Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/oHEqPAe1ivuwFNv9bGllrDKsai0.roa
File: oHEqPAe1ivuwFNv9bGllrDKsai0.roa (raw, json)
Hash identifier: wG4lmKGW2sDhafNch0IB2B5XrD9JZ9PYTL5b8W0MG0c=
Subject key identifier: A0:71:2A:3C:07:B5:8A:FB:B0:14:DB:FD:6C:69:65:AC:32:AC:6A:2D
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019C6CEF608A2F1691B7F616360F18FACEDD
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/oHEqPAe1ivuwFNv9bGllrDKsai0.roa
Signing time: Tue 17 Feb 2026 18:49:13 +0000
ROA not before: Tue 17 Feb 2026 18:49:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200598
IP address blocks: 24.235.22.0/23 maxlen: 24
62.112.30.0/24 maxlen: 24
66.9.96.0/20 maxlen: 24
69.72.72.0/22 maxlen: 24
77.223.192.0/21 maxlen: 24
77.223.200.0/23 maxlen: 24
79.110.184.0/22 maxlen: 24
79.139.64.0/23 maxlen: 24
83.142.200.0/21 maxlen: 24
85.204.28.0/23 maxlen: 24
86.106.28.0/23 maxlen: 24
89.20.50.0/23 maxlen: 24
89.37.60.0/23 maxlen: 24
89.39.184.0/23 maxlen: 24
89.40.236.0/23 maxlen: 24
89.42.213.0/24 maxlen: 24
89.42.215.0/24 maxlen: 24
91.217.106.0/23 maxlen: 24
121.127.48.0/20 maxlen: 24
128.0.60.0/22 maxlen: 24
141.193.214.0/23 maxlen: 24
162.216.138.0/23 maxlen: 24
168.149.248.0/23 maxlen: 24
173.214.200.0/22 maxlen: 24
176.111.54.0/23 maxlen: 24
176.222.48.0/22 maxlen: 24
178.216.184.0/21 maxlen: 24
193.91.8.0/23 maxlen: 24
195.78.90.0/23 maxlen: 24
195.128.136.0/24 maxlen: 24
198.14.16.0/20 maxlen: 24
198.145.112.0/22 maxlen: 24
199.48.230.0/23 maxlen: 24
204.15.4.0/22 maxlen: 24
205.220.216.0/23 maxlen: 24
217.144.108.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Feb 2026 09:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:6c:ef:60:8a:2f:16:91:b7:f6:16:36:0f:18:fa:ce:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Feb 17 18:49:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a0712a3c07b58afbb014dbfd6c6965ac32ac6a2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:16:32:c3:80:7f:17:24:7b:f3:eb:83:e3:63:
2e:19:d6:a1:ca:51:0c:f4:d8:68:91:47:49:69:ea:
da:e5:d3:77:43:18:de:5c:ee:52:eb:5b:f5:a5:72:
f7:a1:4d:0f:55:fd:f5:f0:8d:35:23:5a:50:f8:55:
c1:ae:46:e4:a8:ac:cb:19:7b:7e:11:59:4f:8c:e8:
62:f5:8c:36:07:46:22:b9:c3:b4:fa:94:66:3d:8f:
12:9e:86:91:1c:8e:3e:06:63:39:0a:3c:3e:5e:44:
29:21:88:d6:8a:07:fc:7e:7a:f3:1d:b7:09:a7:cd:
78:90:d2:cf:d0:bf:54:4e:e8:45:f5:3a:fd:6d:05:
01:f9:0d:7e:da:b1:7c:04:6e:cb:99:27:3b:5c:64:
da:77:29:42:47:48:a2:fc:86:ea:41:7b:5d:df:2c:
92:61:a4:cb:0d:c7:dc:cd:e0:4f:1b:09:55:56:7f:
69:73:93:c6:03:07:72:c9:34:e5:63:43:32:17:72:
b3:56:a2:bd:2d:cb:9c:7e:94:40:d5:5e:9b:06:53:
9d:60:81:01:97:36:61:f3:a6:03:bd:7f:0a:62:01:
da:80:19:d5:ec:51:9f:c7:b9:1b:75:7a:00:48:2e:
12:d3:c6:f6:58:68:04:63:83:d7:8a:5e:45:e2:b6:
bc:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:71:2A:3C:07:B5:8A:FB:B0:14:DB:FD:6C:69:65:AC:32:AC:6A:2D
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/oHEqPAe1ivuwFNv9bGllrDKsai0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.235.22.0/23
62.112.30.0/24
