Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/uqJ-WoJ0LMUzPyz6AyCWPdAMqaA.roa
File: uqJ-WoJ0LMUzPyz6AyCWPdAMqaA.roa (raw, json)
Hash identifier: lX10IX/8pnEVBdXCqvOlS3MwC2z4PooE1DCcSVaJLYo=
Subject key identifier: BA:A2:7E:5A:82:74:2C:C5:33:3F:2C:FA:03:20:96:3D:D0:0C:A9:A0
Certificate issuer: /CN=6506096695f7e6610b19b08e1d7fd9c4d914a4f0
Certificate serial: 019C700923CD62773FAFD37E2A01F1047553
Authority key identifier: 65:06:09:66:95:F7:E6:61:0B:19:B0:8E:1D:7F:D9:C4:D9:14:A4:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZQYJZpX35mELGbCOHX_ZxNkUpPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/uqJ-WoJ0LMUzPyz6AyCWPdAMqaA.roa
Signing time: Wed 18 Feb 2026 09:16:12 +0000
ROA not before: Wed 18 Feb 2026 09:16:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205614
IP address blocks: 45.89.160.0/22 maxlen: 22
45.135.124.0/22 maxlen: 22
185.171.44.0/22 maxlen: 22
193.22.251.0/24 maxlen: 24
193.26.242.0/24 maxlen: 24
193.26.243.0/24 maxlen: 24
2a0d:1f80::/32 maxlen: 32
2a0d:1f80::/36 maxlen: 36
2a0d:1f80:1000::/36 maxlen: 36
2a0d:1f80:2000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/ZQYJZpX35mELGbCOHX_ZxNkUpPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/ZQYJZpX35mELGbCOHX_ZxNkUpPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZQYJZpX35mELGbCOHX_ZxNkUpPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:70:09:23:cd:62:77:3f:af:d3:7e:2a:01:f1:04:75:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6506096695f7e6610b19b08e1d7fd9c4d914a4f0
Validity
Not Before: Feb 18 09:16:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=baa27e5a82742cc5333f2cfa0320963dd00ca9a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:5d:45:f9:fa:5a:3e:47:dc:97:c4:fb:53:3a:
1d:0f:5a:95:b6:e7:bf:a8:c3:8d:35:1b:08:99:a9:
12:5d:04:ac:d5:0e:47:6f:82:31:50:fc:6e:1d:7e:
76:34:19:94:23:f0:34:4e:a7:88:50:43:a4:61:9d:
2d:1e:ff:9b:e1:fc:3c:70:11:ac:3e:57:f7:54:4a:
1d:c4:2f:7e:8a:14:22:bb:2a:03:2d:2a:4f:8e:b7:
bc:a8:be:0b:63:07:9c:7f:c9:e8:fb:ef:f1:5e:58:
27:e2:4d:12:f1:79:13:e1:af:1a:89:58:3e:6f:6a:
a2:0c:b1:8c:e7:50:15:8e:5e:a1:94:90:c9:ca:fc:
49:03:67:5b:01:27:69:fd:e7:8c:bd:2c:f2:2d:7f:
4b:38:8a:5d:1b:1a:e8:4a:e5:27:3a:f5:97:ad:6c:
89:ba:73:60:c7:37:6b:dc:51:e0:05:4b:4b:3b:0e:
6c:02:e4:f4:00:d0:14:00:c1:21:31:e9:90:1c:14:
42:17:05:3f:7e:df:8e:9c:ca:c9:8a:88:bf:8d:8c:
38:9a:a1:d8:fd:f8:1d:b5:e6:97:31:e6:92:28:7f:
73:65:5d:cd:d7:8b:29:9e:49:89:6a:e0:2e:d0:6b:
d3:f3:ab:9b:c2:76:14:ce:74:bd:75:c3:cb:bb:27:
38:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:A2:7E:5A:82:74:2C:C5:33:3F:2C:FA:03:20:96:3D:D0:0C:A9:A0
X509v3 Authority Key Identifier:
keyid:65:06:09:66:95:F7:E6:61:0B:19:B0:8E:1D:7F:D9:C4:D9:14:A4:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZQYJZpX35mELGbCOHX_ZxNkUpPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/uqJ-WoJ0LMUzPyz6AyCWPdAMqaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/ZQYJZpX35mELGbCOHX_ZxNkUpPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.160.0/22
