Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/onuyGuJos8Q8ND84yh1u-8KZ0LI.roa
File: onuyGuJos8Q8ND84yh1u-8KZ0LI.roa (raw, json)
Hash identifier: IwftUiRifWGm4SmqfCzNFHRxNAZyFmT+9xw7JojcqMM=
Subject key identifier: A2:7B:B2:1A:E2:68:B3:C4:3C:34:3F:38:CA:1D:6E:FB:C2:99:D0:B2
Certificate issuer: /CN=f071f4d119d0b74fb66e37a7ef878d449d54ddc8
Certificate serial: 019CB40DC40125636F22BBEDFF4B2D65828C
Authority key identifier: F0:71:F4:D1:19:D0:B7:4F:B6:6E:37:A7:EF:87:8D:44:9D:54:DD:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8HH00RnQt0-2bjen74eNRJ1U3cg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/onuyGuJos8Q8ND84yh1u-8KZ0LI.roa
Signing time: Tue 03 Mar 2026 14:15:26 +0000
ROA not before: Tue 03 Mar 2026 14:15:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12874
IP address blocks: 2.224.0.0/13 maxlen: 13
2.232.0.0/13 maxlen: 13
37.186.192.0/18 maxlen: 18
62.101.64.0/19 maxlen: 19
62.101.96.0/19 maxlen: 19
62.101.124.0/22 maxlen: 22
81.208.0.0/18 maxlen: 18
81.208.64.0/18 maxlen: 18
83.103.0.0/17 maxlen: 17
83.103.0.0/18 maxlen: 18
83.103.64.0/18 maxlen: 18
85.18.0.0/16 maxlen: 16
85.18.0.0/17 maxlen: 17
85.18.128.0/17 maxlen: 17
89.96.0.0/15 maxlen: 15
89.96.0.0/16 maxlen: 16
89.97.0.0/16 maxlen: 16
92.223.128.0/17 maxlen: 17
93.32.0.0/12 maxlen: 12
93.32.0.0/13 maxlen: 13
93.32.0.0/14 maxlen: 14
93.32.0.0/15 maxlen: 15
93.33.0.0/16 maxlen: 16
93.34.0.0/15 maxlen: 15
93.36.0.0/14 maxlen: 14
93.36.0.0/15 maxlen: 15
93.37.0.0/17 maxlen: 17
93.37.128.0/17 maxlen: 17
93.38.0.0/15 maxlen: 15
93.39.0.0/16 maxlen: 16
93.40.0.0/13 maxlen: 13
93.40.0.0/14 maxlen: 14
93.40.0.0/15 maxlen: 15
93.40.128.0/18 maxlen: 18
93.40.192.0/18 maxlen: 18
93.41.0.0/16 maxlen: 16
93.42.0.0/15 maxlen: 15
93.42.0.0/16 maxlen: 16
93.43.0.0/16 maxlen: 16
93.44.0.0/14 maxlen: 14
93.44.0.0/15 maxlen: 15
93.46.0.0/15 maxlen: 15
93.48.0.0/13 maxlen: 13
93.56.0.0/14 maxlen: 14
93.60.0.0/15 maxlen: 15
93.62.0.0/15 maxlen: 15
151.0.128.0/17 maxlen: 17
185.7.112.0/22 maxlen: 22
213.140.0.0/20 maxlen: 20
213.140.16.0/20 maxlen: 20
213.156.32.0/20 maxlen: 20
213.156.48.0/20 maxlen: 20
2001:b00::/29 maxlen: 29
2001:b00:ffff::/48 maxlen: 48
2001:b07::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/8HH00RnQt0-2bjen74eNRJ1U3cg.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/8HH00RnQt0-2bjen74eNRJ1U3cg.mft
