Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/esVt0oPMibqnLUm7kqKj2LAl8vw.roa
File: esVt0oPMibqnLUm7kqKj2LAl8vw.roa (raw, json)
Hash identifier: zfjNtga+p5eHk5tvmOl3gLN+iJp2qqpxamjLqdh8gKM=
Subject key identifier: 7A:C5:6D:D2:83:CC:89:BA:A7:2D:49:BB:92:A2:A3:D8:B0:25:F2:FC
Certificate issuer: /CN=54296d23def4c8521c647dc68acb3c123f611d89
Certificate serial: 019C51EC664312A3A319199036E11B551D35
Authority key identifier: 54:29:6D:23:DE:F4:C8:52:1C:64:7D:C6:8A:CB:3C:12:3F:61:1D:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VCltI970yFIcZH3Giss8Ej9hHYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/esVt0oPMibqnLUm7kqKj2LAl8vw.roa
Signing time: Thu 12 Feb 2026 12:56:13 +0000
ROA not before: Thu 12 Feb 2026 12:56:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8953
IP address blocks: 37.156.224.0/24 maxlen: 24
37.251.208.0/20 maxlen: 24
62.217.192.0/18 maxlen: 24
86.106.83.0/24 maxlen: 24
89.37.97.0/24 maxlen: 24
89.39.71.0/24 maxlen: 24
89.39.81.0/24 maxlen: 24
89.42.27.0/24 maxlen: 24
92.82.176.0/20 maxlen: 20
92.83.64.0/19 maxlen: 24
92.84.64.0/18 maxlen: 24
92.114.38.0/24 maxlen: 24
92.114.82.0/24 maxlen: 24
93.113.56.0/24 maxlen: 24
93.115.244.0/23 maxlen: 24
93.122.128.0/17 maxlen: 24
109.96.192.0/19 maxlen: 24
109.166.128.0/17 maxlen: 24
109.166.212.0/24 maxlen: 24
128.127.112.0/20 maxlen: 24
185.53.196.0/22 maxlen: 24
185.133.64.0/24 maxlen: 24
2a02:a58::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/VCltI970yFIcZH3Giss8Ej9hHYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/VCltI970yFIcZH3Giss8Ej9hHYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/VCltI970yFIcZH3Giss8Ej9hHYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:51:ec:66:43:12:a3:a3:19:19:90:36:e1:1b:55:1d:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54296d23def4c8521c647dc68acb3c123f611d89
Validity
Not Before: Feb 12 12:56:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7ac56dd283cc89baa72d49bb92a2a3d8b025f2fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:98:fb:de:22:cc:c5:7e:f8:2e:12:d2:5d:30:
ca:1b:e6:cc:69:dd:5f:52:ed:98:c3:29:4c:40:8e:
bc:24:04:e2:75:5a:75:3e:7b:c7:f6:ef:b3:f8:aa:
48:21:06:63:c7:cd:3c:27:a0:64:17:6a:69:4e:e3:
f6:90:b5:7f:03:d9:8b:7d:a2:68:9a:c1:d0:c1:28:
b4:69:40:26:47:dc:8a:11:2b:80:c9:56:2b:c1:b8:
11:6b:3b:e4:5c:78:3b:0d:0b:29:4e:06:7e:fd:83:
f4:5e:f8:78:0d:dc:6f:da:fc:3d:a7:ec:61:9d:99:
05:5b:a9:97:6b:04:d0:41:ce:98:8f:32:88:1a:2b:
fb:46:46:f8:0d:35:ad:5d:02:b9:48:5e:9e:73:ff:
70:1d:76:0f:d3:71:d9:4e:a2:66:ca:7a:77:c8:42:
77:bd:aa:3b:7f:d7:dd:8f:2a:41:66:eb:ea:89:c4:
2f:b1:74:35:c5:18:48:73:49:44:da:20:73:21:62:
6b:83:4b:9e:73:6d:69:15:8c:a4:1d:37:12:6e:8e:
9b:b4:36:c9:37:ea:d8:c5:24:b4:23:eb:c3:88:d5:
76:64:0f:d3:04:98:1b:d3:ff:a5:d4:89:18:a7:2c:
be:ac:72:97:46:8a:6d:b4:f0:98:13:0c:91:1e:e4:
ff:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:C5:6D:D2:83:CC:89:BA:A7:2D:49:BB:92:A2:A3:D8:B0:25:F2:FC
X509v3 Authority Key Identifier:
keyid:54:29:6D:23:DE:F4:C8:52:1C:64:7D:C6:8A:CB:3C:12:3F:61:1D:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VCltI970yFIcZH3Giss8Ej9hHYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/esVt0oPMibqnLUm7kqKj2LAl8vw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/VCltI970yFIcZH3Giss8Ej9hHYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.224.0/24
