/24
86.107.60.0/23
89.35.224.0/24
89.35.229.0/24
89.35.232.0/24
89.35.235.0-89.35.236.255
89.35.238.0/24
89.47.0.0/24
89.47.12.0/24
89.47.14.0/24
188.211.164.0/23
193.138.192.0-193.138.194.255
IPv6:
2a05:8880::/29
2a0f:55c0::/29
Signature Algorithm: sha256WithRSAEncryption
56:cc:61:e1:b4:34:74:d8:b4:ef:40:b5:cd:75:93:06:3a:d4:
18:39:44:b6:58:2c:86:d2:8d:ce:c4:1b:fd:de:35:00:b9:52:
82:4c:35:7a:1f:77:85:13:08:cd:67:19:e1:46:48:a4:39:b3:
d1:41:a1:3d:3a:23:b5:2f:43:16:72:b2:ee:37:70:e5:2b:53:
a8:57:df:55:0b:1a:2d:e8:91:16:14:3b:c3:6c:6c:16:6e:27:
ce:93:3a:fd:43:52:2d:f0:34:a3:90:84:46:9d:da:7a:40:28:
e6:d6:9b:e6:21:a7:74:e0:2a:54:1d:df:ef:46:9c:11:b1:aa:
b7:88:31:be:76:e2:e4:2c:cc:71:e5:a5:59:74:fe:40:cf:7e:
df:e2:62:d8:db:54:17:04:78:ab:3b:dc:a4:97:17:85:80:99:
e6:19:f7:bf:d1:24:b0:48:89:97:0b:8c:b2:97:a0:bd:b9:4e:
d4:c3:d8:23:ce:3d:bb:9e:cb:98:13:3a:76:05:26:1a:7b:99:
97:64:08:52:ab:5d:1c:50:63:43:7b:0f:17:0e:ae:23:d5:2f:
28:b9:27:51:3f:00:5e:73:3f:e4:dd:93:c3:bc:d4:85:a9:66:
c0:f1:e2:c8:ff:30:0d:28:d3:b9:05:79:3c:80:19:4b:72:8c:
94:50:d2:71
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZx8St5qQuoIkuJybhgMqyT9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4
NWZmOGMwHhcNMjYwMjIwMTgyMzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGNiZjQ3NTE3ZjdkZDZkNzBhZWNmY2VhNjgwN2EyYjNiNGQzOTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA39c+uVbc4t/Ug50OUvCqi2cyARBN
w//k0nrBMBWU35JO/sKiQJqf1rYtfGn9mSW9ocxqszmHcSb6+a8nZWocPaEoUJhT
4Ja/gDQ4l4UXuOTWdee2qNpDgsDWMDdcdYYyWviclspcGy0ex1tqjcep2X4soijF
T9u3W0OHPeeP+CAMp43mtVWLhAk2NRyUSejVTCO3DqVMuG764vdpjcL3Z7HsVE1+
Xcr23PvSojh27NCzBWx+sRtO0Bz7A1FM2LSd169mSaAsQpDhxT4Bes9eLu9IgXOn
igleEj8MEgUYLKsH+tj9bYuCzyGTXCIl9JiLnKX9F2ihm1JTWjSZiXKFowIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFFTL9HUX991tcK7PzqaAeis7TTliMB8GA1UdIwQY
MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt
MjVkYmY0MzgwNGM1LzEvVk12MGRSZjMzVzF3cnNfT3BvQjZLenROT1dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1
LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwXgQCAAEwWAMEAFZrOQME
AVZrPAMEAFkj4AMEAFkj5QMEAFkj6DAMAwQAWSPrAwQAWSPsAwQAWSPuAwQAWS8A
AwQAWS8MAwQAWS8OAwQBvNOkMAwDBAbBisADBADBisIwFAQCAAIwDgMFAyoFiIAD
BQMqD1XAMA0GCSqGSIb3DQEBCwUAA4IBAQBWzGHhtDR02LTvQLXNdZMGOtQYOUS2
WCyG0o3OxBv93jUAuVKCTDV6H3eFEwjNZxnhRkikObPRQaE9OiO1L0MWcrLuN3Dl
K1OoV99VCxot6JEWFDvDbGwWbifOkzr9Q1It8DSjkIRGndp6QCjm1pvmIad04CpU
Hd/vRpwRsaq3iDG+duLkLMxx5aVZdP5Az37f4mLY21QXBHirO9yklxeFgJnmGfe/
0SSwSImXC4yyl6C9uU7Uw9gjzj27nsuYEzp2BSYae5mXZAhSq10cUGNDew8XDq4j
1S8ouSdRPwBecz/k3ZPDvNSFqWbA8eLI/zANKNO5BXk8gBlLcoyUUNJx
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:04:06 2026 by rpki-client