Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/BJowdLldqJHM3ir588qx25T2i1o.roa
File: BJowdLldqJHM3ir588qx25T2i1o.roa (raw, json)
Hash identifier: nGJPoQmYXI/63Ysvy1k3U4F/yfSsIELkLPYGxlPw234=
Subject key identifier: 04:9A:30:74:B9:5D:A8:91:CC:DE:2A:F9:F3:CA:B1:DB:94:F6:8B:5A
Certificate issuer: /CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Certificate serial: 019C6D0902A855052AC586FA9EBBF1CB3366
Authority key identifier: 09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/BJowdLldqJHM3ir588qx25T2i1o.roa
Signing time: Tue 17 Feb 2026 19:17:12 +0000
ROA not before: Tue 17 Feb 2026 19:17:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202053
IP address blocks: 5.22.208.0/22 maxlen: 22
5.22.212.0/22 maxlen: 22
5.22.216.0/22 maxlen: 22
5.22.220.0/22 maxlen: 22
80.69.172.0/22 maxlen: 22
81.27.96.0/22 maxlen: 22
81.27.100.0/22 maxlen: 22
81.27.104.0/23 maxlen: 23
81.27.106.0/23 maxlen: 23
81.27.108.0/22 maxlen: 22
83.136.248.0/21 maxlen: 21
85.9.200.0/21 maxlen: 21
85.9.208.0/21 maxlen: 21
85.9.216.0/22 maxlen: 22
85.9.220.0/22 maxlen: 22
94.237.0.0/24 maxlen: 24
94.237.1.0/24 maxlen: 24
94.237.2.0/23 maxlen: 23
94.237.4.0/22 maxlen: 22
94.237.8.0/21 maxlen: 21
94.237.16.0/21 maxlen: 21
94.237.24.0/21 maxlen: 21
94.237.32.0/21 maxlen: 21
94.237.40.0/21 maxlen: 21
94.237.48.0/20 maxlen: 20
94.237.64.0/20 maxlen: 20
94.237.80.0/20 maxlen: 20
94.237.96.0/21 maxlen: 21
94.237.104.0/22 maxlen: 22
94.237.108.0/22 maxlen: 22
94.237.112.0/21 maxlen: 21
94.237.120.0/22 maxlen: 22
94.237.124.0/23 maxlen: 23
94.237.126.0/24 maxlen: 24
95.111.192.0/21 maxlen: 21
95.111.200.0/22 maxlen: 22
95.111.204.0/22 maxlen: 22
95.111.208.0/22 maxlen: 22
95.111.216.0/21 maxlen: 21
185.20.136.0/22 maxlen: 22
185.26.48.0/22 maxlen: 22
185.70.196.0/22 maxlen: 22
194.62.96.0/22 maxlen: 22
212.147.224.0/22 maxlen: 22
212.147.228.0/22 maxlen: 22
212.147.232.0/22 maxlen: 22
212.147.236.0/22 maxlen: 22
212.147.240.0/22 maxlen: 22
212.147.244.0/22 maxlen: 22
212.147.248.0/22 maxlen: 22
212.147.252.0/22 maxlen: 22
213.163.192.0/20 maxlen: 20
2a04:3540::/32 maxlen: 32
2a04:3541::/32 maxlen: 32
2a04:3541:8000::/34 maxlen: 34
2a04:3542::/32 maxlen: 32
2a04:3542:8000::/34 maxlen: 34
2a04:3543::/32 maxlen: 32
2a04:3544::/32 maxlen: 32
2a04:3544:8000::/34 maxlen: 34
2a04:3545::/32 maxlen: 32
2a04:3545:4000::/34 maxlen: 34
2a04:3545:8000::/34 maxlen: 34
2a04:3546::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CZofLb97eoSuV7jWdCa35OQg-rU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CZofLb97eoSuV7jWdCa35OQg-rU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 13:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:6d:09:02:a8:55:05:2a:c5:86:fa:9e:bb:f1:cb:33:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Validity
Not Before: Feb 17 19:17:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=049a3074b95da891ccde2af9f3cab1db94f68b5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d0:3c:b5:7a:2a:00:d4:eb:70:f3:33:e3:c6:
e6:8e:c9:cf:6d:eb:b3:c9:cb:2d:57:61:a9:60:10:
ff:52:e0:1c:f6:b0:0a:04:56:62:63:19:4f:54:26:
47:35:15:01:78:dc:51:ab:59:56:87:42:a5:8a:ff:
1e:42:dd:cf:8e:48:16:fa:59:e5:b3:aa:b9:eb:b3:
8c:7f:65:e2:70:1f:89:22:73:42:28:60:ec:88:1e:
d7:56:c4:b5:48:9e:70:86:b3:29:8c:6a:71:30:be:
6e:12:13:bf:69:33:c9:02:28:dc:2a:e8:d1:8f:12:
d3:08:a8:f4:bd:a5:ab:b7:f6:23:4c:a3:50:dd:00:
03:b6:2c:3f:4a:58:3c:8f:7d:c0:65:6a:e5:a7:05:
aa:c4:b9:a5:8f:35:58:c0:b8:b5:e2:9e:53:17:da:
