Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/YQ4SBDl3TSNvW-KJ27MnI9h1f8k.roa
File: YQ4SBDl3TSNvW-KJ27MnI9h1f8k.roa (raw, json)
Hash identifier: 7T2WiHGwW4JnPUdCWT8VagzbOLcIYLYxGRZoQQww8IU=
Subject key identifier: 61:0E:12:04:39:77:4D:23:6F:5B:E2:89:DB:B3:27:23:D8:75:7F:C9
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019C70275A3D483646D3C53BEA58037DD196
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/YQ4SBDl3TSNvW-KJ27MnI9h1f8k.roa
Signing time: Wed 18 Feb 2026 09:49:13 +0000
ROA not before: Wed 18 Feb 2026 09:49:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210906
IP address blocks: 85.254.2.0/24 maxlen: 24
85.254.4.0/24 maxlen: 24
85.254.7.0/24 maxlen: 24
85.254.30.0/24 maxlen: 24
85.254.40.0/24 maxlen: 24
85.254.42.0/23 maxlen: 23
85.254.51.0/24 maxlen: 24
85.254.59.0/24 maxlen: 24
85.254.64.0/23 maxlen: 23
85.254.76.0/22 maxlen: 22
85.254.84.0/23 maxlen: 23
85.254.103.0/24 maxlen: 24
85.254.112.0/22 maxlen: 22
85.254.124.0/23 maxlen: 23
85.254.126.0/24 maxlen: 24
85.254.128.0/22 maxlen: 22
85.254.134.0/24 maxlen: 24
85.254.137.0/24 maxlen: 24
85.254.138.0/23 maxlen: 23
85.254.140.0/24 maxlen: 24
85.254.174.0/23 maxlen: 23
85.254.180.0/23 maxlen: 23
159.148.26.0/24 maxlen: 24
159.148.54.0/24 maxlen: 24
159.148.62.0/24 maxlen: 24
159.148.66.0/24 maxlen: 24
159.148.126.0/24 maxlen: 24
159.148.128.0/24 maxlen: 24
159.148.130.0/24 maxlen: 24
159.148.158.0/24 maxlen: 24
159.148.163.0/24 maxlen: 24
159.148.166.0/23 maxlen: 23
159.148.179.0/24 maxlen: 24
159.148.180.0/24 maxlen: 24
159.148.204.0/24 maxlen: 24
159.148.216.0/24 maxlen: 24
159.148.218.0/24 maxlen: 24
159.148.234.0/24 maxlen: 24
159.148.241.0/24 maxlen: 24
159.148.246.0/23 maxlen: 23
159.148.248.0/24 maxlen: 24
185.7.236.0/24 maxlen: 24
185.27.94.0/24 maxlen: 24
185.47.92.0/22 maxlen: 22
185.211.96.0/22 maxlen: 22
188.64.180.0/23 maxlen: 24
217.69.121.0/24 maxlen: 24
217.69.125.0/24 maxlen: 24
217.69.126.0/24 maxlen: 24
217.69.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:70:27:5a:3d:48:36:46:d3:c5:3b:ea:58:03:7d:d1:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Feb 18 09:49:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=610e120439774d236f5be289dbb32723d8757fc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:47:79:fc:9e:36:1b:de:df:af:f9:f8:11:d6:
09:a4:e0:3a:5c:02:ed:49:31:1b:3a:97:65:25:76:
f6:ba:b0:6b:5f:0a:ce:5e:0b:2b:84:80:55:c1:df:
60:7c:9c:0f:08:46:19:b3:26:23:e1:90:d6:f6:ac:
72:7d:8b:bc:1c:0b:1e:ce:6a:e3:97:c0:42:04:e1:
aa:56:19:cd:30:62:08:00:d4:40:7d:23:84:5b:b5:
58:06:3c:74:12:69:f1:a7:11:16:18:6e:de:1f:e2:
5e:9a:77:1f:7b:ea:27:d5:f7:33:6a:13:30:69:fe:
a9:cc:e1:02:ef:c6:21:b8:3a:5b:ba:1a:75:c8:22:
ad:85:24:ec:9c:6f:63:cf:e3:f3:e9:e4:39:d3:cf:
9d:d7:1b:6f:68:92:28:59:b6:10:5b:50:56:a4:e0:
af:a3:51:02:a9:dd:d2:b5:09:9d:7a:ea:7b:63:ed:
e1:bd:a0:4e:80:d9:bb:af:2e:9b:d3:38:59:00:b9:
ce:3f:73:95:e1:9c:ef:f7:41:6b:eb:c7:de:0c:ab:
32:4b:c0:64:dc:82:3c:6c:59:62:41:38:4a:84:66:
5f:7a:03:56:d0:2a:74:e2:00:f6:29:20:dd:00:4d:
64:ad:d6:2a:03:f4:fb:78:29:e4:16:6f:2d:bb:34:
8d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:0E:12:04:39:77:4D:23:6F:5B:E2:89:DB:B3:27:23:D8:75:7F:C9
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/YQ4SBDl3TSNvW-KJ27MnI9h1f8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.2.0/24
85.254.4.0/24
