Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/qyCWhbOhULfLzLZlBBISM6tI6z0.roa
File: qyCWhbOhULfLzLZlBBISM6tI6z0.roa (raw, json)
Hash identifier: YuMDQ0jy8cgbhAO6dwPsIKGTqd+ofSih6mYOW6qX+1A=
Subject key identifier: AB:20:96:85:B3:A1:50:B7:CB:CC:B6:65:04:12:12:33:AB:48:EB:3D
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 019C66DA102A9B646D0B5555DCCBBB7B456C
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/qyCWhbOhULfLzLZlBBISM6tI6z0.roa
Signing time: Mon 16 Feb 2026 14:28:12 +0000
ROA not before: Mon 16 Feb 2026 14:28:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215245
IP address blocks: 31.22.72.0/24 maxlen: 24
31.22.73.0/24 maxlen: 24
31.22.77.0/24 maxlen: 24
185.230.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:66:da:10:2a:9b:64:6d:0b:55:55:dc:cb:bb:7b:45:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Feb 16 14:28:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ab209685b3a150b7cbccb66504121233ab48eb3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:bf:d8:a5:3b:a1:55:85:65:0a:ed:b3:26:79:
fc:5a:10:ea:7e:0f:20:a1:6d:0e:2e:ea:4f:3c:26:
3a:89:75:99:1a:9b:5d:b8:a7:83:bb:67:c8:21:11:
eb:bb:19:60:d7:7e:9b:db:39:62:96:5e:c6:8b:5e:
7f:d6:d2:96:87:5e:34:48:6d:19:c2:f5:b6:fd:6d:
52:36:d3:3b:c1:23:f5:6c:c7:b4:cc:6a:22:b1:06:
1f:41:67:4f:7f:a3:aa:a2:90:4d:ce:05:05:e6:6f:
db:48:42:58:6b:43:67:fc:6e:ff:e4:b0:04:8d:73:
0a:cf:05:6a:63:26:7b:7c:bf:ce:f8:77:d9:46:7f:
74:8c:bb:91:c2:fa:08:0d:af:bf:38:22:cb:ee:29:
73:28:48:01:4a:a2:3d:6f:54:81:a2:3d:85:c0:60:
06:ef:73:a4:b2:96:83:bc:a1:a7:37:5a:01:26:2f:
e7:d4:ea:29:5c:dd:a4:6a:07:17:8a:13:06:16:49:
49:78:41:f5:3c:a4:93:84:86:04:14:00:6f:2f:79:
5e:b8:a8:bb:f8:5d:e8:9c:76:7b:70:79:5c:72:3a:
49:d6:a5:b4:19:28:88:d2:e8:0f:e5:41:02:c8:4e:
d8:27:4b:47:f4:fa:ed:a2:b3:d0:54:40:af:87:7c:
c2:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:20:96:85:B3:A1:50:B7:CB:CC:B6:65:04:12:12:33:AB:48:EB:3D
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/qyCWhbOhULfLzLZlBBISM6tI6z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.72.0/23
31.22.77.0/24
185.230.160.0/24
Signature Algorithm: sha256WithRSAEncryption
34:16:35:45:b1:e9:a9:0c:9c:4e:f4:cb:94:04:86:cf:67:0d:
d2:3c:9a:b3:ac:20:8a:f5:46:9a:58:5b:44:29:0f:fa:ec:56:
6d:77:f6:80:b2:62:66:3b:39:bb:40:ba:81:b3:c3:58:4f:f1:
69:4b:02:91:81:d4:31:c1:fb:4e:19:d2:82:19:98:49:34:dc:
7b:47:88:72:1f:2b:47:cf:ca:76:e9:fb:92:ce:6d:fe:4e:c3:
a1:ff:56:d9:35:f6:e4:62:d4:fb:05:ae:92:c6:d6:9d:a1:12:
e3:b4:fa:bb:32:51:0b:b4:c1:9f:75:d1:7f:a5:eb:b0:83:8f:
90:5e:03:cc:44:e0:21:30:df:af:88:d9:1a:eb:98:fc:5d:b8:
b8:ad:1c:ad:2a:bb:84:d5:72:12:dd:29:6a:71:7a:e2:23:de:
e9:7e:d9:1b:bc:e2:3b:c9:4a:12:18:f5:77:1d:b0:60:84:16:
1c:d1:89:d7:14:81:6e:59:f6:92:43:fd:aa:6a:a0:22:64:b5:
a8:db:9b:3d:47:6d:ce:c3:a3:b9:90:53:99:e8:35:f6:0f:b3:
db:41:04:b0:65:3b:6a:20:f8:7d:e1:d6:d9:1c:8e:ee:38:d7:
ee:fa:11:84:ea:a3:0a:05:a5:69:76:b8:cc:73:72:f5:41:d9:
2f:05:e2:39
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZxm2hAqm2RtC1VV3Mu7e0VsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjYwMjE2MTQyODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjIwOTY4NWIzYTE1MGI3Y2JjY2I2NjUwNDEyMTIzM2FiNDhlYjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAur/YpTuhVYVlCu2zJnn8WhDqfg8g
oW0OLupPPCY6iXWZGptduKeDu2fIIRHruxlg136b2zlill7Gi15/1tKWh140SG0Z
wvW2/W1SNtM7wSP1bMe0zGoisQYfQWdPf6OqopBNzgUF5m/bSEJYa0Nn/G7/5LAE
jXMKzwVqYyZ7fL/O+HfZRn90jLuRwvoIDa+/OCLL7ilzKEgBSqI9b1SBoj2FwGAG
73OkspaDvKGnN1oBJi/n1OopXN2kagcXihMGFklJeEH1PKSThIYEFABvL3leuKi7
+F3onHZ7cHlccjpJ1qW0GSiI0ugP5UECyE7YJ0tH9PrtorPQVECvh3zCbQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKsgloWzoVC3y8y2ZQQSEjOrSOs9MB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvcXlDV2hiT2hVTGZMekxabEJCSVNNNnRJNnowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBHxZIAwQA
HxZNAwQAueagMA0GCSqGSIb3DQEBCwUAA4IBAQA0FjVFsempDJxO9MuUBIbPZw3S
PJqzrCCK9UaaWFtEKQ/67FZtd/aAsmJmOzm7QLqBs8NYT/FpSwKRgdQxwftOGdKC
GZhJNNx7R4hyHytHz8p26fuSzm3+TsOh/1bZNfbkYtT7Ba6SxtadoRLjtPq7MlEL
tMGfddF/peuwg4+QXgPMROAhMN+viNka65j8Xbi4rRytKruE1XIS3SlqcXriI97p
ftkbvOI7yUoSGPV3HbBghBYc0YnXFIFuWfaSQ/2qaqAiZLWo25s9R23Ow6O5kFOZ
6DX2D7PbQQSwZTtqIPh94dbZHI7uONfu+hGE6qMKBaVpdrjMc3L1QdkvBeI5
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:41:57 2026 by rpki-client