Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/9cn7oO0iiJOK2Jrlawx7PDY1feo.roa
File: 9cn7oO0iiJOK2Jrlawx7PDY1feo.roa (raw, json)
Hash identifier: j5TG1qDIuGwfkqIJMBOyK7GFpL9NpA8P1Hsl6lon4S8=
Subject key identifier: F5:C9:FB:A0:ED:22:88:93:8A:D8:9A:E5:6B:0C:7B:3C:36:35:7D:EA
Certificate issuer: /CN=ea46963cc479dadbe3c52234ab9fabaa8122d25b
Certificate serial: 019C66555008D2FB49B51BFE0DC0F3860827
Authority key identifier: EA:46:96:3C:C4:79:DA:DB:E3:C5:22:34:AB:9F:AB:AA:81:22:D2:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6kaWPMR52tvjxSI0q5-rqoEi0ls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/9cn7oO0iiJOK2Jrlawx7PDY1feo.roa
Signing time: Mon 16 Feb 2026 12:03:12 +0000
ROA not before: Mon 16 Feb 2026 12:03:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 91.195.242.0/23 maxlen: 24
124.198.192.0/19 maxlen: 24
139.66.0.0/16 maxlen: 24
147.204.0.0/16 maxlen: 24
155.56.0.0/16 maxlen: 24
193.16.224.0/22 maxlen: 24
194.39.128.0/21 maxlen: 24
194.39.136.0/22 maxlen: 24
194.45.236.0/23 maxlen: 24
194.55.88.0/22 maxlen: 24
194.169.146.0/23 maxlen: 24
202.89.128.0/20 maxlen: 24
217.77.240.0/20 maxlen: 24
2a00:fe00::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/6kaWPMR52tvjxSI0q5-rqoEi0ls.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/6kaWPMR52tvjxSI0q5-rqoEi0ls.mft
rsync://rpki.ripe.net/repository/DEFAULT/6kaWPMR52tvjxSI0q5-rqoEi0ls.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Feb 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:66:55:50:08:d2:fb:49:b5:1b:fe:0d:c0:f3:86:08:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea46963cc479dadbe3c52234ab9fabaa8122d25b
Validity
Not Before: Feb 16 12:03:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f5c9fba0ed2288938ad89ae56b0c7b3c36357dea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:98:72:48:5a:d2:b7:fb:0a:58:26:36:9c:c2:
ad:0b:c9:cc:d2:6c:34:46:e6:46:c7:e6:45:c4:e2:
7e:80:85:6c:f6:b7:74:76:e9:e3:71:7f:ff:47:bc:
12:e6:93:7d:88:d6:30:f5:e3:f2:e0:9a:af:48:dd:
4d:82:37:05:af:fe:aa:95:99:3b:30:a5:d3:ff:e0:
7c:40:8b:5a:13:cf:ed:01:bf:ac:29:24:ea:8b:f6:
34:0e:a2:05:c9:b7:df:31:05:46:c2:19:5b:fa:0a:
06:46:83:9a:5e:52:3d:d7:f5:86:54:33:54:cf:fb:
b3:4e:d6:5f:d8:55:9c:eb:76:7a:02:02:c0:18:b0:
63:f2:f5:ad:29:1b:79:b2:5a:66:90:73:a8:a6:7a:
85:4a:0a:12:8c:4e:f7:66:25:32:d5:25:b9:0c:e2:
6d:68:38:2c:9e:de:10:6c:1d:71:38:01:e1:e0:e0:
e5:57:08:47:1e:fe:be:0d:66:00:ba:6f:c1:f6:92:
51:36:4a:f3:09:e2:d3:08:ed:7f:87:cf:2e:48:2a:
7d:d7:a4:38:ac:21:94:49:20:df:bb:76:45:ab:61:
6d:2d:e9:47:27:15:42:df:5e:f2:79:48:a9:81:b2:
61:5f:47:eb:23:76:87:2e:98:cb:d5:e1:ee:8a:94:
06:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:C9:FB:A0:ED:22:88:93:8A:D8:9A:E5:6B:0C:7B:3C:36:35:7D:EA
X509v3 Authority Key Identifier:
keyid:EA:46:96:3C:C4:79:DA:DB:E3:C5:22:34:AB:9F:AB:AA:81:22:D2:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6kaWPMR52tvjxSI0q5-rqoEi0ls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/9cn7oO0iiJOK2Jrlawx7PDY1feo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/6kaWPMR52tvjxSI0q5-rqoEi0ls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.242.0/23
