Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2bE6o9wQ5a-M4xwVf2Ot75ajv1A.roa
File: 2bE6o9wQ5a-M4xwVf2Ot75ajv1A.roa (raw, json)
Hash identifier: 1nh1VDLallkXhJ2CYfEQOJR6U/+48mduPUwiPP754ak=
Subject key identifier: D9:B1:3A:A3:DC:10:E5:AF:8C:E3:1C:15:7F:63:AD:EF:96:A3:BF:50
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019C7A2E80BE5C9F4A0855396E930128301E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2bE6o9wQ5a-M4xwVf2Ot75ajv1A.roa
Signing time: Fri 20 Feb 2026 08:33:13 +0000
ROA not before: Fri 20 Feb 2026 08:33:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42689
IP address blocks: 82.152.7.0/24 maxlen: 24
82.153.52.0/24 maxlen: 24
82.153.227.0/24 maxlen: 24
82.153.228.0/23 maxlen: 24
82.153.231.0/24 maxlen: 24
89.213.69.0/24 maxlen: 24
89.213.72.0/24 maxlen: 24
89.213.75.0/24 maxlen: 24
89.213.76.0/24 maxlen: 24
89.213.78.0/24 maxlen: 24
109.176.212.0/24 maxlen: 24
109.176.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 23 Feb 2026 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:7a:2e:80:be:5c:9f:4a:08:55:39:6e:93:01:28:30:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 20 08:33:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d9b13aa3dc10e5af8ce31c157f63adef96a3bf50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:34:b2:71:f7:ca:db:11:ef:61:d3:92:45:0e:
23:4d:cf:60:c0:4d:d9:6c:8b:e8:60:f4:1f:1c:c9:
cf:ba:42:66:4f:54:a0:11:2b:1e:24:43:78:6d:0c:
3c:7f:a9:2b:17:6e:ee:e6:0d:1f:0a:35:db:a9:96:
2e:00:87:1f:3a:70:e4:81:e7:80:b1:41:ed:ac:0b:
45:24:9a:5b:e2:8c:44:27:2c:58:93:6b:d1:3d:e7:
33:16:e3:da:21:89:4d:27:c9:0b:a6:8e:d4:0c:a0:
9b:a1:b4:59:37:9c:2f:2d:c2:2c:3a:a9:ce:93:30:
af:b6:cd:35:72:88:2f:a9:b1:8a:4f:6c:08:d8:27:
d8:e9:0f:c6:b8:69:17:93:ab:d3:73:e0:8f:07:e7:
3d:22:d5:05:e5:d4:6a:a4:0e:3e:0e:c3:b4:bb:0b:
c8:0f:96:d4:8c:1a:c7:65:a4:e1:d4:2f:5a:9f:68:
36:fb:22:d1:1e:09:df:14:6d:bb:22:28:c9:3e:13:
d4:63:e2:3e:45:ac:1a:e8:55:14:91:68:62:20:a1:
39:60:09:b7:0e:a7:d5:7b:7c:81:88:f2:c9:39:54:
5e:9a:ac:b7:88:46:92:c3:b2:c6:91:93:f3:97:75:
d1:3a:5d:2c:6d:52:b5:18:b3:a3:ab:bb:db:1a:82:
b3:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:B1:3A:A3:DC:10:E5:AF:8C:E3:1C:15:7F:63:AD:EF:96:A3:BF:50
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2bE6o9wQ5a-M4xwVf2Ot75ajv1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.7.0/24
82.153.52.0/24
82.153.227.0-82.153.229.255
