Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/unUyBQz8XFF2OcgZ1f90_tl9Ad4.roa
File: unUyBQz8XFF2OcgZ1f90_tl9Ad4.roa (raw, json)
Hash identifier: Q3zQczsKFUa5DCI4QfqsevX6E5xk3SVGs2WbjqkExHY=
Subject key identifier: BA:75:32:05:0C:FC:5C:51:76:39:C8:19:D5:FF:74:FE:D9:7D:01:DE
Certificate issuer: /CN=f0f14ed124f9a2f3deab1006f184cf4fb80a3aec
Certificate serial: 019B7F14763B744F25D1F00B662B45EEFF9A
Authority key identifier: F0:F1:4E:D1:24:F9:A2:F3:DE:AB:10:06:F1:84:CF:4F:B8:0A:3A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8PFO0ST5ovPeqxAG8YTPT7gKOuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/unUyBQz8XFF2OcgZ1f90_tl9Ad4.roa
Signing time: Fri 02 Jan 2026 14:20:05 +0000
ROA not before: Fri 02 Jan 2026 14:20:05 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200924
IP address blocks: 5.182.107.0/24 maxlen: 24
31.14.29.0/24 maxlen: 24
31.14.30.0/24 maxlen: 24
46.102.102.0/24 maxlen: 24
80.208.255.0/24 maxlen: 24
85.204.37.0/24 maxlen: 24
94.177.133.0/24 maxlen: 24
103.197.8.0/22 maxlen: 22
178.157.95.0/24 maxlen: 24
185.11.16.0/22 maxlen: 22
185.11.16.0/23 maxlen: 23
185.11.18.0/23 maxlen: 23
185.36.112.0/22 maxlen: 22
185.186.116.0/22 maxlen: 22
185.207.240.0/22 maxlen: 22
195.5.96.0/23 maxlen: 23
195.181.254.0/24 maxlen: 24
195.192.252.0/24 maxlen: 24
212.103.52.0/22 maxlen: 22
212.237.254.0/24 maxlen: 24
217.61.255.0/24 maxlen: 24
2a03:4f40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/8PFO0ST5ovPeqxAG8YTPT7gKOuw.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/8PFO0ST5ovPeqxAG8YTPT7gKOuw.mft
rsync://rpki.ripe.net/repository/DEFAULT/8PFO0ST5ovPeqxAG8YTPT7gKOuw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 02:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7f:14:76:3b:74:4f:25:d1:f0:0b:66:2b:45:ee:ff:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0f14ed124f9a2f3deab1006f184cf4fb80a3aec
Validity
Not Before: Jan 2 14:20:05 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ba7532050cfc5c517639c819d5ff74fed97d01de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:91:b8:a6:44:bb:9f:a6:26:f8:d0:c8:8f:17:
de:82:15:fe:c4:66:21:4f:97:54:ab:83:ec:4c:9c:
70:8d:44:35:0f:31:23:c2:37:fd:98:a4:d3:47:bc:
5c:98:72:50:1e:cc:76:42:a5:d9:0e:92:a1:61:b6:
31:8a:20:30:ce:7d:03:91:3a:74:10:56:29:07:61:
58:fc:7e:d4:dd:4c:1d:97:a0:8d:55:b6:07:ae:dc:
f9:e7:c1:72:a3:96:55:3a:cc:8e:c6:97:e2:16:bf:
c1:f7:4b:e6:62:c3:88:c8:eb:bd:73:e0:68:35:d9:
87:91:98:9b:80:2b:02:8a:52:1b:43:73:47:78:14:
48:2a:90:43:24:fa:55:21:02:cc:16:3e:ef:b4:19:
c9:cc:7e:8d:e8:e2:2d:bb:60:0f:55:b9:a5:b7:16:
9c:fd:e7:bf:82:bf:5e:8a:3d:9d:d7:3c:3c:56:2c:
f5:7c:bf:77:dd:85:2c:a3:10:15:29:c0:64:f0:91:
bd:e8:61:83:a8:d9:a7:54:49:cb:0d:84:54:98:9d:
f4:7e:52:01:89:a0:b2:91:37:22:17:4b:6e:10:a4:
bf:8f:80:27:4c:34:6e:81:5b:c9:78:29:b8:ae:d0:
af:70:05:f4:75:a3:35:d7:40:2d:3f:00:04:45:55:
24:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:75:32:05:0C:FC:5C:51:76:39:C8:19:D5:FF:74:FE:D9:7D:01:DE
X509v3 Authority Key Identifier:
keyid:F0:F1:4E:D1:24:F9:A2:F3:DE:AB:10:06:F1:84:CF:4F:B8:0A:3A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8PFO0ST5ovPeqxAG8YTPT7gKOuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/unUyBQz8XFF2OcgZ1f90_tl9Ad4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/8PFO0ST5ovPeqxAG8YTPT7gKOuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.107.0/24
