Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/7ca2f2-bf13-4d18-a8dd-980511dc05ae/1/TdzUQghIehxteP-iZtI9mD6S7yM.roa
File: TdzUQghIehxteP-iZtI9mD6S7yM.roa (raw, json)
Hash identifier: JMCW44uz3J0EyEDOpMW3IeWpIRHn5nCzZnwcaDitVew=
Subject key identifier: 4D:DC:D4:42:08:48:7A:1C:6D:78:FF:A2:66:D2:3D:98:3E:92:EF:23
Certificate issuer: /CN=61d39d74b17e691dd1b05221c6098caf5ee93a36
Certificate serial: 019C9127226D682BED4735038BA575D0A440
Authority key identifier: 61:D3:9D:74:B1:7E:69:1D:D1:B0:52:21:C6:09:8C:AF:5E:E9:3A:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YdOddLF-aR3RsFIhxgmMr17pOjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/7ca2f2-bf13-4d18-a8dd-980511dc05ae/1/TdzUQghIehxteP-iZtI9mD6S7yM.roa
Signing time: Tue 24 Feb 2026 19:36:26 +0000
ROA not before: Tue 24 Feb 2026 19:36:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212253
IP address blocks: 185.222.22.0/24 maxlen: 24
2a12:e5c0::/46 maxlen: 48
2a12:e5c0:10::/46 maxlen: 48
2a12:e5c0:20::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/7ca2f2-bf13-4d18-a8dd-980511dc05ae/1/YdOddLF-aR3RsFIhxgmMr17pOjY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/7ca2f2-bf13-4d18-a8dd-980511dc05ae/1/YdOddLF-aR3RsFIhxgmMr17pOjY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YdOddLF-aR3RsFIhxgmMr17pOjY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:91:27:22:6d:68:2b:ed:47:35:03:8b:a5:75:d0:a4:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61d39d74b17e691dd1b05221c6098caf5ee93a36
Validity
Not Before: Feb 24 19:36:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4ddcd44208487a1c6d78ffa266d23d983e92ef23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:57:10:12:a6:d8:ca:0d:90:44:58:cd:33:61:
b1:f7:3e:4d:5e:10:7c:3d:33:97:23:30:85:73:ed:
dd:98:48:20:71:4d:cb:cc:f8:c6:9e:0f:e8:9b:94:
7b:9d:bd:b1:2c:4f:2b:34:cf:4d:41:c7:a1:ad:f1:
6a:00:db:f6:67:90:14:99:0b:e9:65:5d:e9:a5:4f:
8e:42:2b:6a:45:7f:c0:11:5c:89:18:48:aa:ea:a9:
db:7f:db:43:1b:1d:af:d7:a7:a5:74:fd:e6:6b:fc:
d6:a3:c6:dc:0a:cb:9d:79:24:f1:22:c5:2a:6a:e5:
4d:18:ce:10:d1:e8:21:11:56:b7:48:77:02:a2:96:
73:a0:51:4e:7d:7a:80:16:c5:d8:cf:9c:c0:58:6f:
fc:b4:51:55:f4:9c:5f:64:9f:5a:14:0e:17:a3:05:
fc:15:63:56:80:d2:e4:30:e8:98:c2:54:bd:89:bb:
c2:b4:e0:d9:8e:9a:c5:a7:61:32:b5:f8:a9:ae:a9:
5c:63:3c:2f:2b:82:7c:1c:58:6e:07:45:5e:7e:46:
49:ff:09:b5:67:c1:5c:98:11:53:b2:da:29:ef:be:
5c:ac:93:3b:80:e6:fa:bb:d6:63:06:23:01:a9:c2:
07:91:9d:ee:49:76:61:fb:fe:86:4b:2f:67:9d:59:
d5:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:DC:D4:42:08:48:7A:1C:6D:78:FF:A2:66:D2:3D:98:3E:92:EF:23
X509v3 Authority Key Identifier:
keyid:61:D3:9D:74:B1:7E:69:1D:D1:B0:52:21:C6:09:8C:AF:5E:E9:3A:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YdOddLF-aR3RsFIhxgmMr17pOjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/7ca2f2-bf13-4d18-a8dd-980511dc05ae/1/TdzUQghIehxteP-iZtI9mD6S7yM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/7ca2f2-bf13-4d18-a8dd-980511dc05ae/1/YdOddLF-aR3RsFIhxgmMr17pOjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.22.0/24
