Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/atgm8CikLFGKzSou5jxPcfk50tg.roa
File: atgm8CikLFGKzSou5jxPcfk50tg.roa (raw, json)
Hash identifier: AgRzREISSacFqjOC+wdNdpKstnMCeNBfZ8DphTvb7fs=
Subject key identifier: 6A:D8:26:F0:28:A4:2C:51:8A:CD:2A:2E:E6:3C:4F:71:F9:39:D2:D8
Certificate issuer: /CN=c2eafaa30b340ecf810a4cb9af3b51c702566598
Certificate serial: 019C07C7F2F9CC3C6D343D4910CEC9CBAC89
Authority key identifier: C2:EA:FA:A3:0B:34:0E:CF:81:0A:4C:B9:AF:3B:51:C7:02:56:65:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wur6ows0Ds-BCky5rztRxwJWZZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/atgm8CikLFGKzSou5jxPcfk50tg.roa
Signing time: Thu 29 Jan 2026 03:24:30 +0000
ROA not before: Thu 29 Jan 2026 03:24:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8410
IP address blocks: 194.0.120.0/22 maxlen: 22
194.0.120.0/24 maxlen: 24
194.0.121.0/24 maxlen: 24
194.0.122.0/24 maxlen: 24
194.0.123.0/24 maxlen: 24
194.55.161.0/24 maxlen: 24
194.55.163.0/24 maxlen: 24
194.55.168.0/24 maxlen: 24
194.55.171.0/24 maxlen: 24
195.140.180.0/22 maxlen: 22
195.140.180.0/24 maxlen: 24
195.140.181.0/24 maxlen: 24
195.140.182.0/24 maxlen: 24
195.140.183.0/24 maxlen: 24
212.15.32.0/21 maxlen: 21
212.15.32.0/24 maxlen: 24
212.15.33.0/24 maxlen: 24
212.15.34.0/24 maxlen: 24
212.15.35.0/24 maxlen: 24
212.15.36.0/24 maxlen: 24
212.15.37.0/24 maxlen: 24
212.15.38.0/24 maxlen: 24
212.15.39.0/24 maxlen: 24
212.15.40.0/24 maxlen: 24
212.15.41.0/24 maxlen: 24
212.15.44.0/24 maxlen: 24
212.15.45.0/24 maxlen: 24
212.15.46.0/24 maxlen: 24
212.15.48.0/24 maxlen: 24
212.15.52.0/24 maxlen: 24
212.15.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/wur6ows0Ds-BCky5rztRxwJWZZg.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/wur6ows0Ds-BCky5rztRxwJWZZg.mft
rsync://rpki.ripe.net/repository/DEFAULT/wur6ows0Ds-BCky5rztRxwJWZZg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:07:c7:f2:f9:cc:3c:6d:34:3d:49:10:ce:c9:cb:ac:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2eafaa30b340ecf810a4cb9af3b51c702566598
Validity
Not Before: Jan 29 03:24:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6ad826f028a42c518acd2a2ee63c4f71f939d2d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:24:4f:9e:b3:5e:30:89:92:db:62:c5:2c:e3:
0a:f3:71:50:49:c4:98:70:84:87:9e:a2:82:52:3d:
17:9f:dd:b3:45:d1:fc:e1:81:96:be:b8:90:6f:03:
19:ff:39:fa:a5:ac:4e:df:b3:ec:90:4f:1f:f3:cb:
a1:f2:97:38:88:4a:64:30:95:11:e7:1d:42:b1:97:
66:a9:a0:cd:83:48:8a:69:1b:6a:dc:03:04:57:fb:
b2:e2:51:5a:4d:e8:2f:a1:74:19:dd:e0:92:96:c4:
91:ad:9e:14:be:f0:63:1d:b8:a9:1a:00:9a:6e:ed:
81:78:81:f2:22:c9:75:67:d2:d6:39:cf:77:7c:81:
e4:85:d7:93:26:41:c6:f3:de:88:ca:cb:34:b3:d0:
08:74:05:4c:fb:8a:1d:c8:28:61:87:16:91:e2:b6:
e8:6e:48:7d:93:9b:80:35:8c:52:ef:89:4b:a6:d9:
3c:98:de:60:31:22:39:79:97:7e:67:eb:20:39:4a:
fa:f6:6f:c2:60:c6:58:19:71:3c:79:67:89:9f:4d:
f2:6d:f0:07:e3:af:11:43:c7:ce:8e:b1:bf:2a:b0:
5b:a1:06:35:8f:35:3f:4d:59:cd:c1:27:8c:c2:55:
87:7f:07:6c:dc:c7:9b:07:10:e4:4a:e3:84:b9:63:
41:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:D8:26:F0:28:A4:2C:51:8A:CD:2A:2E:E6:3C:4F:71:F9:39:D2:D8
X509v3 Authority Key Identifier:
keyid:C2:EA:FA:A3:0B:34:0E:CF:81:0A:4C:B9:AF:3B:51:C7:02:56:65:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wur6ows0Ds-BCky5rztRxwJWZZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/atgm8CikLFGKzSou5jxPcfk50tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/wur6ows0Ds-BCky5rztRxwJWZZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.120.0/22
194.55.161.0/24
194.55.163.0/24
194.55.168.0/24
194.55.171.0/24
195.140.180.0/22
212.15.32.0-212.15.41.255
212.15.44.0-212.15.46.255
212.15.48.0/24
212.15.52.0/23
Signature Algorithm: sha256WithRSAEncryption
50:b8:e6:e3:52:04:c6:72:55:f3:92:25:e8:aa:ed:05:8d:4a:
d2:5f:a9:19:2e:73:86:57:26:8c:d6:28:98:30:21:87:6b:3b:
ca:60:38:1b:87:48:50:be:77:b2:fb:b0:5c:4c:b6:6a:c7:86:
b5:3e:2e:db:88:de:81:40:ba:43:f4:0f:f2:b7:b8:86:70:9e:
aa:31:2a:ce:74:0c:8a:8a:1d:81:01:98:83:ff:96:bb:c9:16:
b5:f1:b1:a2:7a:74:87:7c:14:da:fe:55:7a:ae:de:65:10:df:
18:8e:6a:e0:ef:2e:f6:b6:26:0c:93:a8:c7:1d:36:66:15:3c:
73:f3:e3:8b:d8:52:ff:6d:ca:f8:f5:2a:54:9e:cb:2d:de:b0:
1d:8c:34:b5:d8:cf:de:2e:fa:e4:99:8e:8e:3e:f1:19:11:ec:
ee:bc:ca:a5:a9:91:56:1b:b0:cc:68:a8:08:45:79:23:1d:65:
f3:a4:b9:54:51:a9:93:d5:c1:85:38:7c:0a:90:e1:d6:82:26:
c4:1b:c0:5a:50:83:bd:9a:f5:3d:29:44:b6:4f:1e:20:d8:75:
9c:bd:51:fa:00:54:76:3f:f9:6f:e4:04:d6:26:77:b6:4b:ce:
48:43:3a:ac:ba:b0:51:9f:91:e3:60:3a:a2:29:e0:3c:1f:e0:
68:a0:92:b2
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZwHx/L5zDxtND1JEM7Jy6yJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZWFmYWEzMGIzNDBlY2Y4MTBhNGNiOWFmM2I1MWM3MDI1
NjY1OTgwHhcNMjYwMTI5MDMyNDMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWQ4MjZmMDI4YTQyYzUxOGFjZDJhMmVlNjNjNGY3MWY5MzlkMmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3SRPnrNeMImS22LFLOMK83FQScSY
cISHnqKCUj0Xn92zRdH84YGWvriQbwMZ/zn6paxO37PskE8f88uh8pc4iEpkMJUR
5x1CsZdmqaDNg0iKaRtq3AMEV/uy4lFaTegvoXQZ3eCSlsSRrZ4UvvBjHbipGgCa
bu2BeIHyIsl1Z9LWOc93fIHkhdeTJkHG896Iyss0s9AIdAVM+4odyChhhxaR4rbo
bkh9k5uANYxS74lLptk8mN5gMSI5eZd+Z+sgOUr69m/CYMZYGXE8eWeJn03ybfAH
468RQ8fOjrG/KrBboQY1jzU/TVnNwSeMwlWHfwds3MebBxDkSuOEuWNB4QIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFGrYJvAopCxRis0qLuY8T3H5OdLYMB8GA1UdIwQY
MBaAFMLq+qMLNA7PgQpMua87UccCVmWYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3VyNm93czBEcy1CQ2t5NXJ6dFJ4d0pXWlpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9hMzRhMTYtZjg4MC00ODczLTg2OGIt
NWVjYWZkYTQ3MWY3LzEvYXRnbThDaWtMRkdLelNvdTVqeFBjZms1MHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9hMzRhMTYtZjg4MC00ODczLTg2OGItNWVjYWZkYTQ3MWY3
LzEvd3VyNm93czBEcy1CQ2t5NXJ6dFJ4d0pXWlpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQCwgB4AwQA
wjehAwQAwjejAwQAwjeoAwQAwjerAwQCw4y0MAwDBAXUDyADBAHUDygwDAMEAtQP
LAMEANQPLgMEANQPMAMEAdQPNDANBgkqhkiG9w0BAQsFAAOCAQEAULjm41IExnJV
85Il6KrtBY1K0l+pGS5zhlcmjNYomDAhh2s7ymA4G4dIUL53svuwXEy2aseGtT4u
24jegUC6Q/QP8re4hnCeqjEqznQMioodgQGYg/+Wu8kWtfGxonp0h3wU2v5Veq7e
ZRDfGI5q4O8u9rYmDJOoxx02ZhU8c/Pji9hS/23K+PUqVJ7LLd6wHYw0tdjP3i76
5JmOjj7xGRHs7rzKpamRVhuwzGioCEV5Ix1l86S5VFGpk9XBhTh8CpDh1oImxBvA
WlCDvZr1PSlEtk8eINh1nL1R+gBUdj/5b+QE1iZ3tkvOSEM6rLqwUZ+R42A6oing
PB/gaKCSsg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 23:06:25 2026 by rpki-client