85.254.7.0/24
85.254.30.0/24
85.254.40.0/24
85.254.42.0/23
85.254.51.0/24
85.254.59.0/24
85.254.64.0/23
85.254.76.0/22
85.254.84.0/23
85.254.103.0/24
85.254.112.0/22
85.254.124.0-85.254.126.255
85.254.128.0/22
85.254.134.0/24
85.254.137.0-85.254.140.255
85.254.174.0/23
85.254.180.0/23
159.148.26.0/24
159.148.54.0/24
159.148.62.0/24
159.148.66.0/24
159.148.126.0/24
159.148.128.0/24
159.148.130.0/24
159.148.158.0/24
159.148.163.0/24
159.148.166.0/23
159.148.179.0-159.148.180.255
159.148.204.0/24
159.148.216.0/24
159.148.218.0/24
159.148.234.0/24
159.148.241.0/24
159.148.246.0-159.148.248.255
185.7.236.0/24
185.27.94.0/24
185.47.92.0/22
185.211.96.0/22
188.64.180.0/23
217.69.121.0/24
217.69.125.0-217.69.127.255
Signature Algorithm: sha256WithRSAEncryption
9c:de:81:6d:fc:2f:22:34:11:e6:88:f3:56:a3:1c:5d:26:d9:
7e:a2:37:fa:fb:0a:f7:34:a4:3f:03:d0:40:a5:6a:5c:dc:0a:
e7:34:7c:c9:4d:0d:f7:37:51:ea:3b:db:42:a0:ef:ae:ec:9e:
91:a3:a3:d9:76:10:ea:41:42:d8:8f:f9:9b:2d:39:66:fe:3c:
05:51:17:e1:ae:85:aa:dc:03:55:0f:f5:11:9f:a8:a8:a5:d7:
e8:94:1f:c0:47:84:32:99:5c:46:7d:6f:f9:66:f8:04:ba:41:
6a:24:6d:3d:6e:96:9a:19:50:1b:38:4b:09:3b:64:61:72:83:
f3:a9:dd:6a:63:56:47:44:e8:d3:ac:2b:57:2e:8a:9b:e9:1d:
c6:82:94:58:98:43:c8:60:60:b5:63:8b:40:af:6e:15:ba:e3:
64:c4:d9:10:37:ff:cb:37:d3:36:b4:7e:65:2f:14:8b:82:85:
8b:7d:58:aa:cc:37:10:72:29:47:85:68:76:7f:be:f7:1a:cd:
5a:2b:82:72:5b:7c:2d:9c:d6:92:3f:00:c6:af:53:6e:3c:65:
4e:80:28:6a:0c:6e:e3:53:c1:3b:c0:8f:78:10:55:1f:15:9b:
0a:b7:ed:f9:b8:41:ad:40:8c:fe:4a:6f:4b:e4:60:10:e7:54:
d7:d1:11:35
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgISAZxwJ1o9SDZG08U76lgDfdGWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjYwMjE4MDk0OTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTBlMTIwNDM5Nzc0ZDIzNmY1YmUyODlkYmIzMjcyM2Q4NzU3ZmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0d5/J42G97fr/n4EdYJpOA6XALt
STEbOpdlJXb2urBrXwrOXgsrhIBVwd9gfJwPCEYZsyYj4ZDW9qxyfYu8HAsezmrj
l8BCBOGqVhnNMGIIANRAfSOEW7VYBjx0EmnxpxEWGG7eH+Jemncfe+on1fczahMw
af6pzOEC78YhuDpbuhp1yCKthSTsnG9jz+Pz6eQ508+d1xtvaJIoWbYQW1BWpOCv
o1ECqd3StQmdeup7Y+3hvaBOgNm7ry6b0zhZALnOP3OV4Zzv90Fr68feDKsyS8Bk
3II8bFliQThKhGZfegNW0Cp04gD2KSDdAE1krdYqA/T7eCnkFm8tuzSNyQIDAQAB
o4IDNzCCAzMwHQYDVR0OBBYEFGEOEgQ5d00jb1viiduzJyPYdX/JMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvWVE0U0JEbDNUU052Vy1LSjI3TW5JOWgxZjhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBSwYIKwYBBQUHAQcBAf8EggE6MIIBNjCCATIEAgABMIIB
KgMEAFX+AgMEAFX+BAMEAFX+BwMEAFX+HgMEAFX+KAMEAVX+KgMEAFX+MwMEAFX+
OwMEAVX+QAMEAlX+TAMEAVX+VAMEAFX+ZwMEAlX+cDAMAwQCVf58AwQAVf5+AwQC
Vf6AAwQAVf6GMAwDBABV/okDBABV/owDBAFV/q4DBAFV/rQDBACflBoDBACflDYD
BACflD4DBACflEIDBACflH4DBACflIADBACflIIDBACflJ4DBACflKMDBAGflKYw
DAMEAJ+UswMEAJ+UtAMEAJ+UzAMEAJ+U2AMEAJ+U2gMEAJ+U6gMEAJ+U8TAMAwQB
n5T2AwQAn5T4AwQAuQfsAwQAuRteAwQCuS9cAwQCudNgAwQBvEC0AwQA2UV5MAwD
BADZRX0DBAfZRQAwDQYJKoZIhvcNAQELBQADggEBAJzegW38LyI0EeaI81ajHF0m
2X6iN/r7Cvc0pD8D0EClalzcCuc0fMlNDfc3Ueo720Kg767snpGjo9l2EOpBQtiP
+ZstOWb+PAVRF+GuharcA1UP9RGfqKil1+iUH8BHhDKZXEZ9b/lm+AS6QWokbT1u
lpoZUBs4Swk7ZGFyg/Op3WpjVkdE6NOsK1cuipvpHcaClFiYQ8hgYLVji0CvbhW6
42TE2RA3/8s30za0fmUvFIuChYt9WKrMNxByKUeFaHZ/vvcazVorgnJbfC2c1pI/
AMavU248ZU6AKGoMbuNTwTvAj3gQVR8Vmwq37fm4Qa1AjP5Kb0vkYBDnVNfRETU=
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:16:24 2026 by rpki-client