Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/0ca287-3eef-414c-883a-081691257a26/1/1bqNsOJJ8fekiGjNmHIxOifScpk.roa
File: 1bqNsOJJ8fekiGjNmHIxOifScpk.roa (raw, json)
Hash identifier: awuwmLZI74s+JrAhvYcfSETsMAtPOVKMZXnh9sFIapk=
Subject key identifier: D5:BA:8D:B0:E2:49:F1:F7:A4:88:68:CD:98:72:31:3A:27:D2:72:99
Certificate issuer: /CN=e6596e1552fc0a5884a881b352817d0b73009083
Certificate serial: 019C51E5FCB7DBC7D1526352499BAD9EC26D
Authority key identifier: E6:59:6E:15:52:FC:0A:58:84:A8:81:B3:52:81:7D:0B:73:00:90:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5lluFVL8CliEqIGzUoF9C3MAkIM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/0ca287-3eef-414c-883a-081691257a26/1/1bqNsOJJ8fekiGjNmHIxOifScpk.roa
Signing time: Thu 12 Feb 2026 12:49:12 +0000
ROA not before: Thu 12 Feb 2026 12:49:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20849
IP address blocks: 80.72.128.0/20 maxlen: 24
147.78.92.0/22 maxlen: 24
194.153.146.0/24 maxlen: 24
217.22.192.0/20 maxlen: 24
2a02:2958::/32 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/0ca287-3eef-414c-883a-081691257a26/1/5lluFVL8CliEqIGzUoF9C3MAkIM.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/0ca287-3eef-414c-883a-081691257a26/1/5lluFVL8CliEqIGzUoF9C3MAkIM.mft
rsync://rpki.ripe.net/repository/DEFAULT/5lluFVL8CliEqIGzUoF9C3MAkIM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 12:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:51:e5:fc:b7:db:c7:d1:52:63:52:49:9b:ad:9e:c2:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6596e1552fc0a5884a881b352817d0b73009083
Validity
Not Before: Feb 12 12:49:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d5ba8db0e249f1f7a48868cd9872313a27d27299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c5:d9:b4:33:d3:f5:c0:47:5b:72:1c:fa:da:
c3:d0:03:e5:2b:b1:d5:60:52:22:e1:02:de:dc:2f:
80:a5:e9:e2:f7:27:3d:34:14:81:58:ce:b3:99:b9:
e8:24:04:a6:31:f3:03:2c:64:d8:a1:02:ad:d4:50:
19:b9:4f:d3:91:cd:ea:6f:9a:6c:3e:51:a0:cd:46:
dc:a4:fc:98:9e:34:f3:d9:d3:ca:a4:d3:b7:d6:36:
ed:2b:a6:a2:f5:d1:38:56:a7:fa:8f:17:ff:e5:86:
42:56:98:8f:89:6f:81:85:71:09:7e:7b:5a:9c:cd:
3b:f4:43:9b:d7:0f:a0:45:2f:d7:b7:05:e5:4b:23:
28:44:21:f0:ff:a5:ad:ab:4e:89:eb:91:72:77:d0:
c6:d7:36:9d:af:04:28:c8:67:eb:3e:0d:d5:b6:63:
fb:33:83:6e:5c:5f:3e:24:0e:95:ba:dc:87:a7:a0:
76:f5:6a:51:04:72:af:08:c4:dc:67:9b:1b:42:d4:
2c:13:c7:b2:d8:23:c4:ab:34:2e:7e:08:eb:06:0d:
b7:af:7c:35:14:ee:03:b1:c9:3a:2e:52:48:a4:74:
7a:a7:df:a7:d9:52:fb:d7:de:87:2b:9e:57:a3:18:
11:0e:7b:f9:9b:60:53:74:35:aa:3c:27:8f:c8:16:
d0:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:BA:8D:B0:E2:49:F1:F7:A4:88:68:CD:98:72:31:3A:27:D2:72:99
X509v3 Authority Key Identifier:
keyid:E6:59:6E:15:52:FC:0A:58:84:A8:81:B3:52:81:7D:0B:73:00:90:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5lluFVL8CliEqIGzUoF9C3MAkIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/0ca287-3eef-414c-883a-081691257a26/1/1bqNsOJJ8fekiGjNmHIxOifScpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/0ca287-3eef-414c-883a-081691257a26/1/5lluFVL8CliEqIGzUoF9C3MAkIM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.128.0/20
147.78.92.0/22
194.153.146.0/24
217.22.192.0/20
IPv6:
2a02:2958::/32
Signature Algorithm: sha256WithRSAEncryption
38:21:9a:84:eb:6c:4d:57:75:e0:6c:d1:f4:46:a2:a6:67:41:
c9:8b:e2:26:09:b0:7d:a7:8f:ce:0f:f9:f7:83:61:05:6a:c6:
81:52:52:dd:96:4d:ac:e1:af:ee:fa:e5:89:c0:17:16:ce:83:
9e:d7:07:54:d8:2f:a1:2c:1d:4e:ad:31:0b:a4:d6:3a:30:23:
63:7f:b7:f0:ac:9a:2d:5c:dd:44:42:af:68:7a:6c:80:bb:2d:
9e:ec:02:b1:06:11:00:45:79:2d:17:7d:b2:19:91:94:78:c1:
77:bb:58:64:d1:22:fc:b3:82:43:7c:31:c4:81:12:37:18:fa:
f5:2f:8c:dd:9f:49:82:74:aa:c2:b9:0b:0e:2e:7f:23:a6:d1:
6e:a9:1a:81:58:8a:bd:27:bb:38:eb:b8:02:ec:61:32:8e:3f:
86:4f:7d:b5:7c:01:a2:30:59:8f:67:26:af:b3:23:72:88:ae:
93:2d:e2:2a:ab:f2:10:e0:3e:5e:18:fe:f0:68:37:63:bc:59:
a5:e4:7a:00:21:0b:83:b0:c0:ba:c1:98:41:33:ed:23:c0:00:
8c:06:ec:15:ee:49:e5:f5:9a:41:64:8e:5b:5a:e0:70:e9:08:
40:88:f9:64:7c:f4:cb:88:ab:a0:54:c2:5c:0d:39:e6:2d:de:
4a:0a:31:bd
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZxR5fy328fRUmNSSZutnsJtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2NTk2ZTE1NTJmYzBhNTg4NGE4ODFiMzUyODE3ZDBiNzMw
MDkwODMwHhcNMjYwMjEyMTI0OTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWJhOGRiMGUyNDlmMWY3YTQ4ODY4Y2Q5ODcyMzEzYTI3ZDI3Mjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsXZtDPT9cBHW3Ic+trD0APlK7HV
YFIi4QLe3C+Apeni9yc9NBSBWM6zmbnoJASmMfMDLGTYoQKt1FAZuU/Tkc3qb5ps
PlGgzUbcpPyYnjTz2dPKpNO31jbtK6ai9dE4Vqf6jxf/5YZCVpiPiW+BhXEJfnta
nM079EOb1w+gRS/XtwXlSyMoRCHw/6Wtq06J65Fyd9DG1zadrwQoyGfrPg3VtmP7
M4NuXF8+JA6VutyHp6B29WpRBHKvCMTcZ5sbQtQsE8ey2CPEqzQufgjrBg23r3w1
FO4Dsck6LlJIpHR6p9+n2VL7196HK55XoxgRDnv5m2BTdDWqPCePyBbQiQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNW6jbDiSfH3pIhozZhyMTon0nKZMB8GA1UdIwQY
MBaAFOZZbhVS/ApYhKiBs1KBfQtzAJCDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWxsdUZWTDhDbGlFcUlHelVvRjlDM01Ba0lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8wY2EyODctM2VlZi00MTRjLTg4M2Et
MDgxNjkxMjU3YTI2LzEvMWJxTnNPSko4ZmVraUdqTm1ISXhPaWZTY3BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8wY2EyODctM2VlZi00MTRjLTg4M2EtMDgxNjkxMjU3YTI2
LzEvNWxsdUZWTDhDbGlFcUlHelVvRjlDM01Ba0lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUEiAAwQC
k05cAwQAwpmSAwQE2RbAMA0EAgACMAcDBQAqAilYMA0GCSqGSIb3DQEBCwUAA4IB
AQA4IZqE62xNV3XgbNH0RqKmZ0HJi+ImCbB9p4/OD/n3g2EFasaBUlLdlk2s4a/u
+uWJwBcWzoOe1wdU2C+hLB1OrTELpNY6MCNjf7fwrJotXN1EQq9oemyAuy2e7AKx
BhEARXktF32yGZGUeMF3u1hk0SL8s4JDfDHEgRI3GPr1L4zdn0mCdKrCuQsOLn8j
ptFuqRqBWIq9J7s467gC7GEyjj+GT321fAGiMFmPZyavsyNyiK6TLeIqq/IQ4D5e
GP7waDdjvFml5HoAIQuDsMC6wZhBM+0jwACMBuwV7knl9ZpBZI5bWuBw6QhAiPlk
fPTLiKugVMJcDTnmLd5KCjG9
-----END CERTIFICATE-----
Generated at Mon Mar 2 21:21:23 2026 by rpki-client