Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3b2a9e-fe84-4a8a-be0e-8dd15c9e3145/1/v1QfP-kLBM45ha8iPX7i6k9Tg6A.roa
File: v1QfP-kLBM45ha8iPX7i6k9Tg6A.roa (raw, json)
Hash identifier: g6oGtMxkI7S9/6AMsbvT+ajwBWoe9tqon+DzYkI6T6s=
Subject key identifier: BF:54:1F:3F:E9:0B:04:CE:39:85:AF:22:3D:7E:E2:EA:4F:53:83:A0
Certificate issuer: /CN=c2245df89d68c1e35e3e0e0aedeef3f2a6c2fa36
Certificate serial: 019C7A8330B4659B483F1022C69FF983096F
Authority key identifier: C2:24:5D:F8:9D:68:C1:E3:5E:3E:0E:0A:ED:EE:F3:F2:A6:C2:FA:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wiRd-J1oweNePg4K7e7z8qbC-jY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3b2a9e-fe84-4a8a-be0e-8dd15c9e3145/1/v1QfP-kLBM45ha8iPX7i6k9Tg6A.roa
Signing time: Fri 20 Feb 2026 10:05:43 +0000
ROA not before: Fri 20 Feb 2026 10:05:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202228
IP address blocks: 79.108.200.0/21 maxlen: 21
82.146.12.0/23 maxlen: 23
89.35.234.0/24 maxlen: 24
89.35.250.0/23 maxlen: 23
91.90.164.0/23 maxlen: 23
91.189.136.0/21 maxlen: 21
91.202.192.0/22 maxlen: 22
94.240.52.0/22 maxlen: 22
185.193.116.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/3b2a9e-fe84-4a8a-be0e-8dd15c9e3145/1/wiRd-J1oweNePg4K7e7z8qbC-jY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/3b2a9e-fe84-4a8a-be0e-8dd15c9e3145/1/wiRd-J1oweNePg4K7e7z8qbC-jY.mft
rsync://rpki.ripe.net/repository/DEFAULT/wiRd-J1oweNePg4K7e7z8qbC-jY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 13:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:7a:83:30:b4:65:9b:48:3f:10:22:c6:9f:f9:83:09:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2245df89d68c1e35e3e0e0aedeef3f2a6c2fa36
Validity
Not Before: Feb 20 10:05:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bf541f3fe90b04ce3985af223d7ee2ea4f5383a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:29:66:b3:2b:5c:d8:e0:f6:9a:00:6e:66:b7:
e5:69:6b:ab:13:71:95:4b:5b:53:63:c3:1c:ff:9d:
cc:c7:ff:b1:28:9c:52:c8:e5:a8:6f:8c:e5:0e:a2:
45:e8:46:90:6a:79:45:0f:1d:72:d7:8d:18:da:4d:
f4:e2:d2:86:66:a2:08:1e:ed:02:00:0f:fe:81:ad:
d7:39:1d:80:26:64:c0:7c:a6:df:77:38:74:2e:9d:
9a:40:9f:4d:a9:38:49:ca:89:b7:43:0a:6d:4b:40:
b4:6b:a4:13:2b:48:1d:3b:2f:39:66:07:7b:b3:b1:
1b:74:be:a7:84:04:f5:6e:b7:e0:30:ab:ee:27:42:
62:c2:63:ef:08:dd:21:74:84:53:52:70:67:49:86:
4e:50:4d:dc:9a:38:46:cd:d9:2d:0b:b0:b8:2f:ab:
b9:1b:54:49:5f:40:28:78:94:a9:43:64:4f:45:1b:
a9:ff:a0:d2:de:6b:64:79:9f:bd:29:1b:67:c8:2d:
46:17:2e:22:13:8d:41:1a:c7:a7:d2:53:46:f1:47:
cb:97:cb:b3:c3:69:d1:b5:66:66:6b:e0:42:ce:a0:
d6:30:35:5b:17:1d:14:3c:47:62:db:8b:0d:9d:ca:
1a:2d:17:d3:1b:61:8f:9e:f5:9b:b2:76:92:25:20:
ab:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:54:1F:3F:E9:0B:04:CE:39:85:AF:22:3D:7E:E2:EA:4F:53:83:A0
X509v3 Authority Key Identifier:
keyid:C2:24:5D:F8:9D:68:C1:E3:5E:3E:0E:0A:ED:EE:F3:F2:A6:C2:FA:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wiRd-J1oweNePg4K7e7z8qbC-jY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3b2a9e-fe84-4a8a-be0e-8dd15c9e3145/1/v1QfP-kLBM45ha8iPX7i6k9Tg6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3b2a9e-fe84-4a8a-be0e-8dd15c9e3145/1/wiRd-J1oweNePg4K7e7z8qbC-jY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.108.200.0/21
82.146.12.0/23
89.35.234.0/24
89.35.250.0/23
91.90.164.0/23
91.189.136.0/21
91.202.192.0/22
94.240.52.0/22
185.193.116.0/22
Signature Algorithm: sha256WithRSAEncryption
42:36:d4:ec:25:0b:ec:3f:a4:08:34:b3:03:d3:f2:8f:6b:4c:
63:21:e6:4d:ae:57:ea:92:a7:39:6e:fb:77:f6:49:c0:7a:2e:
d1:a7:02:d6:08:56:92:e9:07:b2:1b:a9:34:d0:ce:3a:10:af:
c8:50:f6:eb:21:ba:dd:cf:f1:7f:78:cb:05:f3:7f:62:c6:f2:
77:f8:6e:35:82:6c:e2:9f:28:8c:75:01:34:76:7b:57:0c:ab:
91:a5:2f:27:51:d4:d0:a8:75:21:65:5e:ef:ef:e4:bf:b6:3c:
55:c5:56:92:81:5b:e7:67:89:a3:a5:20:fe:45:41:85:49:d2:
48:c5:61:4d:99:a5:91:ee:34:8d:85:88:35:25:76:1a:e4:f4:
90:be:e3:ef:2d:3a:d8:99:f6:17:a3:ae:39:38:39:b9:0a:a7:
69:6c:d1:dd:95:b0:d1:61:41:33:c7:d6:58:7e:1c:59:0a:7c:
ca:1b:3a:61:59:d1:d2:fd:23:0c:e0:c5:b5:16:3a:f2:86:1b:
08:40:b6:b0:9d:a6:0c:3c:a5:a0:78:80:22:44:57:74:54:6d:
d1:11:24:ee:e5:93:86:2e:28:d0:48:04:0a:61:42:e3:da:aa:
16:a5:24:03:b4:19:cd:3a:06:2b:a6:6b:2b:6f:95:13:8b:df:
f1:78:26:89
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZx6gzC0ZZtIPxAixp/5gwlvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjQ1ZGY4OWQ2OGMxZTM1ZTNlMGUwYWVkZWVmM2YyYTZj
MmZhMzYwHhcNMjYwMjIwMTAwNTQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjU0MWYzZmU5MGIwNGNlMzk4NWFmMjIzZDdlZTJlYTRmNTM4M2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSlmsytc2OD2mgBuZrflaWurE3GV
S1tTY8Mc/53Mx/+xKJxSyOWob4zlDqJF6EaQanlFDx1y140Y2k304tKGZqIIHu0C
AA/+ga3XOR2AJmTAfKbfdzh0Lp2aQJ9NqThJyom3QwptS0C0a6QTK0gdOy85Zgd7
s7EbdL6nhAT1brfgMKvuJ0JiwmPvCN0hdIRTUnBnSYZOUE3cmjhGzdktC7C4L6u5
G1RJX0AoeJSpQ2RPRRup/6DS3mtkeZ+9KRtnyC1GFy4iE41BGsen0lNG8UfLl8uz
w2nRtWZma+BCzqDWMDVbFx0UPEdi24sNncoaLRfTG2GPnvWbsnaSJSCrXwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFL9UHz/pCwTOOYWvIj1+4upPU4OgMB8GA1UdIwQY
MBaAFMIkXfidaMHjXj4OCu3u8/Kmwvo2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lSZC1KMW93ZU5lUGc0SzdlN3o4cWJDLWpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYjJhOWUtZmU4NC00YThhLWJlMGUt
OGRkMTVjOWUzMTQ1LzEvdjFRZlAta0xCTTQ1aGE4aVBYN2k2azlUZzZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYjJhOWUtZmU4NC00YThhLWJlMGUtOGRkMTVjOWUzMTQ1
LzEvd2lSZC1KMW93ZU5lUGc0SzdlN3o4cWJDLWpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQDT2zIAwQB
UpIMAwQAWSPqAwQBWSP6AwQBW1qkAwQDW72IAwQCW8rAAwQCXvA0AwQCucF0MA0G
CSqGSIb3DQEBCwUAA4IBAQBCNtTsJQvsP6QINLMD0/KPa0xjIeZNrlfqkqc5bvt3
9knAei7RpwLWCFaS6QeyG6k00M46EK/IUPbrIbrdz/F/eMsF839ixvJ3+G41gmzi
nyiMdQE0dntXDKuRpS8nUdTQqHUhZV7v7+S/tjxVxVaSgVvnZ4mjpSD+RUGFSdJI
xWFNmaWR7jSNhYg1JXYa5PSQvuPvLTrYmfYXo645ODm5CqdpbNHdlbDRYUEzx9ZY
fhxZCnzKGzphWdHS/SMM4MW1FjryhhsIQLawnaYMPKWgeIAiRFd0VG3RESTu5ZOG
LijQSAQKYULj2qoWpSQDtBnNOgYrpmsrb5UTi9/xeCaJ
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:19:13 2026 by rpki-client