Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/kArbhjBH6JXdAhPlJ86iriQtuWc.roa
File: kArbhjBH6JXdAhPlJ86iriQtuWc.roa (raw, json)
Hash identifier: qwu2ROVHzmSDMccd2wvWrqMZt1dYnz/7qmymWNSDMkw=
Subject key identifier: 90:0A:DB:86:30:47:E8:95:DD:02:13:E5:27:CE:A2:AE:24:2D:B9:67
Certificate issuer: /CN=571cb51cba68eb7ef9867a75d17ab28018196aa1
Certificate serial: 019C9AB56C7AD7DCFA799D155C4F0F154716
Authority key identifier: 57:1C:B5:1C:BA:68:EB:7E:F9:86:7A:75:D1:7A:B2:80:18:19:6A:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vxy1HLpo6375hnp10XqygBgZaqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/kArbhjBH6JXdAhPlJ86iriQtuWc.roa
Signing time: Thu 26 Feb 2026 16:08:26 +0000
ROA not before: Thu 26 Feb 2026 16:08:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 33659
IP address blocks: 91.200.136.0/22 maxlen: 22
185.110.8.0/22 maxlen: 22
185.188.192.0/22 maxlen: 22
195.211.116.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/Vxy1HLpo6375hnp10XqygBgZaqE.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/Vxy1HLpo6375hnp10XqygBgZaqE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Vxy1HLpo6375hnp10XqygBgZaqE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9a:b5:6c:7a:d7:dc:fa:79:9d:15:5c:4f:0f:15:47:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=571cb51cba68eb7ef9867a75d17ab28018196aa1
Validity
Not Before: Feb 26 16:08:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=900adb863047e895dd0213e527cea2ae242db967
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:aa:b3:7c:01:bd:c8:46:f5:e8:19:b5:86:b6:
1c:46:a4:63:25:0a:7c:0a:c9:1f:e4:33:08:b2:4b:
6d:cf:35:73:6b:0b:1a:cd:f2:00:8e:28:a5:02:45:
f2:46:60:f8:b5:f8:9c:5c:6a:8c:bb:a0:ea:27:70:
de:88:1b:4a:2a:dc:07:a4:17:1f:32:ec:a7:c1:af:
4f:aa:f7:30:3b:f9:b7:f6:48:bb:71:33:9c:c6:58:
96:b6:a1:0a:bc:99:a7:17:c0:47:37:3d:35:34:9b:
1f:cf:2f:5b:63:64:c2:61:6f:0f:6d:f5:ad:b1:08:
31:9e:2a:40:c4:2f:71:ff:21:45:4a:e1:a7:23:12:
29:1f:56:f8:89:92:25:a0:4d:df:10:87:7f:68:61:
37:21:70:41:12:58:7f:d7:52:36:72:0c:8b:ad:5c:
73:19:2e:6c:c4:56:ee:a7:94:60:0e:46:e3:bf:3d:
d5:71:b1:b6:bc:27:0a:57:e2:2a:32:94:a5:65:17:
1d:0a:ac:a9:6c:8b:cf:59:2a:a9:85:4d:92:6e:66:
02:de:75:03:13:c0:b0:0c:51:f2:48:6f:c5:92:67:
1d:11:d0:11:77:05:be:ee:a7:d7:af:a8:9f:21:44:
3f:8a:03:b0:d0:aa:3e:29:e1:9a:1c:00:b3:f5:f2:
1e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:0A:DB:86:30:47:E8:95:DD:02:13:E5:27:CE:A2:AE:24:2D:B9:67
X509v3 Authority Key Identifier:
keyid:57:1C:B5:1C:BA:68:EB:7E:F9:86:7A:75:D1:7A:B2:80:18:19:6A:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vxy1HLpo6375hnp10XqygBgZaqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/kArbhjBH6JXdAhPlJ86iriQtuWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/Vxy1HLpo6375hnp10XqygBgZaqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.136.0/22
