Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/qQ5wyVk3Z3xJb9VITeIiyOE6Sbc.roa
File: qQ5wyVk3Z3xJb9VITeIiyOE6Sbc.roa (raw, json)
Hash identifier: h2aANiX2nKKZxUEkCXX/gXAdtKRfHxmcGefK8NxJSXs=
Subject key identifier: A9:0E:70:C9:59:37:67:7C:49:6F:D5:48:4D:E2:22:C8:E1:3A:49:B7
Certificate issuer: /CN=9b5895e7f6a6d4aba9c961f713b2e79715f021f0
Certificate serial: 019D86E1D45DA95353D2457A44EB11055A90
Authority key identifier: 9B:58:95:E7:F6:A6:D4:AB:A9:C9:61:F7:13:B2:E7:97:15:F0:21:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m1iV5_am1KupyWH3E7LnlxXwIfA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/qQ5wyVk3Z3xJb9VITeIiyOE6Sbc.roa
Signing time: Mon 13 Apr 2026 12:47:20 +0000
ROA not before: Mon 13 Apr 2026 12:47:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51825
IP address blocks: 46.31.96.0/21 maxlen: 21
46.31.96.0/23 maxlen: 23
46.31.96.0/24 maxlen: 24
46.31.97.0/24 maxlen: 24
46.31.98.0/23 maxlen: 23
46.31.98.0/24 maxlen: 24
46.31.99.0/24 maxlen: 24
46.31.100.0/23 maxlen: 23
46.31.100.0/24 maxlen: 24
46.31.101.0/24 maxlen: 24
46.31.102.0/23 maxlen: 23
46.31.102.0/24 maxlen: 24
46.31.103.0/24 maxlen: 24
147.234.92.0/22 maxlen: 22
147.234.96.0/21 maxlen: 21
147.234.96.0/24 maxlen: 24
147.234.97.0/24 maxlen: 24
147.234.98.0/24 maxlen: 24
147.234.99.0/24 maxlen: 24
147.234.100.0/24 maxlen: 24
147.234.101.0/24 maxlen: 24
185.24.204.0/22 maxlen: 22
185.24.204.0/23 maxlen: 23
185.24.204.0/24 maxlen: 24
185.24.205.0/24 maxlen: 24
185.24.206.0/23 maxlen: 23
185.24.206.0/24 maxlen: 24
185.24.207.0/24 maxlen: 24
213.137.64.0/20 maxlen: 20
213.137.64.0/24 maxlen: 24
213.137.65.0/24 maxlen: 24
213.137.66.0/24 maxlen: 24
213.137.67.0/24 maxlen: 24
213.137.70.0/24 maxlen: 24
213.137.71.0/24 maxlen: 24
213.137.72.0/23 maxlen: 23
213.137.73.0/24 maxlen: 24
213.137.77.0/24 maxlen: 24
213.137.78.0/24 maxlen: 24
213.137.79.0/24 maxlen: 24
2a02:5080::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/m1iV5_am1KupyWH3E7LnlxXwIfA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/m1iV5_am1KupyWH3E7LnlxXwIfA.mft
rsync://rpki.ripe.net/repository/DEFAULT/m1iV5_am1KupyWH3E7LnlxXwIfA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 06:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:86:e1:d4:5d:a9:53:53:d2:45:7a:44:eb:11:05:5a:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b5895e7f6a6d4aba9c961f713b2e79715f021f0
Validity
Not Before: Apr 13 12:47:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a90e70c95937677c496fd5484de222c8e13a49b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7e:ce:4b:82:e0:de:30:23:8e:97:ef:1f:05:
85:5f:f6:cd:37:63:91:c6:48:d5:dd:81:5f:33:03:
82:6f:d0:84:00:45:17:25:af:b9:6d:a8:fc:a9:48:
7d:7f:f7:d0:53:ca:68:9c:5c:a6:fb:48:7e:30:24:
44:e8:c2:51:69:a2:c6:17:37:d8:7b:67:3d:95:bf:
15:ab:ad:ca:95:df:87:b7:4e:14:25:0c:65:6b:d4:
58:f3:7d:b3:cb:9c:79:bb:a9:bc:76:fc:bb:e4:5a:
ae:4a:b8:91:5b:84:22:4c:c4:4c:cf:65:3c:d9:12:
6d:f9:17:37:15:f8:c0:a7:5a:0d:a6:25:aa:f5:24:
45:b3:f4:ca:3b:d0:73:86:c7:cc:ad:7c:b4:ee:8e:
77:58:e3:6e:b0:89:83:93:c9:36:fa:75:d6:3c:58:
90:63:21:78:58:10:7b:80:4f:8a:a2:78:97:dc:cb:
d8:47:57:0c:65:ec:a5:92:86:85:39:4a:55:d0:71:
10:06:78:aa:96:d7:f4:4a:80:24:37:38:4b:8e:91:
3b:96:8d:81:29:ea:fe:f7:32:de:21:6b:61:4c:e6:
76:88:ea:2a:0a:26:ba:bc:11:27:b8:74:c5:83:2a:
bb:2c:34:0b:4b:91:53:a6:8e:eb:61:87:00:45:14:
57:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:0E:70:C9:59:37:67:7C:49:6F:D5:48:4D:E2:22:C8:E1:3A:49:B7
X509v3 Authority Key Identifier:
keyid:9B:58:95:E7:F6:A6:D4:AB:A9:C9:61:F7:13:B2:E7:97:15:F0:21:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m1iV5_am1KupyWH3E7LnlxXwIfA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/qQ5wyVk3Z3xJb9VITeIiyOE6Sbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/m1iV5_am1KupyWH3E7LnlxXwIfA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.96.0/21
147.234.92.0-147.234.103.255
185.24.204.0/22
213.137.64.0/20
IPv6:
2a02:5080::/32
Signature Algorithm: sha256WithRSAEncryption
13:e7:fd:38:2b:7e:51:c0:0d:0e:30:21:7a:d0:e1:11:58:57:
e7:b6:bd:6e:a5:69:b1:4c:27:0d:89:bf:90:9a:1d:38:78:45:
47:98:2b:0f:7d:de:4c:21:e4:ea:9e:34:23:d4:58:8e:74:0b:
6d:ae:2e:50:9d:2b:cc:d8:c1:af:d9:37:be:92:c7:5e:ed:db:
0d:ff:da:4d:49:15:29:13:8b:63:9b:5f:7e:e5:8e:16:d5:1e:
cc:1f:3a:8e:2f:5e:c7:09:b1:38:92:67:02:5c:5b:02:3d:76:
b8:14:1a:30:31:2a:1e:99:fb:47:f4:de:11:37:f8:08:1d:df:
dd:39:f5:ef:f7:f2:71:8c:60:ef:6d:39:a1:0e:1e:5c:61:85:
bd:a6:ac:cf:a5:da:98:a4:d6:f7:ce:94:ec:0d:8a:03:2f:3f:
5a:87:cc:22:11:46:1c:22:d7:f7:79:9d:2e:a1:e9:94:e1:e0:
7b:a8:3a:c0:51:7d:d8:ca:3c:7b:6c:c0:bb:1f:3a:2b:f7:93:
60:f6:88:e8:5c:4a:84:49:bc:11:a6:6e:02:64:f6:76:c6:23:
70:33:a0:b0:74:27:70:36:5a:f7:44:de:fd:3f:87:d7:c6:86:
5f:89:ec:36:90:b6:1a:a8:1b:2a:57:d1:ea:66:dc:50:07:a4:
e6:c4:67:da
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZ2G4dRdqVNT0kV6ROsRBVqQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNTg5NWU3ZjZhNmQ0YWJhOWM5NjFmNzEzYjJlNzk3MTVm
MDIxZjAwHhcNMjYwNDEzMTI0NzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTBlNzBjOTU5Mzc2NzdjNDk2ZmQ1NDg0ZGUyMjJjOGUxM2E0OWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtn7OS4Lg3jAjjpfvHwWFX/bNN2OR
xkjV3YFfMwOCb9CEAEUXJa+5baj8qUh9f/fQU8ponFym+0h+MCRE6MJRaaLGFzfY
e2c9lb8Vq63Kld+Ht04UJQxla9RY832zy5x5u6m8dvy75FquSriRW4QiTMRMz2U8
2RJt+Rc3FfjAp1oNpiWq9SRFs/TKO9BzhsfMrXy07o53WONusImDk8k2+nXWPFiQ
YyF4WBB7gE+KoniX3MvYR1cMZeylkoaFOUpV0HEQBniqltf0SoAkNzhLjpE7lo2B
Ker+9zLeIWthTOZ2iOoqCia6vBEnuHTFgyq7LDQLS5FTpo7rYYcARRRXTwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFKkOcMlZN2d8SW/VSE3iIsjhOkm3MB8GA1UdIwQY
MBaAFJtYlef2ptSrqclh9xOy55cV8CHwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTFpVjVfYW0xS3VweVdIM0U3TG5seFh3SWZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8xMzRiODItYmNmYi00NDVjLWJkNDIt
ZmMyYTk3YjdkNTNlLzEvcVE1d3lWazNaM3hKYjlWSVRlSWl5T0U2U2JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8xMzRiODItYmNmYi00NDVjLWJkNDItZmMyYTk3YjdkNTNl
LzEvbTFpVjVfYW0xS3VweVdIM0U3TG5seFh3SWZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQDLh9gMAwD
BAKT6lwDBAOT6mADBAK5GMwDBATViUAwDQQCAAIwBwMFACoCUIAwDQYJKoZIhvcN
AQELBQADggEBABPn/TgrflHADQ4wIXrQ4RFYV+e2vW6labFMJw2Jv5CaHTh4RUeY
Kw993kwh5OqeNCPUWI50C22uLlCdK8zYwa/ZN76Sx17t2w3/2k1JFSkTi2ObX37l
jhbVHswfOo4vXscJsTiSZwJcWwI9drgUGjAxKh6Z+0f03hE3+Agd39059e/38nGM
YO9tOaEOHlxhhb2mrM+l2pik1vfOlOwNigMvP1qHzCIRRhwi1/d5nS6h6ZTh4Huo
OsBRfdjKPHtswLsfOiv3k2D2iOhcSoRJvBGmbgJk9nbGI3AzoLB0J3A2WvdE3v0/
h9fGhl+J7DaQthqoGypX0epm3FAHpObEZ9o=
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:28:30 2026 by rpki-client