Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/bRtT27gdIRehdnVrZ2MTKl_Yivs.roa
File: bRtT27gdIRehdnVrZ2MTKl_Yivs.roa (raw, json)
Hash identifier: 5XwPAhYLEwG+UjSXp2mngkjqodttaG6Kn9sTpDnMw+s=
Subject key identifier: 6D:1B:53:DB:B8:1D:21:17:A1:76:75:6B:67:63:13:2A:5F:D8:8A:FB
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019C74FC3EAD926300F8AECA8E4045717E2D
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/bRtT27gdIRehdnVrZ2MTKl_Yivs.roa
Signing time: Thu 19 Feb 2026 08:20:13 +0000
ROA not before: Thu 19 Feb 2026 08:20:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 1257
IP address blocks: 192.71.180.0/24 maxlen: 24
192.71.220.0/24 maxlen: 24
193.180.207.0/24 maxlen: 24
193.180.240.0/24 maxlen: 24
193.180.247.0/24 maxlen: 24
193.181.2.0/24 maxlen: 24
193.183.165.0/24 maxlen: 24
193.234.16.0/24 maxlen: 24
193.234.87.0/24 maxlen: 24
193.234.177.0/24 maxlen: 24
194.68.238.0/24 maxlen: 24
194.71.104.0/23 maxlen: 23
194.71.104.0/24 maxlen: 24
194.71.105.0/24 maxlen: 24
194.71.178.0/24 maxlen: 24
194.71.179.0/24 maxlen: 24
194.71.248.0/21 maxlen: 24
194.103.24.0/22 maxlen: 24
194.103.206.0/24 maxlen: 24
194.132.60.0/24 maxlen: 24
194.132.128.0/22 maxlen: 22
2a01:280:310::/48 maxlen: 48
2a01:280:360::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:74:fc:3e:ad:92:63:00:f8:ae:ca:8e:40:45:71:7e:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Feb 19 08:20:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6d1b53dbb81d2117a176756b6763132a5fd88afb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5d:6d:6b:84:5e:06:7a:1a:97:5f:fd:bd:31:
9a:fe:f7:8e:ec:8a:2f:74:bc:fd:2f:2a:dd:2e:e1:
e4:91:90:f6:16:71:ba:13:29:1b:3f:52:1e:0b:43:
18:52:c6:5d:24:ec:b2:2c:e0:fa:81:f3:73:63:86:
09:23:f7:c9:08:8f:73:cc:1a:ee:6a:e5:58:7c:27:
87:9b:6c:97:d2:56:50:44:10:c4:13:bc:c0:44:f9:
36:41:67:59:d1:5e:a4:2c:c4:67:94:18:95:91:99:
ed:1c:0d:1a:60:08:b9:3e:d3:90:75:91:cb:38:cf:
23:9f:97:28:83:84:82:b9:3a:d0:0e:73:c0:3d:1f:
fd:11:fa:67:52:30:c5:db:46:39:8a:f3:3b:70:67:
55:c1:d5:b2:65:ff:16:bd:28:2c:ca:a7:22:6e:8c:
ff:0b:26:88:2a:c5:69:54:e4:bc:f8:50:9f:07:34:
33:fd:78:b0:56:ea:6c:06:ad:96:a9:7f:aa:bf:fe:
02:43:31:0e:0d:38:02:a5:fa:b0:c8:61:48:9e:4b:
93:af:a2:9b:4a:7e:51:3b:45:d8:c0:76:0f:6a:31:
aa:a9:14:a4:ae:30:f7:4d:69:24:da:c6:b8:8e:29:
c6:b8:2a:bd:f5:4e:a9:ae:97:4e:c4:3f:b8:9a:41:
2e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:1B:53:DB:B8:1D:21:17:A1:76:75:6B:67:63:13:2A:5F:D8:8A:FB
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/bRtT27gdIRehdnVrZ2MTKl_Yivs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.180.0/24
192.71.220.0/24
193.180.207.0/24
193.180.240.0/24
