Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/qnaDNmI6tK-FvY7Aq-vEbf0-oB4.roa
File: qnaDNmI6tK-FvY7Aq-vEbf0-oB4.roa (raw, json)
Hash identifier: Uu05nD+8ej/npLjgYpEvLHYks47vcyXe3546Ga8/O7k=
Subject key identifier: AA:76:83:36:62:3A:B4:AF:85:BD:8E:C0:AB:EB:C4:6D:FD:3E:A0:1E
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 019D90A7F741CFB783B0C6D6E8B3DEF4559F
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/qnaDNmI6tK-FvY7Aq-vEbf0-oB4.roa
Signing time: Wed 15 Apr 2026 10:20:20 +0000
ROA not before: Wed 15 Apr 2026 10:20:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200019
IP address blocks: 2.59.219.0/24 maxlen: 24
45.93.8.0/24 maxlen: 24
45.93.9.0/24 maxlen: 24
45.148.244.0/24 maxlen: 24
46.16.34.0/24 maxlen: 24
78.40.116.0/24 maxlen: 24
78.40.117.0/24 maxlen: 24
81.177.213.0/24 maxlen: 24
93.157.106.0/24 maxlen: 24
93.185.167.0/24 maxlen: 24
94.103.188.0/24 maxlen: 24
94.231.223.0/24 maxlen: 24
171.22.181.0/24 maxlen: 24
176.116.0.0/24 maxlen: 24
176.125.240.0/24 maxlen: 24
176.125.241.0/24 maxlen: 24
176.125.242.0/24 maxlen: 24
176.125.243.0/24 maxlen: 24
185.139.214.0/24 maxlen: 24
185.139.215.0/24 maxlen: 24
185.212.117.0/24 maxlen: 24
185.234.9.0/24 maxlen: 24
193.27.90.0/24 maxlen: 24
213.232.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:90:a7:f7:41:cf:b7:83:b0:c6:d6:e8:b3:de:f4:55:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Apr 15 10:20:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=aa768336623ab4af85bd8ec0abebc46dfd3ea01e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b2:5f:e2:68:0f:15:24:da:c8:c9:07:6f:a9:
58:3b:a3:a4:9c:4b:ab:71:e0:13:31:58:57:fa:ff:
a5:35:ab:75:f9:fb:bd:98:5e:13:57:58:15:fa:59:
77:51:4b:5f:5e:64:5c:42:cf:15:c2:06:b3:f2:b0:
d4:91:ab:d5:d7:a5:ed:8c:a2:87:90:1f:e3:e5:d2:
84:f5:c6:a8:f2:e4:dd:1d:55:0c:2a:c0:93:a5:88:
d1:0c:23:52:a7:a4:f9:e7:d9:db:6b:bd:44:52:d1:
00:cd:14:05:f2:1e:e1:70:66:1b:5b:38:a2:37:ce:
0a:98:1c:94:d4:a9:c8:16:67:26:9e:a2:3e:6c:71:
92:ab:ee:b7:93:58:e9:6d:bc:53:44:cd:04:2b:5b:
88:e3:4f:73:09:cc:77:d3:d9:b4:47:1e:c1:6d:18:
f0:08:21:c2:03:47:70:43:0d:5f:a1:80:98:a3:8e:
ad:b2:9b:1e:7c:f9:2d:47:2b:8d:51:a3:67:b9:c8:
1a:79:8d:69:7f:d2:3a:4a:a3:f1:8f:e0:e9:54:74:
01:cd:c6:96:f2:53:b7:17:a9:ad:0f:87:e8:ba:87:
2f:78:5b:47:46:40:fb:68:37:bd:65:5d:0e:74:67:
27:b4:25:dc:84:a4:69:a1:2c:2b:e3:fb:07:e7:95:
f4:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:76:83:36:62:3A:B4:AF:85:BD:8E:C0:AB:EB:C4:6D:FD:3E:A0:1E
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/qnaDNmI6tK-FvY7Aq-vEbf0-oB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.219.0/24
