Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/i2AW8Vo0qMSvjPfgLLRBarj2TWI.roa
File: i2AW8Vo0qMSvjPfgLLRBarj2TWI.roa (raw, json)
Hash identifier: g1mXygM4+y1OTbe5EK58orE765ESUylhCAHtph4hH5A=
Subject key identifier: 8B:60:16:F1:5A:34:A8:C4:AF:8C:F7:E0:2C:B4:41:6A:B8:F6:4D:62
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019E160DCD5A194A54B47EABD1A8B9685199
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/i2AW8Vo0qMSvjPfgLLRBarj2TWI.roa
Signing time: Mon 11 May 2026 08:01:03 +0000
ROA not before: Mon 11 May 2026 08:01:03 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 2914
IP address blocks: 79.135.141.0/24 maxlen: 24
80.81.47.0/24 maxlen: 24
83.223.131.0/24 maxlen: 24
83.223.138.0/24 maxlen: 24
83.223.140.0/24 maxlen: 24
83.223.152.0/24 maxlen: 24
83.223.156.0/24 maxlen: 24
83.223.158.0/24 maxlen: 24
85.234.170.0/24 maxlen: 24
85.234.171.0/24 maxlen: 24
85.234.172.0/22 maxlen: 22
85.234.176.0/22 maxlen: 22
85.254.14.0/24 maxlen: 24
85.254.41.0/24 maxlen: 24
85.254.46.0/24 maxlen: 24
91.190.37.0/24 maxlen: 24
159.148.143.0/24 maxlen: 24
185.176.116.0/24 maxlen: 24
185.176.119.0/24 maxlen: 24
217.24.72.0/22 maxlen: 22
217.24.76.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:16:0d:cd:5a:19:4a:54:b4:7e:ab:d1:a8:b9:68:51:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: May 11 08:01:03 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8b6016f15a34a8c4af8cf7e02cb4416ab8f64d62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:82:05:8a:ce:50:6d:91:92:aa:80:39:f2:de:
19:bf:d4:19:75:2f:69:32:d7:b1:6a:a2:00:e1:2b:
b3:cf:53:ae:e5:cb:e6:eb:74:73:aa:75:b8:73:7a:
96:fc:ed:22:a7:74:6d:a0:cd:5e:55:e8:ff:cf:1b:
84:bd:1c:0c:df:93:98:ad:8e:34:18:6c:4f:26:88:
d0:24:93:fc:08:49:f2:be:bb:0a:db:1b:e9:5d:39:
e1:ed:93:05:21:cd:e9:39:91:8a:23:22:cb:30:1a:
7e:51:16:09:20:de:94:dc:ba:fa:71:b5:24:d9:0a:
2b:56:b8:41:e8:1d:b8:f9:f9:fc:58:49:26:ed:8e:
23:fe:9e:52:74:19:7e:63:b3:d2:a9:f8:e0:58:1d:
0e:63:02:51:c3:e3:af:c5:ab:2e:b8:8f:9f:36:20:
6b:dc:76:34:c5:3f:e6:22:b7:17:e7:b0:aa:87:b8:
1a:f6:09:d2:7c:d9:91:cc:d9:d4:97:1c:ff:a1:7c:
0a:17:3b:b6:00:d1:3e:ac:ea:83:4d:b5:3b:4a:29:
4d:44:9c:32:b2:0c:3e:b4:21:66:5d:7d:f2:1c:3f:
05:9d:3d:b9:80:32:c8:22:7d:63:82:6f:8a:30:14:
ac:40:a3:8b:6a:90:46:68:0a:22:04:35:e4:15:5a:
a7:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:60:16:F1:5A:34:A8:C4:AF:8C:F7:E0:2C:B4:41:6A:B8:F6:4D:62
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/i2AW8Vo0qMSvjPfgLLRBarj2TWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.135.141.0/24
80.81.47.0/24
