Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/qZ-ClHp2EMCOHOmO-fPEGoVnyZA.roa
File: qZ-ClHp2EMCOHOmO-fPEGoVnyZA.roa (raw, json)
Hash identifier: VA+61872f59mueXn53DQrHXaIxh7WzFJPwtBhyXyU8A=
Subject key identifier: A9:9F:82:94:7A:76:10:C0:8E:1C:E9:8E:F9:F3:C4:1A:85:67:C9:90
Certificate issuer: /CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Certificate serial: 019C706B18E2F8AED85F24DAF309EECFCEF6
Authority key identifier: D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/qZ-ClHp2EMCOHOmO-fPEGoVnyZA.roa
Signing time: Wed 18 Feb 2026 11:03:12 +0000
ROA not before: Wed 18 Feb 2026 11:03:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49544
IP address blocks: 5.180.216.0/23 maxlen: 23
5.180.218.0/23 maxlen: 23
5.200.0.0/19 maxlen: 24
31.204.128.0/19 maxlen: 24
31.204.132.0/22 maxlen: 22
31.204.136.0/23 maxlen: 23
31.204.140.0/22 maxlen: 22
31.204.144.0/24 maxlen: 24
31.204.156.0/23 maxlen: 23
89.104.168.0/23 maxlen: 23
89.104.170.0/23 maxlen: 23
89.104.172.0/22 maxlen: 22
89.104.176.0/23 maxlen: 23
89.104.178.0/23 maxlen: 23
89.104.180.0/24 maxlen: 24
91.195.234.0/23 maxlen: 23
91.198.152.0/24 maxlen: 24
91.216.207.0/24 maxlen: 24
104.153.84.0/22 maxlen: 22
109.200.192.0/19 maxlen: 24
109.200.194.0/23 maxlen: 23
109.200.208.0/22 maxlen: 22
138.128.136.0/22 maxlen: 22
138.128.140.0/22 maxlen: 22
146.247.76.0/22 maxlen: 22
162.244.52.0/22 maxlen: 23
162.245.204.0/22 maxlen: 22
185.41.140.0/22 maxlen: 22
185.50.104.0/22 maxlen: 22
185.52.12.0/22 maxlen: 24
185.179.200.0/23 maxlen: 24
185.179.202.0/23 maxlen: 24
185.197.24.0/22 maxlen: 23
188.122.64.0/19 maxlen: 24
193.43.218.0/23 maxlen: 23
193.43.218.0/24 maxlen: 24
212.19.224.0/22 maxlen: 22
213.163.64.0/19 maxlen: 24
213.179.192.0/19 maxlen: 19
213.179.192.0/22 maxlen: 22
213.179.196.0/22 maxlen: 22
213.179.200.0/22 maxlen: 22
213.179.204.0/22 maxlen: 22
213.179.209.0/24 maxlen: 24
213.179.210.0/23 maxlen: 23
213.179.212.0/22 maxlen: 22
213.179.216.0/22 maxlen: 22
213.179.220.0/23 maxlen: 23
2a00:1630::/29 maxlen: 32
2a00:1630::/32 maxlen: 48
2a00:1631::/32 maxlen: 32
2a00:1632::/32 maxlen: 32
2a00:1637::/32 maxlen: 32
2a00:1d20::/29 maxlen: 32
2a00:1d20::/34 maxlen: 34
2a00:1d20:4000::/34 maxlen: 34
2a00:1d20:8000::/34 maxlen: 34
2a00:1d26::/32 maxlen: 34
2a01:9580::/32 maxlen: 34
2a01:9580:c000::/34 maxlen: 34
2a04:c600::/29 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.mft
rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:70:6b:18:e2:f8:ae:d8:5f:24:da:f3:09:ee:cf:ce:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Validity
Not Before: Feb 18 11:03:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a99f82947a7610c08e1ce98ef9f3c41a8567c990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:22:1f:1e:07:5c:b8:4e:54:10:98:29:ca:46:
94:35:18:ce:90:5f:74:cc:a3:03:65:b7:0b:10:aa:
f9:65:db:46:ee:03:a6:68:c1:a1:53:20:87:a0:3e:
d7:ab:f4:6b:8d:1c:87:f3:07:76:2b:7d:af:b5:b1:
59:e2:66:2d:a4:41:6c:02:e4:48:8c:d1:86:4c:ce:
b5:4b:a0:93:90:bf:76:8c:92:2c:a0:3f:17:ab:34:
ea:0f:58:d7:1b:da:d8:f3:f7:c9:0b:da:0d:01:f8:
7f:09:62:bf:51:45:10:c1:f4:67:3e:2b:8d:46:17:
d4:1d:6e:41:7f:e7:32:be:49:97:15:f9:1c:9c:c4:
1e:24:dd:a9:4d:da:c7:4d:85:f8:1e:2b:c6:78:34:
b5:2d:18:52:3b:e1:31:54:37:a6:7b:34:4c:a2:c7:
24:e7:8d:8a:ec:2a:cf:8d:ec:e9:c2:e5:11:ce:c8:
90:7e:a6:55:f9:a7:c8:fc:e3:5e:39:06:0e:31:88:
20:bf:b6:39:0a:2b:06:e2:12:f5:8b:24:44:9d:e2:
0d:ce:d8:02:21:d8:fb:3a:78:25:fd:e8:88:77:43:
74:8d:e7:b6:1b:c8:fd:07:b4:9a:0d:a3:84:a5:00:
f8:cc:9d:82:fa:47:f3:f5:1d:32:73:8b:7e:d4:70:
09:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:9F:82:94:7A:76:10:C0:8E:1C:E9:8E:F9:F3:C4:1A:85:67:C9:90
X509v3 Authority Key Identifier:
keyid:D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/qZ-ClHp2EMCOHOmO-fPEGoVnyZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.216.0/22
5.200.0.0/19
31.204.128.0/19
89.104.168.0-89.104.180.255
91.195.234.0/23
91.198.152.0/24
91.216.207.0/24
104.153.84.0/22
109.200.192.0/19
138.128.136.0/21
146.247.76.0/22
162.244.52.0/22
162.245.204.0/22
185.41.140.0/22
185.50.104.0/22
185.52.12.0/22
185.179.200.0/22
185.197.24.0/22
188.122.64.0/19
193.43.218.0/23
212.19.224.0/22
213.163.64.0/19
213.179.192.0/19
IPv6:
2a00:1630::/29
2a00:1d20::/29
2a01:9580::/32
2a04:c600::/29
Signature Algorithm: sha256WithRSAEncryption
1a:bd:69:a4:c0:4d:37:da:d1:35:de:dd:60:f3:35:f3:23:2a:
1c:b2:63:e7:98:40:1a:71:25:b5:70:7e:83:b2:76:f8:d1:01:
0f:06:8d:f8:dd:1c:7b:d7:39:f2:e1:a9:e9:96:15:56:ea:ba:
9f:c8:36:33:be:b7:23:2c:8a:e5:54:78:37:dd:0c:07:9e:d6:
4f:47:f0:76:10:53:1b:6b:ab:f3:6e:d8:cc:27:ac:99:fa:7b:
c3:4b:5d:f1:94:0b:eb:d6:71:bf:ed:a8:7e:00:8d:82:83:aa:
af:c5:60:17:51:b6:4b:00:a0:9e:8d:a6:97:34:e2:8b:a2:bd:
f7:9b:db:8a:9c:d7:1f:96:e0:ed:ea:10:06:e7:70:dd:63:38:
d2:54:68:1f:70:2a:b7:16:6c:18:39:2f:85:66:39:4c:32:a9:
75:80:13:2c:8c:b5:f8:3f:35:bb:ee:3d:07:14:f8:41:5f:67:
b0:f1:2f:c6:34:bd:0c:eb:53:51:b3:c3:02:1a:72:c5:94:51:
9d:9e:36:ff:ef:c0:c7:25:f9:5c:16:f8:4d:e9:d5:a8:28:a1:
8e:ec:b8:34:73:74:62:ce:06:e7:74:88:0c:e0:b1:5a:78:b4:
9b:c0:40:c1:3d:ff:0d:a7:3a:11:c5:3f:6b:63:b5:36:22:9d:
ef:40:c8:ca
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAZxwaxji+K7YXyTa8wnuz872MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MTcwM2RiMzAyMGNjMWVmMmZkNzEwOTFhNDY4ZjRhNjQ5
YzIzOGYwHhcNMjYwMjE4MTEwMzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTlmODI5NDdhNzYxMGMwOGUxY2U5OGVmOWYzYzQxYTg1NjdjOTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSIfHgdcuE5UEJgpykaUNRjOkF90
zKMDZbcLEKr5ZdtG7gOmaMGhUyCHoD7Xq/RrjRyH8wd2K32vtbFZ4mYtpEFsAuRI
jNGGTM61S6CTkL92jJIsoD8XqzTqD1jXG9rY8/fJC9oNAfh/CWK/UUUQwfRnPiuN
RhfUHW5Bf+cyvkmXFfkcnMQeJN2pTdrHTYX4HivGeDS1LRhSO+ExVDemezRMosck
542K7CrPjezpwuURzsiQfqZV+afI/ONeOQYOMYggv7Y5CisG4hL1iyREneINztgC
Idj7Ongl/eiId0N0jee2G8j9B7SaDaOEpQD4zJ2C+kfz9R0yc4t+1HAJDQIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFKmfgpR6dhDAjhzpjvnzxBqFZ8mQMB8GA1UdIwQY
MBaAFNQXA9swIMwe8v1xCRpGj0pknCOPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYt
NDhkMzFjNzVmMzFlLzEvcVotQ2xIcDJFTUNPSE9tTy1mUEVHb1ZueVpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYtNDhkMzFjNzVmMzFl
LzEvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBmQQCAAEwgZIDBAIF
tNgDBAUFyAADBAUfzIAwDAMEA1loqAMEAFlotAMEAVvD6gMEAFvGmAMEAFvYzwME
AmiZVAMEBW3IwAMEA4qAiAMEApL3TAMEAqL0NAMEAqL1zAMEArkpjAMEArkyaAME
Ark0DAMEArmzyAMEArnFGAMEBbx6QAMEAcEr2gMEAtQT4AMEBdWjQAMEBdWzwDAi
BAIAAjAcAwUDKgAWMAMFAyoAHSADBQAqAZWAAwUDKgTGADANBgkqhkiG9w0BAQsF
AAOCAQEAGr1ppMBNN9rRNd7dYPM18yMqHLJj55hAGnEltXB+g7J2+NEBDwaN+N0c
e9c58uGp6ZYVVuq6n8g2M763IyyK5VR4N90MB57WT0fwdhBTG2ur827YzCesmfp7
w0td8ZQL69Zxv+2ofgCNgoOqr8VgF1G2SwCgno2mlzTii6K995vbipzXH5bg7eoQ
Budw3WM40lRoH3AqtxZsGDkvhWY5TDKpdYATLIy1+D81u+49BxT4QV9nsPEvxjS9
DOtTUbPDAhpyxZRRnZ42/+/AxyX5XBb4TenVqCihjuy4NHN0Ys4G53SIDOCxWni0
m8BAwT3/Dac6EcU/a2O1NiKd70DIyg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:05:35 2026 by rpki-client