Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/u4PNqu7zomq50GknEA1Didq4dzU.roa
File: u4PNqu7zomq50GknEA1Didq4dzU.roa (raw, json)
Hash identifier: SILifgb9oJYp3Qv/gR4vyOwQU7jzXYHETC2ZtD1fPTY=
Subject key identifier: BB:83:CD:AA:EE:F3:A2:6A:B9:D0:69:27:10:0D:43:89:DA:B8:77:35
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 019C6BF2B10EC6AB3AB71A8984CB0CA85574
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/u4PNqu7zomq50GknEA1Didq4dzU.roa
Signing time: Tue 17 Feb 2026 14:13:12 +0000
ROA not before: Tue 17 Feb 2026 14:13:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34918
IP address blocks: 45.11.187.0/24 maxlen: 24
91.217.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Feb 2026 14:13:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:6b:f2:b1:0e:c6:ab:3a:b7:1a:89:84:cb:0c:a8:55:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Feb 17 14:13:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bb83cdaaeef3a26ab9d06927100d4389dab87735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:31:0b:c9:2d:56:4d:84:eb:3c:28:7b:dc:31:
05:a5:40:bb:d1:62:0d:eb:28:a7:c2:51:21:6b:9d:
9d:10:34:08:af:79:03:c0:c3:1e:62:6c:b0:9a:9b:
e6:94:3e:a6:9a:83:dc:5a:db:1c:11:d4:44:a3:e6:
51:c9:4f:d4:eb:c2:ac:58:9c:87:5b:b4:19:66:a6:
91:f0:cf:31:c2:a1:b6:9c:3c:5d:29:44:1b:b9:79:
f2:7e:1d:27:4b:58:a0:f0:85:dc:c9:a6:e0:5c:24:
a0:b7:32:55:61:05:31:ff:40:65:e6:3b:82:db:4e:
39:d5:5d:be:43:3e:22:02:f9:38:62:c8:fb:86:dd:
c2:ae:0b:50:ea:b4:df:5b:8f:fa:c8:13:ec:0a:8f:
da:78:c9:97:3b:54:e8:04:f5:dc:e3:e1:2c:66:b0:
a9:c8:61:65:f6:82:90:41:8b:7a:90:b2:3a:7f:ec:
15:80:10:69:d3:21:c1:fe:db:78:a2:97:96:8e:f8:
5d:e7:3a:fe:bc:f1:15:3f:02:27:4c:f0:4a:cd:84:
ee:6f:ed:a9:da:1b:36:71:e0:c6:f9:dc:09:21:46:
45:d3:18:7d:b6:df:fb:60:04:27:94:68:ef:c1:2b:
f4:44:23:7d:6e:24:16:b6:dc:65:1f:da:35:b4:c1:
84:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:83:CD:AA:EE:F3:A2:6A:B9:D0:69:27:10:0D:43:89:DA:B8:77:35
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/u4PNqu7zomq50GknEA1Didq4dzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.187.0/24
91.217.166.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:23:44:60:6e:b4:35:72:83:7c:64:3b:c2:77:8c:e0:e3:df:
fd:08:9c:db:66:b4:34:5f:f3:66:9a:19:8e:9c:b7:b0:20:9d:
1c:d3:45:72:5a:a6:a9:fe:d8:6b:02:fb:f1:3d:88:d1:75:32:
25:23:da:35:84:23:72:a1:05:94:19:ca:2a:cf:a1:b8:a9:e4:
cc:6f:4b:8e:9c:8e:37:91:58:0d:74:eb:65:3f:78:89:6a:b0:
d1:0d:ab:2a:ac:31:a5:f1:29:56:a5:4a:05:da:4a:c0:6b:6e:
7b:fc:05:df:b6:99:ad:7d:56:8a:b2:30:23:92:02:72:c8:27:
3f:b6:1a:e7:cc:0d:3a:30:b1:55:5e:22:98:36:2e:c4:0a:c8:
a8:31:2e:ed:ca:3f:2c:ad:8f:ce:55:00:18:3d:99:f1:27:c0:
20:92:f0:b6:ea:ed:67:43:91:ad:f5:94:4c:c7:73:0d:ae:8b:
15:b4:e2:ec:46:55:d6:92:0d:6c:d5:22:29:08:41:40:db:e2:
11:75:06:83:85:2f:1e:25:08:63:a4:c2:d9:03:46:0b:a2:8e:
e2:ba:b7:9c:7d:ee:ca:9a:81:2f:5e:bd:93:0d:b8:13:55:fa:
be:4b:1d:fb:db:38:66:21:d0:ad:53:f8:31:96:d1:6a:c7:2f:
40:1f:4d:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZxr8rEOxqs6txqJhMsMqFV0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjYwMjE3MTQxMzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjgzY2RhYWVlZjNhMjZhYjlkMDY5MjcxMDBkNDM4OWRhYjg3NzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3jELyS1WTYTrPCh73DEFpUC70WIN
6yinwlEha52dEDQIr3kDwMMeYmywmpvmlD6mmoPcWtscEdREo+ZRyU/U68KsWJyH
W7QZZqaR8M8xwqG2nDxdKUQbuXnyfh0nS1ig8IXcyabgXCSgtzJVYQUx/0Bl5juC
20451V2+Qz4iAvk4Ysj7ht3CrgtQ6rTfW4/6yBPsCo/aeMmXO1ToBPXc4+EsZrCp
yGFl9oKQQYt6kLI6f+wVgBBp0yHB/tt4opeWjvhd5zr+vPEVPwInTPBKzYTub+2p
2hs2ceDG+dwJIUZF0xh9tt/7YAQnlGjvwSv0RCN9biQWttxlH9o1tMGESQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLuDzaru86JqudBpJxANQ4nauHc1MB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvdTRQTnF1N3pvbXE1MEdrbkVBMURpZHE0ZHpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQu7AwQA
W9mmMA0GCSqGSIb3DQEBCwUAA4IBAQB/I0RgbrQ1coN8ZDvCd4zg49/9CJzbZrQ0
X/NmmhmOnLewIJ0c00VyWqap/thrAvvxPYjRdTIlI9o1hCNyoQWUGcoqz6G4qeTM
b0uOnI43kVgNdOtlP3iJarDRDasqrDGl8SlWpUoF2krAa257/AXftpmtfVaKsjAj
kgJyyCc/thrnzA06MLFVXiKYNi7ECsioMS7tyj8srY/OVQAYPZnxJ8AgkvC26u1n
Q5Gt9ZRMx3MNrosVtOLsRlXWkg1s1SIpCEFA2+IRdQaDhS8eJQhjpMLZA0YLoo7i
urecfe7KmoEvXr2TDbgTVfq+Sx372zhmIdCtU/gxltFqxy9AH01n
-----END CERTIFICATE-----
Generated at Tue Feb 17 18:42:43 2026 by rpki-client