Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/nSYkP6ZYsP2PGbTEn1voEjCMK7M.roa
File: nSYkP6ZYsP2PGbTEn1voEjCMK7M.roa (raw, json)
Hash identifier: MNQbu//jCX54OfF7YJFip/dm1osxFxhLcTi2nI/vQws=
Subject key identifier: 9D:26:24:3F:A6:58:B0:FD:8F:19:B4:C4:9F:5B:E8:12:30:8C:2B:B3
Certificate issuer: /CN=421bae989898d9402424aadafbb47c3a6d4c25b3
Certificate serial: 019C711823F6C5B67C81610FDA8455327DA3
Authority key identifier: 42:1B:AE:98:98:98:D9:40:24:24:AA:DA:FB:B4:7C:3A:6D:4C:25:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QhuumJiY2UAkJKra-7R8Om1MJbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/nSYkP6ZYsP2PGbTEn1voEjCMK7M.roa
Signing time: Wed 18 Feb 2026 14:12:13 +0000
ROA not before: Wed 18 Feb 2026 14:12:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197580
IP address blocks: 46.245.136.0/21 maxlen: 21
83.174.148.0/23 maxlen: 23
83.174.151.0/24 maxlen: 24
83.174.152.0/23 maxlen: 23
83.174.154.0/24 maxlen: 24
83.174.156.0/23 maxlen: 23
83.174.158.0/24 maxlen: 24
185.42.208.0/24 maxlen: 24
185.254.216.0/23 maxlen: 23
2a01:6320::/32 maxlen: 32
2a05:dec0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/QhuumJiY2UAkJKra-7R8Om1MJbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/QhuumJiY2UAkJKra-7R8Om1MJbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/QhuumJiY2UAkJKra-7R8Om1MJbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:71:18:23:f6:c5:b6:7c:81:61:0f:da:84:55:32:7d:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=421bae989898d9402424aadafbb47c3a6d4c25b3
Validity
Not Before: Feb 18 14:12:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9d26243fa658b0fd8f19b4c49f5be812308c2bb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:70:d9:48:21:c6:e9:2d:82:b9:b9:c9:93:77:
f1:9f:36:1d:eb:9b:02:3f:2f:db:14:e5:86:b8:35:
92:47:96:16:8f:41:9e:09:a8:d5:ae:3b:9b:f8:44:
4b:b7:77:ac:e2:13:1f:f5:59:10:d2:4c:db:04:c2:
92:65:3e:4d:5d:29:a9:45:48:8a:c0:8d:e4:ad:7f:
99:31:ea:70:c5:db:a9:b5:37:c7:54:7d:9b:0b:e7:
8c:fd:3a:ab:01:9b:69:3a:65:7b:52:10:51:68:62:
06:68:ba:df:9b:ad:20:a7:01:7e:da:97:1a:2c:53:
10:34:54:5a:0f:bb:54:58:38:c3:89:18:4f:e8:49:
6a:62:48:ad:94:72:ce:1d:d0:18:91:12:bb:40:2a:
27:36:cf:52:58:d3:90:d5:45:07:64:56:f6:77:38:
5c:10:bc:bf:9f:b8:48:3e:b5:63:e2:6c:48:2d:7f:
0c:d4:ac:61:e2:72:ee:b3:88:6f:54:7e:a0:45:3d:
a1:dc:f2:fb:5f:49:f5:4c:68:96:35:b3:f5:9a:4d:
93:fb:0b:67:05:71:58:69:32:b9:7e:20:f4:01:c6:
49:f8:35:a4:cd:db:f0:5d:79:cc:a4:b0:b2:e1:e8:
d8:f7:45:dc:5a:65:e5:eb:8f:95:ad:23:0a:66:17:
22:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:26:24:3F:A6:58:B0:FD:8F:19:B4:C4:9F:5B:E8:12:30:8C:2B:B3
X509v3 Authority Key Identifier:
keyid:42:1B:AE:98:98:98:D9:40:24:24:AA:DA:FB:B4:7C:3A:6D:4C:25:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhuumJiY2UAkJKra-7R8Om1MJbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/nSYkP6ZYsP2PGbTEn1voEjCMK7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/QhuumJiY2UAkJKra-7R8Om1MJbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.136.0/21