37.251.208.0/20
62.217.192.0/18
86.106.83.0/24
89.37.97.0/24
89.39.71.0/24
89.39.81.0/24
89.42.27.0/24
92.82.176.0/20
92.83.64.0/19
92.84.64.0/18
92.114.38.0/24
92.114.82.0/24
93.113.56.0/24
93.115.244.0/23
93.122.128.0/17
109.96.192.0/19
109.166.128.0/17
128.127.112.0/20
185.53.196.0/22
185.133.64.0/24
IPv6:
2a02:a58::/32
Signature Algorithm: sha256WithRSAEncryption
2c:c3:45:7f:0f:30:f3:bc:06:98:49:fa:41:20:1a:0c:f8:5a:
cf:9a:f0:38:41:9a:f9:44:90:e2:9d:ef:01:94:8b:5b:8f:15:
2d:d1:a6:38:86:44:ec:8b:01:27:7d:e2:9b:f0:54:b1:78:4b:
e7:21:20:48:1a:59:be:2a:2d:b2:83:bd:bd:39:19:b0:15:d0:
d0:fc:f1:83:0e:bd:5c:29:67:a8:a9:af:c1:d3:28:63:b3:aa:
0f:51:35:63:65:e5:63:c9:d5:8a:5b:62:42:9d:b7:f0:66:76:
5e:ea:64:31:52:28:2f:9e:bf:b1:ca:df:7c:a1:df:44:49:90:
8e:0d:d6:25:0b:b1:1d:e2:52:ad:95:5d:ec:71:7f:cb:17:16:
dd:71:be:eb:d0:75:84:b3:58:c9:5c:5d:94:ee:d3:70:c0:b3:
cb:15:de:6b:a6:04:dc:9d:7c:3d:76:38:03:3c:2a:ab:f7:d6:
8d:80:0a:1b:52:f8:ff:e6:ce:0e:39:a2:ee:6e:5e:97:df:3d:
e8:89:95:43:ca:d2:c2:2e:a7:f1:3b:5c:05:5d:25:fb:ab:d8:
eb:a9:90:a8:71:79:a6:76:d2:a1:4c:65:1e:74:1f:6b:b6:cf:
fa:e2:e8:ac:84:1c:60:6a:07:84:61:8a:a6:96:a5:59:b8:6c:
50:97:78:03
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZxR7GZDEqOjGRmQNuEbVR01MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Mjk2ZDIzZGVmNGM4NTIxYzY0N2RjNjhhY2IzYzEyM2Y2
MTFkODkwHhcNMjYwMjEyMTI1NjEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWM1NmRkMjgzY2M4OWJhYTcyZDQ5YmI5MmEyYTNkOGIwMjVmMmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZj73iLMxX74LhLSXTDKG+bMad1f
Uu2YwylMQI68JATidVp1PnvH9u+z+KpIIQZjx808J6BkF2ppTuP2kLV/A9mLfaJo
msHQwSi0aUAmR9yKESuAyVYrwbgRazvkXHg7DQspTgZ+/YP0Xvh4Ddxv2vw9p+xh
nZkFW6mXawTQQc6YjzKIGiv7Rkb4DTWtXQK5SF6ec/9wHXYP03HZTqJmynp3yEJ3
vao7f9fdjypBZuvqicQvsXQ1xRhIc0lE2iBzIWJrg0uec21pFYykHTcSbo6btDbJ
N+rYxSS0I+vDiNV2ZA/TBJgb0/+l1IkYpyy+rHKXRopttPCYEwyRHuT/RwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFHrFbdKDzIm6py1Ju5Kio9iwJfL8MB8GA1UdIwQY
MBaAFFQpbSPe9MhSHGR9xorLPBI/YR2JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkNsdEk5NzB5RkljWkgzR2lzczhFajloSFlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy81Y2I0NTQtN2JlZS00ZTVkLWIyOTUt
OTQyNDgyZjhkMmVhLzEvZXNWdDBvUE1pYnFuTFVtN2txS2oyTEFsOHZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy81Y2I0NTQtN2JlZS00ZTVkLWIyOTUtOTQyNDgyZjhkMmVh
LzEvVkNsdEk5NzB5RkljWkgzR2lzczhFajloSFlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBhAQCAAEwfgMEACWc
4AMEBCX70AMEBj7ZwAMEAFZqUwMEAFklYQMEAFknRwMEAFknUQMEAFkqGwMEBFxS
sAMEBVxTQAMEBlxUQAMEAFxyJgMEAFxyUgMEAF1xOAMEAV1z9AMEB116gAMEBW1g
wAMEB22mgAMEBIB/cAMEArk1xAMEALmFQDANBAIAAjAHAwUAKgIKWDANBgkqhkiG
9w0BAQsFAAOCAQEALMNFfw8w87wGmEn6QSAaDPhaz5rwOEGa+USQ4p3vAZSLW48V
LdGmOIZE7IsBJ33im/BUsXhL5yEgSBpZviotsoO9vTkZsBXQ0Pzxgw69XClnqKmv
wdMoY7OqD1E1Y2XlY8nViltiQp238GZ2XupkMVIoL56/scrffKHfREmQjg3WJQux
HeJSrZVd7HF/yxcW3XG+69B1hLNYyVxdlO7TcMCzyxXea6YE3J18PXY4Azwqq/fW
jYAKG1L4/+bODjmi7m5el9896ImVQ8rSwi6n8TtcBV0l+6vY66mQqHF5pnbSoUxl
HnQfa7bP+uLorIQcYGoHhGGKppalWbhsUJd4Aw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:54:23 2026 by rpki-client