Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/2S0egMPr-zdQkgAq_bpCVGy4WpA.roa
File: 2S0egMPr-zdQkgAq_bpCVGy4WpA.roa (raw, json)
Hash identifier: re4isGbhSWMB6fqoWf7gvs6FB5l6F8k5c1sHfF3v4hQ=
Subject key identifier: D9:2D:1E:80:C3:EB:FB:37:50:92:00:2A:FD:BA:42:54:6C:B8:5A:90
Certificate issuer: /CN=c6d18653fbfb6fd5732dc940c1d65d77ab0bbfa3
Certificate serial: 019CDDD94A5018878C48DEB4932EAD04438D
Authority key identifier: C6:D1:86:53:FB:FB:6F:D5:73:2D:C9:40:C1:D6:5D:77:AB:0B:BF:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xtGGU_v7b9VzLclAwdZdd6sLv6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/2S0egMPr-zdQkgAq_bpCVGy4WpA.roa
Signing time: Wed 11 Mar 2026 17:02:10 +0000
ROA not before: Wed 11 Mar 2026 17:02:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 21215
IP address blocks: 5.22.160.0/19 maxlen: 24
89.207.192.0/21 maxlen: 21
176.109.136.0/21 maxlen: 21
185.13.8.0/22 maxlen: 22
185.18.12.0/22 maxlen: 22
185.20.36.0/22 maxlen: 22
185.81.60.0/22 maxlen: 22
213.244.208.0/20 maxlen: 20
2a03:dd80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/xtGGU_v7b9VzLclAwdZdd6sLv6M.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/xtGGU_v7b9VzLclAwdZdd6sLv6M.mft
rsync://rpki.ripe.net/repository/DEFAULT/xtGGU_v7b9VzLclAwdZdd6sLv6M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:dd:d9:4a:50:18:87:8c:48:de:b4:93:2e:ad:04:43:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6d18653fbfb6fd5732dc940c1d65d77ab0bbfa3
Validity
Not Before: Mar 11 17:02:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d92d1e80c3ebfb375092002afdba42546cb85a90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c3:b0:f6:9a:1b:2e:94:67:66:b3:c9:dc:17:
20:53:c8:59:fb:57:28:fe:6b:50:5e:a0:ff:3d:3f:
f8:db:79:32:34:4b:eb:17:52:81:b9:51:63:82:53:
f0:b5:e4:59:2d:13:8e:a6:47:f9:a5:c3:03:d6:c8:
ec:a5:df:55:68:6c:f2:38:21:4c:3e:ed:80:5b:13:
df:5f:ec:cf:22:3e:f3:9b:8f:16:44:38:19:ab:45:
7c:f7:5e:2e:3d:64:3b:14:e6:60:f4:be:2a:e6:ca:
8b:7e:15:59:8c:7f:06:b0:e8:46:fd:9d:99:31:45:
19:19:4c:60:ef:b0:cc:6e:5c:d2:be:87:b5:ea:45:
30:69:b5:98:40:63:36:e5:17:c8:59:ee:b9:48:b1:
65:7e:32:4f:8d:cd:16:93:aa:c2:a0:ec:0b:1d:49:
ea:4e:e2:03:27:90:d5:81:5b:51:37:8a:ef:23:70:
f3:36:52:8e:61:37:84:cf:25:a3:1b:6d:44:07:9e:
06:a0:34:01:2c:f4:1f:99:70:ef:da:0e:ba:35:10:
b8:30:74:8d:d6:d7:65:68:2f:fa:06:2c:f2:6d:5b:
dd:19:56:4e:64:ea:ed:1c:8e:c6:62:28:3f:8c:68:
4f:38:d7:eb:82:6f:8c:24:0e:d0:67:78:00:06:5c:
c8:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:2D:1E:80:C3:EB:FB:37:50:92:00:2A:FD:BA:42:54:6C:B8:5A:90
X509v3 Authority Key Identifier:
keyid:C6:D1:86:53:FB:FB:6F:D5:73:2D:C9:40:C1:D6:5D:77:AB:0B:BF:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xtGGU_v7b9VzLclAwdZdd6sLv6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/2S0egMPr-zdQkgAq_bpCVGy4WpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/xtGGU_v7b9VzLclAwdZdd6sLv6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.160.0/19
