Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/ae825f-6f54-43ea-9b83-bbaec7505d97/1/dwIfNutOF5SxDnHE2ip0RRB0Wh0.roa
File: dwIfNutOF5SxDnHE2ip0RRB0Wh0.roa (raw, json)
Hash identifier: gXhE8k/fw7vLGXFxBW+3kIf0O3u5m7PjyaKQg10z4O0=
Subject key identifier: 77:02:1F:36:EB:4E:17:94:B1:0E:71:C4:DA:2A:74:45:10:74:5A:1D
Certificate issuer: /CN=bb22cf4c71a95911bd6046d05c0a8ba1646c9ead
Certificate serial: 019B79ED07047F8B276D623626B1D3B3831C
Authority key identifier: BB:22:CF:4C:71:A9:59:11:BD:60:46:D0:5C:0A:8B:A1:64:6C:9E:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uyLPTHGpWRG9YEbQXAqLoWRsnq0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/ae825f-6f54-43ea-9b83-bbaec7505d97/1/dwIfNutOF5SxDnHE2ip0RRB0Wh0.roa
Signing time: Thu 01 Jan 2026 14:18:55 +0000
ROA not before: Thu 01 Jan 2026 14:18:55 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198721
IP address blocks: 85.209.112.0/22 maxlen: 24
91.238.116.0/22 maxlen: 24
94.140.28.0/22 maxlen: 24
185.29.204.0/22 maxlen: 24
185.199.112.0/22 maxlen: 24
188.214.0.0/22 maxlen: 24
2a00:a9a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/ae825f-6f54-43ea-9b83-bbaec7505d97/1/uyLPTHGpWRG9YEbQXAqLoWRsnq0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/ae825f-6f54-43ea-9b83-bbaec7505d97/1/uyLPTHGpWRG9YEbQXAqLoWRsnq0.mft
rsync://rpki.ripe.net/repository/DEFAULT/uyLPTHGpWRG9YEbQXAqLoWRsnq0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:79:ed:07:04:7f:8b:27:6d:62:36:26:b1:d3:b3:83:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb22cf4c71a95911bd6046d05c0a8ba1646c9ead
Validity
Not Before: Jan 1 14:18:55 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=77021f36eb4e1794b10e71c4da2a744510745a1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:be:cf:8e:07:98:dd:b5:83:2f:48:54:80:d7:
7a:39:a7:d6:c9:b4:8b:34:88:cb:26:08:9f:5f:d5:
a0:ab:6f:6e:09:52:42:6e:47:8c:c6:1b:21:4b:e1:
09:66:98:6a:dd:ee:1c:17:16:fd:e5:7d:1f:83:ef:
88:85:4f:fe:95:20:5c:d5:8a:1f:90:80:cb:96:f7:
31:b8:c1:a1:21:6a:17:f0:a9:3e:30:5d:61:71:bd:
46:b7:a0:52:fb:48:1f:3c:e8:a8:ff:70:f6:b2:4e:
98:ff:a4:f2:49:5f:54:d3:0e:39:13:94:78:ff:3b:
2b:8a:21:44:15:db:b1:2a:e6:fe:18:b4:1e:1b:2d:
08:7f:9a:97:b6:20:de:27:d1:9a:a6:6d:05:a3:e0:
2a:a9:2b:0b:3c:ce:ac:22:54:cf:e0:da:b6:05:2c:
ef:36:a4:eb:71:8e:f8:bb:15:4e:ca:4d:4c:01:05:
3f:ca:68:d9:2f:c7:f3:d8:c2:1b:fe:2d:a3:b7:3a:
93:99:c3:86:8b:0f:db:cb:d4:ca:05:a2:6c:29:b3:
da:99:cb:67:30:4c:57:6a:a2:2e:df:41:fc:cf:df:
4a:68:a9:11:0a:2b:a5:c7:74:75:c7:73:fc:1c:91:
ed:19:cb:d5:b5:63:8e:df:f4:85:48:32:66:17:a3:
a3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:02:1F:36:EB:4E:17:94:B1:0E:71:C4:DA:2A:74:45:10:74:5A:1D
X509v3 Authority Key Identifier:
keyid:BB:22:CF:4C:71:A9:59:11:BD:60:46:D0:5C:0A:8B:A1:64:6C:9E:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uyLPTHGpWRG9YEbQXAqLoWRsnq0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/ae825f-6f54-43ea-9b83-bbaec7505d97/1/dwIfNutOF5SxDnHE2ip0RRB0Wh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/ae825f-6f54-43ea-9b83-bbaec7505d97/1/uyLPTHGpWRG9YEbQXAqLoWRsnq0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.112.0/22
