Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/qn7jJSv2tQh8tySyS9Bb7e0MqEc.roa
File: qn7jJSv2tQh8tySyS9Bb7e0MqEc.roa (raw, json)
Hash identifier: DLE+2XwmNrt4PogNbYe21K3q7SvSlrBrHiqgI7d0ot4=
Subject key identifier: AA:7E:E3:25:2B:F6:B5:08:7C:B7:24:B2:4B:D0:5B:ED:ED:0C:A8:47
Certificate issuer: /CN=a8b5fe67c20797d3941555554f8c988ca2f7c17b
Certificate serial: 019C8EC9F8B597644EE5475B46419343308B
Authority key identifier: A8:B5:FE:67:C2:07:97:D3:94:15:55:55:4F:8C:98:8C:A2:F7:C1:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/qn7jJSv2tQh8tySyS9Bb7e0MqEc.roa
Signing time: Tue 24 Feb 2026 08:35:26 +0000
ROA not before: Tue 24 Feb 2026 08:35:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56595
IP address blocks: 46.226.0.0/21 maxlen: 21
89.32.88.0/21 maxlen: 21
91.239.46.0/24 maxlen: 24
91.240.174.0/24 maxlen: 24
95.215.9.0/24 maxlen: 24
185.7.228.0/22 maxlen: 22
185.7.228.0/23 maxlen: 23
185.7.230.0/23 maxlen: 23
185.8.93.0/24 maxlen: 24
185.34.8.0/22 maxlen: 24
185.34.8.0/24 maxlen: 24
185.34.9.0/24 maxlen: 24
185.34.10.0/24 maxlen: 24
185.34.11.0/24 maxlen: 24
185.73.152.0/22 maxlen: 22
185.100.68.0/22 maxlen: 22
185.122.64.0/22 maxlen: 22
185.240.200.0/22 maxlen: 22
188.241.20.0/22 maxlen: 24
192.124.193.0/24 maxlen: 24
192.124.194.0/23 maxlen: 23
192.124.197.0/24 maxlen: 24
192.124.198.0/24 maxlen: 24
192.124.200.0/24 maxlen: 24
192.124.203.0/24 maxlen: 24
192.124.206.0/23 maxlen: 23
193.33.125.0/24 maxlen: 24
195.230.123.0/24 maxlen: 24
2a00:a600::/32 maxlen: 32
2a00:a600:0:2e::/64 maxlen: 64
2a00:a607::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.mft
rsync://rpki.ripe.net/repository/DEFAULT/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8e:c9:f8:b5:97:64:4e:e5:47:5b:46:41:93:43:30:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8b5fe67c20797d3941555554f8c988ca2f7c17b
Validity
Not Before: Feb 24 08:35:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=aa7ee3252bf6b5087cb724b24bd05beded0ca847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:29:f6:1f:13:2c:0a:42:06:13:b8:ad:19:85:
c1:f0:6f:1a:a1:b1:db:f4:36:84:e9:80:fe:9d:65:
34:a5:20:12:b4:53:df:53:c6:dc:17:e1:8b:fc:c9:
3c:5a:85:1c:7d:2f:70:4b:a7:53:c4:61:42:6c:8a:
43:73:7c:97:56:0c:29:75:dc:ef:26:ac:88:b9:00:
a6:fe:2f:09:16:64:f6:ab:22:a3:eb:b6:8e:e9:49:
bb:2c:5b:c2:b9:5e:72:b5:f8:ee:45:42:27:f4:80:
54:f8:be:a6:1b:0a:4f:2e:a4:cd:ff:3b:91:ff:21:
fe:6c:09:48:db:da:00:fc:1f:5d:b7:a3:7d:2b:12:
97:0f:bc:7c:96:e9:bc:bd:d7:f6:d8:20:01:c1:3e:
17:2e:5d:96:f1:51:32:ee:47:b1:e3:d4:92:bf:1d:
6f:c5:b2:b0:c9:9e:82:0c:5e:21:e8:33:c0:ff:17:
3d:5f:90:9c:66:24:47:99:0c:58:eb:02:ce:16:5b:
61:b7:50:be:ec:8e:95:c8:6e:49:68:1f:6c:a8:b9:
0d:27:f1:68:c4:cb:fa:cb:35:a0:3d:64:e9:c3:e6:
52:68:0e:e7:31:f0:3d:a0:33:88:a3:ec:06:9f:cd:
51:9f:6d:62:b7:e2:da:7b:9e:0e:d6:cf:47:b9:57:
d6:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:7E:E3:25:2B:F6:B5:08:7C:B7:24:B2:4B:D0:5B:ED:ED:0C:A8:47
X509v3 Authority Key Identifier:
keyid:A8:B5:FE:67:C2:07:97:D3:94:15:55:55:4F:8C:98:8C:A2:F7:C1:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/qn7jJSv2tQh8tySyS9Bb7e0MqEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.0.0/21
