Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/r_u2dU0mTDFhUrNpcl0KwOSoXBY.roa
File: r_u2dU0mTDFhUrNpcl0KwOSoXBY.roa (raw, json)
Hash identifier: bEarVK0zTANIgYtVLMp0NkLKFDhANcTMU9njQjZPFYQ=
Subject key identifier: AF:FB:B6:75:4D:26:4C:31:61:52:B3:69:72:5D:0A:C0:E4:A8:5C:16
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019C2D795925ED5AF176892964C86A55E0B0
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/r_u2dU0mTDFhUrNpcl0KwOSoXBY.roa
Signing time: Thu 05 Feb 2026 11:04:13 +0000
ROA not before: Thu 05 Feb 2026 11:04:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 2914
IP address blocks: 79.135.141.0/24 maxlen: 24
80.81.47.0/24 maxlen: 24
83.223.131.0/24 maxlen: 24
83.223.138.0/24 maxlen: 24
83.223.140.0/24 maxlen: 24
83.223.152.0/24 maxlen: 24
83.223.156.0/24 maxlen: 24
83.223.158.0/24 maxlen: 24
85.254.14.0/24 maxlen: 24
85.254.41.0/24 maxlen: 24
85.254.46.0/24 maxlen: 24
91.190.37.0/24 maxlen: 24
159.148.143.0/24 maxlen: 24
185.176.116.0/24 maxlen: 24
185.176.119.0/24 maxlen: 24
217.24.72.0/22 maxlen: 22
217.24.76.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 23 Feb 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:2d:79:59:25:ed:5a:f1:76:89:29:64:c8:6a:55:e0:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Feb 5 11:04:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=affbb6754d264c316152b369725d0ac0e4a85c16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8b:6a:80:fc:0e:15:73:f7:8c:88:df:29:92:
0b:d0:78:da:61:7c:f5:fc:cf:23:a4:3c:7d:f6:83:
46:b3:66:65:b6:94:59:ee:d0:c3:e9:2c:d7:e6:46:
5e:13:4f:45:87:87:9b:8f:de:4c:6d:7a:6c:2b:cf:
8e:5b:3f:a1:9f:73:91:ec:05:48:1b:4b:0d:cd:2d:
9d:b7:77:12:f4:72:b9:51:a0:70:3b:d8:0e:65:56:
f9:b1:3b:26:d9:df:ac:6a:12:db:3d:53:01:c1:eb:
87:89:f4:fc:23:fa:f6:ff:4a:1a:68:96:02:23:6c:
e4:4e:35:23:23:6f:8a:0c:1b:3f:ad:7b:49:33:e9:
1a:d2:00:87:d1:de:d5:19:cd:c2:62:74:d6:fa:cf:
21:b1:9c:2c:c0:ab:f4:28:cf:98:29:56:67:0e:93:
0a:4a:64:6c:1d:6b:f2:e9:e2:88:08:d8:ad:71:d8:
b4:35:da:3c:3c:45:92:d2:86:a2:cc:d4:9f:f1:fa:
99:f3:f1:b7:78:7a:5e:12:df:d1:18:a8:0a:9d:f1:
66:a6:50:3d:86:e5:57:82:38:d6:11:79:90:83:21:
6e:01:02:73:70:97:09:27:cf:e9:7a:0a:32:3b:36:
e4:4a:25:98:cf:54:39:c9:9b:11:c6:ff:f9:ef:2e:
f1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:FB:B6:75:4D:26:4C:31:61:52:B3:69:72:5D:0A:C0:E4:A8:5C:16
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/r_u2dU0mTDFhUrNpcl0KwOSoXBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.135.141.0/24
80.81.47.0/24
83.223.131.0/24
