Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VZrOaMY8MamXA06006TtT3HnVwI.roa
File: VZrOaMY8MamXA06006TtT3HnVwI.roa (raw, json)
Hash identifier: in2STxchT7qI4VP5BxyXHdysUwVSXc5T+RjaH30MFqw=
Subject key identifier: 55:9A:CE:68:C6:3C:31:A9:97:03:4E:B4:D3:A4:ED:4F:71:E7:57:02
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019C658E08BB95E73934A04CC7B41445F24C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VZrOaMY8MamXA06006TtT3HnVwI.roa
Signing time: Mon 16 Feb 2026 08:25:33 +0000
ROA not before: Mon 16 Feb 2026 08:25:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20473
IP address blocks: 80.240.88.0/24 maxlen: 24
80.240.92.0/24 maxlen: 24
82.152.249.0/24 maxlen: 24
82.152.250.0/24 maxlen: 24
82.153.207.0/24 maxlen: 24
89.213.128.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 23 Feb 2026 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:65:8e:08:bb:95:e7:39:34:a0:4c:c7:b4:14:45:f2:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 16 08:25:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=559ace68c63c31a997034eb4d3a4ed4f71e75702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:10:9b:26:07:e5:56:71:75:b7:1f:54:2d:4d:
3f:ff:c2:e4:46:32:9b:2a:62:41:92:bf:89:77:39:
78:fa:37:ba:37:b3:58:58:28:31:d5:19:30:d0:cd:
69:ee:72:37:70:41:d9:87:bb:3d:d2:93:cd:6f:7b:
7a:b2:0c:36:bb:c4:df:8b:a9:9e:c0:ba:06:1d:61:
7e:bc:f4:07:13:3a:eb:95:9e:34:f9:56:55:7f:3c:
55:0b:a2:c6:c8:3e:e7:8c:0d:4c:85:c6:36:66:7b:
cc:9f:1b:d9:d5:b6:a4:5b:7f:77:ae:fc:24:dd:d4:
f4:d1:56:25:f8:eb:b0:68:a3:b7:fc:32:66:2a:35:
bf:5e:2b:32:de:97:d4:d2:22:14:6a:2b:39:3c:a6:
02:8d:1c:0c:30:d1:7a:40:30:e0:6a:90:e3:dc:4d:
bb:dd:d4:e3:6e:ee:f3:9b:6a:01:61:7b:83:1a:20:
75:00:5a:1a:47:c1:44:2d:71:11:98:a5:38:8c:ce:
29:1a:50:83:14:59:70:1c:44:81:a5:97:1c:ac:24:
59:a5:85:3e:6e:25:81:b0:8f:f5:1f:ed:55:7e:ab:
47:7b:13:25:d8:a6:72:a8:3b:67:94:bb:69:22:30:
31:62:1c:cf:3d:5a:5b:c6:44:c1:82:2f:fa:5e:ca:
7f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:9A:CE:68:C6:3C:31:A9:97:03:4E:B4:D3:A4:ED:4F:71:E7:57:02
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VZrOaMY8MamXA06006TtT3HnVwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.88.0/24
80.240.92.0/24
82.152.249.0-82.152.250.255
82.153.207.0/24
89.213.128.0/24
89.213.169.0/24
89.213.176.0/24
Signature Algorithm: sha256WithRSAEncryption
71:84:9e:6b:eb:70:65:eb:2d:65:b4:ac:07:f5:5f:83:ca:90:
7c:f9:e4:39:53:a4:75:c6:b0:9b:58:e1:30:31:65:e8:61:54:
2d:17:ef:40:f6:36:ee:ec:d8:2b:da:46:ed:f9:54:42:bc:b7:
c9:2d:08:31:a1:9d:dc:59:ae:d5:be:82:8f:47:eb:d3:5f:32:
ab:d8:e7:59:d8:2c:bb:e0:01:7d:42:1f:ec:3e:da:ef:0d:41:
ea:e9:ae:70:32:9a:8b:52:48:dc:23:b3:d9:e2:00:72:9b:9e:
b9:5c:d3:14:28:e1:ec:c1:fd:ac:ba:30:4c:f6:b7:d0:04:ef:
ad:48:fd:f6:27:6e:1b:52:5d:0b:b2:5c:db:25:68:08:a9:df:
06:34:8d:68:66:cf:7e:37:c4:4b:db:7e:47:8a:47:ea:45:df:
f8:07:44:e9:23:21:7e:9a:81:24:5a:15:36:3d:7e:c1:ee:07:
90:13:c0:ac:da:0f:ae:02:93:cf:ed:6f:92:df:7e:55:1c:f6:
32:9d:3e:9b:e7:56:6e:b0:8f:83:ab:52:4f:50:43:5c:48:08:
b6:0b:39:08:6c:4f:4f:50:63:a2:b8:f8:b3:70:f6:04:79:3e:
0b:29:d3:ed:90:69:67:78:82:e3:69:df:dd:2a:40:23:b6:d0:
02:af:24:ed
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZxljgi7lec5NKBMx7QURfJMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwMjE2MDgyNTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTlhY2U2OGM2M2MzMWE5OTcwMzRlYjRkM2E0ZWQ0ZjcxZTc1NzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5xCbJgflVnF1tx9ULU0//8LkRjKb
KmJBkr+Jdzl4+je6N7NYWCgx1Rkw0M1p7nI3cEHZh7s90pPNb3t6sgw2u8Tfi6me
wLoGHWF+vPQHEzrrlZ40+VZVfzxVC6LGyD7njA1MhcY2ZnvMnxvZ1bakW393rvwk
3dT00VYl+OuwaKO3/DJmKjW/Xisy3pfU0iIUais5PKYCjRwMMNF6QDDgapDj3E27
3dTjbu7zm2oBYXuDGiB1AFoaR8FELXERmKU4jM4pGlCDFFlwHESBpZccrCRZpYU+
biWBsI/1H+1VfqtHexMl2KZyqDtnlLtpIjAxYhzPPVpbxkTBgi/6Xsp/gQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFFWazmjGPDGplwNOtNOk7U9x51cCMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVlpyT2FNWThNYW1YQTA2MDA2VHRUM0huVndJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAUPBYAwQA
UPBcMAwDBABSmPkDBABSmPoDBABSmc8DBABZ1YADBABZ1akDBABZ1bAwDQYJKoZI
hvcNAQELBQADggEBAHGEnmvrcGXrLWW0rAf1X4PKkHz55DlTpHXGsJtY4TAxZehh
VC0X70D2Nu7s2CvaRu35VEK8t8ktCDGhndxZrtW+go9H69NfMqvY51nYLLvgAX1C
H+w+2u8NQerprnAymotSSNwjs9niAHKbnrlc0xQo4ezB/ay6MEz2t9AE761I/fYn
bhtSXQuyXNslaAip3wY0jWhmz343xEvbfkeKR+pF3/gHROkjIX6agSRaFTY9fsHu
B5ATwKzaD64Ck8/tb5LfflUc9jKdPpvnVm6wj4OrUk9QQ1xICLYLOQhsT09QY6K4
+LNw9gR5Pgsp0+2QaWd4guNp390qQCO20AKvJO0=
-----END CERTIFICATE-----
Generated at Mon Feb 23 00:05:56 2026 by rpki-client