Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/grRv1zK274iLycaoK-Nbqjw_x1k.roa
File: grRv1zK274iLycaoK-Nbqjw_x1k.roa (raw, json)
Hash identifier: QLP5kOYkk4bXScipk9r7CnpegfUS+YnmqDjmg8xa35o=
Subject key identifier: 82:B4:6F:D7:32:B6:EF:88:8B:C9:C6:A8:2B:E3:5B:AA:3C:3F:C7:59
Certificate issuer: /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial: 019C772B9EF7BA7C2405BC20B5BE9FFC314F
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/grRv1zK274iLycaoK-Nbqjw_x1k.roa
Signing time: Thu 19 Feb 2026 18:31:13 +0000
ROA not before: Thu 19 Feb 2026 18:31:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 45.149.94.0/24 maxlen: 24
80.246.229.0/24 maxlen: 24
80.246.230.0/24 maxlen: 24
80.246.232.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.mft
rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:77:2b:9e:f7:ba:7c:24:05:bc:20:b5:be:9f:fc:31:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
Validity
Not Before: Feb 19 18:31:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=82b46fd732b6ef888bc9c6a82be35baa3c3fc759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4c:67:ec:16:44:81:02:91:ad:ba:60:c8:8c:
e0:b1:42:1a:f3:f0:79:01:d8:7f:64:46:39:b1:51:
6c:3d:a7:c9:b9:39:1e:7b:aa:e9:3f:4f:55:28:73:
7b:1a:d2:03:33:7c:12:25:0e:c8:ad:3c:79:b1:95:
11:74:9d:23:f6:60:17:e7:2e:c9:ab:06:3f:1f:97:
dd:1f:49:21:1e:b9:0f:28:d6:06:53:39:54:d7:63:
e4:44:d2:1f:01:84:00:e5:9e:3d:d8:21:76:57:90:
09:2e:6f:27:bf:b8:8c:6b:ca:c6:43:fc:d4:14:eb:
73:79:4f:6b:08:ab:72:ec:e0:4b:64:f9:94:ea:13:
d4:4a:92:be:14:f4:24:af:c6:41:ad:9d:d6:09:e7:
5b:30:1e:5a:43:eb:a9:24:6d:71:61:9f:ad:be:0d:
a3:8d:06:7e:8e:eb:46:6f:b5:d4:31:6d:68:5b:9a:
60:08:01:10:eb:27:cf:21:24:90:f2:ab:d3:ab:cf:
ab:d3:45:9e:26:86:9b:ea:9b:be:c8:0f:4a:4d:b1:
a0:e7:73:8c:df:4a:b6:df:5b:4d:6f:f3:11:55:62:
1f:8d:f7:19:2c:56:13:c7:dc:60:ad:e5:6d:1f:c0:
b0:39:c0:55:7d:d4:c0:04:0f:ae:7f:69:1c:5c:ec:
52:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:B4:6F:D7:32:B6:EF:88:8B:C9:C6:A8:2B:E3:5B:AA:3C:3F:C7:59
X509v3 Authority Key Identifier:
keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/grRv1zK274iLycaoK-Nbqjw_x1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.94.0/24
80.246.229.0-80.246.230.255
80.246.232.0/21
Signature Algorithm: sha256WithRSAEncryption
4f:0a:ae:b0:79:4d:81:ca:dc:0f:46:07:36:c2:97:1c:7f:52:
66:12:d9:5a:58:29:09:75:80:7b:d1:b7:d4:41:6d:ec:7b:ad:
8a:0d:ac:2b:01:46:e5:73:13:e6:86:e2:c8:87:67:d4:af:a5:
91:57:18:48:a1:39:af:9d:08:ea:78:9c:a0:ee:be:eb:6c:81:
ca:e2:f0:39:5e:2b:8a:ac:aa:2b:45:0f:6a:21:88:0d:8d:c3:
35:86:0c:4b:45:9e:7a:48:d8:09:9f:b8:de:56:4e:29:42:97:
6f:f9:19:62:9e:ed:9e:d2:12:a4:a7:5b:7f:b0:45:e6:30:6f:
91:23:a6:26:91:a7:86:64:ec:d5:af:a2:f4:87:dc:ca:fc:d3:
89:0d:6e:4e:93:2e:47:cb:25:c2:20:8a:4a:e4:5e:b0:51:ac:
ff:bf:02:29:93:5a:17:9a:b1:ac:26:d3:03:eb:c6:6d:7b:68:
09:ee:2e:3e:46:66:9d:2c:7b:7d:d2:f8:79:76:a4:17:ba:b3:
1f:33:26:05:ac:a7:65:b5:d9:8e:d1:4e:cf:53:b2:6d:0c:65:
69:a1:ab:21:c0:3a:a3:fc:df:46:f5:9a:c3:c8:1f:28:9b:b5:
b4:2a:86:5d:9c:f0:90:5d:77:8f:fd:a3:b8:f6:79:de:a2:58:
39:3e:47:e4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZx3K573unwkBbwgtb6f/DFPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjYwMjE5MTgzMTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmI0NmZkNzMyYjZlZjg4OGJjOWM2YTgyYmUzNWJhYTNjM2ZjNzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsExn7BZEgQKRrbpgyIzgsUIa8/B5
Adh/ZEY5sVFsPafJuTkee6rpP09VKHN7GtIDM3wSJQ7IrTx5sZURdJ0j9mAX5y7J
qwY/H5fdH0khHrkPKNYGUzlU12PkRNIfAYQA5Z492CF2V5AJLm8nv7iMa8rGQ/zU
FOtzeU9rCKty7OBLZPmU6hPUSpK+FPQkr8ZBrZ3WCedbMB5aQ+upJG1xYZ+tvg2j
jQZ+jutGb7XUMW1oW5pgCAEQ6yfPISSQ8qvTq8+r00WeJoab6pu+yA9KTbGg53OM
30q231tNb/MRVWIfjfcZLFYTx9xgreVtH8CwOcBVfdTABA+uf2kcXOxSIwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIK0b9cytu+Ii8nGqCvjW6o8P8dZMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvZ3JSdjF6SzI3NGlMeWNhb0stTmJxandfeDFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALZVeMAwD
BABQ9uUDBABQ9uYDBANQ9ugwDQYJKoZIhvcNAQELBQADggEBAE8KrrB5TYHK3A9G
BzbClxx/UmYS2VpYKQl1gHvRt9RBbex7rYoNrCsBRuVzE+aG4siHZ9SvpZFXGEih
Oa+dCOp4nKDuvutsgcri8DleK4qsqitFD2ohiA2NwzWGDEtFnnpI2AmfuN5WTilC
l2/5GWKe7Z7SEqSnW3+wReYwb5EjpiaRp4Zk7NWvovSH3Mr804kNbk6TLkfLJcIg
ikrkXrBRrP+/AimTWheasawm0wPrxm17aAnuLj5GZp0se33S+Hl2pBe6sx8zJgWs
p2W12Y7RTs9Tsm0MZWmhqyHAOqP830b1msPIHyibtbQqhl2c8JBdd4/9o7j2ed6i
WDk+R+Q=
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:59:26 2026 by rpki-client