Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e6d062-8f77-497d-b181-2510dac32496/1/moBWHmY5dUscCoFGFgkj8lgTo6k.roa
File: moBWHmY5dUscCoFGFgkj8lgTo6k.roa (raw, json)
Hash identifier: SdWsLpL7bWufA3L06GIvSvKd8LEI6DM8Lhn01PlHx/4=
Subject key identifier: 9A:80:56:1E:66:39:75:4B:1C:0A:81:46:16:09:23:F2:58:13:A3:A9
Certificate issuer: /CN=2f6dbc6ae0b58a11731f219eda022471d1e11edb
Certificate serial: 019C7B843349E8BF5D37409BC8739A32EE9B
Authority key identifier: 2F:6D:BC:6A:E0:B5:8A:11:73:1F:21:9E:DA:02:24:71:D1:E1:1E:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L228auC1ihFzHyGe2gIkcdHhHts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/e6d062-8f77-497d-b181-2510dac32496/1/moBWHmY5dUscCoFGFgkj8lgTo6k.roa
Signing time: Fri 20 Feb 2026 14:46:27 +0000
ROA not before: Fri 20 Feb 2026 14:46:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201933
IP address blocks: 80.247.222.0/23 maxlen: 23
91.193.116.0/22 maxlen: 22
213.193.250.0/24 maxlen: 24
2a06:40c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/e6d062-8f77-497d-b181-2510dac32496/1/L228auC1ihFzHyGe2gIkcdHhHts.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/e6d062-8f77-497d-b181-2510dac32496/1/L228auC1ihFzHyGe2gIkcdHhHts.mft
rsync://rpki.ripe.net/repository/DEFAULT/L228auC1ihFzHyGe2gIkcdHhHts.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 08:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:7b:84:33:49:e8:bf:5d:37:40:9b:c8:73:9a:32:ee:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6dbc6ae0b58a11731f219eda022471d1e11edb
Validity
Not Before: Feb 20 14:46:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9a80561e6639754b1c0a8146160923f25813a3a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4a:41:23:7c:a9:40:9d:eb:5b:6b:3f:23:00:
e7:95:d6:4b:d8:ec:fd:9e:55:79:5c:0b:61:42:67:
c4:06:19:0d:57:d6:65:1a:6a:2f:20:0d:87:aa:3b:
0b:59:23:2b:50:35:25:17:41:f9:4e:d6:7e:37:fe:
b9:0e:b4:0b:ae:1b:34:d3:45:cc:b0:24:4e:f4:4b:
9d:b3:31:31:04:18:79:9c:61:84:f4:55:db:22:96:
6b:c3:b7:81:de:c1:27:df:62:42:5e:74:12:d6:5b:
52:ea:e7:61:58:5a:00:9c:0f:51:0c:28:86:cb:9a:
77:ae:33:21:02:ae:89:30:e7:77:4a:55:fe:2c:80:
2a:e5:3f:fc:1a:c1:f0:e5:a6:e3:cc:59:47:b4:e0:
24:cc:05:d7:9a:aa:e7:4a:d1:ce:aa:09:d8:4b:ac:
f1:5b:ef:a2:6d:ca:0f:30:24:ed:de:76:7f:0e:77:
28:0d:0b:83:75:f9:b2:85:7d:cf:16:37:b5:81:34:
41:bd:2e:42:9f:ba:d0:b8:93:5f:3c:9b:16:a6:a1:
2e:d1:60:aa:58:11:da:a1:f8:f3:a2:7a:76:52:38:
9e:5b:e3:8c:10:ca:9c:5c:2e:9f:41:be:e1:a2:dc:
5f:95:07:64:1f:96:91:22:1e:ba:fd:17:1b:45:a4:
a8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:80:56:1E:66:39:75:4B:1C:0A:81:46:16:09:23:F2:58:13:A3:A9
X509v3 Authority Key Identifier:
