Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/RQaYc6FFjsOPXZYSBrYLGT1nFAI.roa
File: RQaYc6FFjsOPXZYSBrYLGT1nFAI.roa (raw, json)
Hash identifier: N83DNZ7hFFMbka4Rz4HhHPCIBmVsFzjCijIqNzJpxQM=
Subject key identifier: 45:06:98:73:A1:45:8E:C3:8F:5D:96:12:06:B6:0B:19:3D:67:14:02
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 019C513463ED4DBEF51D27CB39902B96A249
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/RQaYc6FFjsOPXZYSBrYLGT1nFAI.roa
Signing time: Thu 12 Feb 2026 09:35:13 +0000
ROA not before: Thu 12 Feb 2026 09:35:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 32787
IP address blocks: 2.17.108.0/22 maxlen: 22
2.17.120.0/22 maxlen: 22
2.17.192.0/22 maxlen: 22
2.17.192.0/24 maxlen: 24
2.17.193.0/24 maxlen: 24
2.17.194.0/24 maxlen: 24
2.17.195.0/24 maxlen: 24
2.18.212.0/22 maxlen: 22
2.19.4.0/22 maxlen: 22
2.21.112.0/24 maxlen: 24
2.21.113.0/24 maxlen: 24
2.21.114.0/24 maxlen: 24
2.21.115.0/24 maxlen: 24
2.21.116.0/24 maxlen: 24
2.21.117.0/24 maxlen: 24
2.21.118.0/24 maxlen: 24
2.21.119.0/24 maxlen: 24
2.21.120.0/24 maxlen: 24
2.21.121.0/24 maxlen: 24
2.21.123.0/24 maxlen: 24
2.21.124.0/24 maxlen: 24
2.21.125.0/24 maxlen: 24
2.21.126.0/24 maxlen: 24
2.21.127.0/24 maxlen: 24
2.21.175.0/24 maxlen: 24
2.23.128.0/23 maxlen: 23
2.23.130.0/23 maxlen: 23
2.23.132.0/23 maxlen: 23
2.23.134.0/24 maxlen: 24
2.23.135.0/24 maxlen: 24
92.122.184.0/24 maxlen: 24
92.122.185.0/24 maxlen: 24
92.122.207.0/24 maxlen: 24
93.191.169.0/24 maxlen: 24
93.191.172.0/24 maxlen: 24
95.100.157.0/24 maxlen: 24
95.100.180.0/24 maxlen: 24
95.100.212.0/24 maxlen: 24
95.100.213.0/24 maxlen: 24
95.100.214.0/24 maxlen: 24
95.100.215.0/24 maxlen: 24
95.100.253.0/24 maxlen: 24
95.101.117.0/24 maxlen: 24
95.101.118.0/24 maxlen: 24
95.101.204.0/22 maxlen: 22
2a02:2370:1::/48 maxlen: 48
2a02:2370:2::/48 maxlen: 48
2a02:2370:3::/48 maxlen: 48
2a02:2370:4::/48 maxlen: 48
2a02:2370:5::/48 maxlen: 48
2a02:2370:6::/48 maxlen: 48
2a02:2370:101::/48 maxlen: 48
2a02:2370:102::/48 maxlen: 48
2a02:2370:103::/48 maxlen: 48
2a02:2370:104::/48 maxlen: 48
2a02:2370:105::/48 maxlen: 48
2a02:2370:106::/48 maxlen: 48
2a02:2370:200::/48 maxlen: 48
2a02:2370:201::/48 maxlen: 48
2a02:2370:202::/48 maxlen: 48
2a02:2370:203::/48 maxlen: 48
2a02:2370:204::/48 maxlen: 48
2a02:2370:205::/48 maxlen: 48
2a02:2370:206::/48 maxlen: 48
2a02:2370:207::/48 maxlen: 48