IPv6:
2a12:e5c0::/46
2a12:e5c0:10::/46
2a12:e5c0:20::/46
Signature Algorithm: sha256WithRSAEncryption
1d:90:bb:dd:c0:89:2d:6a:b3:97:15:28:2d:8a:28:d0:3b:73:
34:80:dc:03:c9:5c:c9:10:f7:85:e5:71:41:16:39:3c:53:e0:
40:c2:ec:4c:be:d6:81:12:0b:52:5c:d3:a2:4b:83:b1:42:0c:
23:ac:2e:51:ae:3f:f7:cb:d3:2d:fb:12:c7:f5:70:b9:51:65:
9b:dd:db:56:7e:fd:40:d0:74:db:0b:82:05:60:56:ed:c6:e6:
4d:35:c2:b4:37:12:5b:51:b8:2b:fe:c8:8b:73:ac:f8:39:1b:
c6:fc:76:17:42:17:a9:d2:09:fe:58:a4:1c:b4:46:d1:32:b4:
d9:67:54:15:9d:a5:4f:ce:d0:29:72:79:8b:03:2f:87:ff:eb:
82:be:d2:c8:02:e7:12:e0:23:db:4c:52:64:6e:e9:c5:64:26:
6c:0f:94:fc:32:1e:6a:1d:97:0c:8a:70:23:61:70:2b:59:e7:
3d:a4:7d:1b:83:9f:63:ce:f8:63:45:13:57:8d:53:23:99:88:
fe:0e:ec:7a:f9:4f:7d:13:62:30:5c:5c:c8:43:1e:4c:7f:7b:
ca:4b:09:22:b0:04:65:3d:a0:ee:d8:64:06:97:e0:c9:97:cc:
e9:23:fa:d6:b0:e5:65:be:db:cd:89:f4:8c:68:84:bd:11:3a:
63:65:0b:8e
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZyRJyJtaCvtRzUDi6V10KRAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxZDM5ZDc0YjE3ZTY5MWRkMWIwNTIyMWM2MDk4Y2FmNWVl
OTNhMzYwHhcNMjYwMjI0MTkzNjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGRjZDQ0MjA4NDg3YTFjNmQ3OGZmYTI2NmQyM2Q5ODNlOTJlZjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFcQEqbYyg2QRFjNM2Gx9z5NXhB8
PTOXIzCFc+3dmEggcU3LzPjGng/om5R7nb2xLE8rNM9NQcehrfFqANv2Z5AUmQvp
ZV3ppU+OQitqRX/AEVyJGEiq6qnbf9tDGx2v16eldP3ma/zWo8bcCsudeSTxIsUq
auVNGM4Q0eghEVa3SHcCopZzoFFOfXqAFsXYz5zAWG/8tFFV9JxfZJ9aFA4XowX8
FWNWgNLkMOiYwlS9ibvCtODZjprFp2EytfiprqlcYzwvK4J8HFhuB0VefkZJ/wm1
Z8FcmBFTstop775crJM7gOb6u9ZjBiMBqcIHkZ3uSXZh+/6GSy9nnVnVAwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFE3c1EIISHocbXj/ombSPZg+ku8jMB8GA1UdIwQY
MBaAFGHTnXSxfmkd0bBSIcYJjK9e6To2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWRPZGRMRi1hUjNSc0ZJaHhnbU1yMTdwT2pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS83Y2EyZjItYmYxMy00ZDE4LWE4ZGQt
OTgwNTExZGMwNWFlLzEvVGR6VVFnaEllaHh0ZVAtaVp0STltRDZTN3lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS83Y2EyZjItYmYxMy00ZDE4LWE4ZGQtOTgwNTExZGMwNWFl
LzEvWWRPZGRMRi1hUjNSc0ZJaHhnbU1yMTdwT2pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQAud4WMCEE
AgACMBsDBwIqEuXAAAADBwIqEuXAABADBwIqEuXAACAwDQYJKoZIhvcNAQELBQAD
ggEBAB2Qu93AiS1qs5cVKC2KKNA7czSA3APJXMkQ94XlcUEWOTxT4EDC7Ey+1oES
C1Jc06JLg7FCDCOsLlGuP/fL0y37Esf1cLlRZZvd21Z+/UDQdNsLggVgVu3G5k01
wrQ3EltRuCv+yItzrPg5G8b8dhdCF6nSCf5YpBy0RtEytNlnVBWdpU/O0ClyeYsD
L4f/64K+0sgC5xLgI9tMUmRu6cVkJmwPlPwyHmodlwyKcCNhcCtZ5z2kfRuDn2PO
+GNFE1eNUyOZiP4O7Hr5T30TYjBcXMhDHkx/e8pLCSKwBGU9oO7YZAaX4MmXzOkj
+taw5WW+282J9IxohL0ROmNlC44=
-----END CERTIFICATE-----
Generated at Sun Mar 1 14:47:59 2026 by rpki-client