Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/d2zTama1LnRKXyRDhiDmyBFmmT4.roa
File: d2zTama1LnRKXyRDhiDmyBFmmT4.roa (raw, json)
Hash identifier: KJ1ZfhAxL1UQe1ld8+/1Tu56AIVE6nvFyX69hIsSBiU=
Subject key identifier: 77:6C:D3:6A:66:B5:2E:74:4A:5F:24:43:86:20:E6:C8:11:66:99:3E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019C6B08A41AF0E6809002F0F044C53DB3FD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/d2zTama1LnRKXyRDhiDmyBFmmT4.roa
Signing time: Tue 17 Feb 2026 09:57:34 +0000
ROA not before: Tue 17 Feb 2026 09:57:34 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63199
IP address blocks: 80.240.85.0/24 maxlen: 24
81.168.18.0/24 maxlen: 24
81.168.58.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
82.163.18.0/24 maxlen: 24
89.213.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 23 Feb 2026 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:6b:08:a4:1a:f0:e6:80:90:02:f0:f0:44:c5:3d:b3:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 17 09:57:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=776cd36a66b52e744a5f24438620e6c81166993e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:30:a3:f6:39:3f:ed:e1:a0:78:b0:3b:26:f1:
62:d0:9c:81:b3:8c:f6:64:67:8f:d0:a3:1f:3e:81:
bf:72:9d:f3:c3:a6:fb:71:66:9d:f7:cb:2a:74:31:
0d:d4:63:81:2b:67:74:2c:8b:1a:88:31:28:f6:2f:
ab:cb:54:5b:51:82:c5:f8:1e:90:43:f0:ad:13:fc:
1c:d8:30:80:f3:87:0c:20:b3:e8:24:35:84:b4:70:
00:85:c8:29:5b:d0:ca:07:ee:29:92:f5:49:0d:73:
8c:85:0d:c8:78:b9:31:d5:87:1a:f9:6a:73:81:b3:
b1:84:f9:42:85:fd:0a:37:91:30:dc:cc:fb:59:9e:
79:f6:25:17:73:38:cf:b9:49:c4:2e:4f:50:df:ae:
3e:c2:cb:b1:e4:b4:eb:0b:e6:c8:52:ee:bb:c2:29:
08:f1:50:53:b5:50:d9:88:28:f3:b0:7b:68:b3:79:
01:3b:9c:ca:ea:1b:bd:34:c9:b1:24:72:41:42:e9:
d0:85:c4:1b:3b:77:e2:a3:56:c4:4b:f6:c2:f1:7b:
55:02:b5:eb:86:37:ce:b3:45:48:27:44:bd:24:e1:
00:95:b8:2e:b1:e5:7b:d7:63:93:2e:5a:3b:bc:d7:
ca:88:6c:a7:f3:89:94:fa:fa:54:46:78:23:61:93:
48:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:6C:D3:6A:66:B5:2E:74:4A:5F:24:43:86:20:E6:C8:11:66:99:3E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/d2zTama1LnRKXyRDhiDmyBFmmT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.85.0/24
81.168.18.0/24
81.168.58.0/24
81.168.123.0/24
82.163.18.0/24
89.213.192.0/24
Signature Algorithm: sha256WithRSAEncryption
81:c6:bf:eb:33:47:a9:49:4c:bb:e0:c6:d6:01:e2:b0:57:36:
d9:95:23:ab:76:6a:ec:e9:af:05:9d:c8:5d:06:24:92:06:5b:
2e:15:1e:be:91:64:98:39:82:15:ef:8c:ba:92:68:ed:65:f3:
15:85:2c:96:35:d0:72:ba:12:18:bf:d1:ea:c0:0b:e1:7b:a7:
25:9a:84:fe:ce:90:97:e0:9b:5c:7b:d7:c3:84:e4:04:6b:e4:
13:7d:56:d4:dc:bc:75:fe:6f:b2:03:05:8c:11:fa:28:a5:1f:
ee:dc:91:2f:91:5a:96:cf:84:66:5b:bc:33:c0:f9:ad:10:38:
37:2c:46:51:8f:db:2e:9b:6a:28:c0:62:5d:45:c6:79:22:41:
28:c8:15:74:8b:4e:f5:6d:c3:28:e7:04:2c:de:9b:e0:5d:94:
fd:b9:13:e1:a6:64:c0:02:e6:a5:36:66:dd:70:50:63:46:6d:
65:a6:99:43:a0:d6:aa:44:85:61:73:2b:73:8b:09:30:a5:04:
25:97:1a:a4:d0:9b:43:7e:9c:2a:72:86:65:ac:ea:90:71:cf:
10:e4:10:5f:e9:f7:af:7d:60:c9:18:56:51:dd:39:e5:c5:be:
19:7d:59:83:e4:0e:6c:36:61:56:86:e3:8e:f3:2a:50:6f:70:
e4:d1:74:09
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZxrCKQa8OaAkALw8ETFPbP9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwMjE3MDk1NzM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzZjZDM2YTY2YjUyZTc0NGE1ZjI0NDM4NjIwZTZjODExNjY5OTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTCj9jk/7eGgeLA7JvFi0JyBs4z2
ZGeP0KMfPoG/cp3zw6b7cWad98sqdDEN1GOBK2d0LIsaiDEo9i+ry1RbUYLF+B6Q
Q/CtE/wc2DCA84cMILPoJDWEtHAAhcgpW9DKB+4pkvVJDXOMhQ3IeLkx1Yca+Wpz
gbOxhPlChf0KN5Ew3Mz7WZ559iUXczjPuUnELk9Q364+wsux5LTrC+bIUu67wikI
8VBTtVDZiCjzsHtos3kBO5zK6hu9NMmxJHJBQunQhcQbO3fio1bES/bC8XtVArXr
hjfOs0VIJ0S9JOEAlbguseV712OTLlo7vNfKiGyn84mU+vpURngjYZNIdwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHds02pmtS50Sl8kQ4Yg5sgRZpk+MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZDJ6VGFtYTFMblJLWHlSRGhpRG15QkZtbVQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUPBVAwQA
UagSAwQAUag6AwQAUah7AwQAUqMSAwQAWdXAMA0GCSqGSIb3DQEBCwUAA4IBAQCB
xr/rM0epSUy74MbWAeKwVzbZlSOrdmrs6a8FnchdBiSSBlsuFR6+kWSYOYIV74y6
kmjtZfMVhSyWNdByuhIYv9HqwAvhe6clmoT+zpCX4Jtce9fDhOQEa+QTfVbU3Lx1
/m+yAwWMEfoopR/u3JEvkVqWz4RmW7wzwPmtEDg3LEZRj9sum2oowGJdRcZ5IkEo
yBV0i071bcMo5wQs3pvgXZT9uRPhpmTAAualNmbdcFBjRm1lpplDoNaqRIVhcytz
iwkwpQQllxqk0JtDfpwqcoZlrOqQcc8Q5BBf6fevfWDJGFZR3Tnlxb4ZfVmD5A5s
NmFWhuOO8ypQb3Dk0XQJ
-----END CERTIFICATE-----
Generated at Mon Feb 23 00:06:26 2026 by rpki-client