Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/0XIEYevQxHa3qVi1xqJF7TOt-BI.roa
File: 0XIEYevQxHa3qVi1xqJF7TOt-BI.roa (raw, json)
Hash identifier: TR0axpPWugqIExthY/PzMq8HZe1STHHvZqoDVXXwjKA=
Subject key identifier: D1:72:04:61:EB:D0:C4:76:B7:A9:58:B5:C6:A2:45:ED:33:AD:F8:12
Certificate issuer: /CN=d4b95330734c9aaf66d11bcd2bedd380f410f93f
Certificate serial: 019C7AE977DA42C39A086F71BE1957941932
Authority key identifier: D4:B9:53:30:73:4C:9A:AF:66:D1:1B:CD:2B:ED:D3:80:F4:10:F9:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/0XIEYevQxHa3qVi1xqJF7TOt-BI.roa
Signing time: Fri 20 Feb 2026 11:57:26 +0000
ROA not before: Fri 20 Feb 2026 11:57:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 103.146.118.0/24 maxlen: 24
195.226.88.0/24 maxlen: 24
195.226.89.0/24 maxlen: 24
195.226.90.0/24 maxlen: 24
195.226.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.mft
rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Feb 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:7a:e9:77:da:42:c3:9a:08:6f:71:be:19:57:94:19:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4b95330734c9aaf66d11bcd2bedd380f410f93f
Validity
Not Before: Feb 20 11:57:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d1720461ebd0c476b7a958b5c6a245ed33adf812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:90:a0:2c:c4:49:20:eb:02:bd:bd:fc:2c:90:
17:0e:ca:a4:cb:f5:aa:08:a4:58:11:e7:b1:d7:8c:
59:1e:7c:73:21:91:8a:ca:25:a8:9e:af:2b:21:c2:
de:d3:38:44:7d:0e:b7:13:f9:12:f9:d0:c5:be:fb:
82:bc:5b:24:ee:e4:0d:d4:d0:30:14:21:27:76:06:
9e:6b:e5:3f:6c:e5:e3:0f:a4:1a:6d:af:40:60:21:
35:b6:83:79:49:f2:5e:fe:a9:b9:3d:d9:58:00:25:
2e:de:0d:81:65:94:6f:f9:c6:ca:a3:27:75:3d:af:
f3:f9:58:7b:46:ef:71:92:9f:53:1b:3f:15:b6:9b:
cf:84:fc:95:75:80:7a:03:94:b4:d2:cc:ae:aa:a4:
3a:fa:fc:1c:f4:e3:e8:4e:f8:18:f4:04:6a:76:38:
40:4b:a4:33:44:26:b9:ac:51:0d:9c:61:4d:9f:c2:
bb:5c:7c:c3:e7:19:b3:22:d3:26:48:0d:31:4a:a9:
ef:f6:70:fd:5d:c0:11:21:5e:4f:29:34:3a:d5:ca:
7f:42:d0:72:78:c0:6a:0f:a9:83:e3:1d:26:3c:b4:
fd:b1:26:62:c0:0b:b3:86:3d:e9:5b:58:ed:bb:76:
a3:d0:7a:9c:e2:10:82:95:7c:89:67:3e:4f:da:fa:
6d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:72:04:61:EB:D0:C4:76:B7:A9:58:B5:C6:A2:45:ED:33:AD:F8:12
X509v3 Authority Key Identifier:
keyid:D4:B9:53:30:73:4C:9A:AF:66:D1:1B:CD:2B:ED:D3:80:F4:10:F9:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/0XIEYevQxHa3qVi1xqJF7TOt-BI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.146.118.0/24
195.226.88.0/22
Signature Algorithm: sha256WithRSAEncryption