185.110.8.0/22
185.188.192.0/22
195.211.116.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:8e:15:19:6b:78:02:82:5e:00:0b:cf:3a:ff:d9:38:20:b3:
96:cd:8d:82:4c:6b:a2:bd:10:68:23:1d:3f:fc:e7:e8:d5:35:
22:01:fd:03:ba:d0:a3:bd:66:37:47:4f:f0:3d:b6:0f:a6:2a:
64:f6:4d:fb:1c:fe:99:a1:66:ec:60:c2:bb:d1:6e:f9:2d:46:
e4:7d:a3:52:3f:39:25:b1:50:50:47:61:34:0a:8f:fc:1f:96:
af:55:f1:f4:0f:80:ae:2b:6f:fd:aa:58:3d:f7:a5:19:9c:90:
40:2a:99:35:66:07:1e:43:b5:9f:a1:b3:b0:32:a0:59:16:f7:
83:b9:d7:4f:08:df:26:3d:7e:ca:28:67:91:64:7f:66:c4:ba:
f2:ba:ef:2d:05:eb:3d:fb:29:1e:dd:9e:a9:e3:e7:35:c3:fd:
6f:39:c3:4b:25:00:7b:a8:b3:8b:48:97:4c:26:60:e4:ea:39:
24:d8:98:39:ff:64:0d:eb:65:83:4e:91:f4:c2:d1:68:8e:1a:
1d:f0:79:20:c9:07:18:87:b6:3a:16:48:62:00:27:81:f1:8c:
4a:b8:94:09:f6:ab:4e:b4:8f:31:73:60:52:bb:4f:ff:56:25:
ff:5b:6b:2c:ff:cb:2a:06:ac:6b:e6:6d:74:a3:f5:d9:5d:73:
c2:9f:a7:ad
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZyatWx619z6eZ0VXE8PFUcWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MWNiNTFjYmE2OGViN2VmOTg2N2E3NWQxN2FiMjgwMTgx
OTZhYTEwHhcNMjYwMjI2MTYwODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDBhZGI4NjMwNDdlODk1ZGQwMjEzZTUyN2NlYTJhZTI0MmRiOTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7aqzfAG9yEb16Bm1hrYcRqRjJQp8
Cskf5DMIskttzzVzawsazfIAjiilAkXyRmD4tficXGqMu6DqJ3DeiBtKKtwHpBcf
Muynwa9PqvcwO/m39ki7cTOcxliWtqEKvJmnF8BHNz01NJsfzy9bY2TCYW8PbfWt
sQgxnipAxC9x/yFFSuGnIxIpH1b4iZIloE3fEId/aGE3IXBBElh/11I2cgyLrVxz
GS5sxFbup5RgDkbjvz3VcbG2vCcKV+IqMpSlZRcdCqypbIvPWSqphU2SbmYC3nUD
E8CwDFHySG/FkmcdEdARdwW+7qfXr6ifIUQ/igOw0Ko+KeGaHACz9fIecwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJAK24YwR+iV3QIT5SfOoq4kLblnMB8GA1UdIwQY
MBaAFFcctRy6aOt++YZ6ddF6soAYGWqhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnh5MUhMcG82Mzc1aG5wMTBYcXlnQmdaYXFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9iOGQyYTgtNTNhOS00MmMwLWI3Yzkt
ZGQ4NjI3NzRhMDkyLzEva0FyYmhqQkg2SlhkQWhQbEo4NmlyaVF0dVdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9iOGQyYTgtNTNhOS00MmMwLWI3YzktZGQ4NjI3NzRhMDky
LzEvVnh5MUhMcG82Mzc1aG5wMTBYcXlnQmdaYXFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW8iIAwQC
uW4IAwQCubzAAwQCw9N0MA0GCSqGSIb3DQEBCwUAA4IBAQBLjhUZa3gCgl4AC886
/9k4ILOWzY2CTGuivRBoIx0//Ofo1TUiAf0DutCjvWY3R0/wPbYPpipk9k37HP6Z
oWbsYMK70W75LUbkfaNSPzklsVBQR2E0Co/8H5avVfH0D4CuK2/9qlg996UZnJBA
Kpk1ZgceQ7WfobOwMqBZFveDuddPCN8mPX7KKGeRZH9mxLryuu8tBes9+yke3Z6p
4+c1w/1vOcNLJQB7qLOLSJdMJmDk6jkk2Jg5/2QN62WDTpH0wtFojhod8HkgyQcY
h7Y6FkhiACeB8YxKuJQJ9qtOtI8xc2BSu0//ViX/W2ss/8sqBqxr5m10o/XZXXPC
n6et
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:29:28 2026 by rpki-client