Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/aylPXxqMDRfx0z59m0Qg4TkeSUU.roa
File: aylPXxqMDRfx0z59m0Qg4TkeSUU.roa (raw, json)
Hash identifier: AZ+EoLNJ9zrGPVF3rUJeEwtRzUmg9XrvBoLirJ7wRJM=
Subject key identifier: 6B:29:4F:5F:1A:8C:0D:17:F1:D3:3E:7D:9B:44:20:E1:39:1E:49:45
Certificate issuer: /CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Certificate serial: 019C7CD6F08F229152C6A09E5EEA00FA6E86
Authority key identifier: B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/aylPXxqMDRfx0z59m0Qg4TkeSUU.roa
Signing time: Fri 20 Feb 2026 20:56:26 +0000
ROA not before: Fri 20 Feb 2026 20:56:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39906
IP address blocks: 5.59.34.0/24 maxlen: 24
77.104.192.0/18 maxlen: 24
80.82.144.0/20 maxlen: 24
81.92.144.0/20 maxlen: 24
94.138.96.0/19 maxlen: 24
178.23.232.0/21 maxlen: 24
185.67.132.0/22 maxlen: 24
2a02:da8::/32 maxlen: 32
2a02:da8:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.mft
rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:7c:d6:f0:8f:22:91:52:c6:a0:9e:5e:ea:00:fa:6e:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Validity
Not Before: Feb 20 20:56:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6b294f5f1a8c0d17f1d33e7d9b4420e1391e4945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b9:4a:d9:6d:1b:da:1c:95:ff:b4:6f:3d:66:
ff:b9:0c:99:77:b6:ec:79:6d:4a:e1:fe:f9:17:3c:
92:f9:40:a8:13:fd:ef:a6:7a:71:b7:e0:cb:be:4d:
91:67:12:5c:9c:e1:03:f9:6a:35:52:12:e2:8f:cc:
1c:8d:9b:c6:d5:51:0b:fe:98:4f:68:b3:1c:7c:97:
2f:bd:99:5f:8b:1a:51:b6:9f:85:a3:0f:59:bf:3a:
ae:03:fe:16:4c:3f:8b:bb:08:c7:1e:ad:db:7c:3f:
08:2f:8f:73:d8:d4:12:e8:46:8d:f9:a4:b4:98:bf:
2b:b2:f7:59:cf:de:d1:f9:f8:cc:90:fe:1b:4e:cd:
4d:dc:aa:3f:1d:ac:fd:e3:e5:41:21:b9:47:3b:c8:
37:ea:dd:c3:29:f6:6b:eb:74:fc:af:7f:fc:35:a8:
d2:f7:11:49:4a:61:71:2f:51:23:dd:0f:69:27:ff:
59:44:72:99:d0:3b:7e:ca:56:83:75:82:de:b0:ed:
ee:6f:58:52:50:3d:65:fe:6b:a2:c7:20:0b:4d:0e:
3d:0a:26:62:20:8f:54:76:b3:0b:2c:b4:ff:63:c7:
00:ab:de:f4:81:dd:1b:c7:75:ec:b4:7a:4a:da:90:
18:7d:bc:ef:b6:77:ea:fa:86:2f:3a:4a:bc:60:00:
15:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:29:4F:5F:1A:8C:0D:17:F1:D3:3E:7D:9B:44:20:E1:39:1E:49:45
X509v3 Authority Key Identifier:
keyid:B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/aylPXxqMDRfx0z59m0Qg4TkeSUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.59.34.0/24
77.104.192.0/18
80.82.144.0/20
81.92.144.0/20
94.138.96.0/19
178.23.232.0/21