2d:41:12:ba:27:ec:ed:ac:4a:50:fc:13:9b:8d:b7:
41:8f:d3:53:22:c0:8c:bb:db:36:50:f7:2e:7b:fb:
90:97:7c:75:98:fb:06:f3:4c:11:d2:10:10:2d:2e:
f3:de:d5:c8:c2:7e:4b:43:ed:e4:41:2d:fa:9f:63:
a9:99:87:9f:5f:98:0a:08:f3:5d:99:dd:3e:9b:a8:
d8:93:d6:f9:78:3f:dd:91:9c:ca:66:5f:71:0a:be:
14:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:9A:30:74:B9:5D:A8:91:CC:DE:2A:F9:F3:CA:B1:DB:94:F6:8B:5A
X509v3 Authority Key Identifier:
keyid:09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/BJowdLldqJHM3ir588qx25T2i1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CZofLb97eoSuV7jWdCa35OQg-rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.208.0/20
80.69.172.0/22
81.27.96.0/20
83.136.248.0/21
85.9.200.0-85.9.223.255
94.237.0.0-94.237.126.255
95.111.192.0-95.111.211.255
95.111.216.0/21
185.20.136.0/22
185.26.48.0/22
185.70.196.0/22
194.62.96.0/22
212.147.224.0/19
213.163.192.0/20
IPv6:
2a04:3540::-2a04:3546:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
31:fe:c7:39:81:01:3e:a3:07:ef:71:0e:7d:21:ee:52:a1:f7:
9a:54:28:89:5c:53:bb:fe:80:8b:da:b2:b9:d2:c8:4b:cb:88:
de:d8:3a:56:56:0a:d4:22:c0:8d:0b:3b:28:67:dc:6f:42:b7:
09:28:e2:89:73:cd:0b:21:01:f8:03:25:d4:91:58:93:16:21:
95:fc:e1:f6:64:89:fa:da:da:ae:e8:74:18:11:26:e8:4d:cf:
12:0e:ec:bf:38:42:4c:7f:c3:3f:1e:25:23:87:29:ca:81:75:
ea:b6:14:8a:4c:27:93:06:73:7e:6e:2b:f3:86:44:42:5a:12:
59:6b:d1:f1:95:93:b4:18:2b:13:33:63:d0:fb:04:f5:5d:22:
cf:a4:0d:b1:c9:a9:c3:d6:39:f5:55:0d:72:bf:4c:90:17:f9:
4b:ad:b6:12:f6:1d:85:da:15:8b:b8:8c:bb:ab:95:c6:a2:39:
1a:b9:d4:53:bf:42:53:db:d6:0d:80:6b:e4:f7:fa:08:5f:16:
cc:4c:9c:47:81:39:29:f8:fa:01:55:d3:61:88:26:94:11:ba:
1c:98:34:5f:50:b4:a5:32:e2:f2:ec:fb:af:e3:ea:f8:b3:7c:
c0:9d:d5:e0:4c:25:65:3a:d5:01:2d:06:c0:9e:ce:50:e2:1c:
6e:89:1e:66
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAZxtCQKoVQUqxYb6nrvxyzNmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWExZjJkYmY3YjdhODRhZTU3YjhkNjc0MjZiN2U0ZTQy
MGZhYjUwHhcNMjYwMjE3MTkxNzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDlhMzA3NGI5NWRhODkxY2NkZTJhZjlmM2NhYjFkYjk0ZjY4YjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtA8tXoqANTrcPMz48bmjsnPbeuz
ycstV2GpYBD/UuAc9rAKBFZiYxlPVCZHNRUBeNxRq1lWh0Kliv8eQt3PjkgW+lnl
s6q567OMf2XicB+JInNCKGDsiB7XVsS1SJ5whrMpjGpxML5uEhO/aTPJAijcKujR
jxLTCKj0vaWrt/YjTKNQ3QADtiw/Slg8j33AZWrlpwWqxLmljzVYwLi14p5TF9ot
QRK6J+ztrEpQ/BObjbdBj9NTIsCMu9s2UPcue/uQl3x1mPsG80wR0hAQLS7z3tXI
wn5LQ+3kQS36n2OpmYefX5gKCPNdmd0+m6jYk9b5eD/dkZzKZl9xCr4UqQIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFASaMHS5XaiRzN4q+fPKsduU9otaMB8GA1UdIwQY
MBaAFAmaHy2/e3qErle41nQmt+TkIPq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAt
OWNkNjhmMjIxZTIxLzEvQkpvd2RMbGRxSkhNM2lyNTg4cXgyNVQyaTFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAtOWNkNjhmMjIxZTIx
LzEvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizBxBAIAATBrAwQEBRbQ
AwQCUEWsAwQEURtgAwQDU4j4MAwDBANVCcgDBAVVCcAwCwMDAF7tAwQAXu1+MAwD
BAZfb8ADBAJfb9ADBANfb9gDBAK5FIgDBAK5GjADBAK5RsQDBALCPmADBAXUk+AD
BATVo8AwFgQCAAIwEDAOAwUGKgQ1QAMFACoENUYwDQYJKoZIhvcNAQELBQADggEB
ADH+xzmBAT6jB+9xDn0h7lKh95pUKIlcU7v+gIvasrnSyEvLiN7YOlZWCtQiwI0L
Oyhn3G9Ctwko4olzzQshAfgDJdSRWJMWIZX84fZkifra2q7odBgRJuhNzxIO7L84
Qkx/wz8eJSOHKcqBdeq2FIpMJ5MGc35uK/OGREJaEllr0fGVk7QYKxMzY9D7BPVd
Is+kDbHJqcPWOfVVDXK/TJAX+UutthL2HYXaFYu4jLurlcaiORq51FO/QlPb1g2A
a+T3+ghfFsxMnEeBOSn4+gFV02GIJpQRuhyYNF9QtKUy4vLs+6/j6vizfMCd1eBM
JWU61QEtBsCezlDiHG6JHmY=
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:03:21 2026 by rpki-client