keyid:2F:6D:BC:6A:E0:B5:8A:11:73:1F:21:9E:DA:02:24:71:D1:E1:1E:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L228auC1ihFzHyGe2gIkcdHhHts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e6d062-8f77-497d-b181-2510dac32496/1/moBWHmY5dUscCoFGFgkj8lgTo6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e6d062-8f77-497d-b181-2510dac32496/1/L228auC1ihFzHyGe2gIkcdHhHts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.247.222.0/23
91.193.116.0/22
213.193.250.0/24
IPv6:
2a06:40c0::/29
Signature Algorithm: sha256WithRSAEncryption
17:69:89:21:c7:45:e5:56:1b:ba:b4:5d:cb:2e:d3:86:35:bb:
ce:48:68:2c:81:1c:2c:75:d4:bd:2c:2e:91:38:57:2a:99:2a:
dc:37:8f:d7:0b:f0:ea:3c:62:a0:98:b8:a3:0d:d7:1d:cf:da:
92:56:2b:cb:37:71:21:25:62:4a:34:91:ba:47:83:5f:b2:1d:
4c:26:ad:94:9f:70:ed:4a:09:36:5f:c0:27:ff:a3:65:2c:e3:
34:f1:a4:3d:a7:ea:00:85:3f:e6:c6:01:27:4a:6f:66:b9:92:
63:27:1f:7a:1d:44:e7:89:cc:d5:50:0b:8d:2c:8d:a7:e4:ac:
33:41:b5:0e:d9:b3:85:fb:5b:82:cd:4b:6f:9f:9b:72:27:87:
d0:17:98:3b:1d:1f:a2:8c:d5:b6:cb:c7:66:3f:1f:a1:11:ae:
99:d4:d2:dd:74:18:90:70:4c:20:58:af:a8:c7:d2:5a:36:78:
82:bf:25:0e:31:f0:22:84:38:e9:8c:37:ed:01:8e:18:63:43:
36:31:04:29:26:91:0b:b0:6c:47:06:3a:93:e1:ef:c7:5e:43:
a2:f1:e2:cd:aa:0d:4d:b4:f4:ce:cb:b6:0e:0e:dd:71:e9:1a:
fb:51:e1:ed:9d:fd:19:d6:72:66:91:cf:89:1e:af:a5:0a:cf:
9b:3c:e8:d0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZx7hDNJ6L9dN0CbyHOaMu6bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmRiYzZhZTBiNThhMTE3MzFmMjE5ZWRhMDIyNDcxZDFl
MTFlZGIwHhcNMjYwMjIwMTQ0NjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTgwNTYxZTY2Mzk3NTRiMWMwYTgxNDYxNjA5MjNmMjU4MTNhM2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskpBI3ypQJ3rW2s/IwDnldZL2Oz9
nlV5XAthQmfEBhkNV9ZlGmovIA2HqjsLWSMrUDUlF0H5TtZ+N/65DrQLrhs000XM
sCRO9EudszExBBh5nGGE9FXbIpZrw7eB3sEn32JCXnQS1ltS6udhWFoAnA9RDCiG
y5p3rjMhAq6JMOd3SlX+LIAq5T/8GsHw5abjzFlHtOAkzAXXmqrnStHOqgnYS6zx
W++ibcoPMCTt3nZ/DncoDQuDdfmyhX3PFje1gTRBvS5Cn7rQuJNfPJsWpqEu0WCq
WBHaofjzonp2UjieW+OMEMqcXC6fQb7hotxflQdkH5aRIh66/RcbRaSoowIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJqAVh5mOXVLHAqBRhYJI/JYE6OpMB8GA1UdIwQY
MBaAFC9tvGrgtYoRcx8hntoCJHHR4R7bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDIyOGF1QzFpaEZ6SHlHZTJnSWtjZEhoSHRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lNmQwNjItOGY3Ny00OTdkLWIxODEt
MjUxMGRhYzMyNDk2LzEvbW9CV0htWTVkVXNjQ29GR0Zna2o4bGdUbzZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lNmQwNjItOGY3Ny00OTdkLWIxODEtMjUxMGRhYzMyNDk2
LzEvTDIyOGF1QzFpaEZ6SHlHZTJnSWtjZEhoSHRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBUPfeAwQC
W8F0AwQA1cH6MA0EAgACMAcDBQMqBkDAMA0GCSqGSIb3DQEBCwUAA4IBAQAXaYkh
x0XlVhu6tF3LLtOGNbvOSGgsgRwsddS9LC6ROFcqmSrcN4/XC/DqPGKgmLijDdcd
z9qSVivLN3EhJWJKNJG6R4Nfsh1MJq2Un3DtSgk2X8An/6NlLOM08aQ9p+oAhT/m
xgEnSm9muZJjJx96HUTniczVUAuNLI2n5KwzQbUO2bOF+1uCzUtvn5tyJ4fQF5g7
HR+ijNW2y8dmPx+hEa6Z1NLddBiQcEwgWK+ox9JaNniCvyUOMfAihDjpjDftAY4Y
Y0M2MQQpJpELsGxHBjqT4e/HXkOi8eLNqg1NtPTOy7YODt1x6Rr7UeHtnf0Z1nJm
kc+JHq+lCs+bPOjQ
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:21:05 2026 by rpki-client