Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2MmhSdiOD-dkYwMRQio3Ik_5LaQ.roa
File: 2MmhSdiOD-dkYwMRQio3Ik_5LaQ.roa (raw, json)
Hash identifier: 6O1Fz1l0oKZZjnAM5vkBd0WIVfIb0/Ecn5vUCtUu3wI=
Subject key identifier: D8:C9:A1:49:D8:8E:0F:E7:64:63:03:11:42:2A:37:22:4F:F9:2D:A4
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019C852879D6488CE3B6C21A65FFB95358F0
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2MmhSdiOD-dkYwMRQio3Ik_5LaQ.roa
Signing time: Sun 22 Feb 2026 11:42:28 +0000
ROA not before: Sun 22 Feb 2026 11:42:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204203
IP address blocks: 94.183.238.0/24 maxlen: 24
94.183.239.0/24 maxlen: 24
217.60.241.0/24 maxlen: 24
217.60.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:85:28:79:d6:48:8c:e3:b6:c2:1a:65:ff:b9:53:58:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 22 11:42:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d8c9a149d88e0fe764630311422a37224ff92da4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:41:92:e5:07:9c:7c:b4:02:5c:71:71:1d:bc:
9f:15:e5:02:67:db:eb:c4:1d:d4:49:0c:a8:98:5b:
e5:c6:97:0d:f1:a7:66:c7:d8:08:e5:4f:16:ae:29:
a0:57:62:b8:91:16:15:09:1b:83:cc:54:45:a1:a8:
58:a2:ed:16:a9:de:c1:12:4d:7d:d9:5b:81:a8:9b:
3c:89:17:45:ac:aa:1b:47:a1:e0:08:6e:78:3f:ad:
a8:82:fd:59:9e:55:12:af:ac:ef:98:ef:4d:53:ef:
92:00:c3:46:90:51:0e:5f:bf:5f:9d:01:03:5f:e9:
20:24:ff:ed:9a:f3:65:cc:27:6e:b9:21:f7:2f:b1:
23:34:73:78:f3:2c:31:73:46:b1:89:24:1b:bd:cf:
c4:7c:db:d7:e2:e1:df:ed:e4:ca:1c:7d:a8:c7:87:
07:d8:00:77:5c:22:ff:2f:8e:dc:ed:9b:7c:c6:67:
be:01:92:5b:52:c6:da:f2:c9:1f:b3:53:57:46:6c:
8f:18:54:44:c6:e2:59:48:77:a6:db:fd:3f:8e:64:
5d:ba:31:d9:8e:e7:47:4d:45:6b:7a:07:ee:65:bd:
1b:24:7d:4e:ba:6b:47:93:11:96:04:74:db:dc:a1:
fc:25:66:14:b3:b2:fa:4c:1a:a5:d3:9e:c9:79:df:
9b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:C9:A1:49:D8:8E:0F:E7:64:63:03:11:42:2A:37:22:4F:F9:2D:A4
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2MmhSdiOD-dkYwMRQio3Ik_5LaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.183.238.0/23
217.60.241.0/24
217.60.255.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:7b:4c:6e:00:63:ea:22:6f:7d:c4:77:6b:6e:72:9f:93:59:
b2:5e:d0:b1:0c:44:f0:8a:98:9b:f1:54:2a:4c:ec:ad:03:4e:
c5:9b:95:0f:fa:6b:de:a5:24:f8:3a:48:94:54:eb:07:87:4f:
59:f8:26:7d:8c:1a:f4:76:ea:cd:e3:9f:35:4e:c9:1b:7a:37:
e2:e1:cb:2a:9f:e5:94:94:7b:a2:46:c1:38:f0:8b:a6:27:a4:
cd:7b:99:ae:87:ae:22:5d:7b:62:b6:5f:98:b3:3b:97:14:8a:
3a:48:2b:ad:a5:85:12:f2:e6:1c:b6:24:e1:58:e8:19:1b:38:
41:c5:33:93:f9:c3:42:b2:41:a5:e2:b6:d0:fa:5e:0d:05:5c:
43:4a:5c:74:e2:7f:44:de:e1:11:d4:87:9b:f1:62:f9:1e:f3:
18:fe:f2:45:88:cd:d1:ee:19:34:0d:03:18:7a:f0:02:c8:82:
2f:0f:a5:0c:f5:c8:d5:5b:12:34:c2:c2:a1:c9:ca:bb:8f:02:
ed:df:68:61:b7:d7:e0:b6:cc:5f:59:8d:17:23:28:03:30:10:
20:92:4a:59:06:38:3b:bf:e4:bf:39:8a:63:54:3a:2d:56:c9:
71:23:f4:4c:5c:d1:89:d4:fb:4b:05:00:8c:69:bf:d1:9c:42:
5e:3e:f5:c4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZyFKHnWSIzjtsIaZf+5U1jwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwMjIyMTE0MjI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGM5YTE0OWQ4OGUwZmU3NjQ2MzAzMTE0MjJhMzcyMjRmZjkyZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3kGS5QecfLQCXHFxHbyfFeUCZ9vr
xB3USQyomFvlxpcN8admx9gI5U8WrimgV2K4kRYVCRuDzFRFoahYou0Wqd7BEk19
2VuBqJs8iRdFrKobR6HgCG54P62ogv1ZnlUSr6zvmO9NU++SAMNGkFEOX79fnQED
X+kgJP/tmvNlzCduuSH3L7EjNHN48ywxc0axiSQbvc/EfNvX4uHf7eTKHH2ox4cH
2AB3XCL/L47c7Zt8xme+AZJbUsba8skfs1NXRmyPGFRExuJZSHem2/0/jmRdujHZ
judHTUVregfuZb0bJH1OumtHkxGWBHTb3KH8JWYUs7L6TBql057Jed+bcwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNjJoUnYjg/nZGMDEUIqNyJP+S2kMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMk1taFNkaU9ELWRrWXdNUlFpbzNJa181TGFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBXrfuAwQA
2TzxAwQA2Tz/MA0GCSqGSIb3DQEBCwUAA4IBAQAqe0xuAGPqIm99xHdrbnKfk1my
XtCxDETwipib8VQqTOytA07Fm5UP+mvepST4OkiUVOsHh09Z+CZ9jBr0durN4581
Tskbejfi4csqn+WUlHuiRsE48IumJ6TNe5muh64iXXtitl+YszuXFIo6SCutpYUS
8uYctiThWOgZGzhBxTOT+cNCskGl4rbQ+l4NBVxDSlx04n9E3uER1Ieb8WL5HvMY
/vJFiM3R7hk0DQMYevACyIIvD6UM9cjVWxI0wsKhycq7jwLt32hht9fgtsxfWY0X
IygDMBAgkkpZBjg7v+S/OYpjVDotVslxI/RMXNGJ1PtLBQCMab/RnEJePvXE
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:58:52 2026 by rpki-client