Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/0z1v-iMgN-IiCcFz7KgyRD_9W5o.roa
File: 0z1v-iMgN-IiCcFz7KgyRD_9W5o.roa (raw, json)
Hash identifier: BFX8flEMTYsLMbzmmvgL8prvL0RkcLfro9e2dMsJhWI=
Subject key identifier: D3:3D:6F:FA:23:20:37:E2:22:09:C1:73:EC:A8:32:44:3F:FD:5B:9A
Certificate issuer: /CN=1daf46a40c246d6540d992c321b1cc3623d65995
Certificate serial: 019C57E9E7B6E2FADA3223CCB4F143B2B41C
Authority key identifier: 1D:AF:46:A4:0C:24:6D:65:40:D9:92:C3:21:B1:CC:36:23:D6:59:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/0z1v-iMgN-IiCcFz7KgyRD_9W5o.roa
Signing time: Fri 13 Feb 2026 16:51:12 +0000
ROA not before: Fri 13 Feb 2026 16:51:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62370
IP address blocks: 37.148.161.0/24 maxlen: 24
77.95.229.0/24 maxlen: 24
78.41.207.0/24 maxlen: 24
89.207.128.0/24 maxlen: 24
89.207.130.0/24 maxlen: 24
89.207.131.0/24 maxlen: 24
128.204.192.0/24 maxlen: 24
185.62.56.0/24 maxlen: 24
185.62.57.0/24 maxlen: 24
185.62.58.0/24 maxlen: 24
185.62.59.0/24 maxlen: 24
193.33.60.0/24 maxlen: 24
193.33.61.0/24 maxlen: 24
193.34.166.0/24 maxlen: 24
193.34.167.0/24 maxlen: 24
2a00:7b80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 13:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:57:e9:e7:b6:e2:fa:da:32:23:cc:b4:f1:43:b2:b4:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1daf46a40c246d6540d992c321b1cc3623d65995
Validity
Not Before: Feb 13 16:51:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d33d6ffa232037e22209c173eca832443ffd5b9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:89:12:1b:e3:80:d7:4c:5f:b3:b3:17:3d:ae:
d1:3f:ec:59:3e:32:6f:70:6d:7e:76:55:d5:75:8a:
2a:fe:ce:3c:92:b5:26:12:21:a0:d1:46:ba:43:02:
02:92:5c:d9:e1:35:28:b0:34:78:2f:df:3f:8c:aa:
fb:31:74:96:c2:c4:6e:d8:13:95:77:eb:b2:6f:17:
4b:90:c1:c7:fa:ee:53:b2:72:f4:6b:b7:cc:6c:57:
4d:68:d4:4e:1b:79:00:0b:7f:ab:de:29:10:98:b5:
4c:9f:cd:9d:96:08:d5:da:42:77:f3:43:8e:a2:af:
07:81:d8:17:f3:f0:38:3f:b8:d1:49:74:f8:67:d8:
80:1d:5a:c2:65:12:29:f0:51:99:af:1d:46:17:18:
f0:20:55:7e:42:a3:9f:1c:83:fc:5a:b3:4e:92:cc:
ab:dd:53:be:67:33:95:83:c8:b8:27:94:0a:f5:d2:
6d:1a:33:c9:1c:63:57:51:e4:3f:a3:bc:c6:da:60:
ab:91:f8:ba:eb:c4:e2:77:38:42:1d:1d:1e:88:a4:
c7:40:e0:c6:26:52:ad:2f:fa:84:ed:1e:37:4e:84:
dc:f3:06:1b:f1:20:39:6b:68:6d:8d:39:06:1f:79:
52:7c:77:1d:37:ff:eb:52:5e:a3:04:27:26:a7:8f:
d4:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:3D:6F:FA:23:20:37:E2:22:09:C1:73:EC:A8:32:44:3F:FD:5B:9A
X509v3 Authority Key Identifier:
keyid:1D:AF:46:A4:0C:24:6D:65:40:D9:92:C3:21:B1:CC:36:23:D6:59:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/0z1v-iMgN-IiCcFz7KgyRD_9W5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.161.0/24
77.95.229.0/24
78.41.207.0/24