2a02:2370:208::/48 maxlen: 48
2a02:2370:209::/48 maxlen: 48
2a02:2370:20a::/48 maxlen: 48
2a02:2370:20b::/48 maxlen: 48
2a02:2370:20c::/48 maxlen: 48
2a02:2370:4000::/48 maxlen: 48
2a02:2370:8000::/48 maxlen: 48
2a02:2370:c000::/48 maxlen: 48
2a02:2370:f000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.mft
rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:51:34:63:ed:4d:be:f5:1d:27:cb:39:90:2b:96:a2:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Feb 12 09:35:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=45069873a1458ec38f5d961206b60b193d671402
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6a:56:76:2d:d1:d8:79:f1:fa:72:65:31:cc:
3a:ba:07:7c:6f:47:e7:7c:ae:be:05:96:9e:aa:ca:
b9:2f:59:58:45:60:bf:b9:c3:a2:98:7e:11:87:d3:
8c:d7:90:df:4d:64:aa:17:2a:d4:50:0e:6c:3f:44:
fe:73:7e:06:7c:00:1f:b4:3b:bf:ca:5a:64:d8:01:
6b:9d:fb:d5:09:7c:45:11:78:c1:5d:d1:35:c5:40:
4e:64:d0:5c:1a:8a:26:9d:59:c2:24:93:42:45:f5:
0e:cb:67:a6:b3:12:69:af:91:8b:21:da:75:05:b5:
9a:dc:ff:5c:6f:48:cc:ae:b1:d9:36:11:20:29:c2:
a6:fc:8b:40:a2:d3:e7:aa:0c:51:74:95:60:67:e3:
ac:ba:cc:20:1b:4f:9c:40:ed:58:d5:39:56:f2:4b:
ee:78:05:6a:83:45:0f:99:57:7d:85:d2:10:3e:cc:
76:4b:53:42:09:52:e9:e2:fa:63:f5:77:00:a5:c7:
9a:5b:7b:8b:df:c9:1b:b8:49:10:88:42:af:5d:7d:
e2:90:f9:84:7a:ed:e0:2e:cc:7f:c2:61:c3:ee:bf:
fd:35:e3:9a:3a:7d:61:c7:af:d8:b4:7c:f4:7d:18:
95:85:da:48:e8:9a:0c:14:83:de:f0:15:c5:f0:72:
0f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:06:98:73:A1:45:8E:C3:8F:5D:96:12:06:B6:0B:19:3D:67:14:02
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/RQaYc6FFjsOPXZYSBrYLGT1nFAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.17.108.0/22
2.17.120.0/22
2.17.192.0/22
2.18.212.0/22
2.19.4.0/22
2.21.112.0-2.21.121.255
2.21.123.0-2.21.127.255
2.21.175.0/24
2.23.128.0/21
92.122.184.0/23
92.122.207.0/24
93.191.169.0/24
93.191.172.0/24
95.100.157.0/24
95.100.180.0/24
95.100.212.0/22
95.100.253.0/24
95.101.117.0-95.101.118.255
95.101.204.0/22
IPv6:
2a02:2370:1::-2a02:2370:6:ffff:ffff:ffff:ffff:ffff
2a02:2370:101::-2a02:2370:106:ffff:ffff:ffff:ffff:ffff
2a02:2370:200::-2a02:2370:20c:ffff:ffff:ffff:ffff:ffff
2a02:2370:4000::/48
2a02:2370:8000::/48
2a02:2370:c000::/48
2a02:2370:f000::/48
Signature Algorithm: sha256WithRSAEncryption
9a:34:9e:c7:bf:93:73:d9:42:fe:62:85:db:84:e2:43:a0:8e:
e1:0a:ff:86:f5:df:8e:1f:eb:52:33:74:02:33:2b:91:00:21:
ff:41:8d:9c:ef:79:b9:9e:af:2b:e2:29:7d:5d:34:b7:0e:a4:
b0:8b:d4:df:71:6c:51:03:37:e9:6f:15:89:88:bf:73:64:02:
c0:df:9a:47:cd:95:6c:b1:39:8c:bd:76:98:fc:fc:c3:53:60:
25:2e:17:64:22:0e:70:1d:6e:e3:1a:ab:54:6a:4c:b2:aa:88:
3a:0e:de:52:d8:6b:61:14:68:91:10:50:62:4e:52:88:56:14:
77:e7:71:97:54:df:e8:71:a6:7e:ea:65:08:3e:04:db:bc:4d:
cc:5b:0d:56:ad:a9:ac:c5:12:b3:02:09:49:5f:e1:d5:15:7d:
37:1a:e7:64:b1:79:42:65:79:7a:7f:2a:b0:26:c9:89:67:0d:
3d:fa:c6:b6:f5:f5:be:61:8d:8f:25:e9:ab:48:16:41:d6:7a:
0e:c1:07:e5:10:b8:5a:74:9f:6a:b9:50:b4:57:1d:30:1b:0f:
cd:23:16:8c:74:16:ff:35:68:c5:ca:06:59:c4:6e:43:4e:e8:
a0:0a:6c:bc:59:5d:33:64:0d:99:23:f5:ce:eb:30:8c:d1:e2:
0b:8d:74:b3
-----BEGIN CERTIFICATE-----
MIIF7jCCBNagAwIBAgISAZxRNGPtTb71HSfLOZArlqJJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjYwMjEyMDkzNTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTA2OTg3M2ExNDU4ZWMzOGY1ZDk2MTIwNmI2MGIxOTNkNjcxNDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAompWdi3R2Hnx+nJlMcw6ugd8b0fn
fK6+BZaeqsq5L1lYRWC/ucOimH4Rh9OM15DfTWSqFyrUUA5sP0T+c34GfAAftDu/
ylpk2AFrnfvVCXxFEXjBXdE1xUBOZNBcGoomnVnCJJNCRfUOy2emsxJpr5GLIdp1
BbWa3P9cb0jMrrHZNhEgKcKm/ItAotPnqgxRdJVgZ+OsuswgG0+cQO1Y1TlW8kvu
eAVqg0UPmVd9hdIQPsx2S1NCCVLp4vpj9XcApceaW3uL38kbuEkQiEKvXX3ikPmE
eu3gLsx/wmHD7r/9NeOaOn1hx6/YtHz0fRiVhdpI6JoMFIPe8BXF8HIP+QIDAQAB
o4IC+jCCAvYwHQYDVR0OBBYEFEUGmHOhRY7Dj12WEga2Cxk9ZxQCMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvUlFhWWM2RkZqc09QWFpZU0JyWUxHVDFuRkFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDgYIKwYBBQUHAQcBAf8Egf4wgfswgZEEAgABMIGKAwQC
AhFsAwQCAhF4AwQCAhHAAwQCAhLUAwQCAhMEMAwDBAQCFXADBAECFXgwDAMEAAIV
ewMEBwIVAAMEAAIVrwMEAwIXgAMEAVx6uAMEAFx6zwMEAF2/qQMEAF2/rAMEAF9k
nQMEAF9ktAMEAl9k1AMEAF9k/TAMAwQAX2V1AwQAX2V2AwQCX2XMMGUEAgACMF8w
EgMHACoCI3AAAQMHACoCI3AABjASAwcAKgIjcAEBAwcAKgIjcAEGMBEDBgEqAiNw
AgMHACoCI3ACDAMHACoCI3BAAAMHACoCI3CAAAMHACoCI3DAAAMHACoCI3DwADAN
BgkqhkiG9w0BAQsFAAOCAQEAmjSex7+Tc9lC/mKF24TiQ6CO4Qr/hvXfjh/rUjN0
AjMrkQAh/0GNnO95uZ6vK+IpfV00tw6ksIvU33FsUQM36W8ViYi/c2QCwN+aR82V
bLE5jL12mPz8w1NgJS4XZCIOcB1u4xqrVGpMsqqIOg7eUthrYRRokRBQYk5SiFYU
d+dxl1Tf6HGmfuplCD4E27xNzFsNVq2prMUSswIJSV/h1RV9NxrnZLF5QmV5en8q
sCbJiWcNPfrGtvX1vmGNjyXpq0gWQdZ6DsEH5RC4WnSfarlQtFcdMBsPzSMWjHQW
/zVoxcoGWcRuQ07ooApsvFldM2QNmSP1zuswjNHiC410sw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:54:04 2026 by rpki-client