89.207.192.0/21
176.109.136.0/21
185.13.8.0/22
185.18.12.0/22
185.20.36.0/22
185.81.60.0/22
213.244.208.0/20
IPv6:
2a03:dd80::/29
Signature Algorithm: sha256WithRSAEncryption
03:e0:c3:74:25:c5:e1:b3:b1:50:dd:61:26:1c:0a:8c:96:d0:
d6:d3:36:bd:3d:b4:5a:2d:88:8c:33:a7:a8:7b:29:08:07:d2:
0f:e0:be:6e:28:75:2b:2b:03:cb:58:c9:71:75:52:09:87:63:
d4:12:8e:96:8b:a3:66:57:1b:ca:c2:67:28:3f:fa:0a:a5:f2:
55:08:bb:cf:45:0d:b2:bc:8f:65:5f:39:6b:69:48:76:ba:8a:
73:0c:ce:3b:97:51:2a:e8:15:2a:f7:a4:be:4d:b0:72:6f:e1:
c0:34:a6:f2:7b:a7:a7:a6:2e:fc:43:31:b3:1c:21:8d:bb:c8:
15:8b:00:a1:c2:58:10:75:5e:47:77:44:7e:e5:92:0f:fe:77:
1f:29:fb:c3:fa:77:6f:96:00:03:6a:d7:63:ce:9f:19:32:b0:
30:6e:ca:42:c1:c5:22:4f:ee:10:48:69:18:bc:2b:e9:53:48:
43:01:bb:e2:00:96:8d:8b:c2:be:7b:a8:a6:55:7c:3f:d6:aa:
f6:24:ef:d8:b5:51:31:be:fb:29:f0:ce:5b:2f:16:6a:3a:dc:
92:47:7d:8d:9c:ef:2d:2a:fa:62:9d:1a:c8:b3:14:22:2c:fc:
cb:0b:9b:1f:57:64:47:f6:57:8b:a6:a8:8c:59:ae:84:bc:8a:
c7:61:85:9b
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZzd2UpQGIeMSN60ky6tBEONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZDE4NjUzZmJmYjZmZDU3MzJkYzk0MGMxZDY1ZDc3YWIw
YmJmYTMwHhcNMjYwMzExMTcwMjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTJkMWU4MGMzZWJmYjM3NTA5MjAwMmFmZGJhNDI1NDZjYjg1YTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscOw9pobLpRnZrPJ3BcgU8hZ+1co
/mtQXqD/PT/423kyNEvrF1KBuVFjglPwteRZLROOpkf5pcMD1sjspd9VaGzyOCFM
Pu2AWxPfX+zPIj7zm48WRDgZq0V8914uPWQ7FOZg9L4q5sqLfhVZjH8GsOhG/Z2Z
MUUZGUxg77DMblzSvoe16kUwabWYQGM25RfIWe65SLFlfjJPjc0Wk6rCoOwLHUnq
TuIDJ5DVgVtRN4rvI3DzNlKOYTeEzyWjG21EB54GoDQBLPQfmXDv2g66NRC4MHSN
1tdlaC/6BizybVvdGVZOZOrtHI7GYig/jGhPONfrgm+MJA7QZ3gABlzIFQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFNktHoDD6/s3UJIAKv26QlRsuFqQMB8GA1UdIwQY
MBaAFMbRhlP7+2/Vcy3JQMHWXXerC7+jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHRHR1VfdjdiOVZ6TGNsQXdkWmRkNnNMdjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84ZDY5NDMtY2E3NS00MzcyLWI3N2Yt
NWM2NTAyYmZmYTFmLzEvMlMwZWdNUHItemRRa2dBcV9icENWR3k0V3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84ZDY5NDMtY2E3NS00MzcyLWI3N2YtNWM2NTAyYmZmYTFm
LzEveHRHR1VfdjdiOVZ6TGNsQXdkWmRkNnNMdjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQFBRagAwQD
Wc/AAwQDsG2IAwQCuQ0IAwQCuRIMAwQCuRQkAwQCuVE8AwQE1fTQMA0EAgACMAcD
BQMqA92AMA0GCSqGSIb3DQEBCwUAA4IBAQAD4MN0JcXhs7FQ3WEmHAqMltDW0za9
PbRaLYiMM6eoeykIB9IP4L5uKHUrKwPLWMlxdVIJh2PUEo6Wi6NmVxvKwmcoP/oK
pfJVCLvPRQ2yvI9lXzlraUh2uopzDM47l1Eq6BUq96S+TbByb+HANKbye6enpi78
QzGzHCGNu8gViwChwlgQdV5Hd0R+5ZIP/ncfKfvD+ndvlgADatdjzp8ZMrAwbspC
wcUiT+4QSGkYvCvpU0hDAbviAJaNi8K+e6imVXw/1qr2JO/YtVExvvsp8M5bLxZq
OtySR32NnO8tKvpinRrIsxQiLPzLC5sfV2RH9leLpqiMWa6EvIrHYYWb
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:03:38 2026 by rpki-client