Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/O7qjLnP-Av_AUI_nXwDm6aTNtiM.roa
File: O7qjLnP-Av_AUI_nXwDm6aTNtiM.roa (raw, json)
Hash identifier: b0YiOln+6ee3N+tmIgf41n0TuffzExlmKLzTRwsvrs4=
Subject key identifier: 3B:BA:A3:2E:73:FE:02:FF:C0:50:8F:E7:5F:00:E6:E9:A4:CD:B6:23
Certificate issuer: /CN=a8b31004df135aa1a8b943033db14691b11a63dd
Certificate serial: 019C55E93669248F1D922B221C10F943A7D3
Authority key identifier: A8:B3:10:04:DF:13:5A:A1:A8:B9:43:03:3D:B1:46:91:B1:1A:63:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qLMQBN8TWqGouUMDPbFGkbEaY90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/O7qjLnP-Av_AUI_nXwDm6aTNtiM.roa
Signing time: Fri 13 Feb 2026 07:31:12 +0000
ROA not before: Fri 13 Feb 2026 07:31:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 31617
IP address blocks: 45.66.100.0/22 maxlen: 24
45.92.148.0/22 maxlen: 24
62.192.148.0/22 maxlen: 24
91.241.86.0/23 maxlen: 24
151.1.100.0/22 maxlen: 22
151.1.100.0/24 maxlen: 24
151.1.101.0/24 maxlen: 24
185.186.92.0/22 maxlen: 24
185.252.52.0/22 maxlen: 24
192.166.252.0/24 maxlen: 24
192.172.232.0/24 maxlen: 24
192.188.248.0/24 maxlen: 24
192.207.14.0/24 maxlen: 24
193.23.114.0/24 maxlen: 24
194.143.142.0/23 maxlen: 24
195.88.230.0/23 maxlen: 24
195.88.234.0/23 maxlen: 24
217.26.180.0/22 maxlen: 24
2a0b:7380::/29 maxlen: 29
2a0c:2140::/29 maxlen: 29
2a0d:9b40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/qLMQBN8TWqGouUMDPbFGkbEaY90.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/qLMQBN8TWqGouUMDPbFGkbEaY90.mft
rsync://rpki.ripe.net/repository/DEFAULT/qLMQBN8TWqGouUMDPbFGkbEaY90.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:55:e9:36:69:24:8f:1d:92:2b:22:1c:10:f9:43:a7:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8b31004df135aa1a8b943033db14691b11a63dd
Validity
Not Before: Feb 13 07:31:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3bbaa32e73fe02ffc0508fe75f00e6e9a4cdb623
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0d:98:33:8c:56:40:32:0d:1d:ba:83:4d:44:
dc:42:6d:c1:8f:08:77:9c:2a:d0:bd:a3:a7:0a:41:
b5:cc:03:64:91:95:e4:ab:75:9f:b0:84:52:3f:03:
83:9d:e7:7c:22:a7:25:3d:a1:c2:72:d7:6e:af:b2:
de:75:d8:e4:fe:37:6c:06:a4:34:d3:f6:d4:ba:00:
50:fb:62:6e:54:5a:b2:ed:d0:ee:d4:3b:fb:da:6c:
ab:8f:ef:87:a6:3f:42:f8:d6:43:4c:2b:a8:ca:fb:
0d:43:db:60:9a:cb:d0:c6:9c:40:7a:b7:84:a4:c1:
13:fc:1f:74:47:79:35:b1:74:24:6f:f5:5d:de:61:
25:71:a3:5e:a3:71:c1:27:24:c0:03:b8:c4:5f:73:
ca:58:90:bd:63:67:4e:ef:12:9a:c7:26:89:48:f7:
d3:d3:30:b0:91:3a:c1:b3:c8:4f:2d:f8:7f:21:d7:
c9:e5:b0:74:62:b3:68:14:f2:3f:f4:82:d0:f3:3b:
16:3e:8b:17:34:17:cd:74:24:c6:cc:38:54:8b:44:
69:0c:73:dc:25:dc:44:2a:bd:a4:22:e9:ad:26:bf:
b1:a3:e7:8a:d1:9d:71:1a:9f:1e:8e:99:2b:c9:4d:
30:0e:71:79:88:29:0b:9f:0c:ed:ad:1f:11:4b:1a:
c8:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:BA:A3:2E:73:FE:02:FF:C0:50:8F:E7:5F:00:E6:E9:A4:CD:B6:23
X509v3 Authority Key Identifier:
keyid:A8:B3:10:04:DF:13:5A:A1:A8:B9:43:03:3D:B1:46:91:B1:1A:63:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qLMQBN8TWqGouUMDPbFGkbEaY90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/O7qjLnP-Av_AUI_nXwDm6aTNtiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/qLMQBN8TWqGouUMDPbFGkbEaY90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.100.0/22