83.223.131.0/24
83.223.138.0/24
83.223.140.0/24
83.223.152.0/24
83.223.156.0/24
83.223.158.0/24
85.234.170.0-85.234.179.255
85.254.14.0/24
85.254.41.0/24
85.254.46.0/24
91.190.37.0/24
159.148.143.0/24
185.176.116.0/24
185.176.119.0/24
217.24.72.0/21
Signature Algorithm: sha256WithRSAEncryption
31:7c:31:e3:17:09:8d:d0:32:52:7c:85:d6:a7:9d:de:82:c7:
44:43:ad:73:99:8a:40:ac:b0:f6:3e:fc:a0:3e:6a:81:d9:19:
4c:39:e2:ec:2e:6d:39:96:c3:ef:ca:f5:f3:f9:b5:95:af:06:
05:c7:c9:bd:db:ab:2e:f3:3a:1e:ac:38:23:39:94:e4:8f:18:
b3:d5:a1:9e:9c:78:43:dc:79:80:37:18:5d:55:85:75:77:2c:
92:3b:24:8a:ef:11:bb:4c:cd:0d:b5:99:f6:2d:25:58:2c:80:
de:9d:f2:79:dd:dc:1c:e0:3d:f5:33:c5:a4:a2:77:c1:3e:cc:
03:50:73:cf:a5:86:34:be:2d:a2:97:b6:77:1a:38:ff:f0:78:
fd:3f:fa:02:d5:76:28:01:12:66:b0:5c:69:06:02:f8:5e:f9:
39:76:4b:fb:2e:56:47:8b:0f:3d:5d:9a:6a:1a:e3:f7:b2:45:
61:88:ad:0e:3f:bf:0c:eb:43:8e:b6:b2:f1:e6:d5:4a:60:bb:
f0:8f:1e:02:8f:2e:6e:b9:4e:59:78:3a:7e:73:f9:cc:e5:13:
fe:98:a1:58:30:66:90:62:d6:fe:63:b7:51:2b:25:49:dc:2b:
3e:a9:0a:4a:4a:cf:52:52:f0:16:d1:8f:04:6f:28:90:35:8a:
1d:ea:09:5b
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZ4WDc1aGUpUtH6r0ai5aFGZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjYwNTExMDgwMTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjYwMTZmMTVhMzRhOGM0YWY4Y2Y3ZTAyY2I0NDE2YWI4ZjY0ZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIIFis5QbZGSqoA58t4Zv9QZdS9p
MtexaqIA4Suzz1Ou5cvm63RzqnW4c3qW/O0ip3RtoM1eVej/zxuEvRwM35OYrY40
GGxPJojQJJP8CEnyvrsK2xvpXTnh7ZMFIc3pOZGKIyLLMBp+URYJIN6U3Lr6cbUk
2QorVrhB6B24+fn8WEkm7Y4j/p5SdBl+Y7PSqfjgWB0OYwJRw+OvxasuuI+fNiBr
3HY0xT/mIrcX57Cqh7ga9gnSfNmRzNnUlxz/oXwKFzu2ANE+rOqDTbU7SilNRJwy
sgw+tCFmXX3yHD8FnT25gDLIIn1jgm+KMBSsQKOLapBGaAoiBDXkFVqnbQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFItgFvFaNKjEr4z34Cy0QWq49k1iMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvaTJBVzhWbzBxTVN2alBmZ0xMUkJhcmoyVFdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAE+HjQME
AFBRLwMEAFPfgwMEAFPfigMEAFPfjAMEAFPfmAMEAFPfnAMEAFPfnjAMAwQBVeqq
AwQCVeqwAwQAVf4OAwQAVf4pAwQAVf4uAwQAW74lAwQAn5SPAwQAubB0AwQAubB3
AwQD2RhIMA0GCSqGSIb3DQEBCwUAA4IBAQAxfDHjFwmN0DJSfIXWp53egsdEQ61z
mYpArLD2PvygPmqB2RlMOeLsLm05lsPvyvXz+bWVrwYFx8m926su8zoerDgjOZTk
jxiz1aGenHhD3HmANxhdVYV1dyySOySK7xG7TM0NtZn2LSVYLIDenfJ53dwc4D31
M8WkonfBPswDUHPPpYY0vi2il7Z3Gjj/8Hj9P/oC1XYoARJmsFxpBgL4Xvk5dkv7
LlZHiw89XZpqGuP3skVhiK0OP78M60OOtrLx5tVKYLvwjx4Cjy5uuU5ZeDp+c/nM
5RP+mKFYMGaQYtb+Y7dRKyVJ3Cs+qQpKSs9SUvAW0Y8EbyiQNYod6glb
-----END CERTIFICATE-----
Generated at Wed May 13 00:44:52 2026 by rpki-client