Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/Q5hESTZfbwdELtpLu27GaP7-Lno.roa
File: Q5hESTZfbwdELtpLu27GaP7-Lno.roa (raw, json)
Hash identifier: ObHNDf8xA8n0C2IML/LhP97ggga61XCUWT978woHwn0=
Subject key identifier: 43:98:44:49:36:5F:6F:07:44:2E:DA:4B:BB:6E:C6:68:FE:FE:2E:7A
Certificate issuer: /CN=1214a7e2a8c7012325ae973ed1a2bba05b2bb9c1
Certificate serial: 019D6DED47AD3FC854595955D491F09460B5
Authority key identifier: 12:14:A7:E2:A8:C7:01:23:25:AE:97:3E:D1:A2:BB:A0:5B:2B:B9:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/Q5hESTZfbwdELtpLu27GaP7-Lno.roa
Signing time: Wed 08 Apr 2026 16:29:20 +0000
ROA not before: Wed 08 Apr 2026 16:29:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60750
IP address blocks: 185.26.108.0/22 maxlen: 24
185.26.108.0/24 maxlen: 24
185.26.109.0/24 maxlen: 24
213.244.193.0/24 maxlen: 24
2a00:8760::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/EhSn4qjHASMlrpc-0aK7oFsrucE.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/EhSn4qjHASMlrpc-0aK7oFsrucE.mft
rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6d:ed:47:ad:3f:c8:54:59:59:55:d4:91:f0:94:60:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1214a7e2a8c7012325ae973ed1a2bba05b2bb9c1
Validity
Not Before: Apr 8 16:29:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=43984449365f6f07442eda4bbb6ec668fefe2e7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:fd:92:0e:e9:8f:a0:46:5f:ff:6f:c2:2e:26:
3b:fc:21:bd:83:94:b6:21:5b:76:ef:2d:01:41:55:
6a:22:b6:d9:74:9f:24:29:eb:47:e1:97:43:38:1e:
1a:dc:67:a8:45:44:f9:47:fc:36:c9:91:e0:a7:54:
43:b2:73:ee:3f:44:a6:e3:cf:3c:98:b1:27:2e:9a:
bc:d7:39:db:c3:b1:2b:e9:57:b6:52:9e:23:0f:a4:
1b:59:8c:9b:74:c5:a3:a5:c6:9c:3b:2f:19:e1:3b:
eb:64:2a:70:d2:b2:71:58:3e:53:5d:61:79:e9:1b:
fd:fd:fc:75:9e:72:40:f1:48:83:86:a2:fd:d5:84:
86:b4:e3:6d:c6:7e:72:c7:ed:e7:07:f8:e1:07:1a:
b1:6f:de:c6:42:00:c5:df:7a:f1:ff:91:04:46:56:
54:1b:9c:76:c0:5c:fc:98:e8:76:e5:49:a1:be:0e:
df:b5:0a:5c:d1:91:60:fb:4a:33:f8:a0:73:1a:c6:
83:b5:26:c9:ba:bf:6c:33:ec:ee:ed:24:99:ba:a7:
a1:53:f5:46:d5:81:be:2c:20:21:7c:61:f4:3b:3d:
30:9d:83:63:09:0b:5d:57:d8:d2:f9:b9:68:3a:83:
db:19:bd:89:88:ff:61:e3:8e:f9:8f:42:87:f6:e9:
56:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:98:44:49:36:5F:6F:07:44:2E:DA:4B:BB:6E:C6:68:FE:FE:2E:7A
X509v3 Authority Key Identifier:
keyid:12:14:A7:E2:A8:C7:01:23:25:AE:97:3E:D1:A2:BB:A0:5B:2B:B9:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/Q5hESTZfbwdELtpLu27GaP7-Lno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/EhSn4qjHASMlrpc-0aK7oFsrucE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.26.108.0/22
