Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/IpKrE-_m-Bh_Vf9sAiL9RizjUYg.roa
File: IpKrE-_m-Bh_Vf9sAiL9RizjUYg.roa (raw, json)
Hash identifier: 8q6f4vw2poLJek7yAHJ0nyjZ8IKhwyPGqBKWSnBCaDo=
Subject key identifier: 22:92:AB:13:EF:E6:F8:18:7F:55:FF:6C:02:22:FD:46:2C:E3:51:88
Certificate issuer: /CN=b85b0c8a75893a4f8e1ef0d9a4d41478d8b33278
Certificate serial: 019C4E803D309B3AFCF1B083995C63FF6499
Authority key identifier: B8:5B:0C:8A:75:89:3A:4F:8E:1E:F0:D9:A4:D4:14:78:D8:B3:32:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uFsMinWJOk-OHvDZpNQUeNizMng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/IpKrE-_m-Bh_Vf9sAiL9RizjUYg.roa
Signing time: Wed 11 Feb 2026 20:59:13 +0000
ROA not before: Wed 11 Feb 2026 20:59:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62033
IP address blocks: 45.132.34.0/24 maxlen: 24
87.121.135.0/24 maxlen: 24
91.92.248.0/24 maxlen: 24
91.92.249.0/24 maxlen: 24
185.127.129.0/24 maxlen: 24
2a10:5d80:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/uFsMinWJOk-OHvDZpNQUeNizMng.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/uFsMinWJOk-OHvDZpNQUeNizMng.mft
rsync://rpki.ripe.net/repository/DEFAULT/uFsMinWJOk-OHvDZpNQUeNizMng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:4e:80:3d:30:9b:3a:fc:f1:b0:83:99:5c:63:ff:64:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b85b0c8a75893a4f8e1ef0d9a4d41478d8b33278
Validity
Not Before: Feb 11 20:59:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2292ab13efe6f8187f55ff6c0222fd462ce35188
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:58:76:dc:47:41:40:95:ee:18:be:75:0f:91:
73:ac:f3:b6:58:ea:27:65:66:c9:f0:b4:53:5c:62:
62:f7:81:ea:8d:08:00:a2:54:60:0e:fb:5e:68:9d:
e7:5a:c9:be:8e:c8:6c:66:a9:91:6d:8d:3c:2a:08:
d2:af:bd:08:09:b8:e3:1a:7f:1d:11:13:fc:53:10:
0d:2d:60:8c:8b:3c:a7:37:8d:c3:12:3e:fd:f1:3d:
c6:a5:c6:00:87:78:55:93:e4:a7:5b:c0:c8:18:dd:
a6:1f:ca:d1:4f:f9:56:86:eb:ab:7b:83:43:5a:18:
ca:7f:91:78:a3:bd:ca:57:bc:ab:49:a2:ff:52:f4:
63:89:b7:a8:52:d1:ee:c5:c1:de:31:9e:e2:2d:0b:
a0:ae:0d:fd:1f:e2:d0:39:78:5a:4d:f9:4b:74:47:
09:60:4f:9d:86:b6:f5:d9:5d:c8:b0:d6:ef:53:f0:
93:3c:e5:7c:98:66:78:0c:cc:78:cf:aa:36:e9:58:
47:a4:a0:61:fc:1d:80:ad:4f:cc:8d:85:21:0b:80:
ec:31:a3:a3:96:4b:ac:35:a3:1e:b4:43:c7:a5:67:
56:14:81:ff:97:b2:e1:c5:e3:7d:a7:2b:0e:c0:3a:
8e:85:9f:d2:67:ad:72:6b:88:9e:35:03:4f:04:62:
87:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:92:AB:13:EF:E6:F8:18:7F:55:FF:6C:02:22:FD:46:2C:E3:51:88
X509v3 Authority Key Identifier:
keyid:B8:5B:0C:8A:75:89:3A:4F:8E:1E:F0:D9:A4:D4:14:78:D8:B3:32:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uFsMinWJOk-OHvDZpNQUeNizMng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/IpKrE-_m-Bh_Vf9sAiL9RizjUYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/uFsMinWJOk-OHvDZpNQUeNizMng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.34.0/24