83.223.138.0/24
83.223.140.0/24
83.223.152.0/24
83.223.156.0/24
83.223.158.0/24
85.254.14.0/24
85.254.41.0/24
85.254.46.0/24
91.190.37.0/24
159.148.143.0/24
185.176.116.0/24
185.176.119.0/24
217.24.72.0/21
Signature Algorithm: sha256WithRSAEncryption
9f:3d:66:36:76:ff:e0:35:11:74:96:a6:66:93:9c:05:26:07:
09:cd:a4:bd:41:0a:d3:d4:da:8e:e4:61:e0:08:2a:0e:a1:22:
f9:ed:bb:0d:ee:67:bf:da:b4:6d:7c:ac:99:5c:f3:30:ae:e2:
f3:06:f4:0a:37:4a:33:a1:fc:d6:dc:bf:32:ff:74:7d:0c:75:
13:17:ae:d9:c8:03:f7:79:b2:d7:e2:ea:2a:8a:be:59:a5:46:
88:21:2e:28:62:f0:69:f8:3d:ae:8d:f1:70:5d:a9:07:54:1a:
a9:d6:1d:e7:39:ec:ce:81:66:d0:b3:5c:a5:85:a5:7e:ef:23:
da:27:16:86:b4:af:de:28:0e:e3:bd:3e:56:92:91:11:86:a8:
31:8d:ed:57:8b:10:ee:ab:cb:5a:fc:49:6c:38:d2:05:4c:c3:
d8:1e:5b:f6:59:9a:59:ca:fc:da:35:27:45:9e:04:9e:bd:bb:
b4:7b:62:07:cf:38:a5:e1:e5:16:ee:8f:0e:a1:bb:43:d9:7e:
08:7c:27:47:a5:e5:75:8d:53:c2:cc:93:03:d5:b1:fb:9e:18:
29:09:c5:15:45:c4:9c:46:a5:5f:98:8e:59:5b:61:95:00:10:
31:65:5a:a3:0b:5d:1d:88:e8:09:2c:f0:93:04:98:8f:bb:83:
f5:d3:12:36
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZwteVkl7VrxdokpZMhqVeCwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjYwMjA1MTEwNDEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmZiYjY3NTRkMjY0YzMxNjE1MmIzNjk3MjVkMGFjMGU0YTg1YzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvotqgPwOFXP3jIjfKZIL0HjaYXz1
/M8jpDx99oNGs2ZltpRZ7tDD6SzX5kZeE09Fh4ebj95MbXpsK8+OWz+hn3OR7AVI
G0sNzS2dt3cS9HK5UaBwO9gOZVb5sTsm2d+sahLbPVMBweuHifT8I/r2/0oaaJYC
I2zkTjUjI2+KDBs/rXtJM+ka0gCH0d7VGc3CYnTW+s8hsZwswKv0KM+YKVZnDpMK
SmRsHWvy6eKICNitcdi0Ndo8PEWS0oaizNSf8fqZ8/G3eHpeEt/RGKgKnfFmplA9
huVXgjjWEXmQgyFuAQJzcJcJJ8/pegoyOzbkSiWYz1Q5yZsRxv/57y7x/wIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFK/7tnVNJkwxYVKzaXJdCsDkqFwWMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvcl91MmRVMG1UREZoVXJOcGNsMEt3T1NvWEJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAT4eNAwQA
UFEvAwQAU9+DAwQAU9+KAwQAU9+MAwQAU9+YAwQAU9+cAwQAU9+eAwQAVf4OAwQA
Vf4pAwQAVf4uAwQAW74lAwQAn5SPAwQAubB0AwQAubB3AwQD2RhIMA0GCSqGSIb3
DQEBCwUAA4IBAQCfPWY2dv/gNRF0lqZmk5wFJgcJzaS9QQrT1NqO5GHgCCoOoSL5
7bsN7me/2rRtfKyZXPMwruLzBvQKN0ozofzW3L8y/3R9DHUTF67ZyAP3ebLX4uoq
ir5ZpUaIIS4oYvBp+D2ujfFwXakHVBqp1h3nOezOgWbQs1ylhaV+7yPaJxaGtK/e
KA7jvT5WkpERhqgxje1XixDuq8ta/ElsONIFTMPYHlv2WZpZyvzaNSdFngSevbu0
e2IHzzil4eUW7o8OobtD2X4IfCdHpeV1jVPCzJMD1bH7nhgpCcUVRcScRqVfmI5Z
W2GVABAxZVqjC10diOgJLPCTBJiPu4P10xI2
-----END CERTIFICATE-----
Generated at Sun Feb 22 14:09:09 2026 by rpki-client