Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/1-YiwDlKFBxGb2e2Dvmn2c5gTaHc.roa
File: 1-YiwDlKFBxGb2e2Dvmn2c5gTaHc.roa (raw, json)
Hash identifier: EVlUjl6B4+nNXBgJv+rSbybfYcEg0r9/JFLR7ql/4Zk=
Subject key identifier: F9:88:B0:0E:52:85:07:11:9B:D9:ED:83:BE:69:F6:73:98:13:68:77
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 019C706685D9B1957E8BF349F97724D70366
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/1-YiwDlKFBxGb2e2Dvmn2c5gTaHc.roa
Signing time: Wed 18 Feb 2026 10:58:12 +0000
ROA not before: Wed 18 Feb 2026 10:58:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204650
IP address blocks: 37.32.40.0/24 maxlen: 24
37.32.44.0/24 maxlen: 24
37.32.45.0/24 maxlen: 24
185.243.50.0/24 maxlen: 24
2a00:7040::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:70:66:85:d9:b1:95:7e:8b:f3:49:f9:77:24:d7:03:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Feb 18 10:58:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f988b00e528507119bd9ed83be69f67398136877
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:73:aa:3d:7f:26:40:1d:f6:41:4e:06:79:e9:
45:60:82:5c:f4:b3:e5:b8:73:52:4f:7d:13:47:c1:
26:f7:70:77:82:e4:0e:30:50:fa:eb:ff:a2:c4:02:
52:a1:e3:4f:8a:d9:0c:39:bc:fb:72:3f:81:81:e0:
ed:f9:3f:40:f7:f4:5a:10:19:8b:e7:a8:85:f6:a7:
cd:59:5a:eb:44:0d:9c:61:7d:60:8c:b4:bb:a3:9a:
a6:5d:0a:f2:1b:3b:c6:c0:f0:1b:3c:81:52:b0:31:
04:45:26:7a:5d:d4:da:30:70:85:e8:16:be:51:63:
93:45:62:9f:15:54:c2:0f:37:3d:59:c5:37:7d:0a:
42:7f:02:1f:51:29:22:42:f5:32:de:11:d7:82:63:
40:d7:70:15:aa:08:8d:78:1a:e0:ff:1d:9a:de:5e:
7c:9c:fe:37:48:f0:9b:ee:73:eb:39:2e:45:f1:72:
06:47:09:06:2c:dc:d3:27:54:32:ec:2d:ca:4f:c0:
91:63:da:0a:75:74:2e:6f:14:21:d8:24:dc:e4:0b:
04:bd:b1:92:4b:3b:a4:97:37:07:12:ce:ff:b4:1d:
bf:a3:7d:ef:ba:05:ef:ed:dc:85:b2:cf:c7:5a:3f:
40:91:a2:46:84:8d:1f:d2:89:e0:de:8d:4a:7f:9c:
51:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:88:B0:0E:52:85:07:11:9B:D9:ED:83:BE:69:F6:73:98:13:68:77
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/1-YiwDlKFBxGb2e2Dvmn2c5gTaHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.40.0/24
37.32.44.0/23
185.243.50.0/24
IPv6:
2a00:7040::/32
Signature Algorithm: sha256WithRSAEncryption
a6:c2:9b:4d:97:e6:d9:cb:8b:95:00:20:c9:61:f4:1d:f6:76:
40:1a:e6:7c:1a:34:bb:45:b8:14:c8:65:f4:3b:11:17:6b:39:
74:bc:49:56:62:a3:bc:5f:5a:f5:6c:41:f5:0a:5d:84:f3:3e:
52:81:14:14:69:8d:3d:08:1b:8c:03:6c:85:1f:06:d9:93:4f:
a3:7c:cf:a4:5c:cd:e3:d6:ca:ba:f6:e9:f5:23:03:be:0b:d6:
2e:05:4d:d3:92:88:a6:cd:ca:85:4d:3b:39:5e:50:d3:57:8b:
7e:f2:9f:05:1a:75:78:65:5e:8d:a0:a6:de:97:a7:e8:f4:3d:
e7:82:d4:30:3c:96:5b:45:66:9e:a0:b3:32:60:95:5c:5b:bc:
05:04:45:ab:aa:16:89:eb:aa:ed:53:03:23:32:d5:00:0d:52:
35:44:59:e7:6f:4b:da:b2:92:cf:5a:60:36:90:49:bd:3b:24:
d4:49:a9:2c:43:e0:2f:7d:7a:3f:b6:54:6e:77:ff:8e:9e:a8:
bf:a9:8e:77:53:d5:86:e9:42:23:ab:65:34:5f:75:78:62:28:
4f:b0:b3:b0:6a:2b:c1:6e:7c:f9:df:8e:09:69:bd:b7:d2:92:
fb:b1:11:13:9c:9e:43:72:83:ce:9b:52:96:65:fb:b2:fa:f6:
50:13:64:8e
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZxwZoXZsZV+i/NJ+Xck1wNmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjYwMjE4MTA1ODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTg4YjAwZTUyODUwNzExOWJkOWVkODNiZTY5ZjY3Mzk4MTM2ODc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHOqPX8mQB32QU4GeelFYIJc9LPl
uHNST30TR8Em93B3guQOMFD66/+ixAJSoeNPitkMObz7cj+BgeDt+T9A9/RaEBmL
56iF9qfNWVrrRA2cYX1gjLS7o5qmXQryGzvGwPAbPIFSsDEERSZ6XdTaMHCF6Ba+
UWOTRWKfFVTCDzc9WcU3fQpCfwIfUSkiQvUy3hHXgmNA13AVqgiNeBrg/x2a3l58
nP43SPCb7nPrOS5F8XIGRwkGLNzTJ1Qy7C3KT8CRY9oKdXQubxQh2CTc5AsEvbGS
SzuklzcHEs7/tB2/o33vugXv7dyFss/HWj9AkaJGhI0f0ong3o1Kf5xRdQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPmIsA5ShQcRm9ntg75p9nOYE2h3MB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvMS1ZaXdEbEtGQnhHYjJlMkR2bW4yYzVnVGFIYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTIvODQ0ZWViLWNkZjEtNDdmMS1iY2ZhLTk4OTE2Njg4MTk2
OS8xLzhUVXpPWjlWNjFMbXNpQU1mSzVDY3JkTlpHUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEACUgKAME
ASUgLAMEALnzMjANBAIAAjAHAwUAKgBwQDANBgkqhkiG9w0BAQsFAAOCAQEApsKb
TZfm2cuLlQAgyWH0HfZ2QBrmfBo0u0W4FMhl9DsRF2s5dLxJVmKjvF9a9WxB9Qpd
hPM+UoEUFGmNPQgbjANshR8G2ZNPo3zPpFzN49bKuvbp9SMDvgvWLgVN05KIps3K
hU07OV5Q01eLfvKfBRp1eGVejaCm3pen6PQ954LUMDyWW0VmnqCzMmCVXFu8BQRF
q6oWieuq7VMDIzLVAA1SNURZ529L2rKSz1pgNpBJvTsk1EmpLEPgL316P7ZUbnf/
jp6ov6mOd1PVhulCI6tlNF91eGIoT7CzsGorwW58+d+OCWm9t9KS+7ERE5yeQ3KD
zptSlmX7svr2UBNkjg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:57:02 2026 by rpki-client