66.9.96.0/20
69.72.72.0/22
77.223.192.0-77.223.201.255
79.110.184.0/22
79.139.64.0/23
83.142.200.0/21
85.204.28.0/23
86.106.28.0/23
89.20.50.0/23
89.37.60.0/23
89.39.184.0/23
89.40.236.0/23
89.42.213.0/24
89.42.215.0/24
91.217.106.0/23
121.127.48.0/20
128.0.60.0/22
141.193.214.0/23
162.216.138.0/23
168.149.248.0/23
173.214.200.0/22
176.111.54.0/23
176.222.48.0/22
178.216.184.0/21
193.91.8.0/23
195.78.90.0/23
195.128.136.0/24
198.14.16.0/20
198.145.112.0/22
199.48.230.0/23
204.15.4.0/22
205.220.216.0/23
217.144.108.0/22
Signature Algorithm: sha256WithRSAEncryption
09:b2:d4:16:05:74:a5:d8:d5:86:b0:f0:4c:7a:3c:9f:d2:c3:
82:3f:15:ad:09:54:06:de:8e:a4:08:2d:9a:20:7d:67:c7:b3:
f1:47:bd:6c:89:cc:4f:10:d0:9e:3e:5a:7a:3b:82:e7:8c:8f:
f2:2f:e4:b6:dc:71:7a:6c:c2:0a:4e:2b:53:04:ff:1d:5b:6a:
79:62:27:0d:1f:80:09:82:f9:99:9e:c1:62:b3:8d:82:d7:92:
50:f8:25:c3:ad:07:7f:c7:62:0a:ad:80:03:d7:35:21:d7:35:
97:9e:a8:50:b1:57:6b:ad:d6:b6:b7:f3:a5:6f:98:01:c4:d2:
50:ad:ae:a2:81:a9:43:8d:11:cd:85:26:08:98:8c:d2:1b:96:
e9:08:00:51:07:cf:71:74:fb:63:85:c7:2a:35:53:50:9f:44:
75:a4:a1:32:09:c3:f4:e7:a3:3b:bc:86:2f:88:c6:8e:4a:41:
66:81:33:c4:8c:5f:99:a3:d5:a6:ce:2b:17:20:9f:1c:0a:af:
de:13:f7:20:0a:1f:22:9a:6c:6c:d8:2c:2b:ba:e9:ed:e4:ec:
2a:09:dc:32:44:2a:6a:54:24:83:58:31:d9:62:dc:b6:cf:5f:
43:56:c9:ab:0b:6e:f1:53:30:ec:ab:51:9b:bc:f9:a9:92:4a:
d3:0c:a7:06
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAZxs72CKLxaRt/YWNg8Y+s7dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjYwMjE3MTg0OTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDcxMmEzYzA3YjU4YWZiYjAxNGRiZmQ2YzY5NjVhYzMyYWM2YTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRYyw4B/FyR78+uD42MuGdahylEM
9NhokUdJaera5dN3QxjeXO5S61v1pXL3oU0PVf318I01I1pQ+FXBrkbkqKzLGXt+
EVlPjOhi9Yw2B0YiucO0+pRmPY8SnoaRHI4+BmM5Cjw+XkQpIYjWigf8fnrzHbcJ
p814kNLP0L9UTuhF9Tr9bQUB+Q1+2rF8BG7LmSc7XGTadylCR0ii/IbqQXtd3yyS
YaTLDcfczeBPGwlVVn9pc5PGAwdyyTTlY0MyF3KzVqK9LcucfpRA1V6bBlOdYIEB
lzZh86YDvX8KYgHagBnV7FGfx7kbdXoASC4S08b2WGgEY4PXil5F4ra8BQIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFKBxKjwHtYr7sBTb/WxpZawyrGotMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvb0hFcVBBZTFpdnV3Rk52OWJHbGxyREtzYWkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCB4QQCAAEwgdoDBAEY
6xYDBAA+cB4DBARCCWADBAJFSEgwDAMEBk3fwAMEAU3fyAMEAk9uuAMEAU+LQAME
A1OOyAMEAVXMHAMEAVZqHAMEAVkUMgMEAVklPAMEAVknuAMEAVko7AMEAFkq1QME
AFkq1wMEAVvZagMEBHl/MAMEAoAAPAMEAY3B1gMEAaLYigMEAaiV+AMEAq3WyAME
AbBvNgMEArDeMAMEA7LYuAMEAcFbCAMEAcNOWgMEAMOAiAMEBMYOEAMEAsaRcAME
Accw5gMEAswPBAMEAc3c2AMEAtmQbDANBgkqhkiG9w0BAQsFAAOCAQEACbLUFgV0
pdjVhrDwTHo8n9LDgj8VrQlUBt6OpAgtmiB9Z8ez8Ue9bInMTxDQnj5aejuC54yP
8i/kttxxemzCCk4rUwT/HVtqeWInDR+ACYL5mZ7BYrONgteSUPglw60Hf8diCq2A
A9c1Idc1l56oULFXa63WtrfzpW+YAcTSUK2uooGpQ40RzYUmCJiM0huW6QgAUQfP
cXT7Y4XHKjVTUJ9EdaShMgnD9OejO7yGL4jGjkpBZoEzxIxfmaPVps4rFyCfHAqv
3hP3IAofIppsbNgsK7rp7eTsKgncMkQqalQkg1gx2WLcts9fQ1bJqwtu8VMw7KtR
m7z5qZJK0wynBg==
-----END CERTIFICATE-----
Generated at Thu Feb 26 17:35:23 2026 by rpki-client