Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/jpvZw7M6HWfeaPP7BBGWUfnUPW8.roa
File: jpvZw7M6HWfeaPP7BBGWUfnUPW8.roa (raw, json)
Hash identifier: m69AM/qWHvVH8vQjk7f2bA/DtDMk2TIVp7SRlmCI4co=
Subject key identifier: 8E:9B:D9:C3:B3:3A:1D:67:DE:68:F3:FB:04:11:96:51:F9:D4:3D:6F
Certificate issuer: /CN=ac8a0e0b1b21f093333c0748145b1628418cf2b5
Certificate serial: 019C76EE472C0659099B564B3F805ABBD6F8
Authority key identifier: AC:8A:0E:0B:1B:21:F0:93:33:3C:07:48:14:5B:16:28:41:8C:F2:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/jpvZw7M6HWfeaPP7BBGWUfnUPW8.roa
Signing time: Thu 19 Feb 2026 17:24:13 +0000
ROA not before: Thu 19 Feb 2026 17:24:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200000
IP address blocks: 37.139.64.0/21 maxlen: 21
45.154.218.0/24 maxlen: 24
46.247.80.0/21 maxlen: 21
89.19.128.0/19 maxlen: 19
109.205.96.0/21 maxlen: 21
173.242.48.0/20 maxlen: 20
185.25.116.0/22 maxlen: 22
185.39.224.0/22 maxlen: 22
185.65.244.0/22 maxlen: 22
185.68.16.0/22 maxlen: 22
185.68.16.0/24 maxlen: 24
185.69.152.0/22 maxlen: 22
185.104.44.0/22 maxlen: 22
185.104.45.0/24 maxlen: 24
185.124.8.0/22 maxlen: 22
185.149.40.0/22 maxlen: 22
185.209.168.0/22 maxlen: 22
185.225.212.0/22 maxlen: 22
185.226.24.0/22 maxlen: 22
185.233.36.0/22 maxlen: 22
185.233.40.0/22 maxlen: 22
185.233.44.0/22 maxlen: 22
185.233.116.0/22 maxlen: 22
185.233.120.0/22 maxlen: 22
185.233.136.0/22 maxlen: 22
185.233.152.0/22 maxlen: 23
185.234.176.0/22 maxlen: 22
185.235.168.0/22 maxlen: 22
185.239.180.0/22 maxlen: 22
217.173.208.0/20 maxlen: 20
2a00:7a60::/32 maxlen: 32
2a04:8000::/29 maxlen: 29
2a05:480::/29 maxlen: 29
2a06:6440::/29 maxlen: 29
2a0c:680::/29 maxlen: 29
2a0c:681::/32 maxlen: 32
2a0c:682::/31 maxlen: 31
2a0c:684::/30 maxlen: 30
2a0c:780::/29 maxlen: 29
2a0c:880::/29 maxlen: 29
2a0c:a80::/29 maxlen: 29
2a0c:c80::/29 maxlen: 29
2a0c:d80::/29 maxlen: 29
2a0c:e80::/29 maxlen: 29
2a0c:6080::/29 maxlen: 29
2a0d:1100::/29 maxlen: 29
2a0d:6500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:76:ee:47:2c:06:59:09:9b:56:4b:3f:80:5a:bb:d6:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac8a0e0b1b21f093333c0748145b1628418cf2b5
Validity
Not Before: Feb 19 17:24:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8e9bd9c3b33a1d67de68f3fb04119651f9d43d6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:bc:97:8b:8b:c3:74:06:a4:9c:7c:b8:3d:29:
8b:3f:bd:73:fa:5b:fd:f8:5c:96:99:bc:aa:ac:0d:
e3:83:bf:3c:41:66:8e:9f:e6:b6:44:a9:be:c1:34:
7b:e5:e5:03:da:9a:06:f6:d6:74:a3:17:b7:bc:5c:
d5:1d:3e:b6:70:e6:60:d7:cd:76:90:6f:75:dd:b6:
ab:7b:f8:1a:e2:c7:f8:ea:97:da:34:de:83:53:47:
26:70:72:7a:71:d0:db:f1:83:b8:39:e4:f1:83:3c:
22:bd:f3:d0:31:5d:18:75:3a:c9:fd:1e:0d:8e:9a:
0c:2f:f1:d6:4f:36:aa:60:9b:ac:ec:4a:f5:77:29:
f2:a5:b7:3e:f3:93:bc:57:04:79:ef:c4:c6:e3:28:
fe:22:1f:ef:1d:fb:2d:bf:82:97:7f:e4:d2:09:3a:
d7:46:87:19:89:72:a1:31:82:2b:88:db:2c:8d:83:
e5:df:07:83:53:5b:e7:23:bc:26:6e:28:eb:a4:ee:
5c:14:7c:13:23:2f:61:d5:71:ed:d9:6f:94:47:56:
25:87:c9:4f:bc:f6:45:72:ed:1b:da:75:bb:f2:cc:
31:fb:7e:85:08:41:0f:73:50:76:0f:f2:62:50:17:
78:c2:79:41:2d:74:67:44:73:64:8a:7a:7b:52:8e:
72:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:9B:D9:C3:B3:3A:1D:67:DE:68:F3:FB:04:11:96:51:F9:D4:3D:6F
X509v3 Authority Key Identifier:
keyid:AC:8A:0E:0B:1B:21:F0:93:33:3C:07:48:14:5B:16:28:41:8C:F2:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/jpvZw7M6HWfeaPP7BBGWUfnUPW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.64.0/21
45.154.218.0/24
46.247.80.0/21
89.19.128.0/19
109.205.96.0/21
173.242.48.0/20
185.25.116.0/22
185.39.224.0/22
185.65.244.0/22
185.68.16.0/22
185.69.152.0/22
185.104.44.0/22
185.124.8.0/22
185.149.40.0/22
185.209.168.0/22
185.225.212.0/22
185.226.24.0/22
185.233.36.0-185.233.47.255
185.233.116.0-185.233.123.255
185.233.136.0/22
185.233.152.0/22
185.234.176.0/22
185.235.168.0/22
185.239.180.0/22
217.173.208.0/20
IPv6:
2a00:7a60::/32
2a04:8000::/29
2a05:480::/29
2a06:6440::/29
2a0c:680::/29
2a0c:780::/29
2a0c:880::/29
2a0c:a80::/29
2a0c:c80::/29
2a0c:d80::/29
2a0c:e80::/29
2a0c:6080::/29
2a0d:1100::/29
2a0d:6500::/29
Signature Algorithm: sha256WithRSAEncryption
7b:66:5b:4b:74:f0:bd:8e:8b:3b:00:22:c9:00:96:6b:65:c3:
e1:68:23:3d:5c:85:bc:3b:a6:50:6f:48:d8:d9:21:cc:fd:1b:
d8:92:b1:b3:61:89:21:61:6a:8e:11:e1:90:9d:c4:50:f7:e0:
82:aa:f7:86:a3:a7:24:4b:9d:da:6b:c4:76:e6:36:76:78:35:
21:ac:d0:90:48:4a:2c:36:21:83:7f:71:fe:f5:fe:ab:1e:eb:
80:f5:02:fe:dc:56:47:a3:78:ac:18:c8:2b:96:15:2b:19:69:
f3:a9:c1:57:e0:1e:fd:70:75:b0:7a:74:fe:6f:60:8c:e0:dc:
64:7e:1b:15:07:9f:e0:58:4d:13:31:86:ef:99:75:e2:e6:d3:
52:53:96:9c:f4:6d:d8:ea:39:11:3e:2b:66:4b:a2:43:9f:03:
a3:31:de:0d:c7:fb:de:52:c0:91:8b:f7:c7:00:ce:c7:c7:7d:
83:ca:7b:df:e6:34:f4:45:23:eb:9e:31:90:01:bb:9f:bd:30:
42:36:b7:e2:19:43:e3:55:62:65:63:e6:c2:3d:ca:0f:f3:50:
78:4f:08:60:60:f0:e9:70:44:2f:03:f0:dc:79:21:46:7a:d3:
24:b8:cc:d2:4e:0a:75:7c:b2:7b:d6:a4:48:e5:93:c7:57:6b:
51:75:9a:42
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAZx27kcsBlkJm1ZLP4Bau9b4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOGEwZTBiMWIyMWYwOTMzMzNjMDc0ODE0NWIxNjI4NDE4
Y2YyYjUwHhcNMjYwMjE5MTcyNDEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTliZDljM2IzM2ExZDY3ZGU2OGYzZmIwNDExOTY1MWY5ZDQzZDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7yXi4vDdAaknHy4PSmLP71z+lv9
+FyWmbyqrA3jg788QWaOn+a2RKm+wTR75eUD2poG9tZ0oxe3vFzVHT62cOZg1812
kG913bare/ga4sf46pfaNN6DU0cmcHJ6cdDb8YO4OeTxgzwivfPQMV0YdTrJ/R4N
jpoML/HWTzaqYJus7Er1dynypbc+85O8VwR578TG4yj+Ih/vHfstv4KXf+TSCTrX
RocZiXKhMYIriNssjYPl3weDU1vnI7wmbijrpO5cFHwTIy9h1XHt2W+UR1Ylh8lP
vPZFcu0b2nW78swx+36FCEEPc1B2D/JiUBd4wnlBLXRnRHNkinp7Uo5ysQIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFI6b2cOzOh1n3mjz+wQRllH51D1vMB8GA1UdIwQY
MBaAFKyKDgsbIfCTMzwHSBRbFihBjPK1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcklvT0N4c2g4Sk16UEFkSUZGc1dLRUdNOHJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84Y2U2YTEtMTMwYy00ODBlLWE5MDMt
ZGI4ZWZmMWIxMWEwLzEvanB2Wnc3TTZIV2ZlYVBQN0JCR1dVZm5VUFc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84Y2U2YTEtMTMwYy00ODBlLWE5MDMtZGI4ZWZmMWIxMWEw
LzEvcklvT0N4c2g4Sk16UEFkSUZGc1dLRUdNOHJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCBrQQCAAEwgaYD
BAMli0ADBAAtmtoDBAMu91ADBAVZE4ADBANtzWADBASt8jADBAK5GXQDBAK5J+AD
BAK5QfQDBAK5RBADBAK5RZgDBAK5aCwDBAK5fAgDBAK5lSgDBAK50agDBAK54dQD
BAK54hgwDAMEArnpJAMEBLnpIDAMAwQCuel0AwQCuel4AwQCuemIAwQCuemYAwQC
ueqwAwQCueuoAwQCue+0AwQE2a3QMGgEAgACMGIDBQAqAHpgAwUDKgSAAAMFAyoF
BIADBQMqBmRAAwUDKgwGgAMFAyoMB4ADBQMqDAiAAwUDKgwKgAMFAyoMDIADBQMq
DA2AAwUDKgwOgAMFAyoMYIADBQMqDREAAwUDKg1lADANBgkqhkiG9w0BAQsFAAOC
AQEAe2ZbS3TwvY6LOwAiyQCWa2XD4WgjPVyFvDumUG9I2NkhzP0b2JKxs2GJIWFq
jhHhkJ3EUPfggqr3hqOnJEud2mvEduY2dng1IazQkEhKLDYhg39x/vX+qx7rgPUC
/txWR6N4rBjIK5YVKxlp86nBV+Ae/XB1sHp0/m9gjODcZH4bFQef4FhNEzGG75l1
4ubTUlOWnPRt2Oo5ET4rZkuiQ58DozHeDcf73lLAkYv3xwDOx8d9g8p73+Y09EUj
654xkAG7n70wQja34hlD41ViZWPmwj3KD/NQeE8IYGDw6XBELwPw3HkhRnrTJLjM
0k4KdXyye9akSOWTx1drUXWaQg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:03:47 2026 by rpki-client