89.207.128.0/24
89.207.130.0/23
128.204.192.0/24
185.62.56.0/22
193.33.60.0/23
193.34.166.0/23
IPv6:
2a00:7b80::/32
Signature Algorithm: sha256WithRSAEncryption
b8:16:cc:56:fb:bd:d9:fc:dc:6b:2a:2a:ed:f2:2c:d0:e0:fd:
32:0a:f3:51:e8:b6:32:2c:94:39:77:b3:43:78:bc:48:63:af:
db:b0:89:68:f7:16:b7:e2:e3:c9:9d:6e:d8:ac:1a:b8:d9:2c:
e8:f5:16:b4:33:00:75:86:57:e7:45:83:f9:18:85:04:b7:21:
11:4a:68:90:e4:02:e4:88:54:4f:c5:de:1f:4c:bd:70:58:26:
2d:2c:7c:68:f3:fb:27:c0:ac:11:fa:5f:e1:a4:5e:7c:48:29:
03:ec:a7:64:11:75:8d:ef:94:61:0e:e3:76:90:7f:02:6c:c0:
1c:b5:47:11:05:1e:1b:ea:04:36:91:19:fe:bb:d0:ab:bd:50:
2c:91:ad:67:13:e1:68:ce:bf:c5:91:06:e3:6d:1c:51:b9:90:
37:28:4f:08:49:98:39:7c:ee:44:e7:b5:73:db:b1:dd:51:f5:
ab:2a:25:85:eb:08:0c:35:cd:68:fc:fc:9f:7e:02:19:10:9e:
9a:e5:f8:5e:5a:98:d4:43:7e:e5:ef:62:b5:c0:75:62:1a:5d:
e0:90:29:fd:72:e4:90:f6:3f:59:33:aa:40:e7:d4:0f:87:d7:
be:cf:5c:6c:03:50:53:d3:3a:b2:43:c8:25:4a:be:33:5f:dc:
5f:5c:3a:96
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZxX6ee24vraMiPMtPFDsrQcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYWY0NmE0MGMyNDZkNjU0MGQ5OTJjMzIxYjFjYzM2MjNk
NjU5OTUwHhcNMjYwMjEzMTY1MTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzNkNmZmYTIzMjAzN2UyMjIwOWMxNzNlY2E4MzI0NDNmZmQ1YjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIkSG+OA10xfs7MXPa7RP+xZPjJv
cG1+dlXVdYoq/s48krUmEiGg0Ua6QwICklzZ4TUosDR4L98/jKr7MXSWwsRu2BOV
d+uybxdLkMHH+u5TsnL0a7fMbFdNaNROG3kAC3+r3ikQmLVMn82dlgjV2kJ380OO
oq8HgdgX8/A4P7jRSXT4Z9iAHVrCZRIp8FGZrx1GFxjwIFV+QqOfHIP8WrNOksyr
3VO+ZzOVg8i4J5QK9dJtGjPJHGNXUeQ/o7zG2mCrkfi668TidzhCHR0eiKTHQODG
JlKtL/qE7R43ToTc8wYb8SA5a2htjTkGH3lSfHcdN//rUl6jBCcmp4/UIQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFNM9b/ojIDfiIgnBc+yoMkQ//VuaMB8GA1UdIwQY
MBaAFB2vRqQMJG1lQNmSwyGxzDYj1lmVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGE5R3BBd2tiV1ZBMlpMREliSE1OaVBXV1pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS80NGMwZWYtNWRhNi00ZmYyLWI1ZWYt
NzlmMDQ4YmQyYTdhLzEvMHoxdi1pTWdOLUlpQ2NGejdLZ3lSRF85VzVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS80NGMwZWYtNWRhNi00ZmYyLWI1ZWYtNzlmMDQ4YmQyYTdh
LzEvSGE5R3BBd2tiV1ZBMlpMREliSE1OaVBXV1pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQAJZShAwQA
TV/lAwQATinPAwQAWc+AAwQBWc+CAwQAgMzAAwQCuT44AwQBwSE8AwQBwSKmMA0E
AgACMAcDBQAqAHuAMA0GCSqGSIb3DQEBCwUAA4IBAQC4FsxW+73Z/NxrKirt8izQ
4P0yCvNR6LYyLJQ5d7NDeLxIY6/bsIlo9xa34uPJnW7YrBq42Szo9Ra0MwB1hlfn
RYP5GIUEtyERSmiQ5ALkiFRPxd4fTL1wWCYtLHxo8/snwKwR+l/hpF58SCkD7Kdk
EXWN75RhDuN2kH8CbMActUcRBR4b6gQ2kRn+u9CrvVAska1nE+Fozr/FkQbjbRxR
uZA3KE8ISZg5fO5E57Vz27HdUfWrKiWF6wgMNc1o/PyffgIZEJ6a5fheWpjUQ37l
72K1wHViGl3gkCn9cuSQ9j9ZM6pA59QPh9e+z1xsA1BT0zqyQ8glSr4zX9xfXDqW
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:03:41 2026 by rpki-client