Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/1-t9sv0sH2yVh_JcaTRXWm7T4QO0.roa
File: 1-t9sv0sH2yVh_JcaTRXWm7T4QO0.roa (raw, json)
Hash identifier: HC2UGcYOkjk5HiKQi/BKDGlngqpysmo7QD29Yd8sFdk=
Subject key identifier: FA:DF:6C:BF:4B:07:DB:25:61:FC:97:1A:4D:15:D6:9B:B4:F8:40:ED
Certificate issuer: /CN=dba12207af4d186c44da2533c0b8f1fd1f55d8db
Certificate serial: 019CFD586737A18CDFABD07223B2AE70F40A
Authority key identifier: DB:A1:22:07:AF:4D:18:6C:44:DA:25:33:C0:B8:F1:FD:1F:55:D8:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/26EiB69NGGxE2iUzwLjx_R9V2Ns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/1-t9sv0sH2yVh_JcaTRXWm7T4QO0.roa
Signing time: Tue 17 Mar 2026 19:49:15 +0000
ROA not before: Tue 17 Mar 2026 19:49:15 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41960
IP address blocks: 2.56.216.0/22 maxlen: 24
5.183.132.0/22 maxlen: 24
37.148.184.0/21 maxlen: 24
45.10.124.0/22 maxlen: 24
45.10.124.0/23 maxlen: 24
45.10.126.0/23 maxlen: 24
45.95.252.0/22 maxlen: 24
45.140.156.0/22 maxlen: 24
45.151.116.0/22 maxlen: 24
77.73.224.0/21 maxlen: 24
85.184.8.0/21 maxlen: 24
91.202.210.0/24 maxlen: 24
93.188.64.0/22 maxlen: 24
94.142.253.0/24 maxlen: 24
151.248.16.0/22 maxlen: 24
171.22.176.0/22 maxlen: 24
185.112.73.0/24 maxlen: 24
185.116.12.0/22 maxlen: 24
185.234.152.0/23 maxlen: 24
185.234.154.0/24 maxlen: 24
185.239.168.0/23 maxlen: 24
185.239.170.0/24 maxlen: 24
185.249.136.0/22 maxlen: 24
185.251.152.0/22 maxlen: 24
185.253.48.0/22 maxlen: 24
193.105.183.0/24 maxlen: 24
194.61.84.0/24 maxlen: 24
194.61.86.0/24 maxlen: 24
195.184.86.0/23 maxlen: 24
195.184.90.0/23 maxlen: 24
195.238.86.0/23 maxlen: 24
212.18.105.0/24 maxlen: 24
212.19.192.0/19 maxlen: 24
212.26.192.0/19 maxlen: 24
212.57.48.0/20 maxlen: 24
213.156.0.0/20 maxlen: 24
213.173.56.0/22 maxlen: 24
217.8.96.0/20 maxlen: 24
2001:6e0::/29 maxlen: 48
2a02:690::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/26EiB69NGGxE2iUzwLjx_R9V2Ns.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/26EiB69NGGxE2iUzwLjx_R9V2Ns.mft
rsync://rpki.ripe.net/repository/DEFAULT/26EiB69NGGxE2iUzwLjx_R9V2Ns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:fd:58:67:37:a1:8c:df:ab:d0:72:23:b2:ae:70:f4:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dba12207af4d186c44da2533c0b8f1fd1f55d8db
Validity
Not Before: Mar 17 19:49:15 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fadf6cbf4b07db2561fc971a4d15d69bb4f840ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:48:80:21:40:96:f6:b9:fe:d5:ec:17:3e:a8:
0e:7d:ca:81:af:b7:83:50:a9:5d:2e:68:06:0a:0c:
c1:07:2b:37:d7:6b:28:a0:17:71:a2:65:8b:62:03:
0d:85:fd:46:76:54:0b:c3:a0:ad:64:0c:84:6c:ff:
3c:9f:bf:a8:22:b4:ec:72:cb:3a:40:91:58:41:96:
79:e8:ba:4e:db:ed:56:6a:57:c0:d5:c9:3b:c9:04:
98:e3:22:99:38:d8:a9:19:53:28:87:c2:f8:6f:b5:
95:bb:a2:01:24:2c:84:a7:ac:be:cf:77:7d:99:64:
28:20:51:7a:f6:97:70:a3:e4:13:ff:5b:9c:35:7f:
e6:e8:bb:2b:f9:56:97:a6:0a:0c:b4:23:84:8f:5a:
14:53:35:52:db:cf:41:92:1f:f3:53:21:90:0e:e2:
9f:e0:c3:4b:6e:15:a5:f0:20:59:92:75:b1:e0:80:
20:91:23:01:82:15:7b:d5:da:71:c1:f8:a3:46:a0:
ce:0a:f2:78:ee:2c:89:41:b2:f7:9b:29:4d:d2:e2:
75:ae:c6:ae:de:5d:67:1e:da:96:ae:e5:7e:19:25:
a3:de:05:0c:db:cc:45:65:89:f3:0c:bf:20:a5:d5:
8d:26:64:e4:c0:ee:85:ff:f3:ea:2b:91:cd:84:9e:
f1:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:DF:6C:BF:4B:07:DB:25:61:FC:97:1A:4D:15:D6:9B:B4:F8:40:ED
X509v3 Authority Key Identifier:
keyid:DB:A1:22:07:AF:4D:18:6C:44:DA:25:33:C0:B8:F1:FD:1F:55:D8:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/26EiB69NGGxE2iUzwLjx_R9V2Ns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/1-t9sv0sH2yVh_JcaTRXWm7T4QO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/26EiB69NGGxE2iUzwLjx_R9V2Ns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.216.0/22
5.183.132.0/22
37.148.184.0/21
45.10.124.0/22
45.95.252.0/22
45.140.156.0/22
45.151.116.0/22
77.73.224.0/21
85.184.8.0/21
91.202.210.0/24
93.188.64.0/22
94.142.253.0/24
151.248.16.0/22
171.22.176.0/22
185.112.73.0/24
185.116.12.0/22
185.234.152.0-185.234.154.255
185.239.168.0-185.239.170.255
185.249.136.0/22
185.251.152.0/22
185.253.48.0/22
193.105.183.0/24
194.61.84.0/24
194.61.86.0/24
195.184.86.0/23
195.184.90.0/23
195.238.86.0/23
212.18.105.0/24
212.19.192.0/19
212.26.192.0/19
212.57.48.0/20
213.156.0.0/20
213.173.56.0/22
217.8.96.0/20
IPv6:
2001:6e0::/29
2a02:690::/29
Signature Algorithm: sha256WithRSAEncryption
4a:1c:19:f1:1f:ee:cb:1d:b9:bc:6b:15:0f:23:cc:da:1b:78:
66:85:13:b1:f5:bd:e4:1c:22:e7:02:9e:9d:a7:0c:42:f1:26:
0b:e9:63:94:52:e4:0c:04:71:95:a1:c2:6c:58:58:ca:e6:b3:
50:1b:50:9c:09:f7:67:d1:d5:c4:e7:31:63:7a:15:f0:55:4d:
8a:45:84:c5:62:7e:ab:4b:ce:d4:40:7a:b9:0c:9e:da:09:be:
f0:c4:c6:70:aa:7e:13:00:da:69:f8:3e:78:df:5d:1a:d0:3b:
36:3d:90:a8:a4:f4:91:fe:1e:78:88:dc:df:40:70:98:16:7e:
16:3c:7b:04:c8:f8:4a:fa:77:98:0b:b7:12:ed:91:e2:42:a0:
b8:31:20:df:3d:4f:c9:5b:b9:d8:90:65:29:02:50:06:85:43:
3f:3d:2c:a3:8e:f6:26:c9:e5:d6:99:ba:17:e4:51:23:08:60:
5c:6b:80:3d:a0:3d:3b:c8:85:de:f6:27:63:0a:aa:32:83:b3:
9e:12:a7:70:ce:b0:13:56:5d:ed:ed:b5:14:9b:6b:ef:56:0d:
cf:d3:ec:87:f2:6b:e3:90:2d:0c:0d:d5:7c:a2:f3:0a:57:33:
04:0b:24:fe:e1:9e:64:a6:a0:a3:e9:ec:ad:b2:8a:72:c5:df:
30:a2:51:4c
-----BEGIN CERTIFICATE-----
MIIF8DCCBNigAwIBAgISAZz9WGc3oYzfq9ByI7KucPQKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYTEyMjA3YWY0ZDE4NmM0NGRhMjUzM2MwYjhmMWZkMWY1
NWQ4ZGIwHhcNMjYwMzE3MTk0OTE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWRmNmNiZjRiMDdkYjI1NjFmYzk3MWE0ZDE1ZDY5YmI0Zjg0MGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkiAIUCW9rn+1ewXPqgOfcqBr7eD
UKldLmgGCgzBBys312sooBdxomWLYgMNhf1GdlQLw6CtZAyEbP88n7+oIrTscss6
QJFYQZZ56LpO2+1WalfA1ck7yQSY4yKZONipGVMoh8L4b7WVu6IBJCyEp6y+z3d9
mWQoIFF69pdwo+QT/1ucNX/m6Lsr+VaXpgoMtCOEj1oUUzVS289Bkh/zUyGQDuKf
4MNLbhWl8CBZknWx4IAgkSMBghV71dpxwfijRqDOCvJ47iyJQbL3mylN0uJ1rsau
3l1nHtqWruV+GSWj3gUM28xFZYnzDL8gpdWNJmTkwO6F//PqK5HNhJ7xxQIDAQAB
o4IC/DCCAvgwHQYDVR0OBBYEFPrfbL9LB9slYfyXGk0V1pu0+EDtMB8GA1UdIwQY
MBaAFNuhIgevTRhsRNolM8C48f0fVdjbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjZFaUI2OU5HR3hFMmlVendManhfUjlWMk5zLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9jODAxMGUtMzI4OS00YTM2LWEyYjgt
MTJiMmJjNTgwNTNhLzEvMS10OXN2MHNIMnlWaF9KY2FUUlhXbTdUNFFPMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTkvYzgwMTBlLTMyODktNGEzNi1hMmI4LTEyYjJiYzU4MDUz
YS8xLzI2RWlCNjlOR0d4RTJpVXp3TGp4X1I5VjJOcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAQ8GCCsGAQUFBwEHAQH/BIH/MIH8MIHjBAIAATCB3AME
AgI42AMEAgW3hAMEAyWUuAMEAi0KfAMEAi1f/AMEAi2MnAMEAi2XdAMEA01J4AME
A1W4CAMEAFvK0gMEAl28QAMEAF6O/QMEApf4EAMEAqsWsAMEALlwSQMEArl0DDAM
AwQDueqYAwQAueqaMAwDBAO576gDBAC576oDBAK5+YgDBAK5+5gDBAK5/TADBADB
abcDBADCPVQDBADCPVYDBAHDuFYDBAHDuFoDBAHD7lYDBADUEmkDBAXUE8ADBAXU
GsADBATUOTADBATVnAADBALVrTgDBATZCGAwFAQCAAIwDgMFAyABBuADBQMqAgaQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBKHBnxH+7LHbm8axUPI8zaG3hmhROx9b3kHCLn
Ap6dpwxC8SYL6WOUUuQMBHGVocJsWFjK5rNQG1CcCfdn0dXE5zFjehXwVU2KRYTF
Yn6rS87UQHq5DJ7aCb7wxMZwqn4TANpp+D54310a0Ds2PZCopPSR/h54iNzfQHCY
Fn4WPHsEyPhK+neYC7cS7ZHiQqC4MSDfPU/JW7nYkGUpAlAGhUM/PSyjjvYmyeXW
mboX5FEjCGBca4A9oD07yIXe9idjCqoyg7OeEqdwzrATVl3t7bUUm2vvVg3P0+yH
8mvjkC0MDdV8ovMKVzMECyT+4Z5kpqCj6eytsopyxd8wolFM
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:36:56 2026 by rpki-client