19:04:60:55:d8:a8:93:5e:b8:4f:ec:15:85:68:2d:91:06:cb:
53:e0:5b:96:4c:51:01:f3:83:d4:be:04:79:97:f2:c7:ce:19:
e1:a7:e0:37:dc:2e:06:11:e5:a5:07:e1:9b:48:82:6a:1c:c0:
e3:4e:ba:93:dd:37:8f:87:25:b5:e6:7f:2b:a9:52:f9:f5:b2:
4d:8b:fd:0b:c9:97:9d:28:bd:73:27:3c:cf:2c:69:dd:98:3b:
ec:d6:b2:ba:40:84:ee:30:6f:57:01:a7:15:67:fb:cf:f6:d5:
50:33:93:1d:26:ae:17:9a:81:46:8d:19:ac:3d:cd:a6:15:03:
0a:28:48:f5:c6:ac:3f:90:9a:47:28:8b:0b:c1:16:98:a0:02:
12:1a:72:c9:11:52:48:4e:18:47:8d:74:e7:8f:8d:e0:f7:3e:
d8:3f:93:56:98:43:3e:d9:54:4c:d7:60:d9:a6:62:a4:91:dc:
8a:92:53:fa:d3:30:15:aa:72:65:29:b7:a3:7a:e2:31:b7:bc:
d7:70:d5:5a:d5:55:47:2e:53:d7:47:5b:aa:76:b8:9c:0d:70:
90:43:60:c4:ba:df:85:0c:ed:3f:ae:63:91:9c:97:9c:00:75:
a5:5d:4a:73:dc:ce:ac:59:91:b9:15:f4:ba:6b:00:c7:3d:74:
f3:26:7c:84
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZx66XfaQsOaCG9xvhlXlBkyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Yjk1MzMwNzM0YzlhYWY2NmQxMWJjZDJiZWRkMzgwZjQx
MGY5M2YwHhcNMjYwMjIwMTE1NzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTcyMDQ2MWViZDBjNDc2YjdhOTU4YjVjNmEyNDVlZDMzYWRmODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZCgLMRJIOsCvb38LJAXDsqky/Wq
CKRYEeex14xZHnxzIZGKyiWonq8rIcLe0zhEfQ63E/kS+dDFvvuCvFsk7uQN1NAw
FCEndgaea+U/bOXjD6Qaba9AYCE1toN5SfJe/qm5PdlYACUu3g2BZZRv+cbKoyd1
Pa/z+Vh7Ru9xkp9TGz8VtpvPhPyVdYB6A5S00syuqqQ6+vwc9OPoTvgY9ARqdjhA
S6QzRCa5rFENnGFNn8K7XHzD5xmzItMmSA0xSqnv9nD9XcARIV5PKTQ61cp/QtBy
eMBqD6mD4x0mPLT9sSZiwAuzhj3pW1jtu3aj0Hqc4hCClXyJZz5P2vptkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNFyBGHr0MR2t6lYtcaiRe0zrfgSMB8GA1UdIwQY
MBaAFNS5UzBzTJqvZtEbzSvt04D0EPk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUxsVE1ITk1tcTltMFJ2TkstM1RnUFFRLVQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xNWQyNzEtMDVjZC00NjFlLWE3YjYt
NDMwMTNiMjhkOWQ2LzEvMFhJRVlldlF4SGEzcVZpMXhxSkY3VE90LUJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xNWQyNzEtMDVjZC00NjFlLWE3YjYtNDMwMTNiMjhkOWQ2
LzEvMUxsVE1ITk1tcTltMFJ2TkstM1RnUFFRLVQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAZ5J2AwQC
w+JYMA0GCSqGSIb3DQEBCwUAA4IBAQAZBGBV2KiTXrhP7BWFaC2RBstT4FuWTFEB
84PUvgR5l/LHzhnhp+A33C4GEeWlB+GbSIJqHMDjTrqT3TePhyW15n8rqVL59bJN
i/0LyZedKL1zJzzPLGndmDvs1rK6QITuMG9XAacVZ/vP9tVQM5MdJq4XmoFGjRms
Pc2mFQMKKEj1xqw/kJpHKIsLwRaYoAISGnLJEVJIThhHjXTnj43g9z7YP5NWmEM+
2VRM12DZpmKkkdyKklP60zAVqnJlKbejeuIxt7zXcNVa1VVHLlPXR1uqdricDXCQ
Q2DEut+FDO0/rmORnJecAHWlXUpz3M6sWZG5FfS6awDHPXTzJnyE
-----END CERTIFICATE-----
Generated at Sat Feb 21 03:40:29 2026 by rpki-client