89.32.88.0/21
91.239.46.0/24
91.240.174.0/24
95.215.9.0/24
185.7.228.0/22
185.8.93.0/24
185.34.8.0/22
185.73.152.0/22
185.100.68.0/22
185.122.64.0/22
185.240.200.0/22
188.241.20.0/22
192.124.193.0-192.124.195.255
192.124.197.0-192.124.198.255
192.124.200.0/24
192.124.203.0/24
192.124.206.0/23
193.33.125.0/24
195.230.123.0/24
IPv6:
2a00:a600::/32
2a00:a607::/32
Signature Algorithm: sha256WithRSAEncryption
b5:ef:a5:43:8f:f0:a3:68:d1:e2:03:d2:16:6f:f8:1c:7e:30:
9e:ef:70:ce:7d:b6:f3:d4:e5:bd:20:3b:12:9f:cc:b6:8d:74:
28:ad:5e:96:87:57:1e:85:23:a8:51:38:ee:17:a7:71:43:b7:
0c:58:90:86:3b:b1:07:3e:62:e2:ec:b8:93:d5:90:7f:fb:ca:
97:6d:a3:01:89:d5:2d:2c:c5:1e:ec:77:65:5d:6f:aa:80:74:
30:ff:fa:9d:a9:64:44:7b:e6:63:e9:bd:c6:fa:26:89:2e:9d:
30:1c:8d:e8:f2:57:11:03:e8:87:87:12:75:79:d5:21:b8:99:
dc:07:38:51:c5:75:62:4f:cc:95:d6:88:16:20:9f:fd:d3:b5:
50:9f:24:a4:4f:61:6d:95:2c:22:11:06:8a:75:10:d8:14:f6:
0d:44:7e:50:c7:b4:fa:b6:23:48:bf:6c:85:03:12:c5:62:f3:
19:de:a3:aa:57:6a:ce:b9:59:ac:f1:d7:72:15:c2:4d:f3:32:
8f:b4:e1:21:78:c4:66:40:65:a6:3e:47:15:29:3c:83:0d:45:
14:7b:c8:b5:6b:57:6a:47:2d:78:af:b8:0b:6d:4d:0e:50:c1:
c1:37:b0:2a:8e:9c:2c:d6:18:42:9d:78:38:0c:01:04:cb:85:
f4:0c:98:17
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZyOyfi1l2RO5UdbRkGTQzCLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YjVmZTY3YzIwNzk3ZDM5NDE1NTU1NTRmOGM5ODhjYTJm
N2MxN2IwHhcNMjYwMjI0MDgzNTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTdlZTMyNTJiZjZiNTA4N2NiNzI0YjI0YmQwNWJlZGVkMGNhODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsin2HxMsCkIGE7itGYXB8G8aobHb
9DaE6YD+nWU0pSAStFPfU8bcF+GL/Mk8WoUcfS9wS6dTxGFCbIpDc3yXVgwpddzv
JqyIuQCm/i8JFmT2qyKj67aO6Um7LFvCuV5ytfjuRUIn9IBU+L6mGwpPLqTN/zuR
/yH+bAlI29oA/B9dt6N9KxKXD7x8lum8vdf22CABwT4XLl2W8VEy7kex49SSvx1v
xbKwyZ6CDF4h6DPA/xc9X5CcZiRHmQxY6wLOFltht1C+7I6VyG5JaB9sqLkNJ/Fo
xMv6yzWgPWTpw+ZSaA7nMfA9oDOIo+wGn81Rn21it+Lae54O1s9HuVfW9QIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFKp+4yUr9rUIfLckskvQW+3tDKhHMB8GA1UdIwQY
MBaAFKi1/mfCB5fTlBVVVU+MmIyi98F7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUxYLVo4SUhsOU9VRlZWVlQ0eVlqS0wzd1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9lN2NiZjMtNjRlNi00MDIzLWJlZmQt
MWNjNjE5MTk3NTUxLzEvcW43akpTdjJ0UWg4dHlTeVM5QmI3ZTBNcUVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9lN2NiZjMtNjRlNi00MDIzLWJlZmQtMWNjNjE5MTk3NTUx
LzEvcUxYLVo4SUhsOU9VRlZWVlQ0eVlqS0wzd1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBjwQCAAEwgYgDBAMu
4gADBANZIFgDBABb7y4DBABb8K4DBABf1wkDBAK5B+QDBAC5CF0DBAK5IggDBAK5
SZgDBAK5ZEQDBAK5ekADBAK58MgDBAK88RQwDAMEAMB8wQMEAsB8wDAMAwQAwHzF
AwQAwHzGAwQAwHzIAwQAwHzLAwQBwHzOAwQAwSF9AwQAw+Z7MBQEAgACMA4DBQAq
AKYAAwUAKgCmBzANBgkqhkiG9w0BAQsFAAOCAQEAte+lQ4/wo2jR4gPSFm/4HH4w
nu9wzn2289TlvSA7Ep/Mto10KK1elodXHoUjqFE47hencUO3DFiQhjuxBz5i4uy4
k9WQf/vKl22jAYnVLSzFHux3ZV1vqoB0MP/6nalkRHvmY+m9xvomiS6dMByN6PJX
EQPoh4cSdXnVIbiZ3Ac4UcV1Yk/MldaIFiCf/dO1UJ8kpE9hbZUsIhEGinUQ2BT2
DUR+UMe0+rYjSL9shQMSxWLzGd6jqldqzrlZrPHXchXCTfMyj7ThIXjEZkBlpj5H
FSk8gw1FFHvItWtXakcteK+4C21NDlDBwTewKo6cLNYYQp14OAwBBMuF9AyYFw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:33:36 2026 by rpki-client