91.238.116.0/22
94.140.28.0/22
185.29.204.0/22
185.199.112.0/22
188.214.0.0/22
IPv6:
2a00:a9a0::/32
Signature Algorithm: sha256WithRSAEncryption
09:26:e7:86:40:71:28:5b:7e:3e:52:fa:db:f3:1f:8d:38:d0:
72:16:bf:0f:4e:00:2e:2b:e5:7b:f5:93:34:d9:16:7e:c1:0f:
6f:74:c1:65:08:9d:9a:86:d7:d4:fd:b3:26:9e:2f:e1:09:ec:
9e:bd:a5:b9:0e:5a:3e:20:06:3c:e7:09:c1:6b:5c:01:6c:dc:
a4:ba:f1:61:72:e6:47:fc:2a:df:29:bc:b5:30:8e:58:68:40:
f7:54:fa:c6:96:cc:2c:cb:d8:52:79:b8:7e:02:1b:41:90:46:
ce:0e:16:04:a9:73:02:61:b9:42:ac:fe:f2:10:55:f4:da:b8:
df:78:4b:23:74:2a:a1:d0:7e:f6:b3:8f:96:d1:6a:bf:6a:30:
11:df:21:ea:4e:a3:60:fc:8b:71:5b:6e:0e:6c:75:55:2e:8a:
12:0b:39:ba:51:e1:e0:10:8c:82:87:d7:10:5c:a4:36:25:f2:
71:35:a6:4d:e9:be:7d:ad:a5:cc:28:52:a7:01:a2:8d:cb:8c:
ef:33:07:b1:06:40:f9:0b:55:5f:5d:97:0e:51:00:db:25:0d:
81:de:17:12:9e:2b:9a:a6:3b:a0:e7:c4:68:d7:fd:d5:b5:c6:
11:12:a8:22:5f:f5:ff:26:18:4b:d1:59:b4:d1:44:53:58:d0:
5f:c8:b9:8c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZt57QcEf4snbWI2JrHTs4McMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMjJjZjRjNzFhOTU5MTFiZDYwNDZkMDVjMGE4YmExNjQ2
YzllYWQwHhcNMjYwMTAxMTQxODU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzAyMWYzNmViNGUxNzk0YjEwZTcxYzRkYTJhNzQ0NTEwNzQ1YTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv77PjgeY3bWDL0hUgNd6OafWybSL
NIjLJgifX9Wgq29uCVJCbkeMxhshS+EJZphq3e4cFxb95X0fg++IhU/+lSBc1Yof
kIDLlvcxuMGhIWoX8Kk+MF1hcb1Gt6BS+0gfPOio/3D2sk6Y/6TySV9U0w45E5R4
/zsriiFEFduxKub+GLQeGy0If5qXtiDeJ9Gapm0Fo+AqqSsLPM6sIlTP4Nq2BSzv
NqTrcY74uxVOyk1MAQU/ymjZL8fz2MIb/i2jtzqTmcOGiw/by9TKBaJsKbPamctn
MExXaqIu30H8z99KaKkRCiulx3R1x3P8HJHtGcvVtWOO3/SFSDJmF6OjGwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFHcCHzbrTheUsQ5xxNoqdEUQdFodMB8GA1UdIwQY
MBaAFLsiz0xxqVkRvWBG0FwKi6FkbJ6tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXlMUFRIR3BXUkc5WUViUVhBcUxvV1JzbnEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9hZTgyNWYtNmY1NC00M2VhLTliODMt
YmJhZWM3NTA1ZDk3LzEvZHdJZk51dE9GNVN4RG5IRTJpcDBSUkIwV2gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9hZTgyNWYtNmY1NC00M2VhLTliODMtYmJhZWM3NTA1ZDk3
LzEvdXlMUFRIR3BXUkc5WUViUVhBcUxvV1JzbnEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCVdFwAwQC
W+50AwQCXowcAwQCuR3MAwQCucdwAwQCvNYAMA0EAgACMAcDBQAqAKmgMA0GCSqG
SIb3DQEBCwUAA4IBAQAJJueGQHEoW34+Uvrb8x+NONByFr8PTgAuK+V79ZM02RZ+
wQ9vdMFlCJ2ahtfU/bMmni/hCeyevaW5Dlo+IAY85wnBa1wBbNykuvFhcuZH/Crf
Kby1MI5YaED3VPrGlswsy9hSebh+AhtBkEbODhYEqXMCYblCrP7yEFX02rjfeEsj
dCqh0H72s4+W0Wq/ajAR3yHqTqNg/ItxW24ObHVVLooSCzm6UeHgEIyCh9cQXKQ2
JfJxNaZN6b59raXMKFKnAaKNy4zvMwexBkD5C1VfXZcOUQDbJQ2B3hcSniuapjug
58Ro1/3VtcYREqgiX/X/JhhL0Vm00URTWNBfyLmM
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:17:31 2026 by rpki-client