45.93.8.0/23
45.148.244.0/24
46.16.34.0/24
78.40.116.0/23
81.177.213.0/24
93.157.106.0/24
93.185.167.0/24
94.103.188.0/24
94.231.223.0/24
171.22.181.0/24
176.116.0.0/24
176.125.240.0/22
185.139.214.0/23
185.212.117.0/24
185.234.9.0/24
193.27.90.0/24
213.232.235.0/24
Signature Algorithm: sha256WithRSAEncryption
73:dd:4e:e1:75:1a:23:ae:ca:7c:d9:9b:e0:de:a8:a6:61:ff:
87:01:74:58:4f:d5:2a:5c:5e:18:58:16:13:df:45:82:80:e9:
e8:b1:98:67:94:08:2e:29:2f:d8:63:44:a0:d7:48:59:c9:3e:
29:33:28:f8:ff:a5:27:0d:f7:16:dd:2f:d6:ed:2b:93:75:73:
ee:3d:ae:20:44:88:1b:04:e5:4b:9b:74:92:d8:bd:5c:75:09:
a6:f6:ec:e8:89:da:8d:bb:76:79:09:5e:4a:6d:8f:6b:7f:59:
f1:0e:9b:85:21:89:e8:38:25:5d:27:56:46:7c:01:f9:10:52:
b2:27:38:56:28:28:21:aa:69:32:07:44:6b:6f:33:28:28:d5:
07:a3:a8:be:f2:3b:a0:4c:22:4e:5d:c5:a4:e3:1e:f2:16:e7:
a9:6a:d9:c9:db:ab:d8:2b:09:07:2a:e7:4a:8b:14:08:21:b1:
e7:bc:3d:fb:e4:eb:89:1a:e8:de:55:2a:a4:44:40:dc:4b:8a:
28:76:2d:28:84:4d:8b:eb:f7:7b:96:fb:60:35:0c:91:c7:c1:
2b:18:7b:1a:c2:d3:32:87:11:a7:93:99:b1:03:00:7c:9a:49:
36:56:78:a8:d2:8f:54:ab:a8:a7:d7:20:50:47:68:46:6c:15:
dd:d3:21:17
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZ2Qp/dBz7eDsMbW6LPe9FWfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjYwNDE1MTAyMDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTc2ODMzNjYyM2FiNGFmODViZDhlYzBhYmViYzQ2ZGZkM2VhMDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbJf4mgPFSTayMkHb6lYO6OknEur
ceATMVhX+v+lNat1+fu9mF4TV1gV+ll3UUtfXmRcQs8Vwgaz8rDUkavV16XtjKKH
kB/j5dKE9cao8uTdHVUMKsCTpYjRDCNSp6T559nba71EUtEAzRQF8h7hcGYbWzii
N84KmByU1KnIFmcmnqI+bHGSq+63k1jpbbxTRM0EK1uI409zCcx309m0Rx7BbRjw
CCHCA0dwQw1foYCYo46tspsefPktRyuNUaNnucgaeY1pf9I6SqPxj+DpVHQBzcaW
8lO3F6mtD4fouocveFtHRkD7aDe9ZV0OdGcntCXchKRpoSwr4/sH55X0iQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFKp2gzZiOrSvhb2OwKvrxG39PqAeMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvcW5hRE5tSTZ0Sy1Gdlk3QXEtdkViZjAtb0I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAAI72wME
AS1dCAMEAC2U9AMEAC4QIgMEAU4odAMEAFGx1QMEAF2dagMEAF25pwMEAF5nvAME
AF7n3wMEAKsWtQMEALB0AAMEArB98AMEAbmL1gMEALnUdQMEALnqCQMEAMEbWgME
ANXo6zANBgkqhkiG9w0BAQsFAAOCAQEAc91O4XUaI67KfNmb4N6opmH/hwF0WE/V
KlxeGFgWE99FgoDp6LGYZ5QILikv2GNEoNdIWck+KTMo+P+lJw33Ft0v1u0rk3Vz
7j2uIESIGwTlS5t0kti9XHUJpvbs6Inajbt2eQleSm2Pa39Z8Q6bhSGJ6DglXSdW
RnwB+RBSsic4VigoIappMgdEa28zKCjVB6OovvI7oEwiTl3FpOMe8hbnqWrZydur
2CsJByrnSosUCCGx57w9++TriRro3lUqpERA3EuKKHYtKIRNi+v3e5b7YDUMkcfB
Kxh7GsLTMocRp5OZsQMAfJpJNlZ4qNKPVKuop9cgUEdoRmwV3dMhFw==
-----END CERTIFICATE-----
Generated at Sun Apr 19 09:03:48 2026 by rpki-client