Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/o8B0PAfalqfvGUk59igvX166aWg.roa
File: o8B0PAfalqfvGUk59igvX166aWg.roa (raw, json)
Hash identifier: kw1L/i09wIPhjO8Z5uMcPMhKkC329A5E4T69tV/r0hg=
Subject key identifier: A3:C0:74:3C:07:DA:96:A7:EF:19:49:39:F6:28:2F:5F:5E:BA:69:68
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 019C6BE40A31D7F56E72045F7F853C633DFE
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/o8B0PAfalqfvGUk59igvX166aWg.roa
Signing time: Tue 17 Feb 2026 13:57:12 +0000
ROA not before: Tue 17 Feb 2026 13:57:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6698
IP address blocks: 31.42.184.0/22 maxlen: 24
45.11.56.0/22 maxlen: 24
45.11.57.0/24 maxlen: 24
45.12.0.0/22 maxlen: 24
45.12.0.0/24 maxlen: 24
45.12.1.0/24 maxlen: 24
45.12.2.0/24 maxlen: 24
45.12.3.0/24 maxlen: 24
45.134.172.0/22 maxlen: 24
45.134.173.0/24 maxlen: 24
62.182.80.0/21 maxlen: 24
62.182.84.0/24 maxlen: 24
91.208.115.0/24 maxlen: 24
91.218.48.0/22 maxlen: 24
91.222.172.0/22 maxlen: 24
91.234.198.0/23 maxlen: 24
128.0.104.0/24 maxlen: 24
152.89.60.0/22 maxlen: 24
176.97.112.0/20 maxlen: 24
176.97.112.0/23 maxlen: 24
176.97.114.0/24 maxlen: 24
176.97.115.0/24 maxlen: 24
176.97.122.0/23 maxlen: 23
176.97.124.0/24 maxlen: 24
176.119.24.0/21 maxlen: 24
176.119.30.0/24 maxlen: 24
176.119.31.0/24 maxlen: 24
185.66.88.0/22 maxlen: 24
185.66.91.0/24 maxlen: 24
185.254.196.0/22 maxlen: 24
185.254.198.0/24 maxlen: 24
185.254.199.0/24 maxlen: 24
193.23.181.0/24 maxlen: 24
194.42.204.0/22 maxlen: 24
194.42.204.0/24 maxlen: 24
194.42.205.0/24 maxlen: 24
195.26.86.0/23 maxlen: 24
195.66.210.0/24 maxlen: 24
195.66.212.0/22 maxlen: 24
195.128.248.0/23 maxlen: 24
195.160.220.0/22 maxlen: 24
212.86.116.0/22 maxlen: 24
212.86.116.0/24 maxlen: 24
212.86.118.0/23 maxlen: 23
212.86.124.0/24 maxlen: 24
2a09:2dc2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.mft
rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:6b:e4:0a:31:d7:f5:6e:72:04:5f:7f:85:3c:63:3d:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: Feb 17 13:57:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a3c0743c07da96a7ef194939f6282f5f5eba6968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5f:7d:25:75:f0:72:43:51:31:74:f2:f4:04:
7e:c3:b3:cd:a7:02:2a:fa:21:92:e0:6c:0e:f6:56:
a9:26:de:be:4f:e8:7c:d2:a4:db:c8:8d:30:91:f9:
f3:2c:7f:73:03:d5:cf:c9:17:ed:57:e4:e6:14:5b:
09:f6:22:67:d6:20:e4:3b:9d:a3:df:c1:c8:95:ca:
45:a1:90:83:b0:91:c8:68:e6:9f:53:21:b9:e1:10:
49:d0:ed:44:f0:8b:3f:71:6f:b6:32:db:bf:fa:62:
4b:ef:4e:a8:98:0c:70:1f:65:02:c2:e7:ae:e1:3b:
98:b4:29:a8:79:75:38:7d:6b:ee:36:ee:a5:96:7c:
79:f4:a7:6f:d8:6e:07:c8:a4:75:5b:4c:d5:5b:d0:
e1:b2:23:51:a2:1d:2f:98:e2:26:29:57:4b:49:a9:
e5:92:74:cc:46:f2:c4:36:3a:4c:f4:7e:b5:19:71:
85:56:1b:8f:5e:0f:16:41:cc:d7:4d:91:b2:28:0a:
80:ac:63:a3:7d:58:fc:13:84:92:cc:4e:4d:f4:9e:
d3:65:af:15:83:b9:42:5a:8f:f9:3f:cb:6b:23:5d:
d1:82:59:a2:83:4b:f8:59:6b:2b:3f:97:e0:29:75:
72:13:73:9b:6f:23:5e:92:43:5c:03:e0:bb:71:a6:
f7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:C0:74:3C:07:DA:96:A7:EF:19:49:39:F6:28:2F:5F:5E:BA:69:68