124.198.192.0/19
139.66.0.0/16
147.204.0.0/16
155.56.0.0/16
193.16.224.0/22
194.39.128.0-194.39.139.255
194.45.236.0/23
194.55.88.0/22
194.169.146.0/23
202.89.128.0/20
217.77.240.0/20
IPv6:
2a00:fe00::/32
Signature Algorithm: sha256WithRSAEncryption
8f:7a:3e:6e:1f:55:a3:23:6d:d4:2a:9a:52:4b:04:e1:e6:b4:
c7:02:55:a6:85:75:b4:d2:23:eb:e0:85:2d:08:8a:1c:7b:d6:
b6:dc:28:a2:34:4d:86:ef:4a:68:bc:ec:6c:ad:7b:0c:16:37:
99:57:b6:c5:fc:00:8a:5e:19:a1:d7:f6:f5:d5:c8:01:5b:ef:
a6:85:a1:d4:15:a4:ee:46:a6:f7:1f:78:c8:a5:9d:2e:c2:a7:
f0:86:9c:9f:2e:60:e0:6d:ac:0d:95:90:a4:49:76:09:cb:f9:
e8:6d:70:8c:dd:69:aa:e8:ce:1e:12:62:a0:63:09:db:24:c5:
89:53:3b:71:9c:4a:71:4c:40:5e:2b:d8:b3:fc:bf:d5:20:88:
2c:76:94:83:d6:8b:b0:25:45:3d:06:4a:8a:9b:b5:40:f7:68:
36:dc:65:55:fc:6a:78:de:fd:4b:16:7f:e8:c3:7a:c7:8d:52:
5b:3d:2b:c3:3e:07:48:6c:ba:90:0e:75:71:50:a8:ce:1b:ea:
21:5c:57:6d:8c:75:62:55:d8:c6:25:2f:c1:29:fb:21:db:af:
8d:a5:78:72:9c:df:d0:7b:20:8e:9c:19:85:1b:55:0b:f8:b2:
2a:47:87:d9:6a:66:75:d0:06:01:f1:32:b5:1c:f2:5e:61:23:
a0:e7:b7:7d
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZxmVVAI0vtJtRv+DcDzhggnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhNDY5NjNjYzQ3OWRhZGJlM2M1MjIzNGFiOWZhYmFhODEy
MmQyNWIwHhcNMjYwMjE2MTIwMzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWM5ZmJhMGVkMjI4ODkzOGFkODlhZTU2YjBjN2IzYzM2MzU3ZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvphySFrSt/sKWCY2nMKtC8nM0mw0
RuZGx+ZFxOJ+gIVs9rd0dunjcX//R7wS5pN9iNYw9ePy4JqvSN1NgjcFr/6qlZk7
MKXT/+B8QItaE8/tAb+sKSTqi/Y0DqIFybffMQVGwhlb+goGRoOaXlI91/WGVDNU
z/uzTtZf2FWc63Z6AgLAGLBj8vWtKRt5slpmkHOopnqFSgoSjE73ZiUy1SW5DOJt
aDgsnt4QbB1xOAHh4ODlVwhHHv6+DWYAum/B9pJRNkrzCeLTCO1/h88uSCp916Q4
rCGUSSDfu3ZFq2FtLelHJxVC317yeUipgbJhX0frI3aHLpjL1eHuipQGFQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFPXJ+6DtIoiTitia5WsMezw2NX3qMB8GA1UdIwQY
MBaAFOpGljzEedrb48UiNKufq6qBItJbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmthV1BNUjUydHZqeFNJMHE1LXJxb0VpMGxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9lODYyZGUtYzQ2Yy00ZjIxLWIzOGUt
ZWI1YmM3ZDk3YWEwLzEvOWNuN29PMGlpSk9LMkpybGF3eDdQRFkxZmVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9lODYyZGUtYzQ2Yy00ZjIxLWIzOGUtZWI1YmM3ZDk3YWEw
LzEvNmthV1BNUjUydHZqeFNJMHE1LXJxb0VpMGxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBTBAIAATBNAwQBW8PyAwQF
fMbAAwMAi0IDAwCTzAMDAJs4AwQCwRDgMAwDBAfCJ4ADBALCJ4gDBAHCLewDBALC
N1gDBAHCqZIDBATKWYADBATZTfAwDQQCAAIwBwMFACoA/gAwDQYJKoZIhvcNAQEL
BQADggEBAI96Pm4fVaMjbdQqmlJLBOHmtMcCVaaFdbTSI+vghS0Iihx71rbcKKI0
TYbvSmi87GytewwWN5lXtsX8AIpeGaHX9vXVyAFb76aFodQVpO5GpvcfeMilnS7C
p/CGnJ8uYOBtrA2VkKRJdgnL+ehtcIzdaarozh4SYqBjCdskxYlTO3GcSnFMQF4r
2LP8v9UgiCx2lIPWi7AlRT0GSoqbtUD3aDbcZVX8anje/UsWf+jDeseNUls9K8M+
B0hsupAOdXFQqM4b6iFcV22MdWJV2MYlL8Ep+yHbr42leHKc39B7II6cGYUbVQv4
sipHh9lqZnXQBgHxMrUc8l5hI6Dnt30=
-----END CERTIFICATE-----
Generated at Sat Feb 21 03:40:31 2026 by rpki-client