Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/9ujjLqpqBzYoU408bvIxts776s0.roa
File: 9ujjLqpqBzYoU408bvIxts776s0.roa (raw, json)
Hash identifier: MxMzpms6OueiCellPPjeDTz5xKF+c/uGLcMu+geBy1k=
Subject key identifier: F6:E8:E3:2E:AA:6A:07:36:28:53:8D:3C:6E:F2:31:B6:CE:FB:EA:CD
Certificate issuer: /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Certificate serial: 019C46C878FC20FFFA6359B3566801408D69
Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/9ujjLqpqBzYoU408bvIxts776s0.roa
Signing time: Tue 10 Feb 2026 09:01:09 +0000
ROA not before: Tue 10 Feb 2026 09:01:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42894
IP address blocks: 131.237.0.0/16 maxlen: 24
131.237.0.0/24 maxlen: 24
131.237.1.0/24 maxlen: 24
131.237.8.0/24 maxlen: 24
131.237.32.0/24 maxlen: 24
131.237.40.0/24 maxlen: 24
131.237.41.0/24 maxlen: 24
131.237.42.0/24 maxlen: 24
131.237.43.0/24 maxlen: 24
131.237.70.0/24 maxlen: 24
131.237.71.0/24 maxlen: 24
131.237.72.0/24 maxlen: 24
131.237.73.0/24 maxlen: 24
131.237.74.0/24 maxlen: 24
131.237.77.0/24 maxlen: 24
131.237.78.0/24 maxlen: 24
131.237.80.0/24 maxlen: 24
131.237.83.0/24 maxlen: 24
131.237.84.0/24 maxlen: 24
131.237.96.0/24 maxlen: 24
131.237.120.0/24 maxlen: 24
131.237.121.0/24 maxlen: 24
131.237.163.0/24 maxlen: 24
145.31.0.0/16 maxlen: 24
145.31.192.0/24 maxlen: 24
145.31.193.0/24 maxlen: 24
145.31.194.0/24 maxlen: 24
145.31.195.0/24 maxlen: 24
145.31.196.0/24 maxlen: 24
145.31.197.0/24 maxlen: 24
145.31.198.0/24 maxlen: 24
145.31.199.0/24 maxlen: 24
145.31.200.0/24 maxlen: 24
145.31.201.0/24 maxlen: 24
145.31.202.0/24 maxlen: 24
145.31.203.0/24 maxlen: 24
145.45.0.0/17 maxlen: 24
145.45.0.0/24 maxlen: 24
145.45.48.0/24 maxlen: 24
145.45.110.0/24 maxlen: 24
145.50.0.0/16 maxlen: 24
145.50.37.0/24 maxlen: 24
145.50.39.0/24 maxlen: 24
145.50.40.0/24 maxlen: 24
145.50.41.0/24 maxlen: 24
145.50.52.0/24 maxlen: 24
145.50.105.0/24 maxlen: 24
145.50.144.0/24 maxlen: 24
145.50.233.0/24 maxlen: 24
194.104.116.0/22 maxlen: 24
194.104.116.0/24 maxlen: 24
194.104.117.0/24 maxlen: 24
194.104.118.0/24 maxlen: 24
194.104.119.0/24 maxlen: 24
2a13:e080::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 06:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:46:c8:78:fc:20:ff:fa:63:59:b3:56:68:01:40:8d:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Validity
Not Before: Feb 10 09:01:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f6e8e32eaa6a073628538d3c6ef231b6cefbeacd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:36:52:16:4b:3e:ad:77:3a:09:7b:2d:86:cc:
c2:e5:07:dd:7a:74:62:2a:e6:48:e8:ef:fc:00:63:
b7:28:36:e6:0c:78:c5:c1:66:05:46:65:43:cb:6f:
0a:96:96:48:7d:06:92:2f:38:28:33:11:fe:d5:88:
d8:1f:ea:20:4b:32:76:7e:49:33:24:2f:c3:22:ca:
68:e7:65:cf:3d:97:05:fb:c2:69:4c:38:e8:8e:aa:
23:29:1e:23:a1:2c:fa:1e:1c:e6:04:23:f0:fa:7f:
9f:51:2a:fb:52:04:92:be:6c:03:5e:8b:d9:22:71:
dc:55:dc:fa:d7:e6:eb:bf:77:56:c1:9c:32:20:dc:
ab:05:b9:55:5f:06:7e:fd:d2:c0:d7:3c:5a:e9:66:
24:f0:0d:1d:49:1e:78:66:69:f2:df:4e:a3:6d:b8:
9b:f4:37:2d:4c:4e:f7:a3:80:bd:1f:a1:5e:59:78:
f2:9f:37:42:f5:95:ea:c1:84:89:ed:ea:00:e5:e8:
78:9f:66:43:ba:9d:a1:e9:4e:a0:10:4c:39:7c:7f:
b8:55:b5:9f:de:76:44:f9:12:23:41:5c:e1:c0:82:
7b:3b:b4:71:87:2a:0d:f4:db:ff:bc:e2:96:a5:4c:
f3:2f:a8:4e:14:9e:4f:1e:1d:8d:80:17:81:67:b6:
38:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:E8:E3:2E:AA:6A:07:36:28:53:8D:3C:6E:F2:31:B6:CE:FB:EA:CD
X509v3 Authority Key Identifier:
keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/9ujjLqpqBzYoU408bvIxts776s0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.237.0.0/16
145.31.0.0/16
145.45.0.0/17
145.50.0.0/16
194.104.116.0/22
IPv6:
2a13:e080::/32
Signature Algorithm: sha256WithRSAEncryption
9d:c3:79:ce:ac:b8:73:d1:b2:b7:7a:08:a9:ba:26:48:ff:6b:
75:ac:b4:44:2c:7a:21:75:00:d1:87:99:07:ab:e0:4b:59:98:
5e:58:74:f9:73:ec:82:08:6b:68:2b:fb:9d:ce:05:25:ce:93:
cc:d0:21:0d:27:8f:fd:c4:ef:c5:84:a3:52:d4:0b:2f:54:ea:
84:da:f0:7e:7b:52:54:c2:e4:b2:bc:e1:ec:44:b3:e2:b9:5a:
67:e1:a7:2b:f1:9c:26:b8:a0:a7:1a:63:d0:3f:77:12:a4:53:
fb:ca:2a:8f:19:27:ec:55:94:20:35:88:87:5b:41:2e:31:14:
6f:01:11:23:f3:59:e1:48:1b:27:bd:73:93:cf:c6:3d:7d:59:
ce:64:a5:a5:a7:43:f2:51:6f:3f:8d:5e:67:81:95:d2:01:91:
9f:f8:cb:e1:55:6c:92:00:d4:78:20:11:d6:4c:9f:89:8a:50:
2c:f1:66:38:de:a8:d2:b6:2d:92:8a:49:23:18:7c:0b:df:95:
5b:cf:17:16:79:df:dd:b5:f8:82:1a:dd:10:ba:8f:f7:43:63:
1e:ec:bb:cb:e6:e8:e6:e8:7a:de:5d:b0:40:16:4d:20:31:c7:
33:20:31:91:c1:ca:55:90:a9:4d:d6:20:26:18:d6:49:a9:20:
51:99:80:a8
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZxGyHj8IP/6Y1mzVmgBQI1pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDY5ZTE5ZTEyYzEwNDAwNGU4YjRiNzVmOGE3Nzg5Yjdl
MTEzOTYwHhcNMjYwMjEwMDkwMTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmU4ZTMyZWFhNmEwNzM2Mjg1MzhkM2M2ZWYyMzFiNmNlZmJlYWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjZSFks+rXc6CXsthszC5QfdenRi
KuZI6O/8AGO3KDbmDHjFwWYFRmVDy28KlpZIfQaSLzgoMxH+1YjYH+ogSzJ2fkkz
JC/DIspo52XPPZcF+8JpTDjojqojKR4joSz6HhzmBCPw+n+fUSr7UgSSvmwDXovZ
InHcVdz61+brv3dWwZwyINyrBblVXwZ+/dLA1zxa6WYk8A0dSR54Zmny306jbbib
9DctTE73o4C9H6FeWXjynzdC9ZXqwYSJ7eoA5eh4n2ZDup2h6U6gEEw5fH+4VbWf
3nZE+RIjQVzhwIJ7O7RxhyoN9Nv/vOKWpUzzL6hOFJ5PHh2NgBeBZ7Y4RQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPbo4y6qagc2KFONPG7yMbbO++rNMB8GA1UdIwQY
MBaAFG0GnhnhLBBABOi0t1+Kd4m34ROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmIt
N2JmZjI5NmM2YjAyLzEvOXVqakxxcHFCellvVTQwOGJ2SXh0czc3NnMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmItN2JmZjI5NmM2YjAy
LzEvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAhBAIAATAbAwMAg+0DAwCR
HwMEB5EtAAMDAJEyAwQCwmh0MA0EAgACMAcDBQAqE+CAMA0GCSqGSIb3DQEBCwUA
A4IBAQCdw3nOrLhz0bK3egipuiZI/2t1rLRELHohdQDRh5kHq+BLWZheWHT5c+yC
CGtoK/udzgUlzpPM0CENJ4/9xO/FhKNS1AsvVOqE2vB+e1JUwuSyvOHsRLPiuVpn
4acr8ZwmuKCnGmPQP3cSpFP7yiqPGSfsVZQgNYiHW0EuMRRvAREj81nhSBsnvXOT
z8Y9fVnOZKWlp0PyUW8/jV5ngZXSAZGf+MvhVWySANR4IBHWTJ+JilAs8WY43qjS
ti2SikkjGHwL35VbzxcWed/dtfiCGt0Quo/3Q2Me7LvL5ujm6HreXbBAFk0gMccz
IDGRwcpVkKlN1iAmGNZJqSBRmYCo
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:51:48 2026 by rpki-client