Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Kg3JgwNUm-0qLXrdtywzH1y_wXo.roa
File: Kg3JgwNUm-0qLXrdtywzH1y_wXo.roa (raw, json)
Hash identifier: XmmJQVzflNotAOGbJco8RNoC0xYBUBXePEvYyXoTDQM=
Subject key identifier: 2A:0D:C9:83:03:54:9B:ED:2A:2D:7A:DD:B7:2C:33:1F:5C:BF:C1:7A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019C6B3E5808C798E3365169DABB6765AA5C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Kg3JgwNUm-0qLXrdtywzH1y_wXo.roa
Signing time: Tue 17 Feb 2026 10:56:13 +0000
ROA not before: Tue 17 Feb 2026 10:56:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213887
IP address blocks: 45.128.235.0/24 maxlen: 24
85.31.46.0/24 maxlen: 24
85.208.136.0/24 maxlen: 24
87.120.92.0/24 maxlen: 24
87.120.205.0/24 maxlen: 24
87.120.216.0/24 maxlen: 24
91.92.21.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
185.218.138.0/24 maxlen: 24
194.113.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Feb 2026 01:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:6b:3e:58:08:c7:98:e3:36:51:69:da:bb:67:65:aa:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 17 10:56:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2a0dc98303549bed2a2d7addb72c331f5cbfc17a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:de:97:0d:5b:48:0b:61:27:87:54:91:72:d3:
8d:c5:22:6d:f6:05:b4:3f:f8:de:8f:69:b1:33:5f:
b3:5d:20:74:41:51:d5:b4:e7:0c:96:5c:89:a7:9e:
3a:15:59:a0:56:06:33:74:4c:ef:17:d9:e9:b3:0f:
b9:f7:18:6c:d7:42:ed:ec:51:af:0b:28:dd:97:b9:
27:77:42:fe:8e:1f:03:08:a0:7f:53:b1:c5:ab:e6:
cf:c9:13:40:0a:88:13:27:c4:fd:39:48:1a:09:1a:
91:d1:11:d3:3c:3c:b6:9e:03:73:d0:7e:d1:43:51:
50:42:c0:a6:ee:81:00:05:20:65:fb:14:ec:29:c0:
a9:3e:16:a8:8d:9b:07:36:41:ca:b6:7d:44:37:e1:
6f:73:b1:38:08:dd:90:11:78:77:ca:d2:48:7b:ab:
db:45:a5:0b:34:f6:49:0f:2c:f0:ca:f7:de:49:9c:
b8:51:e9:35:96:11:03:c6:fb:d1:c7:3f:e0:b3:51:
e2:c0:ce:80:01:c5:bf:d7:ad:42:d7:b5:6b:f2:7d:
27:43:2a:74:69:13:66:46:8c:16:9f:84:1d:8b:18:
b0:cb:dd:f2:49:4f:6e:42:01:9f:67:a9:aa:56:74:
b4:6f:b0:c2:d9:3e:de:39:c3:ce:81:e7:77:9a:1e:
bb:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:0D:C9:83:03:54:9B:ED:2A:2D:7A:DD:B7:2C:33:1F:5C:BF:C1:7A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Kg3JgwNUm-0qLXrdtywzH1y_wXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.235.0/24
85.31.46.0/24
85.208.136.0/24
87.120.92.0/24
87.120.205.0/24
87.120.216.0/24
91.92.21.0/24
178.215.239.0/24
185.218.138.0/24
194.113.39.0/24
Signature Algorithm: sha256WithRSAEncryption
63:7b:d7:f6:15:bc:a2:f1:9c:d6:76:9a:ea:59:ac:df:d2:00:
fc:28:8a:43:dd:db:67:a7:da:ab:0a:3f:aa:fc:57:9c:9b:6c:
e1:ad:ce:98:cc:74:82:80:20:93:62:98:5f:9f:d8:60:da:0a:
b8:a2:57:ec:b2:50:96:54:c6:a9:6d:87:67:83:d3:0b:c7:b1:
e5:21:8d:3c:7d:62:05:ae:58:30:fd:08:2a:e1:9d:e9:8d:26:
08:64:1b:ac:7f:56:ae:89:d6:83:36:d3:f4:5f:7f:74:29:e0:
18:7e:43:1d:3d:f7:7c:7f:f2:49:33:eb:25:e2:16:9c:2b:ac:
43:a5:67:f2:df:2a:d9:d9:31:d2:2e:5c:d7:13:0c:f2:6f:f7:
76:c1:66:24:aa:99:48:93:62:53:01:5c:32:e2:a5:5b:b5:3c:
cc:f4:49:e9:0f:ed:2b:90:6b:41:3c:68:7a:e0:34:2d:8a:da:
bc:c3:68:1b:b1:7b:13:b1:f2:c4:a1:ec:10:69:f3:04:21:5c:
23:ab:4a:58:95:b3:19:43:46:d1:8f:e1:a1:de:74:c5:7b:85:
91:99:a4:e4:38:97:76:51:d2:bd:e3:ba:98:0c:a5:f3:e1:b7:
1c:b6:c3:f6:c8:d7:7b:e4:7e:17:8b:43:bf:65:9c:76:c2:9a:
63:4a:cd:c4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZxrPlgIx5jjNlFp2rtnZapcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwMjE3MTA1NjEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTBkYzk4MzAzNTQ5YmVkMmEyZDdhZGRiNzJjMzMxZjVjYmZjMTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqt6XDVtIC2Enh1SRctONxSJt9gW0
P/jej2mxM1+zXSB0QVHVtOcMllyJp546FVmgVgYzdEzvF9npsw+59xhs10Lt7FGv
Cyjdl7knd0L+jh8DCKB/U7HFq+bPyRNACogTJ8T9OUgaCRqR0RHTPDy2ngNz0H7R
Q1FQQsCm7oEABSBl+xTsKcCpPhaojZsHNkHKtn1EN+Fvc7E4CN2QEXh3ytJIe6vb
RaULNPZJDyzwyvfeSZy4Uek1lhEDxvvRxz/gs1HiwM6AAcW/161C17Vr8n0nQyp0
aRNmRowWn4Qdixiwy93ySU9uQgGfZ6mqVnS0b7DC2T7eOcPOged3mh676QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFCoNyYMDVJvtKi163bcsMx9cv8F6MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvS2czSmd3TlVtLTBxTFhyZHR5d3pIMXlfd1hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALYDrAwQA
VR8uAwQAVdCIAwQAV3hcAwQAV3jNAwQAV3jYAwQAW1wVAwQAstfvAwQAudqKAwQA
wnEnMA0GCSqGSIb3DQEBCwUAA4IBAQBje9f2Fbyi8ZzWdprqWazf0gD8KIpD3dtn
p9qrCj+q/Fecm2zhrc6YzHSCgCCTYphfn9hg2gq4olfsslCWVMapbYdng9MLx7Hl
IY08fWIFrlgw/Qgq4Z3pjSYIZBusf1auidaDNtP0X390KeAYfkMdPfd8f/JJM+sl
4hacK6xDpWfy3yrZ2THSLlzXEwzyb/d2wWYkqplIk2JTAVwy4qVbtTzM9EnpD+0r
kGtBPGh64DQtitq8w2gbsXsTsfLEoewQafMEIVwjq0pYlbMZQ0bRj+Gh3nTFe4WR
maTkOJd2UdK947qYDKXz4bcctsP2yNd75H4Xi0O/ZZx2wppjSs3E
-----END CERTIFICATE-----
Generated at Wed Feb 18 11:35:49 2026 by rpki-client