Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/1-4Q6HyVN03Lv_xlIaoe5h53xAlQ.roa
File: 1-4Q6HyVN03Lv_xlIaoe5h53xAlQ.roa (raw, json)
Hash identifier: jNCPaDoRzxjIeczOXqfOrUzMf5Wla6Pj6vG/df7Mzsw=
Subject key identifier: FB:84:3A:1F:25:4D:D3:72:EF:FF:19:48:6A:87:B9:87:9D:F1:02:54
Certificate issuer: /CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
Certificate serial: 019C994ED70AD2DE3C62723506EF3D8D5B04
Authority key identifier: 5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/1-4Q6HyVN03Lv_xlIaoe5h53xAlQ.roa
Signing time: Thu 26 Feb 2026 09:36:46 +0000
ROA not before: Thu 26 Feb 2026 09:36:46 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39386
IP address blocks: 37.224.192.0/24 maxlen: 24
84.235.0.0/17 maxlen: 17
84.235.0.0/24 maxlen: 24
84.235.14.0/24 maxlen: 24
84.235.56.0/23 maxlen: 23
84.235.95.0/24 maxlen: 24
84.235.108.0/24 maxlen: 24
84.235.109.0/24 maxlen: 24
84.235.110.0/24 maxlen: 24
84.235.111.0/24 maxlen: 24
84.235.120.0/22 maxlen: 22
178.86.50.0/24 maxlen: 24
193.19.244.0/24 maxlen: 24
212.118.154.0/24 maxlen: 24
2001:16a0:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:99:4e:d7:0a:d2:de:3c:62:72:35:06:ef:3d:8d:5b:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
Validity
Not Before: Feb 26 09:36:46 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fb843a1f254dd372efff19486a87b9879df10254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:55:5a:b6:cc:0c:0a:1f:c1:5d:b9:fc:63:9c:
ed:88:9a:03:d5:bf:7e:58:87:85:d8:cc:bf:79:c2:
54:47:0f:09:b1:bf:a5:32:11:b9:cc:23:65:47:b7:
a6:5c:7d:d4:ee:1a:8a:8a:70:f2:39:c8:19:4a:54:
2a:84:78:1f:9a:cb:f5:7a:42:e2:4c:67:9c:d5:fa:
6b:ae:40:c6:8e:5a:21:ce:72:1b:7a:d1:59:65:23:
56:39:6a:a0:2a:2b:b7:22:8f:cb:d5:35:5b:8e:3f:
a8:1d:ea:31:06:aa:7a:91:22:d7:d3:15:03:91:d9:
1c:76:cb:5e:bb:74:df:ab:3b:ec:54:cd:c6:a8:55:
83:9a:a4:1b:36:ff:c0:e5:1c:c1:28:97:04:42:3d:
bc:c6:ce:24:67:08:aa:9a:8e:dd:7a:3e:5f:91:4f:
f8:f8:fa:d0:21:9a:44:ff:e7:26:5d:12:1c:5b:8e:
d0:2c:1a:22:de:9f:0c:61:25:87:1a:8b:49:e1:f6:
bf:82:ba:48:4f:b0:6a:c1:00:b8:e2:45:07:dc:d4:
dd:05:82:53:ae:04:98:fa:5e:96:68:2a:31:6b:0e:
d8:68:23:20:4c:30:84:05:19:50:82:ca:e3:4e:6b:
56:28:40:07:c3:65:58:cf:a5:b3:9f:d3:0a:8f:80:
8c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:84:3A:1F:25:4D:D3:72:EF:FF:19:48:6A:87:B9:87:9D:F1:02:54
X509v3 Authority Key Identifier:
keyid:5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/1-4Q6HyVN03Lv_xlIaoe5h53xAlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.224.192.0/24
84.235.0.0/17
178.86.50.0/24
193.19.244.0/24
212.118.154.0/24
