Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/QceFDtSrDYh69pv-dQbQrUbtQ4k.roa
File: QceFDtSrDYh69pv-dQbQrUbtQ4k.roa (raw, json)
Hash identifier: wSyMeUF+/jPIEmlhDIJJ627jifZU+Op/8B8t0jdZnGo=
Subject key identifier: 41:C7:85:0E:D4:AB:0D:88:7A:F6:9B:FE:75:06:D0:AD:46:ED:43:89
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019C9F21F148EDB19CFC33F1CD7425B93E4D
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/QceFDtSrDYh69pv-dQbQrUbtQ4k.roa
Signing time: Fri 27 Feb 2026 12:45:27 +0000
ROA not before: Fri 27 Feb 2026 12:45:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48803
IP address blocks: 193.183.148.0/22 maxlen: 22
193.183.250.0/24 maxlen: 24
194.68.117.0/24 maxlen: 24
194.132.228.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 12:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9f:21:f1:48:ed:b1:9c:fc:33:f1:cd:74:25:b9:3e:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Feb 27 12:45:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=41c7850ed4ab0d887af69bfe7506d0ad46ed4389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c2:3e:03:f8:d6:1d:69:d0:5d:c5:3c:36:55:
1d:97:b1:05:d5:7f:ea:94:6e:f7:d5:d5:de:70:42:
cc:0a:97:ab:09:a8:99:51:7a:73:5d:1a:ca:0b:a6:
7b:5c:56:f4:c1:47:44:54:d6:22:d9:9c:1a:9e:2a:
6b:9c:93:5f:45:15:07:31:e4:61:78:5f:48:33:31:
87:2a:b1:41:79:e7:76:e1:e1:48:36:ab:99:b3:a0:
73:4a:16:01:0d:07:5f:f3:92:98:de:5d:89:2b:b4:
b2:23:eb:c5:b4:69:32:4c:48:8a:c2:bd:e4:f2:b0:
c5:2e:c2:0a:74:3e:dc:48:c4:da:c6:8d:99:ce:e7:
1d:eb:d6:0f:53:8d:a2:d7:9c:ac:d6:26:3b:20:7b:
45:56:36:02:bc:94:07:4b:83:12:ac:0b:67:24:1a:
51:5c:9b:d2:1b:5c:10:95:0e:f2:ed:49:5c:7d:20:
4c:8a:28:20:5c:6c:c8:fa:dd:91:7b:61:2d:95:d7:
e1:22:8d:a8:ba:d2:40:c8:a7:6e:d6:0a:de:ca:33:
5e:29:df:33:34:17:24:42:5e:48:d5:e1:24:37:f3:
fc:87:05:0e:99:62:52:e0:e5:dc:a6:17:bb:82:a1:
77:ec:20:aa:45:ff:3e:89:f8:7a:35:ee:86:f5:55:
cc:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:C7:85:0E:D4:AB:0D:88:7A:F6:9B:FE:75:06:D0:AD:46:ED:43:89
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/QceFDtSrDYh69pv-dQbQrUbtQ4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.183.148.0/22
193.183.250.0/24
194.68.117.0/24
194.132.228.0/22
Signature Algorithm: sha256WithRSAEncryption
89:0a:6d:3b:29:15:d4:c6:27:e7:11:f0:1f:6d:70:d4:65:15:
c4:4b:91:13:c3:e5:d7:0c:ca:39:2f:64:84:7c:4b:11:35:75:
12:0b:b7:2b:e6:c6:8a:d6:68:8b:26:a6:d7:29:33:46:0f:5d:
51:30:7b:49:dd:42:ff:69:9c:c3:ed:0d:10:61:99:69:72:e8:
37:7c:84:f9:ec:32:b4:72:99:04:0f:90:89:ca:36:f1:e6:c4:
71:ac:1b:89:f6:29:27:37:40:71:c7:3b:74:2c:14:cd:4e:31:
21:d9:84:6c:38:48:c2:8b:e5:a3:00:20:af:80:17:07:8b:95:
8c:3d:03:d2:d5:24:f8:88:6d:1e:e8:e6:6c:82:82:79:bc:ef:
78:3b:ff:f2:d0:c8:02:d4:7c:ec:71:ca:1c:3c:a8:07:51:06:
8e:6c:a0:2e:7f:91:f3:b7:3c:c4:dd:cf:11:98:59:48:25:c4:
6c:cc:1c:aa:b8:48:77:ea:85:03:00:62:8b:7a:f3:af:ff:07:
51:20:a8:b5:37:6e:94:7f:d6:32:9e:b7:2a:31:b1:86:30:57:
e4:b6:26:bf:dc:21:6c:6c:53:9c:8e:76:58:6e:e3:d0:c3:2c:
f2:73:60:21:31:5a:2c:fc:f8:8d:95:13:80:d9:7e:13:87:75:
0b:1a:1b:a9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZyfIfFI7bGc/DPxzXQluT5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjYwMjI3MTI0NTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWM3ODUwZWQ0YWIwZDg4N2FmNjliZmU3NTA2ZDBhZDQ2ZWQ0Mzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicI+A/jWHWnQXcU8NlUdl7EF1X/q
lG731dXecELMCperCaiZUXpzXRrKC6Z7XFb0wUdEVNYi2ZwaniprnJNfRRUHMeRh
eF9IMzGHKrFBeed24eFINquZs6BzShYBDQdf85KY3l2JK7SyI+vFtGkyTEiKwr3k
8rDFLsIKdD7cSMTaxo2Zzucd69YPU42i15ys1iY7IHtFVjYCvJQHS4MSrAtnJBpR
XJvSG1wQlQ7y7UlcfSBMiiggXGzI+t2Re2EtldfhIo2outJAyKdu1greyjNeKd8z
NBckQl5I1eEkN/P8hwUOmWJS4OXcphe7gqF37CCqRf8+ifh6Ne6G9VXMxwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEHHhQ7Uqw2Ievab/nUG0K1G7UOJMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvUWNlRkR0U3JEWWg2OXB2LWRRYlFyVWJ0UTRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCwbeUAwQA
wbf6AwQAwkR1AwQCwoTkMA0GCSqGSIb3DQEBCwUAA4IBAQCJCm07KRXUxifnEfAf
bXDUZRXES5ETw+XXDMo5L2SEfEsRNXUSC7cr5saK1miLJqbXKTNGD11RMHtJ3UL/
aZzD7Q0QYZlpcug3fIT57DK0cpkED5CJyjbx5sRxrBuJ9iknN0Bxxzt0LBTNTjEh
2YRsOEjCi+WjACCvgBcHi5WMPQPS1ST4iG0e6OZsgoJ5vO94O//y0MgC1Hzsccoc
PKgHUQaObKAuf5HztzzE3c8RmFlIJcRszByquEh36oUDAGKLevOv/wdRIKi1N26U
f9YynrcqMbGGMFfktia/3CFsbFOcjnZYbuPQwyzyc2AhMVos/PiNlROA2X4Th3UL
Ghup
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:21:00 2026 by rpki-client