31.14.29.0-31.14.30.255
46.102.102.0/24
80.208.255.0/24
85.204.37.0/24
94.177.133.0/24
103.197.8.0/22
178.157.95.0/24
185.11.16.0/22
185.36.112.0/22
185.186.116.0/22
185.207.240.0/22
195.5.96.0/23
195.181.254.0/24
195.192.252.0/24
212.103.52.0/22
212.237.254.0/24
217.61.255.0/24
IPv6:
2a03:4f40::/32
Signature Algorithm: sha256WithRSAEncryption
be:1e:42:11:73:d7:08:3f:d3:71:a1:29:af:2d:69:b2:ff:81:
75:c3:df:34:f6:b4:06:0c:d2:f2:f8:79:54:f6:1d:40:bf:77:
44:9a:96:b9:3f:81:bc:0d:6d:25:76:e0:00:c4:6a:39:5c:8c:
cd:6b:a8:12:fb:c1:f1:03:7a:b9:e5:e3:66:2f:bb:17:b0:e5:
7d:48:fe:51:ce:e4:d2:3b:f5:81:01:ee:fb:9a:8a:81:23:f1:
62:09:53:8a:0f:98:ca:57:69:bb:15:86:de:d4:23:2c:72:83:
2d:d5:bf:9f:b1:fd:ea:eb:5a:ec:fa:50:c1:8e:50:38:48:a3:
e1:82:1f:65:45:ff:de:7f:cb:0a:84:ae:27:2b:8d:e0:15:66:
1a:1c:a2:1e:d2:64:d4:99:b4:51:bd:8c:a3:ed:b6:9a:d2:ea:
00:ce:49:d0:81:aa:78:a5:b2:0b:a2:da:4d:1d:7b:bf:84:58:
8e:64:a8:62:a0:bb:2c:e6:e3:e4:e1:03:81:b6:ba:a9:89:90:
8d:f5:a1:59:1c:f0:28:25:d9:10:22:8a:ac:70:a9:cb:14:34:
42:56:a7:e6:4d:d5:22:ce:db:8d:cd:bc:3e:d3:1b:a7:66:b3:
bc:3f:3b:93:28:b8:9b:a0:8a:02:34:d7:54:a2:00:e0:a2:5d:
35:49:37:a2
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAZt/FHY7dE8l0fALZitF7v+aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZjE0ZWQxMjRmOWEyZjNkZWFiMTAwNmYxODRjZjRmYjgw
YTNhZWMwHhcNMjYwMTAyMTQyMDA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTc1MzIwNTBjZmM1YzUxNzYzOWM4MTlkNWZmNzRmZWQ5N2QwMWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopG4pkS7n6Ym+NDIjxfeghX+xGYh
T5dUq4PsTJxwjUQ1DzEjwjf9mKTTR7xcmHJQHsx2QqXZDpKhYbYxiiAwzn0DkTp0
EFYpB2FY/H7U3Uwdl6CNVbYHrtz558Fyo5ZVOsyOxpfiFr/B90vmYsOIyOu9c+Bo
NdmHkZibgCsCilIbQ3NHeBRIKpBDJPpVIQLMFj7vtBnJzH6N6OItu2APVbmltxac
/ee/gr9eij2d1zw8Viz1fL933YUsoxAVKcBk8JG96GGDqNmnVEnLDYRUmJ30flIB
iaCykTciF0tuEKS/j4AnTDRugVvJeCm4rtCvcAX0daM110AtPwAERVUkoQIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFLp1MgUM/FxRdjnIGdX/dP7ZfQHeMB8GA1UdIwQY
MBaAFPDxTtEk+aLz3qsQBvGEz0+4CjrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFBGTzBTVDVvdlBlcXhBRzhZVFBUN2dLT3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9jNzljZjMtYTA3MC00ZDViLTllZTQt
NDM2MTJlN2Q5Y2MxLzEvdW5VeUJRejhYRkYyT2NnWjFmOTBfdGw5QWQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9jNzljZjMtYTA3MC00ZDViLTllZTQtNDM2MTJlN2Q5Y2Mx
LzEvOFBGTzBTVDVvdlBlcXhBRzhZVFBUN2dLT3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizB6BAIAATB0AwQABbZr
MAwDBAAfDh0DBAAfDh4DBAAuZmYDBABQ0P8DBABVzCUDBABesYUDBAJnxQgDBACy
nV8DBAK5CxADBAK5JHADBAK5unQDBAK5z/ADBAHDBWADBADDtf4DBADDwPwDBALU
ZzQDBADU7f4DBADZPf8wDQQCAAIwBwMFACoDT0AwDQYJKoZIhvcNAQELBQADggEB
AL4eQhFz1wg/03GhKa8tabL/gXXD3zT2tAYM0vL4eVT2HUC/d0Salrk/gbwNbSV2
4ADEajlcjM1rqBL7wfEDernl42Yvuxew5X1I/lHO5NI79YEB7vuaioEj8WIJU4oP
mMpXabsVht7UIyxygy3Vv5+x/errWuz6UMGOUDhIo+GCH2VF/95/ywqEricrjeAV
Zhocoh7SZNSZtFG9jKPttprS6gDOSdCBqnilsgui2k0de7+EWI5kqGKguyzm4+Th
A4G2uqmJkI31oVkc8Cgl2RAiiqxwqcsUNEJWp+ZN1SLO243NvD7TG6dms7w/O5Mo
uJugigI011SiAOCiXTVJN6I=
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:53:33 2026 by rpki-client