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/o8B0PAfalqfvGUk59igvX166aWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.184.0/22
45.11.56.0/22
45.12.0.0/22
45.134.172.0/22
62.182.80.0/21
91.208.115.0/24
91.218.48.0/22
91.222.172.0/22
91.234.198.0/23
128.0.104.0/24
152.89.60.0/22
176.97.112.0/20
176.119.24.0/21
185.66.88.0/22
185.254.196.0/22
193.23.181.0/24
194.42.204.0/22
195.26.86.0/23
195.66.210.0/24
195.66.212.0/22
195.128.248.0/23
195.160.220.0/22
212.86.116.0/22
212.86.124.0/24
IPv6:
2a09:2dc2::/32
Signature Algorithm: sha256WithRSAEncryption
6f:27:6f:67:8c:88:a4:66:4e:c9:1d:b2:fc:0c:c4:3f:80:a2:
fa:3e:e5:ff:1e:dc:d2:d3:87:c7:f5:4c:2a:59:95:b5:77:cc:
7b:46:59:49:bd:b3:ff:b3:29:c9:d7:c6:76:4f:0b:0f:c2:5f:
2a:59:a9:ae:d1:02:e5:8a:ac:32:72:1b:78:86:fe:c9:6a:f5:
1c:4e:3b:c5:f1:f2:94:22:ca:91:79:d4:e0:27:dd:d7:cd:25:
e1:7f:2c:a4:9f:1f:88:23:60:1a:0a:6f:97:1e:69:e9:74:c9:
b9:c9:0c:ac:c1:03:40:f2:07:cc:b2:67:f8:73:ad:6d:88:ba:
53:9c:95:fe:75:b3:24:bb:28:b4:13:b8:c6:17:75:f9:94:b1:
6b:90:69:7e:e7:6f:ef:db:ae:2a:1c:a5:8b:03:5f:f9:6c:8f:
a9:ae:66:52:73:32:00:84:ba:5e:f8:e1:e3:42:b0:58:c4:c1:
17:6d:0e:4b:f1:ac:a5:4c:b4:74:b0:57:cd:de:22:23:b0:4d:
b3:d8:4d:3f:d9:e1:66:02:47:3a:d0:e6:10:55:b4:9e:95:58:
7a:f7:88:a3:59:e8:f6:53:d0:86:5d:b6:a3:54:31:57:07:25:
7d:2f:77:ce:3d:1a:73:88:c9:f8:46:7e:1e:a0:ee:f1:1f:33:
5e:d8:a1:68
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAZxr5Aox1/VucgRff4U8Yz3+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmM5YzI2ZGY3Y2NkOGFkMzhkODliZDVkNDkzODBiOTNi
MWUwMDkwHhcNMjYwMjE3MTM1NzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2MwNzQzYzA3ZGE5NmE3ZWYxOTQ5MzlmNjI4MmY1ZjVlYmE2OTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw199JXXwckNRMXTy9AR+w7PNpwIq
+iGS4GwO9lapJt6+T+h80qTbyI0wkfnzLH9zA9XPyRftV+TmFFsJ9iJn1iDkO52j
38HIlcpFoZCDsJHIaOafUyG54RBJ0O1E8Is/cW+2Mtu/+mJL706omAxwH2UCwueu
4TuYtCmoeXU4fWvuNu6llnx59Kdv2G4HyKR1W0zVW9DhsiNRoh0vmOImKVdLSanl
knTMRvLENjpM9H61GXGFVhuPXg8WQczXTZGyKAqArGOjfVj8E4SSzE5N9J7TZa8V
g7lCWo/5P8trI13Rglmig0v4WWsrP5fgKXVyE3ObbyNekkNcA+C7cab33QIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFKPAdDwH2pan7xlJOfYoL19eumloMB8GA1UdIwQY
MBaAFLMsnCbffM2K042JvV1JOAuTseAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjIt
Y2IxMWJjNWIyZjFiLzEvbzhCMFBBZmFscWZ2R1VrNTlpZ3ZYMTY2YVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjItY2IxMWJjNWIyZjFi
LzEvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTCBlwQCAAEwgZADBAIf
KrgDBAItCzgDBAItDAADBAIthqwDBAM+tlADBABb0HMDBAJb2jADBAJb3qwDBAFb
6sYDBACAAGgDBAKYWTwDBASwYXADBAOwdxgDBAK5QlgDBAK5/sQDBADBF7UDBALC
KswDBAHDGlYDBADDQtIDBALDQtQDBAHDgPgDBALDoNwDBALUVnQDBADUVnwwDQQC
AAIwBwMFACoJLcIwDQYJKoZIhvcNAQELBQADggEBAG8nb2eMiKRmTskdsvwMxD+A
ovo+5f8e3NLTh8f1TCpZlbV3zHtGWUm9s/+zKcnXxnZPCw/CXypZqa7RAuWKrDJy
G3iG/slq9RxOO8Xx8pQiypF51OAn3dfNJeF/LKSfH4gjYBoKb5ceael0ybnJDKzB
A0DyB8yyZ/hzrW2IulOclf51syS7KLQTuMYXdfmUsWuQaX7nb+/briocpYsDX/ls
j6muZlJzMgCEul744eNCsFjEwRdtDkvxrKVMtHSwV83eIiOwTbPYTT/Z4WYCRzrQ
5hBVtJ6VWHr3iKNZ6PZT0IZdtqNUMVcHJX0vd849GnOIyfhGfh6g7vEfM17YoWg=
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:58:55 2026 by rpki-client