Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/4SJJucH40Dscf3Ue62wtU0DfH6E.roa
File: 4SJJucH40Dscf3Ue62wtU0DfH6E.roa (raw, json)
Hash identifier: QGCBTFVXrzql7PtcPo7oGZ6zg9NODVzu4Qj7AspLapc=
Subject key identifier: E1:22:49:B9:C1:F8:D0:3B:1C:7F:75:1E:EB:6C:2D:53:40:DF:1F:A1
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 019C0AABB2EF40B499DFA068240D90254578
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/4SJJucH40Dscf3Ue62wtU0DfH6E.roa
Signing time: Thu 29 Jan 2026 16:52:30 +0000
ROA not before: Thu 29 Jan 2026 16:52:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215540
IP address blocks: 31.129.22.0/24 maxlen: 24
45.82.13.0/24 maxlen: 24
45.95.232.0/24 maxlen: 24
45.95.233.0/24 maxlen: 24
77.83.116.0/24 maxlen: 24
89.191.232.0/24 maxlen: 24
92.118.112.0/24 maxlen: 24
141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
185.247.184.0/24 maxlen: 24
194.28.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Feb 2026 09:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:0a:ab:b2:ef:40:b4:99:df:a0:68:24:0d:90:25:45:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 29 16:52:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e12249b9c1f8d03b1c7f751eeb6c2d5340df1fa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8b:e5:09:91:79:1d:ca:29:e0:54:61:63:8e:
48:a4:05:82:92:2d:5d:12:d9:5c:ab:a7:84:db:c4:
51:ff:0d:e2:d0:c3:f4:6c:44:31:98:a0:64:b6:9d:
77:ba:0a:31:c3:2a:60:2f:57:39:5c:3a:f4:54:20:
4c:19:d4:fc:90:a1:a9:bb:19:f3:8f:a5:ca:d6:94:
71:2e:62:3a:45:4f:e9:db:65:f2:4d:0e:cd:b4:a0:
0b:c4:85:3c:69:ce:97:44:01:93:89:9a:a0:93:34:
81:ca:d6:af:03:76:50:b9:b2:91:2e:87:83:53:9b:
e9:9e:5f:0c:58:64:3d:e4:fc:c6:b1:a9:8e:45:60:
91:33:5a:f5:c4:b4:e1:26:85:62:f6:e8:e2:aa:01:
d2:66:29:fc:58:82:07:34:d4:07:0e:ee:2e:39:13:
15:1a:0a:0a:26:ee:15:ad:01:10:d8:26:13:92:c9:
e7:74:70:b5:de:f7:e1:73:34:00:43:e7:93:5b:8e:
83:a4:b1:d8:6c:a2:bb:a1:e3:1e:eb:d4:cb:73:af:
4d:38:e7:9b:f0:5f:8b:c6:da:39:4f:03:f2:0c:88:
66:3c:67:03:f4:d0:4e:a3:0d:8b:d8:51:79:5a:78:
7f:bb:7a:c3:7b:e9:89:db:2d:c2:ff:42:bf:cf:f6:
58:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:22:49:B9:C1:F8:D0:3B:1C:7F:75:1E:EB:6C:2D:53:40:DF:1F:A1
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/4SJJucH40Dscf3Ue62wtU0DfH6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.22.0/24
45.82.13.0/24
45.95.232.0/23
77.83.116.0/24
89.191.232.0/24
92.118.112.0/24
141.98.233.0-141.98.234.255
185.247.184.0/24
194.28.192.0/24
Signature Algorithm: sha256WithRSAEncryption
60:53:92:f3:04:11:46:25:04:96:04:5b:32:87:84:78:37:91:
76:62:94:6d:8b:d0:80:ba:bf:c8:59:0f:e4:10:11:84:fc:d6:
5f:90:60:e2:29:b5:65:de:d5:97:52:4b:8d:eb:68:80:a5:4f:
85:80:97:37:47:5b:bb:4a:79:c1:df:2d:19:6e:a0:6d:af:00:
50:04:92:49:c8:ed:22:8c:5b:f1:5a:d7:bd:2d:6a:79:ba:fb:
35:88:04:c7:85:a6:98:68:00:7b:2d:15:24:54:31:8c:2a:08:
db:ef:ad:04:10:c9:26:5d:ea:b4:d1:9f:6b:12:cd:8a:3a:80:
b0:13:1b:90:91:5b:73:3e:ab:79:af:34:45:14:a4:84:bf:4a:
9a:97:93:2f:0d:84:bf:8e:1f:ee:c1:9d:88:88:07:df:4b:00:
34:a3:f9:96:6d:60:65:84:d8:d7:5c:96:03:b7:e0:12:d6:91:
83:8a:25:dc:c5:35:b8:85:f0:90:55:38:ef:5e:c0:82:43:75:
76:c9:0e:65:62:81:47:55:b2:a4:a4:dd:a4:73:38:69:8b:cb:
bb:3d:6c:b8:af:37:df:99:d5:64:98:49:1c:a1:38:06:e2:32:
e3:5a:48:35:cd:17:fe:76:ca:47:db:14:30:11:da:bc:6c:fd:
15:00:a3:8e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZwKq7LvQLSZ36BoJA2QJUV4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjYwMTI5MTY1MjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTIyNDliOWMxZjhkMDNiMWM3Zjc1MWVlYjZjMmQ1MzQwZGYxZmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4vlCZF5Hcop4FRhY45IpAWCki1d
Etlcq6eE28RR/w3i0MP0bEQxmKBktp13ugoxwypgL1c5XDr0VCBMGdT8kKGpuxnz
j6XK1pRxLmI6RU/p22XyTQ7NtKALxIU8ac6XRAGTiZqgkzSBytavA3ZQubKRLoeD
U5vpnl8MWGQ95PzGsamORWCRM1r1xLThJoVi9ujiqgHSZin8WIIHNNQHDu4uORMV
GgoKJu4VrQEQ2CYTksnndHC13vfhczQAQ+eTW46DpLHYbKK7oeMe69TLc69NOOeb
8F+Lxto5TwPyDIhmPGcD9NBOow2L2FF5Wnh/u3rDe+mJ2y3C/0K/z/ZYRwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFOEiSbnB+NA7HH91HutsLVNA3x+hMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvNFNKSnVjSDQwRHNjZjNVZTYyd3RVMERmSDZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAH4EWAwQA
LVINAwQBLV/oAwQATVN0AwQAWb/oAwQAXHZwMAwDBACNYukDBACNYuoDBAC597gD
BADCHMAwDQYJKoZIhvcNAQELBQADggEBAGBTkvMEEUYlBJYEWzKHhHg3kXZilG2L
0IC6v8hZD+QQEYT81l+QYOIptWXe1ZdSS43raIClT4WAlzdHW7tKecHfLRluoG2v
AFAEkknI7SKMW/Fa170tanm6+zWIBMeFpphoAHstFSRUMYwqCNvvrQQQySZd6rTR
n2sSzYo6gLATG5CRW3M+q3mvNEUUpIS/SpqXky8NhL+OH+7BnYiIB99LADSj+ZZt
YGWE2NdclgO34BLWkYOKJdzFNbiF8JBVOO9ewIJDdXbJDmVigUdVsqSk3aRzOGmL
y7s9bLivN9+Z1WSYSRyhOAbiMuNaSDXNF/52ykfbFDAR2rxs/RUAo44=
-----END CERTIFICATE-----
Generated at Tue Feb 17 14:00:46 2026 by rpki-client