Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/8f8c55-04ae-434c-ac42-42b4c88d74ca/1/2vmkg2M-7uKyVhPKrCTSZDqOIR8.roa
File: 2vmkg2M-7uKyVhPKrCTSZDqOIR8.roa (raw, json)
Hash identifier: qDlzIQt4Ssriqd5eYUtQEFYM+azNejVu2eMaDtZq8hM=
Subject key identifier: DA:F9:A4:83:63:3E:EE:E2:B2:56:13:CA:AC:24:D2:64:3A:8E:21:1F
Certificate issuer: /CN=ea32adc8569cfcb35e75c7cefd46d5ed00f0e028
Certificate serial: 019C8AE14DC337BD0BE3E7F0E77C2EB16A52
Authority key identifier: EA:32:AD:C8:56:9C:FC:B3:5E:75:C7:CE:FD:46:D5:ED:00:F0:E0:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6jKtyFac_LNedcfO_UbV7QDw4Cg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/8f8c55-04ae-434c-ac42-42b4c88d74ca/1/2vmkg2M-7uKyVhPKrCTSZDqOIR8.roa
Signing time: Mon 23 Feb 2026 14:22:26 +0000
ROA not before: Mon 23 Feb 2026 14:22:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57961
IP address blocks: 37.139.112.0/21 maxlen: 22
37.139.112.0/22 maxlen: 22
37.139.112.0/24 maxlen: 24
37.139.114.0/24 maxlen: 24
37.139.116.0/22 maxlen: 22
37.139.116.0/24 maxlen: 24
37.139.117.0/24 maxlen: 24
37.139.118.0/24 maxlen: 24
37.139.119.0/24 maxlen: 24
185.63.176.0/24 maxlen: 24
185.63.177.0/24 maxlen: 24
185.63.178.0/24 maxlen: 24
2a00:9f40::/32 maxlen: 32
2a00:9f40:1::/48 maxlen: 48
2a00:9f40:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/8f8c55-04ae-434c-ac42-42b4c88d74ca/1/6jKtyFac_LNedcfO_UbV7QDw4Cg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/8f8c55-04ae-434c-ac42-42b4c88d74ca/1/6jKtyFac_LNedcfO_UbV7QDw4Cg.mft
rsync://rpki.ripe.net/repository/DEFAULT/6jKtyFac_LNedcfO_UbV7QDw4Cg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 08:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8a:e1:4d:c3:37:bd:0b:e3:e7:f0:e7:7c:2e:b1:6a:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea32adc8569cfcb35e75c7cefd46d5ed00f0e028
Validity
Not Before: Feb 23 14:22:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=daf9a483633eeee2b25613caac24d2643a8e211f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:60:21:97:28:24:8c:e7:67:83:7a:75:46:cd:
c4:64:ab:a0:4c:83:ef:52:a3:79:f1:7f:46:e2:f1:
d6:1b:5e:86:f3:59:55:40:c6:48:fd:81:d4:1c:54:
46:e6:a2:da:0c:c9:51:6b:e2:a3:e9:2b:f8:f6:60:
fa:f8:78:be:e6:ac:79:08:d4:b3:4c:96:6b:37:da:
9c:a0:0b:b7:9e:88:c6:e5:67:3f:59:f1:bb:9a:b6:
42:60:0a:ea:05:57:db:f4:d3:14:43:9a:e0:84:5d:
fe:58:30:69:ac:2f:26:d3:69:65:66:78:7f:62:b3:
83:b8:7b:3b:0e:8c:0b:6d:9d:1f:aa:36:fb:a7:24:
1b:dc:53:6e:a6:6b:ac:a0:d3:b4:99:63:47:b7:b3:
fa:5e:ea:19:84:32:e9:71:70:dc:d2:d3:7d:86:87:
ed:73:90:1a:93:c8:5b:cb:ae:86:63:20:c6:1b:f2:
6a:93:c8:c1:6a:bf:29:29:41:8d:4c:d0:e2:27:3b:
23:79:87:32:c4:7a:3d:7f:e8:b0:cc:ec:91:d7:c3:
1b:cb:1e:2d:de:e6:18:01:e7:3c:86:f3:7a:d3:ee:
7f:14:8f:3d:c4:29:f0:20:2b:79:03:74:07:fe:4b:
34:10:7f:79:d3:9a:01:c6:9e:7b:0e:88:58:0d:d5:
1b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:F9:A4:83:63:3E:EE:E2:B2:56:13:CA:AC:24:D2:64:3A:8E:21:1F
X509v3 Authority Key Identifier:
keyid:EA:32:AD:C8:56:9C:FC:B3:5E:75:C7:CE:FD:46:D5:ED:00:F0:E0:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6jKtyFac_LNedcfO_UbV7QDw4Cg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/8f8c55-04ae-434c-ac42-42b4c88d74ca/1/2vmkg2M-7uKyVhPKrCTSZDqOIR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/8f8c55-04ae-434c-ac42-42b4c88d74ca/1/6jKtyFac_LNedcfO_UbV7QDw4Cg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.112.0/21
185.63.176.0-185.63.178.255
IPv6:
2a00:9f40::/32
Signature Algorithm: sha256WithRSAEncryption
a0:2a:d8:fc:29:b1:4e:42:a0:e9:1c:41:82:0e:b0:8f:1b:65:
8a:4e:92:ee:71:8f:3a:41:a3:57:ad:b6:9f:7c:8d:aa:af:89:
d9:0d:b6:a6:99:ba:55:e7:d8:02:77:a9:6f:97:ff:bc:dc:00:
86:0a:5a:87:b1:5b:e8:eb:4c:a3:54:70:d3:88:9e:06:6d:46:
0e:92:90:5d:ea:b9:3e:58:3e:10:08:18:3b:2c:a9:a7:51:65:
e4:c1:fe:d5:46:1f:74:20:3c:7b:25:23:0d:52:29:b3:1c:85:
d8:af:77:84:e6:fc:e9:0a:bc:99:a3:5a:34:d0:41:d9:4e:7a:
e2:e8:73:22:2d:5b:76:02:53:ea:c1:dd:b6:01:f5:ae:38:32:
ca:73:eb:3a:98:b7:f3:b2:71:79:cb:56:7d:b5:34:ba:66:6e:
e7:83:98:eb:7f:1f:95:57:09:65:c5:d5:81:3f:2f:89:da:12:
a6:82:d2:e7:2d:a8:48:24:ea:61:b1:c4:b1:ba:9b:3a:73:79:
f1:2d:9b:6c:9b:a0:6a:77:ce:32:7a:04:e0:2d:34:82:8a:bd:
61:f2:75:fe:b8:8d:81:1e:fe:0f:a0:f4:d4:51:c8:78:ce:ee:
20:5b:70:a6:78:31:82:09:04:b9:b9:fb:16:f4:f8:3b:a5:77:
9f:1b:1e:65
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZyK4U3DN70L4+fw53wusWpSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMzJhZGM4NTY5Y2ZjYjM1ZTc1YzdjZWZkNDZkNWVkMDBm
MGUwMjgwHhcNMjYwMjIzMTQyMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWY5YTQ4MzYzM2VlZWUyYjI1NjEzY2FhYzI0ZDI2NDNhOGUyMTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12AhlygkjOdng3p1Rs3EZKugTIPv
UqN58X9G4vHWG16G81lVQMZI/YHUHFRG5qLaDMlRa+Kj6Sv49mD6+Hi+5qx5CNSz
TJZrN9qcoAu3nojG5Wc/WfG7mrZCYArqBVfb9NMUQ5rghF3+WDBprC8m02llZnh/
YrODuHs7DowLbZ0fqjb7pyQb3FNupmusoNO0mWNHt7P6XuoZhDLpcXDc0tN9hoft
c5Aak8hby66GYyDGG/Jqk8jBar8pKUGNTNDiJzsjeYcyxHo9f+iwzOyR18Mbyx4t
3uYYAec8hvN60+5/FI89xCnwICt5A3QH/ks0EH9505oBxp57DohYDdUbQwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFNr5pINjPu7islYTyqwk0mQ6jiEfMB8GA1UdIwQY
MBaAFOoyrchWnPyzXnXHzv1G1e0A8OAoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmpLdHlGYWNfTE5lZGNmT19VYlY3UUR3NENnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy84ZjhjNTUtMDRhZS00MzRjLWFjNDIt
NDJiNGM4OGQ3NGNhLzEvMnZta2cyTS03dUt5VmhQS3JDVFNaRHFPSVI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy84ZjhjNTUtMDRhZS00MzRjLWFjNDItNDJiNGM4OGQ3NGNh
LzEvNmpLdHlGYWNfTE5lZGNmT19VYlY3UUR3NENnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQDJYtwMAwD
BAS5P7ADBAC5P7IwDQQCAAIwBwMFACoAn0AwDQYJKoZIhvcNAQELBQADggEBAKAq
2PwpsU5CoOkcQYIOsI8bZYpOku5xjzpBo1ettp98jaqvidkNtqaZulXn2AJ3qW+X
/7zcAIYKWoexW+jrTKNUcNOIngZtRg6SkF3quT5YPhAIGDssqadRZeTB/tVGH3Qg
PHslIw1SKbMchdivd4Tm/OkKvJmjWjTQQdlOeuLocyItW3YCU+rB3bYB9a44Mspz
6zqYt/OycXnLVn21NLpmbueDmOt/H5VXCWXF1YE/L4naEqaC0uctqEgk6mGxxLG6
mzpzefEtm2yboGp3zjJ6BOAtNIKKvWHydf64jYEe/g+g9NRRyHjO7iBbcKZ4MYIJ
BLm5+xb0+Duld58bHmU=
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:13:08 2026 by rpki-client