45.92.148.0/22
62.192.148.0/22
91.241.86.0/23
151.1.100.0/22
185.186.92.0/22
185.252.52.0/22
192.166.252.0/24
192.172.232.0/24
192.188.248.0/24
192.207.14.0/24
193.23.114.0/24
194.143.142.0/23
195.88.230.0/23
195.88.234.0/23
217.26.180.0/22
IPv6:
2a0b:7380::/29
2a0c:2140::/29
2a0d:9b40::/29
Signature Algorithm: sha256WithRSAEncryption
71:d5:3e:a1:b4:0c:e7:8f:ce:6d:c3:db:9f:76:eb:90:34:7c:
28:67:87:15:45:1e:89:98:a1:a2:b3:d3:e8:a3:3d:a8:13:16:
fe:8e:29:5b:11:2e:34:d0:ea:8b:60:88:72:a3:f4:fd:20:55:
a5:09:be:c2:b8:1e:99:ec:1d:d9:fc:75:a6:b5:ac:f1:82:06:
fd:c7:de:b2:58:8e:47:da:a2:3f:e4:cc:cf:eb:37:c5:7e:ce:
25:4d:52:ac:75:ed:b5:06:f0:25:90:84:38:19:4e:3d:53:ff:
6f:bf:43:20:ef:29:df:a6:61:89:bc:98:50:44:2a:93:43:09:
4a:78:26:e3:40:5d:99:b5:44:06:7f:33:9c:35:f0:91:82:47:
1b:48:4f:61:ca:55:fa:d0:ce:98:01:e9:9c:56:d1:ca:8e:33:
9e:28:c0:bf:cc:51:80:f9:11:b5:81:28:0e:82:00:43:12:56:
67:30:76:b7:54:34:22:3d:2a:67:d3:90:7d:ad:ff:50:c6:48:
d9:28:7e:40:ed:9d:97:60:09:91:80:0b:da:6a:5c:7f:30:e7:
cf:4c:4e:92:6b:4d:fd:bf:af:83:c5:02:43:05:09:7b:ef:11:
56:61:97:fa:fe:ed:cd:1f:92:fe:4f:a2:51:68:2e:34:41:a9:
76:d3:8d:e2
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZxV6TZpJI8dkisiHBD5Q6fTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YjMxMDA0ZGYxMzVhYTFhOGI5NDMwMzNkYjE0NjkxYjEx
YTYzZGQwHhcNMjYwMjEzMDczMTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmJhYTMyZTczZmUwMmZmYzA1MDhmZTc1ZjAwZTZlOWE0Y2RiNjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQ2YM4xWQDINHbqDTUTcQm3Bjwh3
nCrQvaOnCkG1zANkkZXkq3WfsIRSPwODned8IqclPaHCctdur7Leddjk/jdsBqQ0
0/bUugBQ+2JuVFqy7dDu1Dv72myrj++Hpj9C+NZDTCuoyvsNQ9tgmsvQxpxAereE
pMET/B90R3k1sXQkb/Vd3mElcaNeo3HBJyTAA7jEX3PKWJC9Y2dO7xKaxyaJSPfT
0zCwkTrBs8hPLfh/IdfJ5bB0YrNoFPI/9ILQ8zsWPosXNBfNdCTGzDhUi0RpDHPc
JdxEKr2kIumtJr+xo+eK0Z1xGp8ejpkryU0wDnF5iCkLnwztrR8RSxrITQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFDu6oy5z/gL/wFCP518A5umkzbYjMB8GA1UdIwQY
MBaAFKizEATfE1qhqLlDAz2xRpGxGmPdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUxNUUJOOFRXcUdvdVVNRFBiRkdrYkVhWTkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS81ZTIzYWUtNjMzOC00OGRkLWEzMDQt
YzJhNDNiMDgwZDZmLzEvTzdxakxuUC1Bdl9BVUlfblh3RG02YVROdGlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS81ZTIzYWUtNjMzOC00OGRkLWEzMDQtYzJhNDNiMDgwZDZm
LzEvcUxNUUJOOFRXcUdvdVVNRFBiRkdrYkVhWTkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTBmBAIAATBgAwQCLUJk
AwQCLVyUAwQCPsCUAwQBW/FWAwQClwFkAwQCubpcAwQCufw0AwQAwKb8AwQAwKzo
AwQAwLz4AwQAwM8OAwQAwRdyAwQBwo+OAwQBw1jmAwQBw1jqAwQC2Rq0MBsEAgAC
MBUDBQMqC3OAAwUDKgwhQAMFAyoNm0AwDQYJKoZIhvcNAQELBQADggEBAHHVPqG0
DOePzm3D259265A0fChnhxVFHomYoaKz0+ijPagTFv6OKVsRLjTQ6otgiHKj9P0g
VaUJvsK4HpnsHdn8daa1rPGCBv3H3rJYjkfaoj/kzM/rN8V+ziVNUqx17bUG8CWQ
hDgZTj1T/2+/QyDvKd+mYYm8mFBEKpNDCUp4JuNAXZm1RAZ/M5w18JGCRxtIT2HK
VfrQzpgB6ZxW0cqOM54owL/MUYD5EbWBKA6CAEMSVmcwdrdUNCI9KmfTkH2t/1DG
SNkofkDtnZdgCZGAC9pqXH8w589MTpJrTf2/r4PFAkMFCXvvEVZhl/r+7c0fkv5P
olFoLjRBqXbTjeI=
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:39:01 2026 by rpki-client