Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/tbsvSqRGQpNtqvMQHjLN-1rwMVw.roa
File: tbsvSqRGQpNtqvMQHjLN-1rwMVw.roa (raw, json)
Hash identifier: ZfNnOp2DuU6V3IEVKKLuwN6szaSXJ8fTG6lTql9z+bY=
Subject key identifier: B5:BB:2F:4A:A4:46:42:93:6D:AA:F3:10:1E:32:CD:FB:5A:F0:31:5C
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 019C9414F770DEC95C86447F01DC10BFBA4D
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/tbsvSqRGQpNtqvMQHjLN-1rwMVw.roa
Signing time: Wed 25 Feb 2026 09:15:27 +0000
ROA not before: Wed 25 Feb 2026 09:15:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212913
IP address blocks: 45.151.139.0/24 maxlen: 24
80.76.42.0/24 maxlen: 24
81.22.193.0/24 maxlen: 24
89.221.204.0/24 maxlen: 24
130.49.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 06:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:94:14:f7:70:de:c9:5c:86:44:7f:01:dc:10:bf:ba:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Feb 25 09:15:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b5bb2f4aa44642936daaf3101e32cdfb5af0315c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:2f:fe:75:29:5f:6d:8d:85:2e:f7:91:f7:68:
7f:3a:14:cc:dd:23:55:1a:30:e2:a3:0d:1f:e9:6c:
dc:3b:e2:55:36:80:ad:ec:04:0c:79:82:40:29:b3:
3e:e4:3f:d3:35:b7:08:fe:d6:f9:dd:b8:b2:f8:60:
be:97:73:98:2b:21:29:2f:09:2e:e5:49:ab:41:b8:
3c:e6:3e:0f:57:d4:79:df:bb:4e:fe:f2:8a:4e:70:
2b:df:bb:8e:96:27:c9:61:9c:49:7b:a6:be:53:c2:
66:2e:bd:46:28:09:f3:78:73:ac:8f:4b:94:0f:13:
f3:76:7d:07:a2:0e:aa:14:ae:28:72:98:f9:33:9a:
af:c1:0e:2d:02:a7:8e:06:c4:e1:25:12:b3:5f:b1:
68:7d:75:19:05:4d:24:03:e2:50:f8:0d:6d:54:0f:
8f:b6:ad:d2:2c:c1:26:6c:a8:55:39:6c:82:2e:e3:
5e:7d:d7:51:cd:e7:47:9a:12:c9:67:30:39:28:66:
a4:b9:37:7e:2a:f2:95:c6:38:10:67:31:a3:52:4a:
93:43:44:2f:a8:7e:7a:a5:03:2a:b6:37:54:88:b2:
25:63:f0:7d:c8:3b:56:bb:bd:3f:df:9b:b2:7a:de:
7e:e7:92:94:16:f9:2c:5a:77:d4:d4:bb:b7:d3:e9:
36:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:BB:2F:4A:A4:46:42:93:6D:AA:F3:10:1E:32:CD:FB:5A:F0:31:5C
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/tbsvSqRGQpNtqvMQHjLN-1rwMVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.139.0/24
80.76.42.0/24
81.22.193.0/24
89.221.204.0/24
130.49.181.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:25:be:5b:a9:ea:ac:62:4a:92:90:b8:7f:14:3b:0d:61:01:
d9:3a:e7:d2:2a:4e:df:43:17:6e:0a:5c:b0:3c:72:93:b5:bd:
59:78:ab:c2:02:69:31:cb:e1:f0:50:fe:4c:de:fb:bc:f9:ca:
50:f1:09:79:9d:43:bd:03:e2:44:13:5d:09:5c:73:22:8d:30:
7c:51:ca:a6:9e:86:42:b2:3d:b6:ef:7c:22:8c:65:ff:40:9f:
39:31:d3:c7:78:43:dd:a3:f7:31:00:17:72:25:a2:80:c4:54:
d0:ed:db:a3:6d:bc:13:e9:1d:1d:4a:74:45:a4:40:6a:ca:38:
da:3d:c8:45:64:de:de:bb:97:e5:c3:3f:0c:4e:b8:af:23:3c:
1d:15:31:8b:d1:ba:3a:e8:7b:fc:06:5b:88:55:03:a2:6d:8a:
0f:ce:e9:f3:be:23:c5:b2:99:6d:6b:89:14:41:26:ff:41:2a:
82:85:00:e4:96:f0:8a:3e:03:81:9a:b6:3e:08:ad:f8:94:e2:
29:97:42:bb:c2:97:b5:b8:0a:24:70:1d:31:cb:15:7b:73:e3:
97:f5:49:86:ac:f2:66:aa:6e:67:ef:bc:40:85:30:69:f1:41:
75:db:be:4f:a0:8c:50:10:2a:32:a6:c9:e8:46:53:a6:7c:dd:
9e:a8:31:5e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZyUFPdw3slchkR/AdwQv7pNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjYwMjI1MDkxNTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWJiMmY0YWE0NDY0MjkzNmRhYWYzMTAxZTMyY2RmYjVhZjAzMTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3S/+dSlfbY2FLveR92h/OhTM3SNV
GjDiow0f6WzcO+JVNoCt7AQMeYJAKbM+5D/TNbcI/tb53biy+GC+l3OYKyEpLwku
5UmrQbg85j4PV9R537tO/vKKTnAr37uOlifJYZxJe6a+U8JmLr1GKAnzeHOsj0uU
DxPzdn0Hog6qFK4ocpj5M5qvwQ4tAqeOBsThJRKzX7FofXUZBU0kA+JQ+A1tVA+P
tq3SLMEmbKhVOWyCLuNefddRzedHmhLJZzA5KGakuTd+KvKVxjgQZzGjUkqTQ0Qv
qH56pQMqtjdUiLIlY/B9yDtWu70/35uyet5+55KUFvksWnfU1Lu30+k2swIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLW7L0qkRkKTbarzEB4yzfta8DFcMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvdGJzdlNxUkdRcE50cXZNUUhqTE4tMXJ3TVZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALZeLAwQA
UEwqAwQAURbBAwQAWd3MAwQAgjG1MA0GCSqGSIb3DQEBCwUAA4IBAQA9Jb5bqeqs
YkqSkLh/FDsNYQHZOufSKk7fQxduClywPHKTtb1ZeKvCAmkxy+HwUP5M3vu8+cpQ
8Ql5nUO9A+JEE10JXHMijTB8UcqmnoZCsj2273wijGX/QJ85MdPHeEPdo/cxABdy
JaKAxFTQ7dujbbwT6R0dSnRFpEBqyjjaPchFZN7eu5flwz8MTrivIzwdFTGL0bo6
6Hv8BluIVQOibYoPzunzviPFsplta4kUQSb/QSqChQDklvCKPgOBmrY+CK34lOIp
l0K7wpe1uAokcB0xyxV7c+OX9UmGrPJmqm5n77xAhTBp8UF1275PoIxQECoypsno
RlOmfN2eqDFe
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:39:34 2026 by rpki-client