45.135.124.0/22
185.171.44.0/22
193.22.251.0/24
193.26.242.0/23
IPv6:
2a0d:1f80::/32
Signature Algorithm: sha256WithRSAEncryption
7f:ec:57:0a:95:07:9c:bd:ef:92:dc:a2:47:a8:f3:2d:0b:d0:
ac:84:c3:f5:a7:76:e3:aa:3b:9b:2c:e3:29:82:15:a9:5e:31:
9d:c2:44:85:58:fc:6d:05:33:a0:94:52:6b:5e:ee:9c:c2:33:
d3:e3:38:2f:dd:cf:5c:b1:1d:5d:82:f4:d5:6e:44:9c:ce:b1:
d5:d3:92:eb:1e:b8:45:bf:d1:b2:fe:8a:bc:ab:f3:93:c5:88:
88:03:d1:f2:16:ba:bb:28:d6:c6:cd:fc:df:74:ba:70:39:74:
c6:33:24:70:83:31:d5:e4:f1:9c:fb:f0:94:74:60:db:31:bd:
59:d8:bd:3b:1e:84:a9:40:d9:60:9b:05:23:3f:63:8a:e7:ec:
56:fa:6d:38:81:71:c8:4c:d0:ca:af:3c:d2:9a:70:70:b7:70:
31:05:80:35:6d:d2:e2:3b:22:e9:90:cb:68:9c:2c:9e:81:1b:
30:95:f6:9d:28:64:0d:99:18:f4:ab:e6:28:5f:63:47:dd:3c:
f0:bc:f8:b1:10:92:98:be:64:6f:60:18:f5:06:e1:7f:87:bb:
95:33:24:57:2f:1d:b2:89:58:04:5c:bb:29:a5:2e:bd:5a:aa:
07:73:64:4b:40:3e:e5:48:cb:08:cf:7e:cc:eb:fa:1d:ef:2d:
7e:56:f9:48
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZxwCSPNYnc/r9N+KgHxBHVTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MDYwOTY2OTVmN2U2NjEwYjE5YjA4ZTFkN2ZkOWM0ZDkx
NGE0ZjAwHhcNMjYwMjE4MDkxNjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWEyN2U1YTgyNzQyY2M1MzMzZjJjZmEwMzIwOTYzZGQwMGNhOWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4l1F+fpaPkfcl8T7UzodD1qVtue/
qMONNRsImakSXQSs1Q5Hb4IxUPxuHX52NBmUI/A0TqeIUEOkYZ0tHv+b4fw8cBGs
Plf3VEodxC9+ihQiuyoDLSpPjre8qL4LYwecf8no++/xXlgn4k0S8XkT4a8aiVg+
b2qiDLGM51AVjl6hlJDJyvxJA2dbASdp/eeMvSzyLX9LOIpdGxroSuUnOvWXrWyJ
unNgxzdr3FHgBUtLOw5sAuT0ANAUAMEhMemQHBRCFwU/ft+OnMrJioi/jYw4mqHY
/fgdteaXMeaSKH9zZV3N14spnkmJauAu0GvT86ubwnYUznS9dcPLuyc4DQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLqiflqCdCzFMz8s+gMglj3QDKmgMB8GA1UdIwQY
MBaAFGUGCWaV9+ZhCxmwjh1/2cTZFKTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlFZSlpwWDM1bUVMR2JDT0hYX1p4TmtVcFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9mNWJhYTQtZjY3MC00Mzg1LWJjMzgt
YTQxNTI1NThkMThjLzEvdXFKLVdvSjBMTVV6UHl6NkF5Q1dQZEFNcWFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9mNWJhYTQtZjY3MC00Mzg1LWJjMzgtYTQxNTI1NThkMThj
LzEvWlFZSlpwWDM1bUVMR2JDT0hYX1p4TmtVcFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLVmgAwQC
LYd8AwQCuassAwQAwRb7AwQBwRryMA0EAgACMAcDBQAqDR+AMA0GCSqGSIb3DQEB
CwUAA4IBAQB/7FcKlQecve+S3KJHqPMtC9CshMP1p3bjqjubLOMpghWpXjGdwkSF
WPxtBTOglFJrXu6cwjPT4zgv3c9csR1dgvTVbkSczrHV05LrHrhFv9Gy/oq8q/OT
xYiIA9HyFrq7KNbGzfzfdLpwOXTGMyRwgzHV5PGc+/CUdGDbMb1Z2L07HoSpQNlg
mwUjP2OK5+xW+m04gXHITNDKrzzSmnBwt3AxBYA1bdLiOyLpkMtonCyegRswlfad
KGQNmRj0q+YoX2NH3TzwvPixEJKYvmRvYBj1BuF/h7uVMyRXLx2yiVgEXLsppS69
WqoHc2RLQD7lSMsIz37M6/od7y1+VvlI
-----END CERTIFICATE-----
Generated at Sun Mar 1 14:55:18 2026 by rpki-client