IPv6:
2001:16a0:1000::/36
Signature Algorithm: sha256WithRSAEncryption
88:de:a3:8b:ef:8c:86:b2:78:b9:5c:2c:eb:17:16:48:71:7c:
78:81:74:83:d2:a0:00:6e:dc:fa:04:ae:86:97:5b:7c:42:8e:
d4:8a:d1:47:02:25:11:3a:1a:62:40:db:57:72:ca:ed:b1:0a:
65:70:c4:99:76:b0:c7:c5:9c:06:9c:82:5d:3f:63:ac:47:14:
be:49:f6:7e:3e:41:66:7b:9c:5b:97:29:5a:06:4a:c3:f3:6b:
77:c7:d8:f3:3d:df:c1:68:4e:09:98:50:2c:62:3f:7b:f1:d9:
6a:98:0b:45:73:bc:d0:77:38:31:de:4b:f6:45:fb:e8:85:ad:
09:98:94:16:cd:03:d9:9d:3a:d3:fc:13:37:e5:bf:8e:90:2e:
4a:dc:cc:aa:ce:26:3d:f9:06:ce:b2:2f:b0:35:d4:3d:3c:e4:
74:e0:52:8d:1c:e0:77:b2:b5:d8:27:4e:6c:be:72:2c:07:4d:
36:06:bd:5f:27:3f:6d:0d:5e:42:8c:8d:cf:e5:9d:dd:87:9b:
53:65:59:d4:86:7c:6e:46:39:7b:32:f7:79:02:a9:ae:58:4b:
7a:bc:76:7b:e8:cc:14:23:a4:e4:60:f1:ac:52:34:2e:8e:88:
ed:a1:bf:44:fd:54:d3:a9:af:ec:cc:08:7c:31:bb:72:d1:8e:
d7:f0:de:91
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZyZTtcK0t48YnI1Bu89jVsEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMWJmNmEzMTlkYTI0ODk4MTZhZWRiYTFiNGZkMGNjN2Rk
ZjNlMWUwHhcNMjYwMjI2MDkzNjQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjg0M2ExZjI1NGRkMzcyZWZmZjE5NDg2YTg3Yjk4NzlkZjEwMjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVVatswMCh/BXbn8Y5ztiJoD1b9+
WIeF2My/ecJURw8Jsb+lMhG5zCNlR7emXH3U7hqKinDyOcgZSlQqhHgfmsv1ekLi
TGec1fprrkDGjlohznIbetFZZSNWOWqgKiu3Io/L1TVbjj+oHeoxBqp6kSLX0xUD
kdkcdsteu3TfqzvsVM3GqFWDmqQbNv/A5RzBKJcEQj28xs4kZwiqmo7dej5fkU/4
+PrQIZpE/+cmXRIcW47QLBoi3p8MYSWHGotJ4fa/grpIT7BqwQC44kUH3NTdBYJT
rgSY+l6WaCoxaw7YaCMgTDCEBRlQgsrjTmtWKEAHw2VYz6Wzn9MKj4CMpwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFPuEOh8lTdNy7/8ZSGqHuYed8QJUMB8GA1UdIwQY
MBaAFF4b9qMZ2iSJgWrtuhtP0Mx93z4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYt
YjU5MDk1N2Q5NDE1LzEvMS00UTZIeVZOMDNMdl94bElhb2U1aDUzeEFsUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvODhmZGQxLThiN2ItNDEwMS1hYzY2LWI1OTA5NTdkOTQx
NS8xL1hodjJveG5hSkltQmF1MjZHMF9RekgzZlBoNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBHBggrBgEFBQcBBwEB/wQ4MDYwJAQCAAEwHgMEACXgwAME
B1TrAAMEALJWMgMEAMET9AMEANR2mjAOBAIAAjAIAwYEIAEWoBAwDQYJKoZIhvcN
AQELBQADggEBAIjeo4vvjIayeLlcLOsXFkhxfHiBdIPSoABu3PoEroaXW3xCjtSK
0UcCJRE6GmJA21dyyu2xCmVwxJl2sMfFnAacgl0/Y6xHFL5J9n4+QWZ7nFuXKVoG
SsPza3fH2PM938FoTgmYUCxiP3vx2WqYC0VzvNB3ODHeS/ZF++iFrQmYlBbNA9md
OtP8Ezflv46QLkrczKrOJj35Bs6yL7A11D085HTgUo0c4HeytdgnTmy+ciwHTTYG
vV8nP20NXkKMjc/lnd2Hm1NlWdSGfG5GOXsy93kCqa5YS3q8dnvozBQjpORg8axS
NC6OiO2hv0T9VNOpr+zMCHwxu3LRjtfw3pE=
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:03:02 2026 by rpki-client