87.121.135.0/24
91.92.248.0/23
185.127.129.0/24
IPv6:
2a10:5d80:1::/48
Signature Algorithm: sha256WithRSAEncryption
90:a8:de:e5:3d:c3:18:6a:83:13:78:02:cd:77:5d:bd:fe:fe:
dc:38:58:f8:bf:6b:ec:d2:73:9e:61:96:da:1a:10:c4:28:80:
98:67:78:20:44:2f:cf:cf:8a:35:a1:98:e6:77:04:47:ee:8b:
be:6a:46:5c:7d:a5:27:2e:57:7f:a0:ed:87:c7:aa:53:7c:b2:
5c:25:4d:e6:a0:61:04:4f:c3:23:52:bb:f7:bb:4c:92:2c:a9:
e4:48:97:a6:f3:75:a0:72:65:80:f4:08:fa:cd:55:95:77:18:
0f:b6:4a:75:26:8e:c8:62:92:bf:0d:c6:f9:4c:30:94:b8:f4:
d5:ca:a2:ee:15:fa:d1:22:a6:b1:c1:65:5f:e8:cb:11:96:94:
ad:b9:06:43:4d:47:5f:0f:e2:22:98:99:c4:44:b6:1a:74:a4:
7f:19:3c:be:03:d3:a1:0f:d4:34:a0:43:55:aa:3c:d7:4e:f4:
65:c8:01:ad:ad:7c:ac:b3:a3:9b:84:c6:83:21:20:0b:25:63:
a9:7f:72:be:a2:68:4a:ac:66:25:f8:09:d7:53:81:3a:c2:cd:
af:aa:3b:9b:31:16:d5:1c:ec:f4:1b:a8:f9:af:4d:2a:a2:45:
e3:3b:ad:83:27:01:06:62:69:1c:df:92:29:70:0a:df:8d:af:
ae:c5:bb:0a
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZxOgD0wmzr88bCDmVxj/2SZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NWIwYzhhNzU4OTNhNGY4ZTFlZjBkOWE0ZDQxNDc4ZDhi
MzMyNzgwHhcNMjYwMjExMjA1OTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjkyYWIxM2VmZTZmODE4N2Y1NWZmNmMwMjIyZmQ0NjJjZTM1MTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Vh23EdBQJXuGL51D5FzrPO2WOon
ZWbJ8LRTXGJi94HqjQgAolRgDvteaJ3nWsm+jshsZqmRbY08KgjSr70ICbjjGn8d
ERP8UxANLWCMizynN43DEj798T3GpcYAh3hVk+SnW8DIGN2mH8rRT/lWhuure4ND
WhjKf5F4o73KV7yrSaL/UvRjibeoUtHuxcHeMZ7iLQugrg39H+LQOXhaTflLdEcJ
YE+dhrb12V3IsNbvU/CTPOV8mGZ4DMx4z6o26VhHpKBh/B2ArU/MjYUhC4DsMaOj
lkusNaMetEPHpWdWFIH/l7LhxeN9pysOwDqOhZ/SZ61ya4ieNQNPBGKHXQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFCKSqxPv5vgYf1X/bAIi/UYs41GIMB8GA1UdIwQY
MBaAFLhbDIp1iTpPjh7w2aTUFHjYszJ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUZzTWluV0pPay1PSHZEWnBOUVVlTml6TW5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC84ODE5ZTItYzRlMy00YmNlLWE2MWMt
MzA1ZDQxZDUzYTY1LzEvSXBLckUtX20tQmhfVmY5c0FpTDlSaXpqVVlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC84ODE5ZTItYzRlMy00YmNlLWE2MWMtMzA1ZDQxZDUzYTY1
LzEvdUZzTWluV0pPay1PSHZEWnBOUVVlTml6TW5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQALYQiAwQA
V3mHAwQBW1z4AwQAuX+BMA8EAgACMAkDBwAqEF2AAAEwDQYJKoZIhvcNAQELBQAD
ggEBAJCo3uU9wxhqgxN4As13Xb3+/tw4WPi/a+zSc55hltoaEMQogJhneCBEL8/P
ijWhmOZ3BEfui75qRlx9pScuV3+g7YfHqlN8slwlTeagYQRPwyNSu/e7TJIsqeRI
l6bzdaByZYD0CPrNVZV3GA+2SnUmjshikr8NxvlMMJS49NXKou4V+tEiprHBZV/o
yxGWlK25BkNNR18P4iKYmcREthp0pH8ZPL4D06EP1DSgQ1WqPNdO9GXIAa2tfKyz
o5uExoMhIAslY6l/cr6iaEqsZiX4CddTgTrCza+qO5sxFtUc7PQbqPmvTSqiReM7
rYMnAQZiaRzfkilwCt+Nr67Fuwo=
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:54:24 2026 by rpki-client