Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/47eb7b-c3ba-478a-8178-404d31280e61/1/_LogJ5TTm-YKHsd3WnMm0NAuJ3w.roa
File: _LogJ5TTm-YKHsd3WnMm0NAuJ3w.roa (raw, json)
Hash identifier: O4S4fljr93AbzCU3et6i3bfKYTRHViAV0Kj/p7btiD8=
Subject key identifier: FC:BA:20:27:94:D3:9B:E6:0A:1E:C7:77:5A:73:26:D0:D0:2E:27:7C
Certificate issuer: /CN=09e4a8d6706d9d0f9c1091ca69951f4abd59d42b
Certificate serial: 019C9A7381A80DC9DA4F648B6CE00C366C45
Authority key identifier: 09:E4:A8:D6:70:6D:9D:0F:9C:10:91:CA:69:95:1F:4A:BD:59:D4:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CeSo1nBtnQ-cEJHKaZUfSr1Z1Cs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/47eb7b-c3ba-478a-8178-404d31280e61/1/_LogJ5TTm-YKHsd3WnMm0NAuJ3w.roa
Signing time: Thu 26 Feb 2026 14:56:26 +0000
ROA not before: Thu 26 Feb 2026 14:56:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203591
IP address blocks: 178.22.248.0/22 maxlen: 22
178.22.252.0/24 maxlen: 24
178.22.253.0/24 maxlen: 24
178.22.254.0/24 maxlen: 24
178.22.255.0/24 maxlen: 24
185.6.240.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/47eb7b-c3ba-478a-8178-404d31280e61/1/CeSo1nBtnQ-cEJHKaZUfSr1Z1Cs.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/47eb7b-c3ba-478a-8178-404d31280e61/1/CeSo1nBtnQ-cEJHKaZUfSr1Z1Cs.mft
rsync://rpki.ripe.net/repository/DEFAULT/CeSo1nBtnQ-cEJHKaZUfSr1Z1Cs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 14:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9a:73:81:a8:0d:c9:da:4f:64:8b:6c:e0:0c:36:6c:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09e4a8d6706d9d0f9c1091ca69951f4abd59d42b
Validity
Not Before: Feb 26 14:56:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fcba202794d39be60a1ec7775a7326d0d02e277c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:47:0b:72:e3:90:e1:cc:45:dd:c9:6b:d0:73:
9c:30:89:b4:93:25:58:bb:fb:aa:79:15:a6:3f:3a:
ef:57:b1:77:73:82:ae:4d:ed:ab:81:a6:d4:1a:76:
25:0f:32:c1:84:2e:ae:0f:19:f5:24:54:c8:8e:d9:
08:38:d0:cd:13:00:0c:32:98:e7:ad:b7:fb:95:17:
07:1f:1e:82:83:33:f8:fd:fd:fd:27:99:be:f2:d3:
2e:0c:a3:70:b7:36:12:b7:3e:e4:6f:94:c6:72:28:
c2:b1:1d:63:fc:15:c5:6b:c3:7b:c2:ca:df:db:93:
03:90:ac:4a:30:ac:64:8d:81:a6:dd:b9:c5:dd:2b:
1a:88:5f:37:6f:29:1d:53:9b:c6:2f:50:36:3b:74:
22:56:c1:be:73:dd:97:63:e3:fa:fe:fb:73:4a:ed:
70:7f:f7:21:dd:a2:13:89:8a:cf:6b:a8:39:f2:9d:
a1:e1:11:aa:e3:17:e0:bb:f5:c1:79:df:97:a2:50:
fa:61:ff:2f:31:2f:ad:d7:d0:34:ad:b1:03:58:73:
ca:80:c3:5c:fe:c0:c4:a9:bf:b7:7a:c4:e7:23:d9:
44:af:9b:ea:66:46:8f:78:c1:3f:76:e8:de:d7:cc:
98:01:d1:90:0a:5c:f8:1c:31:e3:63:eb:a5:e5:d6:
b7:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:BA:20:27:94:D3:9B:E6:0A:1E:C7:77:5A:73:26:D0:D0:2E:27:7C
X509v3 Authority Key Identifier:
keyid:09:E4:A8:D6:70:6D:9D:0F:9C:10:91:CA:69:95:1F:4A:BD:59:D4:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeSo1nBtnQ-cEJHKaZUfSr1Z1Cs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/47eb7b-c3ba-478a-8178-404d31280e61/1/_LogJ5TTm-YKHsd3WnMm0NAuJ3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/47eb7b-c3ba-478a-8178-404d31280e61/1/CeSo1nBtnQ-cEJHKaZUfSr1Z1Cs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.22.248.0/21
185.6.240.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:18:f6:da:d8:bc:d6:d2:68:9c:c6:9b:24:ae:2f:d4:e0:42:
cc:9c:49:2c:1a:fa:89:31:36:02:52:d3:81:23:e6:a5:ad:8d:
1e:aa:27:84:86:56:91:86:fb:7f:86:98:7c:88:2f:6e:b4:6d:
3c:43:98:74:93:06:cb:13:ef:51:3a:9e:ea:ca:73:55:cc:b8:
53:96:f3:3e:72:b3:aa:ce:0a:a6:ba:e9:cd:14:55:2c:ad:5a:
40:6c:dd:2e:68:71:22:78:77:1d:97:7f:a7:cb:a6:72:6d:e4:
53:5f:df:53:77:03:3c:44:de:ea:76:f8:78:f9:71:ed:54:e1:
db:6e:d8:48:4f:82:1f:02:a7:db:33:da:2d:5e:20:f6:22:71:
93:8e:aa:63:e0:7a:68:32:62:42:02:16:2c:5b:f5:9a:74:6f:
96:63:c9:76:a2:68:9f:06:96:66:c7:a3:94:5d:41:e1:74:4e:
97:a4:91:db:3c:76:34:38:09:27:ed:7d:40:fd:9d:85:6b:10:
a3:73:7d:cf:c9:01:b8:93:21:35:45:5d:86:9a:30:67:4e:6b:
63:ff:5b:70:88:8c:a4:bc:de:f4:ca:4a:99:25:fd:06:b9:e6:
42:52:b2:5f:74:d4:7c:94:d5:39:29:83:0e:a7:96:4e:3e:6d:
bb:33:7c:73
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZyac4GoDcnaT2SLbOAMNmxFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZTRhOGQ2NzA2ZDlkMGY5YzEwOTFjYTY5OTUxZjRhYmQ1
OWQ0MmIwHhcNMjYwMjI2MTQ1NjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2JhMjAyNzk0ZDM5YmU2MGExZWM3Nzc1YTczMjZkMGQwMmUyNzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0cLcuOQ4cxF3clr0HOcMIm0kyVY
u/uqeRWmPzrvV7F3c4KuTe2rgabUGnYlDzLBhC6uDxn1JFTIjtkIONDNEwAMMpjn
rbf7lRcHHx6CgzP4/f39J5m+8tMuDKNwtzYStz7kb5TGcijCsR1j/BXFa8N7wsrf
25MDkKxKMKxkjYGm3bnF3SsaiF83bykdU5vGL1A2O3QiVsG+c92XY+P6/vtzSu1w
f/ch3aITiYrPa6g58p2h4RGq4xfgu/XBed+XolD6Yf8vMS+t19A0rbEDWHPKgMNc
/sDEqb+3esTnI9lEr5vqZkaPeME/duje18yYAdGQClz4HDHjY+ul5da3ewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPy6ICeU05vmCh7Hd1pzJtDQLid8MB8GA1UdIwQY
MBaAFAnkqNZwbZ0PnBCRymmVH0q9WdQrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2VTbzFuQnRuUS1jRUpIS2FaVWZTcjFaMUNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80N2ViN2ItYzNiYS00NzhhLTgxNzgt
NDA0ZDMxMjgwZTYxLzEvX0xvZ0o1VFRtLVlLSHNkM1duTW0wTkF1SjN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80N2ViN2ItYzNiYS00NzhhLTgxNzgtNDA0ZDMxMjgwZTYx
LzEvQ2VTbzFuQnRuUS1jRUpIS2FaVWZTcjFaMUNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDshb4AwQC
uQbwMA0GCSqGSIb3DQEBCwUAA4IBAQChGPba2LzW0micxpskri/U4ELMnEksGvqJ
MTYCUtOBI+alrY0eqieEhlaRhvt/hph8iC9utG08Q5h0kwbLE+9ROp7qynNVzLhT
lvM+crOqzgqmuunNFFUsrVpAbN0uaHEieHcdl3+ny6ZybeRTX99TdwM8RN7qdvh4
+XHtVOHbbthIT4IfAqfbM9otXiD2InGTjqpj4HpoMmJCAhYsW/WadG+WY8l2omif
BpZmx6OUXUHhdE6XpJHbPHY0OAkn7X1A/Z2FaxCjc33PyQG4kyE1RV2GmjBnTmtj
/1twiIykvN70ykqZJf0GueZCUrJfdNR8lNU5KYMOp5ZOPm27M3xz
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:02:54 2026 by rpki-client