193.180.247.0/24
193.181.2.0/24
193.183.165.0/24
193.234.16.0/24
193.234.87.0/24
193.234.177.0/24
194.68.238.0/24
194.71.104.0/23
194.71.178.0/23
194.71.248.0/21
194.103.24.0/22
194.103.206.0/24
194.132.60.0/24
194.132.128.0/22
IPv6:
2a01:280:310::/48
2a01:280:360::/48
Signature Algorithm: sha256WithRSAEncryption
ca:0f:92:3c:ab:ff:af:7d:dc:0d:94:8b:d7:e4:fc:a9:42:f3:
74:71:03:ec:20:ac:ef:dc:a6:05:95:2a:62:78:a4:47:37:7b:
b5:5b:a4:97:54:c8:f8:ac:bd:cd:30:3b:fb:bf:4d:22:4d:3f:
da:17:4e:33:45:6e:f0:0a:05:a7:d1:d9:73:f9:ef:9a:b8:66:
79:55:9b:da:70:90:e5:ae:d9:e9:ea:ed:b9:80:96:e3:cd:ef:
84:14:e0:59:64:29:8f:a4:9d:d7:1a:f2:a7:18:35:dd:d3:bf:
cd:67:ea:36:e1:43:61:14:c9:5c:f2:c3:e3:fc:f6:c4:a1:69:
7a:ed:56:f9:d8:33:42:08:45:cc:3e:f5:f0:39:9d:32:fa:3e:
ea:f2:99:5a:f8:87:e8:af:f1:53:cf:4d:e4:04:d5:05:65:12:
39:93:1b:ba:a4:fe:d4:c7:4a:54:d9:ed:8b:61:1c:a2:ab:e8:
3c:e4:59:43:5f:fc:da:62:2d:ed:4b:a5:88:a3:6a:ca:4d:2d:
ac:22:7e:f9:03:5d:ab:6e:25:e7:f0:4c:68:c0:22:06:12:04:
34:b6:5a:7e:17:ba:4e:7e:a8:17:12:d1:1c:97:2d:1d:e3:b1:
46:ff:38:fe:d5:58:54:c7:b5:8a:38:89:fa:6f:23:de:da:d5:
b1:d5:1d:b5
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZx0/D6tkmMA+K7KjkBFcX4tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjYwMjE5MDgyMDEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDFiNTNkYmI4MWQyMTE3YTE3Njc1NmI2NzYzMTMyYTVmZDg4YWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnF1ta4ReBnoal1/9vTGa/veO7Iov
dLz9LyrdLuHkkZD2FnG6EykbP1IeC0MYUsZdJOyyLOD6gfNzY4YJI/fJCI9zzBru
auVYfCeHm2yX0lZQRBDEE7zARPk2QWdZ0V6kLMRnlBiVkZntHA0aYAi5PtOQdZHL
OM8jn5cog4SCuTrQDnPAPR/9EfpnUjDF20Y5ivM7cGdVwdWyZf8WvSgsyqciboz/
CyaIKsVpVOS8+FCfBzQz/XiwVupsBq2WqX+qv/4CQzEODTgCpfqwyGFInkuTr6Kb
Sn5RO0XYwHYPajGqqRSkrjD3TWkk2sa4jinGuCq99U6prpdOxD+4mkEuiQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFG0bU9u4HSEXoXZ1a2djEypf2Ir7MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvYlJ0VDI3Z2RJUmVoZG5WcloyTVRLbF9ZaXZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjByBAIAATBsAwQAwEe0
AwQAwEfcAwQAwbTPAwQAwbTwAwQAwbT3AwQAwbUCAwQAwbelAwQAweoQAwQAwepX
AwQAweqxAwQAwkTuAwQBwkdoAwQBwkeyAwQDwkf4AwQCwmcYAwQAwmfOAwQAwoQ8
AwQCwoSAMBgEAgACMBIDBwAqAQKAAxADBwAqAQKAA2AwDQYJKoZIhvcNAQELBQAD
ggEBAMoPkjyr/6993A2Ui9fk/KlC83RxA+wgrO/cpgWVKmJ4pEc3e7VbpJdUyPis
vc0wO/u/TSJNP9oXTjNFbvAKBafR2XP575q4ZnlVm9pwkOWu2enq7bmAluPN74QU
4FlkKY+kndca8qcYNd3Tv81n6jbhQ2EUyVzyw+P89sShaXrtVvnYM0IIRcw+9fA5
nTL6PurymVr4h+iv8VPPTeQE1QVlEjmTG7qk/tTHSlTZ7YthHKKr6DzkWUNf/Npi
Le1LpYijaspNLawifvkDXatuJefwTGjAIgYSBDS2Wn4Xuk5+qBcS0RyXLR3jsUb/
OP7VWFTHtYo4ifpvI97a1bHVHbU=
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:08:18 2026 by rpki-client