83.174.148.0/23
83.174.151.0-83.174.154.255
83.174.156.0-83.174.158.255
185.42.208.0/24
185.254.216.0/23
IPv6:
2a01:6320::/32
2a05:dec0::/29
Signature Algorithm: sha256WithRSAEncryption
3a:3b:13:ab:61:38:29:c2:35:01:ce:51:c4:24:75:09:fa:3e:
b7:8b:5a:21:d8:1a:e5:6f:74:40:a5:d6:15:12:ea:50:f7:4d:
fa:4e:b6:20:c2:74:56:ea:79:83:7d:ee:fe:83:97:76:55:f1:
c2:22:62:44:21:d0:7c:d1:4f:8c:d6:1c:b1:06:74:fa:56:89:
69:1e:15:3b:94:80:dd:67:bb:76:c8:b5:80:28:b5:cd:30:5a:
b7:70:6a:9c:9c:2e:04:04:24:61:ce:93:a9:c9:19:4f:26:91:
ed:8f:0f:67:52:6b:e6:34:e9:02:bc:d3:e5:04:4f:25:eb:f1:
2d:ba:76:a0:86:11:ee:b5:60:2a:90:8d:f7:68:45:60:29:e1:
48:c4:b8:84:8a:e5:33:44:03:8f:07:50:1a:e9:d2:ef:48:f0:
35:ba:81:22:c6:c5:35:9d:25:35:01:b3:75:6e:56:8a:ab:d4:
9b:a5:ac:55:0a:cc:dc:43:d3:47:ac:a8:bc:bc:c4:0e:18:aa:
56:19:96:57:42:03:a8:b8:df:a9:a7:14:a0:33:bf:c7:c2:0e:
64:9f:cd:2b:14:08:38:23:b9:06:7b:ec:3e:66:f6:ab:5f:1c:
21:ea:c7:f7:be:60:32:d4:39:7c:28:5a:24:3a:9f:ac:8d:56:
4f:d6:17:33
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZxxGCP2xbZ8gWEP2oRVMn2jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMWJhZTk4OTg5OGQ5NDAyNDI0YWFkYWZiYjQ3YzNhNmQ0
YzI1YjMwHhcNMjYwMjE4MTQxMjEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDI2MjQzZmE2NThiMGZkOGYxOWI0YzQ5ZjViZTgxMjMwOGMyYmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnDZSCHG6S2CubnJk3fxnzYd65sC
Py/bFOWGuDWSR5YWj0GeCajVrjub+ERLt3es4hMf9VkQ0kzbBMKSZT5NXSmpRUiK
wI3krX+ZMepwxduptTfHVH2bC+eM/TqrAZtpOmV7UhBRaGIGaLrfm60gpwF+2pca
LFMQNFRaD7tUWDjDiRhP6ElqYkitlHLOHdAYkRK7QConNs9SWNOQ1UUHZFb2dzhc
ELy/n7hIPrVj4mxILX8M1Kxh4nLus4hvVH6gRT2h3PL7X0n1TGiWNbP1mk2T+wtn
BXFYaTK5fiD0AcZJ+DWkzdvwXXnMpLCy4ejY90XcWmXl64+VrSMKZhciowIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFJ0mJD+mWLD9jxm0xJ9b6BIwjCuzMB8GA1UdIwQY
MBaAFEIbrpiYmNlAJCSq2vu0fDptTCWzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWh1dW1KaVkyVUFrSktyYS03UjhPbTFNSmJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9iMzRjYjAtMmY3MS00ZjU5LWJkNWUt
NjdlZmNiM2Q4NmZlLzEvblNZa1A2WllzUDJQR2JURW4xdm9FakNNSzdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9iMzRjYjAtMmY3MS00ZjU5LWJkNWUtNjdlZmNiM2Q4NmZl
LzEvUWh1dW1KaVkyVUFrSktyYS03UjhPbTFNSmJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjA6BAIAATA0AwQDLvWIAwQB
U66UMAwDBABTrpcDBABTrpowDAMEAlOunAMEAFOungMEALkq0AMEAbn+2DAUBAIA
AjAOAwUAKgFjIAMFAyoF3sAwDQYJKoZIhvcNAQELBQADggEBADo7E6thOCnCNQHO
UcQkdQn6PreLWiHYGuVvdECl1hUS6lD3TfpOtiDCdFbqeYN97v6Dl3ZV8cIiYkQh
0HzRT4zWHLEGdPpWiWkeFTuUgN1nu3bItYAotc0wWrdwapycLgQEJGHOk6nJGU8m
ke2PD2dSa+Y06QK80+UETyXr8S26dqCGEe61YCqQjfdoRWAp4UjEuISK5TNEA48H
UBrp0u9I8DW6gSLGxTWdJTUBs3VuVoqr1JulrFUKzNxD00esqLy8xA4YqlYZlldC
A6i436mnFKAzv8fCDmSfzSsUCDgjuQZ77D5m9qtfHCHqx/e+YDLUOXwoWiQ6n6yN
Vk/WFzM=
-----END CERTIFICATE-----
Generated at Sun Mar 1 14:40:54 2026 by rpki-client