Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/AzQxJhJ4Z1TEqxs8ToOa3faLKx8.roa
File: AzQxJhJ4Z1TEqxs8ToOa3faLKx8.roa (raw, json)
Hash identifier: aCSm8m0t4y+fvwbcBrYNhHamTehxOv4Ukp4HETVoDPE=
Subject key identifier: 03:34:31:26:12:78:67:54:C4:AB:1B:3C:4E:83:9A:DD:F6:8B:2B:1F
Certificate issuer: /CN=4d70af1a99886c9101d135f54bd2bdef358b266e
Certificate serial: 019CF7636F18551530950A9FBC171022DE42
Authority key identifier: 4D:70:AF:1A:99:88:6C:91:01:D1:35:F5:4B:D2:BD:EF:35:8B:26:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TXCvGpmIbJEB0TX1S9K97zWLJm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/AzQxJhJ4Z1TEqxs8ToOa3faLKx8.roa
Signing time: Mon 16 Mar 2026 16:03:34 +0000
ROA not before: Mon 16 Mar 2026 16:03:34 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8751
IP address blocks: 85.204.224.0/21 maxlen: 32
85.204.232.0/24 maxlen: 32
85.204.234.0/23 maxlen: 32
85.204.236.0/22 maxlen: 32
85.204.236.0/24 maxlen: 32
86.105.164.0/22 maxlen: 32
86.105.164.0/23 maxlen: 32
86.105.166.0/23 maxlen: 32
86.107.224.0/20 maxlen: 32
86.107.246.0/23 maxlen: 32
93.113.0.0/20 maxlen: 32
93.113.0.0/21 maxlen: 21
93.113.8.0/23 maxlen: 23
93.113.10.0/24 maxlen: 24
93.113.11.0/24 maxlen: 32
93.113.12.0/22 maxlen: 22
93.113.13.0/24 maxlen: 32
185.85.200.0/22 maxlen: 32
188.215.112.0/21 maxlen: 32
188.215.112.0/23 maxlen: 32
188.215.112.0/24 maxlen: 32
188.215.114.0/24 maxlen: 32
188.215.115.0/24 maxlen: 24
188.215.116.0/24 maxlen: 24
188.215.118.0/24 maxlen: 32
2001:67c:2580::/48 maxlen: 48
2a03:7420::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/TXCvGpmIbJEB0TX1S9K97zWLJm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/TXCvGpmIbJEB0TX1S9K97zWLJm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/TXCvGpmIbJEB0TX1S9K97zWLJm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f7:63:6f:18:55:15:30:95:0a:9f:bc:17:10:22:de:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d70af1a99886c9101d135f54bd2bdef358b266e
Validity
Not Before: Mar 16 16:03:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0334312612786754c4ab1b3c4e839addf68b2b1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:26:fd:19:73:a6:86:ef:d1:9f:30:3b:be:d0:
9a:9c:e3:04:ba:8e:0f:4a:c7:d9:54:a4:cb:61:49:
49:f3:d3:5f:84:23:ab:34:30:65:37:b7:78:56:6c:
d7:0a:f3:c3:e6:b5:9f:69:64:55:24:97:dc:51:3f:
ae:68:d1:7b:a1:f1:e7:4b:08:82:8d:80:20:70:f1:
86:41:59:c6:91:ca:20:f5:fa:32:95:c3:50:62:24:
60:2e:8b:79:ea:c0:97:ea:69:7c:c5:32:e0:1e:6b:
5f:8c:eb:03:ce:5b:88:f4:fd:c2:ed:92:f1:09:19:
6b:07:f2:4c:4c:67:44:b4:a0:24:0d:be:6f:11:30:
f2:e7:c4:69:7d:1a:c0:00:15:94:cd:3e:ab:bd:c4:
af:70:f0:4b:24:ed:c5:72:df:d1:aa:5c:8d:b2:74:
e5:82:93:ed:75:b5:03:e3:9f:0b:15:3b:3f:26:19:
b3:fb:28:31:11:11:c3:98:16:05:52:98:bd:39:48:
05:99:57:62:e7:dd:49:87:20:28:ef:58:d6:22:d3:
82:a9:ae:13:0a:ee:c1:b8:5f:91:8c:54:e1:cc:09:
14:2e:4b:6d:d9:cd:ce:9c:99:72:59:a0:ca:24:2a:
fa:60:d9:02:71:c5:33:97:cb:72:06:b7:aa:06:20:
e1:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:34:31:26:12:78:67:54:C4:AB:1B:3C:4E:83:9A:DD:F6:8B:2B:1F
X509v3 Authority Key Identifier:
keyid:4D:70:AF:1A:99:88:6C:91:01:D1:35:F5:4B:D2:BD:EF:35:8B:26:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TXCvGpmIbJEB0TX1S9K97zWLJm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/AzQxJhJ4Z1TEqxs8ToOa3faLKx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/TXCvGpmIbJEB0TX1S9K97zWLJm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.224.0-85.204.232.255
85.204.234.0-85.204.239.255
86.105.164.0/22
86.107.224.0/20
86.107.246.0/23
93.113.0.0/20
185.85.200.0/22
188.215.112.0/21
IPv6:
2001:67c:2580::/48
2a03:7420::/48
Signature Algorithm: sha256WithRSAEncryption
40:75:6a:40:10:63:71:f7:85:4e:55:44:8a:e0:69:da:71:d4:
17:ae:4f:14:a7:35:0b:70:be:4c:25:2b:b1:93:9b:6c:8f:82:
58:52:1e:a2:72:e7:3e:20:20:fc:ee:e5:42:a1:24:54:85:03:
03:8f:b8:18:2c:83:e4:29:0f:60:86:94:f2:ce:39:b1:0c:15:
b3:e8:63:fb:99:2f:84:a7:f3:a8:07:df:65:5f:8e:21:14:b6:
dc:74:5e:68:1e:23:fc:57:f1:df:81:35:d5:99:1b:43:79:0f:
38:4b:20:2e:dc:22:0a:94:d3:31:99:cd:30:91:2c:eb:79:46:
a3:c0:af:82:25:f9:20:41:db:ec:d6:f7:6d:9b:2e:de:2c:c6:
4f:54:48:9d:a3:56:55:21:cc:4e:bf:b9:78:9b:44:32:2d:e6:
49:62:40:d0:f1:c5:4f:5f:b9:fe:1c:22:df:95:4b:fa:c0:56:
5b:81:76:2d:df:40:7b:f0:7a:46:ff:16:c5:9f:9f:84:c2:51:
69:57:8b:86:d7:67:0e:b1:5a:99:f5:97:89:f1:18:e9:47:5b:
ee:82:70:cf:dd:27:c8:87:db:e4:09:c6:17:21:91:ae:68:63:
7d:0f:bc:ae:db:0e:75:12:a7:15:d2:4e:87:b0:b9:fe:fc:ee:
53:11:24:93
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZz3Y28YVRUwlQqfvBcQIt5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNzBhZjFhOTk4ODZjOTEwMWQxMzVmNTRiZDJiZGVmMzU4
YjI2NmUwHhcNMjYwMzE2MTYwMzM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzM0MzEyNjEyNzg2NzU0YzRhYjFiM2M0ZTgzOWFkZGY2OGIyYjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyb9GXOmhu/RnzA7vtCanOMEuo4P
SsfZVKTLYUlJ89NfhCOrNDBlN7d4VmzXCvPD5rWfaWRVJJfcUT+uaNF7ofHnSwiC
jYAgcPGGQVnGkcog9foylcNQYiRgLot56sCX6ml8xTLgHmtfjOsDzluI9P3C7ZLx
CRlrB/JMTGdEtKAkDb5vETDy58RpfRrAABWUzT6rvcSvcPBLJO3Fct/RqlyNsnTl
gpPtdbUD458LFTs/Jhmz+ygxERHDmBYFUpi9OUgFmVdi591JhyAo71jWItOCqa4T
Cu7BuF+RjFThzAkULktt2c3OnJlyWaDKJCr6YNkCccUzl8tyBreqBiDhkwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFAM0MSYSeGdUxKsbPE6Dmt32iysfMB8GA1UdIwQY
MBaAFE1wrxqZiGyRAdE19UvSve81iyZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFhDdkdwbUliSkVCMFRYMVM5Szk3eldMSm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hOThmYzctNzkzNS00ZWFlLTk2MmEt
NDYxYWIwZWNlZTAxLzEvQXpReEpoSjRaMVRFcXhzOFRvT2EzZmFMS3g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hOThmYzctNzkzNS00ZWFlLTk2MmEtNDYxYWIwZWNlZTAx
LzEvVFhDdkdwbUliSkVCMFRYMVM5Szk3eldMSm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBGBAIAATBAMAwDBAVVzOAD
BABVzOgwDAMEAVXM6gMEBFXM4AMEAlZppAMEBFZr4AMEAVZr9gMEBF1xAAMEArlV
yAMEA7zXcDAYBAIAAjASAwcAIAEGfCWAAwcAKgN0IAAAMA0GCSqGSIb3DQEBCwUA
A4IBAQBAdWpAEGNx94VOVUSK4GnacdQXrk8UpzULcL5MJSuxk5tsj4JYUh6icuc+
ICD87uVCoSRUhQMDj7gYLIPkKQ9ghpTyzjmxDBWz6GP7mS+Ep/OoB99lX44hFLbc
dF5oHiP8V/HfgTXVmRtDeQ84SyAu3CIKlNMxmc0wkSzreUajwK+CJfkgQdvs1vdt
my7eLMZPVEido1ZVIcxOv7l4m0QyLeZJYkDQ8cVPX7n+HCLflUv6wFZbgXYt30B7
8HpG/xbFn5+EwlFpV4uG12cOsVqZ9ZeJ8RjpR1vugnDP3SfIh9vkCcYXIZGuaGN9
D7yu2w51EqcV0k6HsLn+/O5TESST
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:59:16 2026 by rpki-client