Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/a3d2ee-174c-48c3-bd26-7fa9d94024f0/1/qYIKLfHuJxr1i8P2u9bA8lPvwGE.roa
File: qYIKLfHuJxr1i8P2u9bA8lPvwGE.roa (raw, json)
Hash identifier: JbOJYy4NzS52IJRZP9iw9SIM5tlGcIMYzweBPamZKZU=
Subject key identifier: A9:82:0A:2D:F1:EE:27:1A:F5:8B:C3:F6:BB:D6:C0:F2:53:EF:C0:61
Certificate issuer: /CN=8cef146d85c09aa59687fd6315b13271c1c292ad
Certificate serial: 019EC83A68E24394512BBACAD47659D79FFA
Authority key identifier: 8C:EF:14:6D:85:C0:9A:A5:96:87:FD:63:15:B1:32:71:C1:C2:92:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jO8UbYXAmqWWh_1jFbEyccHCkq0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/a3d2ee-174c-48c3-bd26-7fa9d94024f0/1/qYIKLfHuJxr1i8P2u9bA8lPvwGE.roa
Signing time: Sun 14 Jun 2026 22:22:11 +0000
ROA not before: Sun 14 Jun 2026 22:22:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205809
IP address blocks: 66.203.126.0/23 maxlen: 23
94.24.36.0/24 maxlen: 24
94.24.37.0/24 maxlen: 24
162.208.16.0/24 maxlen: 24
185.206.24.0/24 maxlen: 24
185.206.25.0/24 maxlen: 24
185.206.26.0/24 maxlen: 24
185.206.27.0/24 maxlen: 24
217.180.20.0/23 maxlen: 23
2a0b:e40:1::/48 maxlen: 48
2a0b:e40:2::/48 maxlen: 48
2a0b:e40:3::/48 maxlen: 48
2a0b:e41:1::/48 maxlen: 48
2a0b:e41:2::/48 maxlen: 48
2a0b:e42:1::/48 maxlen: 48
2a0b:e43::/40 maxlen: 40
2a0b:e43:1::/48 maxlen: 48
2a0b:e44::/40 maxlen: 40
2a0b:e45:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/a3d2ee-174c-48c3-bd26-7fa9d94024f0/1/jO8UbYXAmqWWh_1jFbEyccHCkq0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/a3d2ee-174c-48c3-bd26-7fa9d94024f0/1/jO8UbYXAmqWWh_1jFbEyccHCkq0.mft
rsync://rpki.ripe.net/repository/DEFAULT/jO8UbYXAmqWWh_1jFbEyccHCkq0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Jun 2026 04:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:c8:3a:68:e2:43:94:51:2b:ba:ca:d4:76:59:d7:9f:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cef146d85c09aa59687fd6315b13271c1c292ad
Validity
Not Before: Jun 14 22:22:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a9820a2df1ee271af58bc3f6bbd6c0f253efc061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0b:ea:0d:ed:09:23:d6:a1:ae:be:9e:90:b0:
a8:c5:e5:e2:85:b5:00:d3:9e:e3:e9:49:d3:bf:68:
4d:5d:14:59:f4:d7:cf:55:51:e9:56:a0:b0:36:e7:
7d:f5:e8:44:eb:57:7b:a1:c4:42:5b:66:66:8f:53:
9a:6c:ec:c1:4c:df:84:ab:36:1c:1d:69:f6:8d:51:
14:b7:77:e0:61:8a:4f:38:28:93:48:89:12:c4:ba:
45:71:ac:d6:ae:a2:6b:b7:2b:8f:a8:64:ab:bb:b9:
e6:d9:75:24:7f:35:a7:5a:13:6c:55:00:c8:5a:ad:
93:60:9b:13:53:10:3d:7f:73:ae:00:ea:03:eb:15:
94:c8:8a:06:1e:b8:87:21:7e:97:68:0e:6b:43:0d:
3b:e5:d2:f8:61:f8:78:80:51:c9:93:2e:61:63:ed:
27:10:51:2b:2b:93:3a:30:56:08:3a:80:8a:b3:3d:
42:54:0b:40:d1:21:12:fe:74:9f:2b:0e:4b:bd:9c:
63:8c:3f:2a:d8:54:ae:27:74:df:7e:09:a3:02:aa:
06:d7:8b:8a:7d:c6:13:b7:33:d2:12:a8:53:0c:72:
32:cc:11:55:8c:aa:12:cd:48:5b:77:0d:0f:5f:29:
d3:b3:42:ef:c2:23:37:e6:52:e6:8f:cf:ab:bb:4f:
1d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:82:0A:2D:F1:EE:27:1A:F5:8B:C3:F6:BB:D6:C0:F2:53:EF:C0:61
X509v3 Authority Key Identifier:
keyid:8C:EF:14:6D:85:C0:9A:A5:96:87:FD:63:15:B1:32:71:C1:C2:92:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jO8UbYXAmqWWh_1jFbEyccHCkq0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/a3d2ee-174c-48c3-bd26-7fa9d94024f0/1/qYIKLfHuJxr1i8P2u9bA8lPvwGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/a3d2ee-174c-48c3-bd26-7fa9d94024f0/1/jO8UbYXAmqWWh_1jFbEyccHCkq0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.203.126.0/23
94.24.36.0/23
162.208.16.0/24
185.206.24.0/22
217.180.20.0/23
IPv6:
2a0b:e40:1::-2a0b:e40:3:ffff:ffff:ffff:ffff:ffff
2a0b:e41:1::-2a0b:e41:2:ffff:ffff:ffff:ffff:ffff
2a0b:e42:1::/48
2a0b:e43::/40
2a0b:e44::/40
2a0b:e45:1::/48
Signature Algorithm: sha256WithRSAEncryption
9a:34:f4:23:a3:c4:33:63:b6:ae:f4:21:97:7c:98:cb:40:39:
9d:da:9c:ce:7f:7f:d4:b4:8f:b5:d2:bb:f0:61:a3:b8:47:32:
33:37:44:a0:33:4d:22:af:bd:84:c0:23:81:c0:06:a0:c7:2c:
89:1e:ae:2c:31:53:b5:43:54:b2:b0:a1:09:12:c8:30:bd:8e:
b1:c3:fb:d6:b3:d6:63:0a:b4:a8:2f:aa:c6:9d:8d:8e:dc:7e:
ab:e2:40:4f:1a:11:45:24:23:e9:49:ec:b9:29:76:ea:98:41:
eb:cc:f9:18:8f:52:35:f1:30:6c:0e:e0:a8:6e:8e:8d:2b:58:
f4:af:44:b3:9a:94:7c:fe:22:a0:31:fa:d2:75:b2:fa:c6:9c:
6f:e8:db:ad:6a:96:8d:9a:6d:28:62:f8:84:14:57:ad:9a:ed:
e2:c9:61:06:c7:32:60:3e:d1:3a:1f:87:d6:37:44:aa:b9:c6:
09:33:9d:d5:97:2d:ab:1a:64:42:15:13:f6:a0:e5:5e:b2:41:
ee:bc:26:90:4a:c6:3e:b6:2d:63:00:fd:c4:2e:6b:aa:97:76:
14:3f:ac:79:91:8e:9a:6a:ed:0e:73:63:ca:b7:4e:26:b8:77:
a6:d5:e2:4c:4a:50:02:87:ab:5a:77:d0:cb:17:20:e4:f7:93:
25:19:7d:15
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZ7IOmjiQ5RRK7rK1HZZ15/6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZWYxNDZkODVjMDlhYTU5Njg3ZmQ2MzE1YjEzMjcxYzFj
MjkyYWQwHhcNMjYwNjE0MjIyMjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTgyMGEyZGYxZWUyNzFhZjU4YmMzZjZiYmQ2YzBmMjUzZWZjMDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQvqDe0JI9ahrr6ekLCoxeXihbUA
057j6UnTv2hNXRRZ9NfPVVHpVqCwNud99ehE61d7ocRCW2Zmj1OabOzBTN+EqzYc
HWn2jVEUt3fgYYpPOCiTSIkSxLpFcazWrqJrtyuPqGSru7nm2XUkfzWnWhNsVQDI
Wq2TYJsTUxA9f3OuAOoD6xWUyIoGHriHIX6XaA5rQw075dL4Yfh4gFHJky5hY+0n
EFErK5M6MFYIOoCKsz1CVAtA0SES/nSfKw5LvZxjjD8q2FSuJ3TffgmjAqoG14uK
fcYTtzPSEqhTDHIyzBFVjKoSzUhbdw0PXynTs0LvwiM35lLmj8+ru08dbQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFKmCCi3x7ica9YvD9rvWwPJT78BhMB8GA1UdIwQY
MBaAFIzvFG2FwJqllof9YxWxMnHBwpKtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak84VWJZWEFtcVdXaF8xakZiRXljY0hDa3EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9hM2QyZWUtMTc0Yy00OGMzLWJkMjYt
N2ZhOWQ5NDAyNGYwLzEvcVlJS0xmSHVKeHIxaThQMnU5YkE4bFB2d0dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9hM2QyZWUtMTc0Yy00OGMzLWJkMjYtN2ZhOWQ5NDAyNGYw
LzEvak84VWJZWEFtcVdXaF8xakZiRXljY0hDa3EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwJAQCAAEwHgMEAULLfgME
AV4YJAMEAKLQEAMEArnOGAMEAdm0FDBQBAIAAjBKMBIDBwAqCw5AAAEDBwIqCw5A
AAAwEgMHACoLDkEAAQMHACoLDkEAAgMHACoLDkIAAQMGACoLDkMAAwYAKgsORAAD
BwAqCw5FAAEwDQYJKoZIhvcNAQELBQADggEBAJo09COjxDNjtq70IZd8mMtAOZ3a
nM5/f9S0j7XSu/Bho7hHMjM3RKAzTSKvvYTAI4HABqDHLIkeriwxU7VDVLKwoQkS
yDC9jrHD+9az1mMKtKgvqsadjY7cfqviQE8aEUUkI+lJ7LkpduqYQevM+RiPUjXx
MGwO4Khujo0rWPSvRLOalHz+IqAx+tJ1svrGnG/o261qlo2abShi+IQUV62a7eLJ
YQbHMmA+0Tofh9Y3RKq5xgkzndWXLasaZEIVE/ag5V6yQe68JpBKxj62LWMA/cQu
a6qXdhQ/rHmRjppq7Q5zY8q3Tia4d6bV4kxKUAKHq1p30MsXIOT3kyUZfRU=
-----END CERTIFICATE-----
Generated at Wed Jun 17 11:30:38 2026 by rpki-client