Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/5QTWLJYfkRoCVVHJVALgYHfqZHU.roa
File: 5QTWLJYfkRoCVVHJVALgYHfqZHU.roa (raw, json)
Hash identifier: h+z+r+Bn2TQ0STpjYj8Vblc7ndiAXj7pVd0hatrMRJQ=
Subject key identifier: E5:04:D6:2C:96:1F:91:1A:02:55:51:C9:54:02:E0:60:77:EA:64:75
Certificate issuer: /CN=b38bb62a47b1a2aedb70f32f58c979ba0c777f06
Certificate serial: 019C56FDB306A230A35F4424DACC1A995E17
Authority key identifier: B3:8B:B6:2A:47:B1:A2:AE:DB:70:F3:2F:58:C9:79:BA:0C:77:7F:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s4u2Kkexoq7bcPMvWMl5ugx3fwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/5QTWLJYfkRoCVVHJVALgYHfqZHU.roa
Signing time: Fri 13 Feb 2026 12:33:12 +0000
ROA not before: Fri 13 Feb 2026 12:33:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34245
IP address blocks: 85.91.0.0/19 maxlen: 24
87.192.80.0/24 maxlen: 24
87.192.220.0/23 maxlen: 24
87.198.0.0/16 maxlen: 24
87.198.204.0/24 maxlen: 24
87.232.32.0/19 maxlen: 24
87.232.64.0/18 maxlen: 24
87.232.128.0/21 maxlen: 24
87.232.134.0/24 maxlen: 24
87.232.193.0/24 maxlen: 24
87.232.224.0/24 maxlen: 24
87.232.250.0/23 maxlen: 24
87.232.252.0/22 maxlen: 24
89.124.242.0/23 maxlen: 24
89.124.244.0/24 maxlen: 24
185.106.88.0/22 maxlen: 24
212.17.32.0/19 maxlen: 24
213.79.32.0/19 maxlen: 24
213.159.128.0/22 maxlen: 24
2a01:148::/29 maxlen: 32
2a01:148::/32 maxlen: 32
2a01:14f::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/s4u2Kkexoq7bcPMvWMl5ugx3fwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/s4u2Kkexoq7bcPMvWMl5ugx3fwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/s4u2Kkexoq7bcPMvWMl5ugx3fwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:56:fd:b3:06:a2:30:a3:5f:44:24:da:cc:1a:99:5e:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b38bb62a47b1a2aedb70f32f58c979ba0c777f06
Validity
Not Before: Feb 13 12:33:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e504d62c961f911a025551c95402e06077ea6475
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5f:06:36:81:5b:e0:76:dc:5c:be:a6:3a:bf:
29:88:9a:1d:e3:55:e1:cf:65:3b:dc:e4:e2:71:7d:
4b:ac:71:4c:46:9a:0a:79:fc:23:df:ad:0d:46:5d:
9a:06:b2:fa:67:1d:95:0e:ae:af:64:53:3f:7b:bd:
0a:3d:82:94:95:a7:bb:92:cb:83:51:c5:9b:a6:04:
c1:2b:bc:ff:cf:6a:7a:7b:a1:47:95:5f:ca:f9:46:
0b:2b:af:41:52:a0:ab:d7:10:0c:19:ec:b5:49:62:
c9:7c:be:26:b4:7d:fa:a6:81:f3:2d:e1:ee:24:08:
9b:01:27:bf:3f:e4:6d:13:ed:9b:f0:b7:cc:32:41:
08:59:f5:5f:f5:fd:ac:da:10:bd:d4:ed:52:e4:02:
24:a8:1a:1f:60:a0:28:c4:5b:40:4c:06:a6:66:f5:
ee:03:0f:4d:e5:31:4c:4a:00:44:ff:00:d7:01:da:
e8:d0:66:98:e9:28:ae:a6:64:8b:a6:55:14:ec:5e:
07:fe:b7:b6:60:87:ee:cc:38:3c:9b:ed:51:c9:61:
b5:5d:65:9a:6e:b7:23:94:c3:4e:a3:ab:58:e7:f6:
47:bb:e1:53:bb:47:9a:3b:e1:ac:da:12:69:f0:23:
47:ff:2d:53:c8:24:9f:75:5f:4d:e8:4a:cf:d9:c7:
89:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:04:D6:2C:96:1F:91:1A:02:55:51:C9:54:02:E0:60:77:EA:64:75
X509v3 Authority Key Identifier:
keyid:B3:8B:B6:2A:47:B1:A2:AE:DB:70:F3:2F:58:C9:79:BA:0C:77:7F:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s4u2Kkexoq7bcPMvWMl5ugx3fwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/5QTWLJYfkRoCVVHJVALgYHfqZHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/s4u2Kkexoq7bcPMvWMl5ugx3fwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.91.0.0/19
