Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/ATLOmeA5cf4AwJ9U-Q-N1ldTcPE.roa
File: ATLOmeA5cf4AwJ9U-Q-N1ldTcPE.roa (raw, json)
Hash identifier: hnP5uN1NwwvHi/WK/M6S1b6bdfJWGxirQCx3zSYRXtM=
Subject key identifier: 01:32:CE:99:E0:39:71:FE:00:C0:9F:54:F9:0F:8D:D6:57:53:70:F1
Certificate issuer: /CN=8293905afa134944f0630c949f3abda40646dac1
Certificate serial: 019C801CA5A9F87EB47075BED958F7C1D454
Authority key identifier: 82:93:90:5A:FA:13:49:44:F0:63:0C:94:9F:3A:BD:A4:06:46:DA:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gpOQWvoTSUTwYwyUnzq9pAZG2sE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/ATLOmeA5cf4AwJ9U-Q-N1ldTcPE.roa
Signing time: Sat 21 Feb 2026 12:11:26 +0000
ROA not before: Sat 21 Feb 2026 12:11:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201333
IP address blocks: 45.11.116.0/22 maxlen: 24
185.54.212.0/22 maxlen: 24
185.78.48.0/22 maxlen: 24
185.97.220.0/22 maxlen: 22
185.97.222.0/24 maxlen: 24
185.97.223.0/24 maxlen: 24
193.243.184.0/24 maxlen: 24
194.156.8.0/22 maxlen: 24
2a02:4720::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/gpOQWvoTSUTwYwyUnzq9pAZG2sE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/gpOQWvoTSUTwYwyUnzq9pAZG2sE.mft
rsync://rpki.ripe.net/repository/DEFAULT/gpOQWvoTSUTwYwyUnzq9pAZG2sE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 11:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:80:1c:a5:a9:f8:7e:b4:70:75:be:d9:58:f7:c1:d4:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8293905afa134944f0630c949f3abda40646dac1
Validity
Not Before: Feb 21 12:11:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0132ce99e03971fe00c09f54f90f8dd6575370f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:1e:7e:be:d6:71:92:12:c7:db:8c:a9:29:00:
b3:84:9b:58:7b:d7:71:68:0c:fe:cc:9a:e5:11:38:
4b:60:55:6a:f3:c4:c1:8f:d5:ad:dd:3b:66:b7:c4:
2c:ce:80:15:48:ba:c6:55:19:e7:ee:6c:ff:11:d1:
54:26:72:5a:a3:dc:35:17:86:c2:b4:8f:02:05:fb:
40:ea:c7:b3:23:e9:ad:2f:15:c2:14:aa:1d:31:9f:
3c:2a:e0:c3:20:9c:2c:12:55:8c:db:34:8e:77:3c:
2a:06:c8:37:a8:cd:b1:67:20:a4:fe:13:64:78:80:
14:6b:c9:c6:ca:39:8a:92:91:fc:bc:57:e2:77:38:
36:a7:29:5f:30:e1:bb:eb:ff:3f:47:2c:3d:59:1e:
db:6d:5b:61:c6:4c:92:94:b1:c5:9b:b0:4a:12:38:
6a:a1:4f:cd:67:b9:4c:cb:24:59:54:08:9a:db:42:
a3:fd:a6:80:bd:b8:f9:92:7c:be:4f:47:2d:88:ba:
26:31:ab:1b:9d:cf:5e:83:3f:13:7d:64:1e:5c:e6:
24:b1:02:e1:5a:36:de:79:14:58:76:47:bb:e4:5b:
35:fd:0f:77:62:d5:72:19:46:02:84:4d:96:c4:32:
66:1e:21:c3:65:81:31:09:75:9a:1b:a6:b4:b5:ab:
ff:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:32:CE:99:E0:39:71:FE:00:C0:9F:54:F9:0F:8D:D6:57:53:70:F1
X509v3 Authority Key Identifier:
keyid:82:93:90:5A:FA:13:49:44:F0:63:0C:94:9F:3A:BD:A4:06:46:DA:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gpOQWvoTSUTwYwyUnzq9pAZG2sE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/ATLOmeA5cf4AwJ9U-Q-N1ldTcPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/gpOQWvoTSUTwYwyUnzq9pAZG2sE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.116.0/22