rsync://rpki.ripe.net/repository/DEFAULT/8HH00RnQt0-2bjen74eNRJ1U3cg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 23:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b4:0d:c4:01:25:63:6f:22:bb:ed:ff:4b:2d:65:82:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f071f4d119d0b74fb66e37a7ef878d449d54ddc8
Validity
Not Before: Mar 3 14:15:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a27bb21ae268b3c43c343f38ca1d6efbc299d0b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9c:62:24:c4:d5:b1:4f:8b:dd:84:17:5b:fa:
11:a7:90:b9:69:e2:6d:0c:0d:ec:ec:a8:ff:03:f6:
2e:af:68:6b:21:3f:b3:34:60:e5:21:94:a7:7f:be:
09:bd:35:fc:f0:28:42:a6:c6:de:4e:95:92:3e:af:
94:22:cc:2d:18:2b:f1:a7:e5:15:fa:2d:95:cb:e9:
85:cd:f9:84:ee:a6:8d:fa:90:e9:cd:5b:9c:64:36:
44:67:18:ec:24:36:ef:1b:56:15:70:65:1a:29:32:
5d:95:88:51:19:d4:a8:c3:c1:91:dd:b2:c0:ed:76:
94:87:49:68:e7:d9:8c:ef:7b:16:5a:5b:6e:b1:b9:
65:dd:a1:2e:4e:27:4d:56:12:90:d1:72:82:1c:81:
39:f9:9f:0b:a0:72:31:2d:dd:1c:89:07:f6:a8:fd:
fe:1f:82:c2:cc:58:bc:58:7e:f1:fe:f3:31:45:e2:
10:df:a5:e9:9e:3c:48:fb:cb:f2:2a:dd:10:66:e0:
05:b5:e5:a4:ae:86:72:2e:a6:fd:71:03:86:cd:b8:
58:2a:18:1e:0b:5e:64:72:92:90:66:4a:61:18:98:
a6:fb:d1:c7:82:3b:95:9c:5d:9d:9a:37:d6:e0:f1:
de:78:da:5c:35:e3:bc:d3:9c:40:8f:5e:c9:8f:45:
86:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:7B:B2:1A:E2:68:B3:C4:3C:34:3F:38:CA:1D:6E:FB:C2:99:D0:B2
X509v3 Authority Key Identifier:
keyid:F0:71:F4:D1:19:D0:B7:4F:B6:6E:37:A7:EF:87:8D:44:9D:54:DD:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8HH00RnQt0-2bjen74eNRJ1U3cg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/onuyGuJos8Q8ND84yh1u-8KZ0LI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/8HH00RnQt0-2bjen74eNRJ1U3cg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.224.0.0/12
37.186.192.0/18
62.101.64.0/18
81.208.0.0/17
83.103.0.0/17
85.18.0.0/16
89.96.0.0/15
92.223.128.0/17
93.32.0.0/11
151.0.128.0/17
185.7.112.0/22
213.140.0.0/19
213.156.32.0/19
IPv6:
2001:b00::/29
Signature Algorithm: sha256WithRSAEncryption
c1:0f:5a:c0:cc:00:00:4a:10:f9:5e:fd:ab:bb:7e:be:26:9a:
fb:17:95:1f:0e:f4:ab:bc:7a:3b:8a:ce:11:b6:47:ed:e1:5c:
db:06:db:2a:bf:7b:28:90:4e:2c:0a:12:72:01:dc:76:bd:2c:
1f:00:01:88:3e:11:e0:52:5e:a5:c7:04:9b:8e:a1:f3:1a:12:
ef:77:a4:da:e6:43:ac:46:09:58:c7:12:5b:2d:b3:be:34:47:
23:8e:f7:40:1a:e2:15:db:38:bf:6e:f6:9f:23:6b:e1:e5:e5:
68:50:fc:13:16:7e:95:0c:07:c3:39:01:e5:85:db:cb:c0:96:
1e:6b:53:d2:a5:fd:ac:28:dd:7d:15:d9:9a:c0:e9:7d:4d:a5:
75:a8:65:9b:97:d9:1b:ba:29:28:06:0e:75:db:38:00:5d:34:
49:2b:f9:10:b2:05:7d:22:ca:6d:10:3f:3d:51:2b:a0:99:22:
18:4c:5b:2a:0f:f4:e4:52:85:c3:7c:60:83:e0:ee:6f:d0:e7:
19:50:8b:d9:11:e8:de:6d:f4:b8:b4:98:8f:c0:52:83:45:3d:
ae:df:de:4f:7e:41:c5:0a:b8:43:da:44:d4:1b:71:a1:b4:ee:
26:fb:4b:2b:d6:f4:ae:47:57:0b:75:c3:ab:62:6c:94:c5:23:
53:2c:0b:ff
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZy0DcQBJWNvIrvt/0stZYKMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNzFmNGQxMTlkMGI3NGZiNjZlMzdhN2VmODc4ZDQ0OWQ1
NGRkYzgwHhcNMjYwMzAzMTQxNTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjdiYjIxYWUyNjhiM2M0M2MzNDNmMzhjYTFkNmVmYmMyOTlkMGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5xiJMTVsU+L3YQXW/oRp5C5aeJt
DA3s7Kj/A/Yur2hrIT+zNGDlIZSnf74JvTX88ChCpsbeTpWSPq+UIswtGCvxp+UV
+i2Vy+mFzfmE7qaN+pDpzVucZDZEZxjsJDbvG1YVcGUaKTJdlYhRGdSow8GR3bLA
7XaUh0lo59mM73sWWltusbll3aEuTidNVhKQ0XKCHIE5+Z8LoHIxLd0ciQf2qP3+
H4LCzFi8WH7x/vMxReIQ36XpnjxI+8vyKt0QZuAFteWkroZyLqb9cQOGzbhYKhge
C15kcpKQZkphGJim+9HHgjuVnF2dmjfW4PHeeNpcNeO805xAj17Jj0WGmwIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFKJ7shriaLPEPDQ/OModbvvCmdCyMB8GA1UdIwQY
MBaAFPBx9NEZ0LdPtm43p++HjUSdVN3IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEhIMDBSblF0MC0yYmplbjc0ZU5SSjFVM2NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny82YTk2ODItMjAxYi00ZTAxLWJhMDkt
MDc0NzQ1MjRlZjlhLzEvb251eUd1Sm9zOFE4TkQ4NHloMXUtOEtaMExJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny82YTk2ODItMjAxYi00ZTAxLWJhMDktMDc0NzQ1MjRlZjlh
LzEvOEhIMDBSblF0MC0yYmplbjc0ZU5SSjFVM2NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwMEAuADBAYl
usADBAY+ZUADBAdR0AADBAdTZwADAwBVEgMDAVlgAwQHXN+AAwMFXSADBAeXAIAD
BAK5B3ADBAXVjAADBAXVnCAwDQQCAAIwBwMFAyABCwAwDQYJKoZIhvcNAQELBQAD
ggEBAMEPWsDMAABKEPle/au7fr4mmvsXlR8O9Ku8ejuKzhG2R+3hXNsG2yq/eyiQ
TiwKEnIB3Ha9LB8AAYg+EeBSXqXHBJuOofMaEu93pNrmQ6xGCVjHElsts740RyOO
90Aa4hXbOL9u9p8ja+Hl5WhQ/BMWfpUMB8M5AeWF28vAlh5rU9Kl/awo3X0V2ZrA
6X1NpXWoZZuX2Ru6KSgGDnXbOABdNEkr+RCyBX0iym0QPz1RK6CZIhhMWyoP9ORS
hcN8YIPg7m/Q5xlQi9kR6N5t9Li0mI/AUoNFPa7f3k9+QcUKuEPaRNQbcaG07ib7
SyvW9K5HVwt1w6tibJTFI1MsC/8=
-----END CERTIFICATE-----
Generated at Fri Mar 13 08:00:29 2026 by rpki-client