Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/bvW9wiwu-HYSzSLipBA2Hvn8OAI.roa
File: bvW9wiwu-HYSzSLipBA2Hvn8OAI.roa (raw, json)
Hash identifier: Pcuf+1R8/u7g8kq8mEN3UbCliMWxFOuqOUgzA0CTwFQ=
Subject key identifier: 6E:F5:BD:C2:2C:2E:F8:76:12:CD:22:E2:A4:10:36:1E:F9:FC:38:02
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 019C46A21527873D55719BB72EF77CD6FDFE
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/bvW9wiwu-HYSzSLipBA2Hvn8OAI.roa
Signing time: Tue 10 Feb 2026 08:19:13 +0000
ROA not before: Tue 10 Feb 2026 08:19:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56534
IP address blocks: 82.179.248.0/22 maxlen: 22
85.142.82.0/24 maxlen: 24
85.142.84.0/24 maxlen: 24
85.142.136.0/24 maxlen: 24
85.142.164.0/22 maxlen: 22
85.142.168.0/21 maxlen: 21
85.142.176.0/22 maxlen: 22
85.142.192.0/22 maxlen: 24
85.142.208.0/22 maxlen: 22
85.142.244.0/24 maxlen: 24
85.142.252.0/24 maxlen: 24
85.143.144.0/22 maxlen: 22
85.143.160.0/21 maxlen: 21
85.143.176.0/22 maxlen: 22
85.143.184.0/22 maxlen: 22
85.143.203.0/24 maxlen: 24
85.143.204.0/22 maxlen: 22
85.143.250.0/24 maxlen: 24
85.143.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.mft
rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 05:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:46:a2:15:27:87:3d:55:71:9b:b7:2e:f7:7c:d6:fd:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Feb 10 08:19:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6ef5bdc22c2ef87612cd22e2a410361ef9fc3802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ce:5a:1f:d8:d8:99:6f:8e:84:a2:db:38:32:
18:f4:d1:94:14:d4:42:a7:f7:d3:70:a6:69:2f:75:
bf:a8:33:81:db:90:ff:1c:be:1a:49:f2:97:96:e0:
38:27:86:24:08:96:af:d0:0e:af:b7:24:0a:c6:a2:
77:7b:f5:f8:5e:df:83:5f:a3:14:7c:61:c3:d6:b9:
f3:36:00:ce:1c:1b:9b:1d:f1:43:c7:ae:fd:88:d2:
09:6b:5f:15:0a:bf:1a:09:29:59:88:79:36:a5:ca:
f4:15:a1:96:c7:1b:13:a5:2f:5f:f2:64:81:80:40:
24:ad:b6:d4:8a:ce:81:ed:ea:fe:7d:b2:16:de:54:
ad:5f:ee:a8:20:42:0a:84:f7:e6:e2:70:43:39:6b:
e0:ec:46:83:09:ff:7c:ab:ee:35:fc:e3:9e:9b:be:
62:58:10:ab:e7:01:e2:12:45:1b:90:63:fa:21:cd:
d6:bf:02:53:8f:9c:ca:80:72:9c:52:f0:19:5f:62:
5c:9a:23:b5:67:be:3e:e5:86:51:49:de:23:aa:fc:
5e:99:55:ab:66:88:bd:9f:e1:45:d1:a8:87:1e:16:
01:a2:74:d0:1c:21:c9:14:52:56:cf:46:68:2c:35:
47:35:11:7c:0f:69:7c:4b:ee:1c:86:15:3b:72:81:
e5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:F5:BD:C2:2C:2E:F8:76:12:CD:22:E2:A4:10:36:1E:F9:FC:38:02
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/bvW9wiwu-HYSzSLipBA2Hvn8OAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.179.248.0/22