185.54.212.0/22
185.78.48.0/22
185.97.220.0/22
193.243.184.0/24
194.156.8.0/22
IPv6:
2a02:4720::/29
Signature Algorithm: sha256WithRSAEncryption
8f:86:83:de:ac:74:70:4a:98:00:94:e9:37:1c:9b:85:5e:c5:
0e:60:1b:5e:8d:a3:90:ab:72:8a:32:22:5b:60:03:e6:05:5c:
6f:4a:96:45:fa:79:bc:46:30:cb:26:97:74:41:00:2c:70:fa:
8b:eb:7a:94:99:15:72:65:1b:df:12:35:de:f1:0a:91:22:32:
78:f2:10:55:2d:c6:25:28:d1:7c:dd:0b:1c:0d:81:48:8a:6c:
01:38:d6:ef:f2:ae:44:86:51:8b:3b:e1:63:13:4b:35:67:e9:
59:4a:64:ca:33:ef:91:46:3b:3c:f2:e3:63:40:ba:42:f2:5c:
ab:6b:a5:d5:5f:e8:9c:f5:83:83:e2:49:52:3c:41:f5:45:7b:
3d:13:d9:94:7d:44:f6:26:ef:d4:af:e1:cd:29:6c:ab:71:b2:
4c:d5:3a:8b:0a:b3:91:19:c9:b1:c8:d7:77:6a:46:70:56:8b:
47:21:9b:b0:cf:0e:5d:c7:2d:ea:0f:6e:76:1e:6a:85:c5:54:
c3:b2:95:48:51:24:0f:a2:82:fd:95:78:97:66:73:43:be:9a:
44:23:9e:21:1f:fc:63:2a:4f:30:5b:f1:03:12:1c:d9:6a:4a:
dd:be:67:c6:ee:f8:2c:c2:d1:c9:66:28:3f:76:ae:a9:23:85:
cd:54:9e:e5
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZyAHKWp+H60cHW+2Vj3wdRUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyOTM5MDVhZmExMzQ5NDRmMDYzMGM5NDlmM2FiZGE0MDY0
NmRhYzEwHhcNMjYwMjIxMTIxMTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTMyY2U5OWUwMzk3MWZlMDBjMDlmNTRmOTBmOGRkNjU3NTM3MGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzR5+vtZxkhLH24ypKQCzhJtYe9dx
aAz+zJrlEThLYFVq88TBj9Wt3Ttmt8QszoAVSLrGVRnn7mz/EdFUJnJao9w1F4bC
tI8CBftA6sezI+mtLxXCFKodMZ88KuDDIJwsElWM2zSOdzwqBsg3qM2xZyCk/hNk
eIAUa8nGyjmKkpH8vFfidzg2pylfMOG76/8/Ryw9WR7bbVthxkySlLHFm7BKEjhq
oU/NZ7lMyyRZVAia20Kj/aaAvbj5kny+T0ctiLomMasbnc9egz8TfWQeXOYksQLh
WjbeeRRYdke75Fs1/Q93YtVyGUYChE2WxDJmHiHDZYExCXWaG6a0tav/rwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFAEyzpngOXH+AMCfVPkPjdZXU3DxMB8GA1UdIwQY
MBaAFIKTkFr6E0lE8GMMlJ86vaQGRtrBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3BPUVd2b1RTVVR3WXd5VW56cTlwQVpHMnNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9lMWMzNzMtNjRmOC00MjI2LTkwNDQt
ODEwOTVhMTNiOWRlLzEvQVRMT21lQTVjZjRBd0o5VS1RLU4xbGRUY1BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9lMWMzNzMtNjRmOC00MjI2LTkwNDQtODEwOTVhMTNiOWRl
LzEvZ3BPUVd2b1RTVVR3WXd5VW56cTlwQVpHMnNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLQt0AwQC
uTbUAwQCuU4wAwQCuWHcAwQAwfO4AwQCwpwIMA0EAgACMAcDBQMqAkcgMA0GCSqG
SIb3DQEBCwUAA4IBAQCPhoPerHRwSpgAlOk3HJuFXsUOYBtejaOQq3KKMiJbYAPm
BVxvSpZF+nm8RjDLJpd0QQAscPqL63qUmRVyZRvfEjXe8QqRIjJ48hBVLcYlKNF8
3QscDYFIimwBONbv8q5EhlGLO+FjE0s1Z+lZSmTKM++RRjs88uNjQLpC8lyra6XV
X+ic9YOD4klSPEH1RXs9E9mUfUT2Ju/Ur+HNKWyrcbJM1TqLCrORGcmxyNd3akZw
VotHIZuwzw5dxy3qD252HmqFxVTDspVIUSQPooL9lXiXZnNDvppEI54hH/xjKk8w
W/EDEhzZakrdvmfG7vgswtHJZig/dq6pI4XNVJ7l
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:35:32 2026 by rpki-client