87.192.80.0/24
87.192.220.0/23
87.198.0.0/16
87.232.32.0-87.232.135.255
87.232.193.0/24
87.232.224.0/24
87.232.250.0-87.232.255.255
89.124.242.0-89.124.244.255
185.106.88.0/22
212.17.32.0/19
213.79.32.0/19
213.159.128.0/22
IPv6:
2a01:148::/29
Signature Algorithm: sha256WithRSAEncryption
09:81:be:92:8a:85:69:a0:e1:a3:b1:15:c8:1d:cd:bd:a3:40:
3b:af:81:61:4d:ff:71:00:9d:28:d9:31:16:de:43:43:fa:db:
1e:a0:b0:d9:74:6e:4b:35:8a:93:61:c4:e9:9e:c1:20:f0:40:
3c:15:68:a7:cc:41:2a:50:26:15:50:fe:42:2d:03:66:23:72:
1a:e4:fd:e5:41:26:ae:e3:54:40:46:65:80:c0:66:49:1e:c5:
49:70:31:cd:54:26:f1:1f:c1:a7:df:0e:c0:3f:58:04:4d:f7:
fe:a0:e0:41:41:44:9d:e8:68:30:68:89:09:2b:2c:93:b4:8e:
05:24:ee:a2:81:b8:3c:49:39:d0:fd:cf:be:e6:40:92:5a:39:
14:bd:4c:6f:ef:6b:94:ed:17:74:b6:4f:70:4d:8f:02:da:a5:
d4:fd:61:bf:72:2e:6b:d1:3c:7f:ec:47:f1:58:12:b4:49:52:
2c:28:01:ab:8c:66:07:60:a5:0d:f2:6c:ef:63:e8:fc:76:28:
78:73:2a:6b:76:4a:93:b5:89:74:59:0b:49:c5:48:81:bf:bd:
a8:e0:46:1d:7c:a6:08:a5:d0:52:70:65:86:20:91:aa:7d:9d:
b1:e2:91:64:0b:53:9a:d8:7f:03:6c:52:d9:b8:4b:a3:f1:cd:
6b:ce:0b:65
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgISAZxW/bMGojCjX0Qk2swamV4XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOGJiNjJhNDdiMWEyYWVkYjcwZjMyZjU4Yzk3OWJhMGM3
NzdmMDYwHhcNMjYwMjEzMTIzMzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTA0ZDYyYzk2MWY5MTFhMDI1NTUxYzk1NDAyZTA2MDc3ZWE2NDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvV8GNoFb4HbcXL6mOr8piJod41Xh
z2U73OTicX1LrHFMRpoKefwj360NRl2aBrL6Zx2VDq6vZFM/e70KPYKUlae7ksuD
UcWbpgTBK7z/z2p6e6FHlV/K+UYLK69BUqCr1xAMGey1SWLJfL4mtH36poHzLeHu
JAibASe/P+RtE+2b8LfMMkEIWfVf9f2s2hC91O1S5AIkqBofYKAoxFtATAamZvXu
Aw9N5TFMSgBE/wDXAdro0GaY6SiupmSLplUU7F4H/re2YIfuzDg8m+1RyWG1XWWa
brcjlMNOo6tY5/ZHu+FTu0eaO+Gs2hJp8CNH/y1TyCSfdV9N6ErP2ceJswIDAQAB
o4ICdzCCAnMwHQYDVR0OBBYEFOUE1iyWH5EaAlVRyVQC4GB36mR1MB8GA1UdIwQY
MBaAFLOLtipHsaKu23DzL1jJeboMd38GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczR1MktrZXhvcTdiY1BNdldNbDV1Z3gzZndZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjY4MmMtMWM1Ny00Y2U1LWJiOTgt
MDYwNWMwODlmYzM4LzEvNVFUV0xKWWZrUm9DVlZISlZBTGdZSGZxWkhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjY4MmMtMWM1Ny00Y2U1LWJiOTgtMDYwNWMwODlmYzM4
LzEvczR1MktrZXhvcTdiY1BNdldNbDV1Z3gzZndZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGMBggrBgEFBQcBBwEB/wR9MHswagQCAAEwZAMEBVVbAAME
AFfAUAMEAVfA3AMDAFfGMAwDBAVX6CADBANX6IADBABX6MEDBABX6OAwCwMEAVfo
+gMDAFfoMAwDBAFZfPIDBABZfPQDBAK5algDBAXUESADBAXVTyADBALVn4AwDQQC
AAIwBwMFAyoBAUgwDQYJKoZIhvcNAQELBQADggEBAAmBvpKKhWmg4aOxFcgdzb2j
QDuvgWFN/3EAnSjZMRbeQ0P62x6gsNl0bks1ipNhxOmewSDwQDwVaKfMQSpQJhVQ
/kItA2Yjchrk/eVBJq7jVEBGZYDAZkkexUlwMc1UJvEfwaffDsA/WARN9/6g4EFB
RJ3oaDBoiQkrLJO0jgUk7qKBuDxJOdD9z77mQJJaORS9TG/va5TtF3S2T3BNjwLa
pdT9Yb9yLmvRPH/sR/FYErRJUiwoAauMZgdgpQ3ybO9j6Px2KHhzKmt2SpO1iXRZ
C0nFSIG/vajgRh18pgil0FJwZYYgkap9nbHikWQLU5rYfwNsUtm4S6PxzWvOC2U=
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:53:08 2026 by rpki-client