85.142.82.0/24
85.142.84.0/24
85.142.136.0/24
85.142.164.0-85.142.179.255
85.142.192.0/22
85.142.208.0/22
85.142.244.0/24
85.142.252.0/24
85.143.144.0/22
85.143.160.0/21
85.143.176.0/22
85.143.184.0/22
85.143.203.0-85.143.207.255
85.143.250.0/24
85.143.252.0/22
Signature Algorithm: sha256WithRSAEncryption
45:e5:70:62:03:45:10:ca:a0:c6:08:c3:31:62:29:9f:a3:bb:
30:9d:ab:68:01:41:c2:7b:5e:30:d2:77:7e:86:76:09:dc:0b:
3a:c5:ee:93:f6:d8:98:8d:20:f0:ba:c0:d6:f5:f8:e9:53:10:
20:ee:84:2c:93:37:68:3d:25:e6:5c:2e:d2:23:63:e0:07:5d:
37:cd:20:c3:69:ae:ab:5f:f6:81:a4:20:4f:62:01:06:8a:59:
a7:3a:86:ad:06:98:69:2e:ff:7e:03:1a:0a:95:bd:b5:12:1b:
7b:32:45:7c:5f:f4:b1:ab:23:c2:1c:b7:77:71:0c:2e:04:d1:
29:42:3d:5d:29:9a:eb:0e:64:09:5e:85:a3:87:4e:c0:95:1b:
77:fe:6e:b5:b2:48:c5:43:f2:fa:c7:38:f1:92:85:09:d1:a5:
67:a8:b6:cb:84:a8:0c:7d:2b:71:aa:85:81:ba:66:1c:d1:e1:
57:51:be:2b:02:d2:e3:bb:49:07:a9:c0:b4:19:13:e4:c7:bb:
2a:5c:c0:9f:38:81:f0:fe:6a:36:62:ca:ab:3d:2e:93:de:44:
d4:fa:e5:75:95:8d:3a:fd:a7:db:68:4f:51:df:f5:ca:c2:40:
2f:ad:7e:73:ff:33:22:71:55:e3:66:bd:cc:f0:ff:37:10:8e:
9a:2b:24:95
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZxGohUnhz1VcZu3Lvd81v3+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjYwMjEwMDgxOTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWY1YmRjMjJjMmVmODc2MTJjZDIyZTJhNDEwMzYxZWY5ZmMzODAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuM5aH9jYmW+OhKLbODIY9NGUFNRC
p/fTcKZpL3W/qDOB25D/HL4aSfKXluA4J4YkCJav0A6vtyQKxqJ3e/X4Xt+DX6MU
fGHD1rnzNgDOHBubHfFDx679iNIJa18VCr8aCSlZiHk2pcr0FaGWxxsTpS9f8mSB
gEAkrbbUis6B7er+fbIW3lStX+6oIEIKhPfm4nBDOWvg7EaDCf98q+41/OOem75i
WBCr5wHiEkUbkGP6Ic3WvwJTj5zKgHKcUvAZX2JcmiO1Z74+5YZRSd4jqvxemVWr
Zoi9n+FF0aiHHhYBonTQHCHJFFJWz0ZoLDVHNRF8D2l8S+4chhU7coHlIwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFG71vcIsLvh2Es0i4qQQNh75/DgCMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvYnZXOXdpd3UtSFlTelNMaXBCQTJIdm44T0FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAlKz+AME
AFWOUgMEAFWOVAMEAFWOiDAMAwQCVY6kAwQCVY6wAwQCVY7AAwQCVY7QAwQAVY70
AwQAVY78AwQCVY+QAwQDVY+gAwQCVY+wAwQCVY+4MAwDBABVj8sDBARVj8ADBABV
j/oDBAJVj/wwDQYJKoZIhvcNAQELBQADggEBAEXlcGIDRRDKoMYIwzFiKZ+juzCd
q2gBQcJ7XjDSd36GdgncCzrF7pP22JiNIPC6wNb1+OlTECDuhCyTN2g9JeZcLtIj
Y+AHXTfNIMNprqtf9oGkIE9iAQaKWac6hq0GmGku/34DGgqVvbUSG3syRXxf9LGr
I8Ict3dxDC4E0SlCPV0pmusOZAlehaOHTsCVG3f+brWySMVD8vrHOPGShQnRpWeo
tsuEqAx9K3GqhYG6ZhzR4VdRvisC0uO7SQepwLQZE+THuypcwJ84gfD+ajZiyqs9
LpPeRNT65XWVjTr9p9toT1Hf9crCQC+tfnP/MyJxVeNmvczw/zcQjporJJU=
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:10:46 2026 by rpki-client