Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/a-VcOFrW0mipdK5F6AKuemVIhSA.roa
File: a-VcOFrW0mipdK5F6AKuemVIhSA.roa (raw, json)
Hash identifier: KxJlkPql6WwtVVIt8TNbKP2+cnBjbuiMr7nCAMGKWYk=
Subject key identifier: 6B:E5:5C:38:5A:D6:D2:68:A9:74:AE:45:E8:02:AE:7A:65:48:85:20
Certificate issuer: /CN=7af57dd52c75fce39ffe2915469d9e656dbcb873
Certificate serial: 019C6C47D52B78D5D4A9C328FBA1429826F8
Authority key identifier: 7A:F5:7D:D5:2C:75:FC:E3:9F:FE:29:15:46:9D:9E:65:6D:BC:B8:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/evV91Sx1_OOf_ikVRp2eZW28uHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/a-VcOFrW0mipdK5F6AKuemVIhSA.roa
Signing time: Tue 17 Feb 2026 15:46:12 +0000
ROA not before: Tue 17 Feb 2026 15:46:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211261
IP address blocks: 92.246.82.0/24 maxlen: 24
92.246.83.0/24 maxlen: 24
103.226.192.0/24 maxlen: 24
103.226.194.0/23 maxlen: 23
103.229.168.0/24 maxlen: 24
103.229.170.0/24 maxlen: 24
103.229.171.0/24 maxlen: 24
185.117.46.0/24 maxlen: 24
185.117.47.0/24 maxlen: 24
185.145.68.0/24 maxlen: 24
185.145.69.0/24 maxlen: 24
185.145.70.0/24 maxlen: 24
185.145.71.0/24 maxlen: 24
185.167.181.0/24 maxlen: 24
185.201.4.0/24 maxlen: 24
185.204.200.0/24 maxlen: 24
185.204.201.0/24 maxlen: 24
185.204.203.0/24 maxlen: 24
185.223.176.0/24 maxlen: 24
185.223.177.0/24 maxlen: 24
185.223.179.0/24 maxlen: 24
185.237.212.0/24 maxlen: 24
185.237.213.0/24 maxlen: 24
185.237.214.0/24 maxlen: 24
2a07:4640::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/evV91Sx1_OOf_ikVRp2eZW28uHM.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/evV91Sx1_OOf_ikVRp2eZW28uHM.mft
rsync://rpki.ripe.net/repository/DEFAULT/evV91Sx1_OOf_ikVRp2eZW28uHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:6c:47:d5:2b:78:d5:d4:a9:c3:28:fb:a1:42:98:26:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7af57dd52c75fce39ffe2915469d9e656dbcb873
Validity
Not Before: Feb 17 15:46:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6be55c385ad6d268a974ae45e802ae7a65488520
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:71:9d:c6:ec:fa:75:89:c5:d5:24:c9:cd:a0:
9e:bb:5f:22:11:c7:2b:89:2e:04:c4:20:72:42:32:
fa:20:92:bf:c0:e2:ef:f8:f1:3b:b9:83:8d:69:c8:
e4:44:92:6a:15:d0:78:90:78:95:ff:6b:4f:6b:fe:
49:00:50:61:72:54:dd:90:fd:45:c8:13:0b:d7:20:
51:5d:5c:52:e6:f5:12:d3:5f:7d:ff:0e:9e:5e:31:
ff:6d:c3:63:06:6f:b1:f3:de:3d:f7:7e:f7:6c:f9:
41:c6:4c:0b:5c:41:92:c5:e6:3d:48:f2:ca:fa:91:
61:16:a5:bb:83:19:2e:4a:7c:9a:5b:c4:54:a8:ff:
0b:77:45:34:9c:a1:bf:55:b0:f5:06:cc:ad:d0:21:
a1:da:dc:59:b5:b4:73:a7:10:82:30:68:fd:69:74:
0b:af:a1:59:47:de:22:bf:75:70:79:b0:64:b6:49:
cd:2c:d6:5b:be:d3:31:ac:19:30:53:12:09:65:fa:
5e:ff:63:cd:73:5e:0c:b3:87:6b:20:99:a8:cc:6f:
78:0d:63:9e:eb:e2:d8:f9:a9:02:25:83:9c:07:59:
2d:b7:76:a5:60:f1:da:79:cb:73:fb:aa:4f:c4:1e:
b3:ce:cc:bc:3d:e5:55:8e:c0:b2:91:2b:2c:c9:ee:
38:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:E5:5C:38:5A:D6:D2:68:A9:74:AE:45:E8:02:AE:7A:65:48:85:20
X509v3 Authority Key Identifier:
keyid:7A:F5:7D:D5:2C:75:FC:E3:9F:FE:29:15:46:9D:9E:65:6D:BC:B8:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/evV91Sx1_OOf_ikVRp2eZW28uHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/a-VcOFrW0mipdK5F6AKuemVIhSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/evV91Sx1_OOf_ikVRp2eZW28uHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.246.82.0/23
103.226.192.0/24
103.226.194.0/23
103.229.168.0/24
103.229.170.0/23
185.117.46.0/23
185.145.68.0/22
185.167.181.0/24
185.201.4.0/24
185.204.200.0/23
185.204.203.0/24
185.223.176.0/23
185.223.179.0/24
185.237.212.0-185.237.214.255
IPv6:
2a07:4640::/29
Signature Algorithm: sha256WithRSAEncryption
b1:74:cf:ed:b9:db:da:49:a1:c3:28:97:8d:68:ff:af:d3:73:
a1:1e:46:6e:12:a0:30:36:9b:2e:32:7d:77:0e:95:d1:08:98:
25:8e:6b:a8:ef:35:ae:7f:7f:a4:34:d6:e2:37:67:31:35:11:
d3:0e:2e:ad:48:e5:22:fd:7f:6b:0e:e1:ab:f5:80:b6:05:06:
c2:69:bf:99:36:7b:b4:b0:e0:cd:b8:34:10:41:c8:90:39:a0:
7f:2a:f5:a9:fe:b5:81:66:0e:a9:7d:42:b5:61:d4:f7:5a:5f:
5a:61:90:d9:69:9b:d2:bb:76:e5:6c:13:1e:e4:fe:38:45:07:
49:e3:9e:8c:cf:1e:bd:42:90:cf:42:76:13:36:7c:35:23:c7:
bf:85:ce:92:83:2a:60:0c:37:8c:f0:a2:0c:98:42:e7:cd:db:
e3:f1:e6:2c:59:c2:0a:16:76:82:d0:a5:7d:aa:01:75:cc:28:
60:af:56:8b:30:26:d8:c0:3a:b5:f1:c0:58:6b:3a:71:81:bf:
d1:15:11:84:0a:06:48:83:a1:2d:46:ff:1c:fe:dd:c7:c8:03:
f4:e1:77:9a:6b:d9:2e:82:89:96:41:c7:f3:e3:be:38:10:ef:
f4:0c:4c:80:3a:f1:7c:9b:fa:bc:b2:38:d7:1f:73:dc:dc:49:
e6:9d:bd:4b
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAZxsR9UreNXUqcMo+6FCmCb4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhZjU3ZGQ1MmM3NWZjZTM5ZmZlMjkxNTQ2OWQ5ZTY1NmRi
Y2I4NzMwHhcNMjYwMjE3MTU0NjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmU1NWMzODVhZDZkMjY4YTk3NGFlNDVlODAyYWU3YTY1NDg4NTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HGdxuz6dYnF1STJzaCeu18iEccr
iS4ExCByQjL6IJK/wOLv+PE7uYONacjkRJJqFdB4kHiV/2tPa/5JAFBhclTdkP1F
yBML1yBRXVxS5vUS0199/w6eXjH/bcNjBm+x89499373bPlBxkwLXEGSxeY9SPLK
+pFhFqW7gxkuSnyaW8RUqP8Ld0U0nKG/VbD1Bsyt0CGh2txZtbRzpxCCMGj9aXQL
r6FZR94iv3VwebBktknNLNZbvtMxrBkwUxIJZfpe/2PNc14Ms4drIJmozG94DWOe
6+LY+akCJYOcB1ktt3alYPHaectz+6pPxB6zzsy8PeVVjsCykSssye44QQIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFGvlXDha1tJoqXSuRegCrnplSIUgMB8GA1UdIwQY
MBaAFHr1fdUsdfzjn/4pFUadnmVtvLhzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXZWOTFTeDFfT09mX2lrVlJwMmVaVzI4dUhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi84Nzk3ZGUtM2FlOS00ZTA1LTgwZmYt
YzI1MzQwOTZjNjBkLzEvYS1WY09GclcwbWlwZEs1RjZBS3VlbVZJaFNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi84Nzk3ZGUtM2FlOS00ZTA1LTgwZmYtYzI1MzQwOTZjNjBk
LzEvZXZWOTFTeDFfT09mX2lrVlJwMmVaVzI4dUhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYgQCAAEwXAMEAVz2UgME
AGfiwAMEAWfiwgMEAGflqAMEAWflqgMEAbl1LgMEArmRRAMEALmntQMEALnJBAME
AbnMyAMEALnMywMEAbnfsAMEALnfszAMAwQCue3UAwQAue3WMA0EAgACMAcDBQMq
B0ZAMA0GCSqGSIb3DQEBCwUAA4IBAQCxdM/tudvaSaHDKJeNaP+v03OhHkZuEqAw
NpsuMn13DpXRCJgljmuo7zWuf3+kNNbiN2cxNRHTDi6tSOUi/X9rDuGr9YC2BQbC
ab+ZNnu0sODNuDQQQciQOaB/KvWp/rWBZg6pfUK1YdT3Wl9aYZDZaZvSu3blbBMe
5P44RQdJ456Mzx69QpDPQnYTNnw1I8e/hc6SgypgDDeM8KIMmELnzdvj8eYsWcIK
FnaC0KV9qgF1zChgr1aLMCbYwDq18cBYazpxgb/RFRGECgZIg6EtRv8c/t3HyAP0
4Xeaa9kugomWQcfz4744EO/0DEyAOvF8m/q8sjjXH3Pc3Enmnb1L
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:24:09 2026 by rpki-client