82.153.231.0/24
89.213.69.0/24
89.213.72.0/24
89.213.75.0-89.213.76.255
89.213.78.0/24
109.176.212.0/24
109.176.214.0/24
Signature Algorithm: sha256WithRSAEncryption
75:fb:43:84:22:26:ae:8f:63:dd:fb:fe:cf:30:d7:bb:f5:9a:
aa:d2:8e:c3:be:23:fc:d7:b2:9d:b3:b8:e4:0b:97:19:e2:f6:
6b:29:32:9a:ea:d5:2e:e0:24:87:fd:0b:f1:1c:a7:60:5b:42:
19:f7:7e:c0:67:f1:7b:f4:06:ae:c6:e8:ad:c1:32:b1:68:0a:
25:91:b5:88:dc:79:1a:f7:c7:f1:0d:b4:96:95:eb:30:ab:e9:
05:68:92:0c:3d:93:b4:ea:c8:7e:14:dc:10:3b:fa:ff:84:08:
78:4b:ee:51:cd:c7:6d:8d:54:7d:d0:e2:45:54:dc:37:fe:bd:
a6:1a:48:a3:b3:d3:f4:6a:d5:95:fe:c1:84:03:39:02:37:a5:
9e:b7:d1:ee:6e:79:d4:1c:b9:da:03:e5:cf:5e:36:d7:a8:74:
7a:c5:b6:46:15:cb:81:4f:e0:11:bf:11:c4:a9:67:dd:4b:b5:
cc:35:0d:ac:4b:bf:14:dd:3a:df:2c:bd:68:dc:32:aa:b7:af:
15:76:d4:9b:a3:1b:50:87:aa:b8:a2:9b:22:0c:c3:1a:24:87:
d6:b7:2b:54:cc:01:01:f2:73:dd:cb:12:8c:ab:0c:9d:86:3f:
fb:3e:e7:fb:9e:ad:9a:ed:b6:13:c5:c2:ab:c7:f6:a3:19:6f:
45:bd:ef:00
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZx6LoC+XJ9KCFU5bpMBKDAeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwMjIwMDgzMzEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWIxM2FhM2RjMTBlNWFmOGNlMzFjMTU3ZjYzYWRlZjk2YTNiZjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDSycffK2xHvYdOSRQ4jTc9gwE3Z
bIvoYPQfHMnPukJmT1SgESseJEN4bQw8f6krF27u5g0fCjXbqZYuAIcfOnDkgeeA
sUHtrAtFJJpb4oxEJyxYk2vRPeczFuPaIYlNJ8kLpo7UDKCbobRZN5wvLcIsOqnO
kzCvts01cogvqbGKT2wI2CfY6Q/GuGkXk6vTc+CPB+c9ItUF5dRqpA4+DsO0uwvI
D5bUjBrHZaTh1C9an2g2+yLRHgnfFG27IijJPhPUY+I+Rawa6FUUkWhiIKE5YAm3
DqfVe3yBiPLJOVRemqy3iEaSw7LGkZPzl3XROl0sbVK1GLOjq7vbGoKzdQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFNmxOqPcEOWvjOMcFX9jre+Wo79QMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMmJFNm85d1E1YS1NNHh3VmYyT3Q3NWFqdjFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQAUpgHAwQA
Upk0MAwDBABSmeMDBAFSmeQDBABSmecDBABZ1UUDBABZ1UgwDAMEAFnVSwMEAFnV
TAMEAFnVTgMEAG2w1AMEAG2w1jANBgkqhkiG9w0BAQsFAAOCAQEAdftDhCImro9j
3fv+zzDXu/WaqtKOw74j/NeynbO45AuXGeL2aykymurVLuAkh/0L8RynYFtCGfd+
wGfxe/QGrsborcEysWgKJZG1iNx5GvfH8Q20lpXrMKvpBWiSDD2TtOrIfhTcEDv6
/4QIeEvuUc3HbY1UfdDiRVTcN/69phpIo7PT9GrVlf7BhAM5AjelnrfR7m551By5
2gPlz14216h0esW2RhXLgU/gEb8RxKln3Uu1zDUNrEu/FN063yy9aNwyqrevFXbU
m6MbUIequKKbIgzDGiSH1rcrVMwBAfJz3csSjKsMnYY/+z7n+56tmu22E8XCq8f2
oxlvRb3vAA==
-----END CERTIFICATE-----
Generated at Mon Feb 23 00:05:56 2026 by rpki-client