213.244.193.0/24
IPv6:
2a00:8760::/32
Signature Algorithm: sha256WithRSAEncryption
d2:6c:ee:a1:f1:16:eb:12:52:ad:f2:b9:df:0f:a6:00:67:50:
68:3d:7a:13:71:b0:06:74:a2:c5:28:f8:03:79:ea:18:cf:d7:
e2:59:b5:aa:a5:ca:b4:fb:66:86:3f:eb:4d:8a:2a:7c:f7:64:
10:f7:5d:39:fa:9a:84:d7:d1:ff:f0:c7:36:ab:e5:ad:ac:f1:
a3:8c:8a:be:d1:b9:04:08:bd:eb:1e:a3:9c:1b:29:86:95:a0:
5c:38:65:ad:09:49:21:ed:15:68:8a:af:97:42:58:16:3d:ec:
32:75:b9:eb:d7:33:8a:cb:a0:bb:95:52:70:db:95:8f:21:96:
8f:22:54:33:4e:d2:9b:de:4b:d9:57:90:5c:83:e9:8e:97:d9:
31:9b:e2:5c:29:f1:e0:db:08:c5:6d:4a:fb:a5:e0:0f:9b:00:
07:0a:78:7e:a5:2b:bb:01:23:71:dd:d3:a5:05:3c:3c:0f:a0:
73:70:65:f4:84:85:92:b3:66:82:26:f3:57:d5:92:a3:9d:62:
a7:f4:13:36:cb:b4:60:52:bc:4b:a7:b1:75:8e:2c:d6:af:38:
25:e8:2d:67:1f:09:29:af:a7:b5:6e:41:aa:41:13:f7:fa:41:
36:ba:56:d2:aa:98:49:5b:f4:86:59:fc:f6:bc:52:48:a6:28:
39:74:69:33
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ1t7UetP8hUWVlV1JHwlGC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMTRhN2UyYThjNzAxMjMyNWFlOTczZWQxYTJiYmEwNWIy
YmI5YzEwHhcNMjYwNDA4MTYyOTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mzk4NDQ0OTM2NWY2ZjA3NDQyZWRhNGJiYjZlYzY2OGZlZmUyZTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2v2SDumPoEZf/2/CLiY7/CG9g5S2
IVt27y0BQVVqIrbZdJ8kKetH4ZdDOB4a3GeoRUT5R/w2yZHgp1RDsnPuP0Sm4888
mLEnLpq81znbw7Er6Ve2Up4jD6QbWYybdMWjpcacOy8Z4TvrZCpw0rJxWD5TXWF5
6Rv9/fx1nnJA8UiDhqL91YSGtONtxn5yx+3nB/jhBxqxb97GQgDF33rx/5EERlZU
G5x2wFz8mOh25Umhvg7ftQpc0ZFg+0oz+KBzGsaDtSbJur9sM+zu7SSZuqehU/VG
1YG+LCAhfGH0Oz0wnYNjCQtdV9jS+bloOoPbGb2JiP9h4475j0KH9ulWpQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEOYREk2X28HRC7aS7tuxmj+/i56MB8GA1UdIwQY
MBaAFBIUp+KoxwEjJa6XPtGiu6BbK7nBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWhTbjRxakhBU01scnBjLTBhSzdvRnNydWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9hNjhkYmMtM2Y5NC00ZmVkLThkOWQt
ZTljMzY0OWMxMjE4LzEvUTVoRVNUWmZid2RFTHRwTHUyN0dhUDctTG5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9hNjhkYmMtM2Y5NC00ZmVkLThkOWQtZTljMzY0OWMxMjE4
LzEvRWhTbjRxakhBU01scnBjLTBhSzdvRnNydWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRpsAwQA
1fTBMA0EAgACMAcDBQAqAIdgMA0GCSqGSIb3DQEBCwUAA4IBAQDSbO6h8RbrElKt
8rnfD6YAZ1BoPXoTcbAGdKLFKPgDeeoYz9fiWbWqpcq0+2aGP+tNiip892QQ9105
+pqE19H/8Mc2q+WtrPGjjIq+0bkECL3rHqOcGymGlaBcOGWtCUkh7RVoiq+XQlgW
Pewydbnr1zOKy6C7lVJw25WPIZaPIlQzTtKb3kvZV5Bcg+mOl9kxm+JcKfHg2wjF
bUr7peAPmwAHCnh+pSu7ASNx3dOlBTw8D6BzcGX0hIWSs2aCJvNX1ZKjnWKn9BM2
y7RgUrxLp7F1jizWrzgl6C1nHwkpr6e1bkGqQRP3+kE2ulbSqphJW/SGWfz2vFJI
pig5dGkz
-----END CERTIFICATE-----
Generated at Fri Apr 17 08:13:32 2026 by rpki-client