Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/tIO_Frmyb630hOFMV5X9t-LFjlM.roa
File: tIO_Frmyb630hOFMV5X9t-LFjlM.roa (raw, json)
Hash identifier: A+6xfI16vy2Eu1vSrt6AeJ63kgJErM2gSoHCauuaBDc=
Subject key identifier: B4:83:BF:16:B9:B2:6F:AD:F4:84:E1:4C:57:95:FD:B7:E2:C5:8E:53
Certificate issuer: /CN=9944f812a0e002c38e84e47628bdba038598090b
Certificate serial: 019C76605E046F39D6636E9FBE32CF527586
Authority key identifier: 99:44:F8:12:A0:E0:02:C3:8E:84:E4:76:28:BD:BA:03:85:98:09:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mUT4EqDgAsOOhOR2KL26A4WYCQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/tIO_Frmyb630hOFMV5X9t-LFjlM.roa
Signing time: Thu 19 Feb 2026 14:49:12 +0000
ROA not before: Thu 19 Feb 2026 14:49:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 61071
IP address blocks: 88.213.210.0/24 maxlen: 24
88.213.211.0/24 maxlen: 24
88.213.213.0/24 maxlen: 24
88.213.214.0/23 maxlen: 23
88.213.214.0/24 maxlen: 24
88.213.215.0/24 maxlen: 24
178.217.88.0/22 maxlen: 24
178.217.90.0/24 maxlen: 24
185.134.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/mUT4EqDgAsOOhOR2KL26A4WYCQs.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/mUT4EqDgAsOOhOR2KL26A4WYCQs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mUT4EqDgAsOOhOR2KL26A4WYCQs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 11:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:76:60:5e:04:6f:39:d6:63:6e:9f:be:32:cf:52:75:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9944f812a0e002c38e84e47628bdba038598090b
Validity
Not Before: Feb 19 14:49:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b483bf16b9b26fadf484e14c5795fdb7e2c58e53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ac:b2:ed:c4:9a:4f:b0:e0:68:b3:78:ba:93:
89:07:7a:a0:aa:6e:1a:fb:77:08:44:c7:21:aa:7e:
53:99:12:5d:eb:3b:bf:29:6a:6e:67:2c:0f:e3:cc:
0b:1d:96:81:cf:fc:b3:70:82:f5:88:6e:c0:34:40:
b2:d0:eb:bf:d9:28:b4:b7:cb:96:2c:d9:de:94:23:
72:03:b4:c9:b9:1c:a0:99:9b:a2:b9:ed:72:aa:5c:
82:f0:10:d3:fe:44:45:ab:f7:af:56:eb:06:89:7a:
a9:34:e0:66:56:a2:87:98:d8:65:09:06:c5:ae:b1:
ab:2a:0e:09:5f:27:20:ab:a5:84:a1:ba:50:b5:b7:
1c:1a:8d:c5:2a:ee:19:77:b6:80:b8:5b:3b:fd:ac:
16:36:ce:3b:53:8b:b2:2d:de:f0:ae:77:24:00:af:
8f:e7:aa:5a:1d:f8:f3:51:b6:61:de:69:32:2d:02:
5d:b3:b1:98:23:7c:86:20:f2:b2:80:87:bf:17:fd:
7f:9d:45:56:0f:25:c5:d6:ed:b1:63:06:fa:58:39:
35:85:71:33:70:02:96:1d:3d:74:02:d0:73:b0:f3:
da:51:f6:b3:17:e7:55:02:ee:a8:7d:d6:bc:cd:88:
c0:7d:a4:bb:69:3f:e8:24:7e:7f:c2:05:cd:9c:f8:
b0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:83:BF:16:B9:B2:6F:AD:F4:84:E1:4C:57:95:FD:B7:E2:C5:8E:53
X509v3 Authority Key Identifier:
keyid:99:44:F8:12:A0:E0:02:C3:8E:84:E4:76:28:BD:BA:03:85:98:09:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mUT4EqDgAsOOhOR2KL26A4WYCQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/tIO_Frmyb630hOFMV5X9t-LFjlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/mUT4EqDgAsOOhOR2KL26A4WYCQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.213.210.0/23
88.213.213.0-88.213.215.255
178.217.88.0/22
185.134.228.0/22
Signature Algorithm: sha256WithRSAEncryption
59:96:ab:9e:2c:2a:dd:5e:4e:3d:27:95:1e:a6:00:d8:b8:b9:
54:b3:20:da:de:b0:28:6d:c8:28:f4:a8:f8:99:81:1c:d4:ba:
88:c6:c4:d3:8a:00:40:c4:c3:10:b6:a0:3d:cc:ac:c2:f6:31:
e7:2c:bb:c1:d2:6f:50:e5:ef:77:b5:f5:ef:0b:1e:1c:da:29:
5c:0c:af:72:b5:2f:96:f4:43:54:dc:bf:c5:21:ed:4a:0b:b7:
a6:f6:4d:18:7f:b4:59:5e:d7:85:12:a3:2a:89:b7:11:ef:2f:
45:e8:ab:07:43:80:2d:0f:54:7a:96:49:9d:6e:e6:3f:13:bd:
f7:0c:49:1f:c6:66:40:c1:a3:94:83:38:02:f4:03:d0:c5:28:
b3:e9:ba:8d:bf:1d:34:53:96:fd:27:d8:2c:1b:38:f9:e3:60:
8f:36:4f:2e:6e:09:d1:6e:68:c0:db:b1:ff:90:40:82:c0:75:
57:2e:cb:92:9c:b4:56:16:9f:9d:7e:79:6f:1b:52:f6:2e:10:
b8:95:55:8b:fa:1e:b4:50:c0:bd:65:46:c6:03:c0:09:97:4e:
80:b8:08:8e:1f:fa:52:f5:1c:05:32:21:42:cd:5f:6a:80:72:
84:2a:0b:ef:eb:53:26:2c:e0:a8:a0:07:68:6f:a2:20:ae:5a:
82:7a:fc:cf
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZx2YF4EbznWY26fvjLPUnWGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NDRmODEyYTBlMDAyYzM4ZTg0ZTQ3NjI4YmRiYTAzODU5
ODA5MGIwHhcNMjYwMjE5MTQ0OTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDgzYmYxNmI5YjI2ZmFkZjQ4NGUxNGM1Nzk1ZmRiN2UyYzU4ZTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKyy7cSaT7DgaLN4upOJB3qgqm4a
+3cIRMchqn5TmRJd6zu/KWpuZywP48wLHZaBz/yzcIL1iG7ANECy0Ou/2Si0t8uW
LNnelCNyA7TJuRygmZuiue1yqlyC8BDT/kRFq/evVusGiXqpNOBmVqKHmNhlCQbF
rrGrKg4JXycgq6WEobpQtbccGo3FKu4Zd7aAuFs7/awWNs47U4uyLd7wrnckAK+P
56paHfjzUbZh3mkyLQJds7GYI3yGIPKygIe/F/1/nUVWDyXF1u2xYwb6WDk1hXEz
cAKWHT10AtBzsPPaUfazF+dVAu6ofda8zYjAfaS7aT/oJH5/wgXNnPiwAwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLSDvxa5sm+t9IThTFeV/bfixY5TMB8GA1UdIwQY
MBaAFJlE+BKg4ALDjoTkdii9ugOFmAkLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVVUNEVxRGdBc09PaE9SMktMMjZBNFdZQ1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zYzZjYjUtYTcyYy00NzAxLWFlNmMt
MzA2YzU2NTEzNDNlLzEvdElPX0ZybXliNjMwaE9GTVY1WDl0LUxGamxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zYzZjYjUtYTcyYy00NzAxLWFlNmMtMzA2YzU2NTEzNDNl
LzEvbVVUNEVxRGdBc09PaE9SMktMMjZBNFdZQ1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBWNXSMAwD
BABY1dUDBANY1dADBAKy2VgDBAK5huQwDQYJKoZIhvcNAQELBQADggEBAFmWq54s
Kt1eTj0nlR6mANi4uVSzINresChtyCj0qPiZgRzUuojGxNOKAEDEwxC2oD3MrML2
Mecsu8HSb1Dl73e19e8LHhzaKVwMr3K1L5b0Q1Tcv8Uh7UoLt6b2TRh/tFle14US
oyqJtxHvL0XoqwdDgC0PVHqWSZ1u5j8TvfcMSR/GZkDBo5SDOAL0A9DFKLPpuo2/
HTRTlv0n2CwbOPnjYI82Ty5uCdFuaMDbsf+QQILAdVcuy5KctFYWn51+eW8bUvYu
ELiVVYv6HrRQwL1lRsYDwAmXToC4CI4f+lL1HAUyIULNX2qAcoQqC+/rUyYs4Kig
B2hvoiCuWoJ6/M8=
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:37:46 2026 by rpki-client