185.67.132.0/22
IPv6:
2a02:da8::/32
Signature Algorithm: sha256WithRSAEncryption
6c:fc:f2:b6:60:8f:a9:75:75:fb:93:62:c5:08:61:f2:f6:e7:
66:2a:14:95:15:5b:16:19:95:3c:95:4d:e8:7d:fb:5b:26:82:
05:8e:ed:ff:8b:0d:85:2f:6d:fa:4f:51:88:b8:88:31:32:ab:
ed:22:3f:49:02:5a:55:1e:b4:4b:50:3d:7d:5d:9d:ac:82:77:
c3:87:6f:23:b7:47:ea:7a:77:e2:c0:aa:20:65:9b:64:f8:b8:
15:85:c4:29:07:a0:c6:37:0e:b3:c3:fc:a4:24:65:da:72:de:
64:c6:86:10:4e:18:bb:23:dd:17:60:40:b9:01:65:b7:91:dd:
09:5d:7e:6b:2a:b6:d7:28:74:4f:b0:6c:b8:bf:d3:b9:eb:4d:
79:94:8d:22:9f:64:4b:37:0d:13:d7:38:62:8e:11:9b:d6:d0:
4f:8b:33:6e:2e:ab:2f:9e:5a:c0:71:59:80:15:61:c1:94:23:
78:4e:76:e4:af:c3:e4:3f:fe:b6:08:d2:e9:66:c8:b8:0f:11:
33:c0:11:19:9d:7e:0d:2c:bd:dc:0c:3a:51:29:d9:2e:a8:86:
36:16:9f:da:f9:bc:da:56:4b:cc:5b:08:ba:f0:20:16:7d:9f:
33:64:eb:a3:6a:f2:57:35:c5:dd:9e:98:6d:02:da:55:95:bd:
54:ae:7d:64
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZx81vCPIpFSxqCeXuoA+m6GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NDgxMTE5YWZlMWJmZjIyOWZhY2Q0ZWY5YzhjNjFiMGZh
YmVhZjIwHhcNMjYwMjIwMjA1NjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjI5NGY1ZjFhOGMwZDE3ZjFkMzNlN2Q5YjQ0MjBlMTM5MWU0OTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrlK2W0b2hyV/7RvPWb/uQyZd7bs
eW1K4f75FzyS+UCoE/3vpnpxt+DLvk2RZxJcnOED+Wo1UhLij8wcjZvG1VEL/phP
aLMcfJcvvZlfixpRtp+Fow9ZvzquA/4WTD+LuwjHHq3bfD8IL49z2NQS6EaN+aS0
mL8rsvdZz97R+fjMkP4bTs1N3Ko/Haz94+VBIblHO8g36t3DKfZr63T8r3/8NajS
9xFJSmFxL1Ej3Q9pJ/9ZRHKZ0Dt+ylaDdYLesO3ub1hSUD1l/muixyALTQ49CiZi
II9UdrMLLLT/Y8cAq970gd0bx3XstHpK2pAYfbzvtnfq+oYvOkq8YAAVTwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFGspT18ajA0X8dM+fZtEIOE5HklFMB8GA1UdIwQY
MBaAFLlIERmv4b/yKfrNTvnIxhsPq+ryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAt
OWI5YmNlMTVlMGM2LzEvYXlsUFh4cU1EUmZ4MHo1OW0wUWc0VGtlU1VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAtOWI5YmNlMTVlMGM2
LzEvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQABTsiAwQG
TWjAAwQEUFKQAwQEUVyQAwQFXopgAwQDshfoAwQCuUOEMA0EAgACMAcDBQAqAg2o
MA0GCSqGSIb3DQEBCwUAA4IBAQBs/PK2YI+pdXX7k2LFCGHy9udmKhSVFVsWGZU8
lU3offtbJoIFju3/iw2FL236T1GIuIgxMqvtIj9JAlpVHrRLUD19XZ2sgnfDh28j
t0fqenfiwKogZZtk+LgVhcQpB6DGNw6zw/ykJGXact5kxoYQThi7I90XYEC5AWW3
kd0JXX5rKrbXKHRPsGy4v9O56015lI0in2RLNw0T1zhijhGb1tBPizNuLqsvnlrA
cVmAFWHBlCN4Tnbkr8PkP/62CNLpZsi4DxEzwBEZnX4NLL3cDDpRKdkuqIY2Fp/a
+bzaVkvMWwi68CAWfZ8zZOujavJXNcXdnphtAtpVlb1Urn1k
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:55:18 2026 by rpki-client