Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/KMqFRhG1oB7XQrI1JrhtCF0dkM0.roa
File: KMqFRhG1oB7XQrI1JrhtCF0dkM0.roa (raw, json)
Hash identifier: u9p+aTNn5LsuuLVNKku2JA40ElEYw0DtmMlYYXK0qh8=
Subject key identifier: 28:CA:85:46:11:B5:A0:1E:D7:42:B2:35:26:B8:6D:08:5D:1D:90:CD
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 019C9FD0CC0903D782DD048263792240D4EB
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/KMqFRhG1oB7XQrI1JrhtCF0dkM0.roa
Signing time: Fri 27 Feb 2026 15:56:26 +0000
ROA not before: Fri 27 Feb 2026 15:56:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25211
IP address blocks: 45.141.233.0/24 maxlen: 24
45.141.234.0/24 maxlen: 24
78.159.128.0/24 maxlen: 24
78.159.129.0/24 maxlen: 24
78.159.131.0/24 maxlen: 24
78.159.136.0/24 maxlen: 24
78.159.137.0/24 maxlen: 24
78.159.138.0/24 maxlen: 24
78.159.139.0/24 maxlen: 24
78.159.149.0/24 maxlen: 24
78.159.150.0/24 maxlen: 24
78.159.152.0/22 maxlen: 22
78.159.153.0/24 maxlen: 24
78.159.154.0/24 maxlen: 24
78.159.155.0/24 maxlen: 24
78.159.156.0/24 maxlen: 24
78.159.157.0/24 maxlen: 24
78.159.158.0/24 maxlen: 24
78.159.159.0/24 maxlen: 24
91.92.33.0/24 maxlen: 24
91.92.34.0/24 maxlen: 24
91.92.35.0/24 maxlen: 24
91.92.40.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
91.92.43.0/24 maxlen: 24
91.92.44.0/24 maxlen: 24
91.92.45.0/24 maxlen: 24
91.92.46.0/24 maxlen: 24
91.92.49.0/24 maxlen: 24
91.92.50.0/24 maxlen: 24
91.92.51.0/24 maxlen: 24
91.92.52.0/24 maxlen: 24
91.92.53.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
93.152.208.0/24 maxlen: 24
93.152.210.0/24 maxlen: 24
93.152.211.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
93.152.217.0/24 maxlen: 24
93.152.218.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
93.152.222.0/24 maxlen: 24
93.152.223.0/24 maxlen: 24
93.152.224.0/24 maxlen: 24
93.152.226.0/24 maxlen: 24
93.152.227.0/24 maxlen: 24
93.152.230.0/24 maxlen: 24
94.26.28.0/24 maxlen: 24
94.26.29.0/24 maxlen: 24
94.26.76.0/22 maxlen: 22
94.26.76.0/24 maxlen: 24
94.26.77.0/24 maxlen: 24
94.26.78.0/24 maxlen: 24
94.26.79.0/24 maxlen: 24
94.26.89.0/24 maxlen: 24
94.26.90.0/24 maxlen: 24
94.190.195.0/24 maxlen: 24
185.96.252.0/24 maxlen: 24
185.96.253.0/24 maxlen: 24
185.96.255.0/24 maxlen: 24
212.102.105.0/24 maxlen: 24
212.102.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 12:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9f:d0:cc:09:03:d7:82:dd:04:82:63:79:22:40:d4:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Feb 27 15:56:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=28ca854611b5a01ed742b23526b86d085d1d90cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1b:04:60:d1:6b:1b:0c:29:dc:27:04:dc:43:
21:ee:2d:a7:d9:45:22:7a:d9:39:06:d8:0d:5b:3b:
86:ef:5b:5f:d6:8e:dd:e0:31:08:3c:a7:25:d3:bf:
fc:60:08:e7:15:1b:ea:cd:f2:e6:8c:78:e0:53:fd:
20:56:48:ec:79:71:f5:96:17:bd:c6:16:8a:10:0f:
eb:9a:97:c5:04:35:67:30:e2:6a:a4:6d:fd:cf:ee:
a7:64:35:97:86:ed:a8:10:a0:3b:2c:5d:61:e8:ec:
5b:14:08:41:78:d0:bc:c9:8b:76:1b:a7:35:f6:62:
66:5c:dd:31:64:2b:3f:bb:51:43:29:99:83:62:bb:
ac:ba:a9:2c:64:57:39:12:b2:a4:d2:95:4f:0a:5e:
57:4f:7e:74:84:f9:1e:2c:68:a3:8d:e3:cb:3f:07:
5d:86:ff:40:3a:04:61:a6:27:46:34:58:ba:8f:76:
08:70:ba:b5:26:3d:1f:e8:88:8f:1d:57:12:f5:8f:
19:b9:ca:71:b5:61:47:23:32:52:70:c1:18:c0:02:
24:d4:6c:da:e8:b3:e9:17:4a:9a:83:00:05:4d:f3:
a9:8d:a8:f5:61:b7:17:c3:41:6e:67:8c:6a:a5:f5:
b1:19:d2:18:1c:8f:47:fb:d1:7c:70:f3:72:31:48:
c0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:CA:85:46:11:B5:A0:1E:D7:42:B2:35:26:B8:6D:08:5D:1D:90:CD
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/KMqFRhG1oB7XQrI1JrhtCF0dkM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.233.0-45.141.234.255
78.159.128.0/23
78.159.131.0/24
78.159.136.0/22
78.159.149.0-78.159.150.255
78.159.152.0/21
91.92.33.0-91.92.35.255
91.92.40.0/24
91.92.42.0-91.92.46.255
91.92.49.0-91.92.53.255
93.152.207.0-93.152.208.255
93.152.210.0/23
93.152.214.0-93.152.218.255
93.152.221.0-93.152.224.255
93.152.226.0/23
93.152.230.0/24
94.26.28.0/23
94.26.76.0/22
94.26.89.0-94.26.90.255
94.190.195.0/24
185.96.252.0/23
185.96.255.0/24
212.102.105.0/24
212.102.107.0/24
Signature Algorithm: sha256WithRSAEncryption
66:4d:88:c6:35:b1:99:42:05:62:4a:a2:5d:de:9a:82:2a:76:
71:20:dc:d9:11:fe:04:73:9c:20:dd:41:db:95:f1:0a:a5:15:
04:45:25:a3:75:7d:e4:b9:ce:fe:eb:55:20:76:e7:72:dc:5e:
f5:89:7b:4c:8a:0f:4a:f8:7c:d3:da:15:0e:5a:81:65:8b:14:
3c:81:05:59:a8:85:a1:c6:d8:2e:a3:91:a0:00:56:ed:e8:d9:
ea:5d:41:33:43:01:38:7e:60:06:cf:37:78:3e:76:d5:20:61:
f3:6c:42:ee:13:ac:7d:d5:1f:7a:5f:76:53:99:9d:08:77:ad:
87:fa:30:f7:61:28:4e:53:1e:13:9f:d2:89:04:10:70:1c:1c:
34:9b:61:d7:45:0b:68:45:91:f8:6c:34:d0:31:d8:10:c1:34:
8d:4d:52:f6:4c:3e:c0:66:d1:6d:4e:87:a6:72:f0:72:d5:e4:
8c:00:fc:00:5d:76:10:41:46:b1:13:64:6e:ed:30:cb:90:1e:
68:d2:e3:74:00:53:be:d3:21:91:f6:d8:2b:8c:48:2d:50:af:
25:3d:16:f9:7b:d2:9e:2b:93:6e:b7:d1:11:c0:fe:27:1e:8d:
2d:8d:d6:69:68:5e:f1:25:e6:2f:f5:74:23:8f:19:c1:c7:79:
b4:92:29:50
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAZyf0MwJA9eC3QSCY3kiQNTrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjYwMjI3MTU1NjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGNhODU0NjExYjVhMDFlZDc0MmIyMzUyNmI4NmQwODVkMWQ5MGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBsEYNFrGwwp3CcE3EMh7i2n2UUi
etk5BtgNWzuG71tf1o7d4DEIPKcl07/8YAjnFRvqzfLmjHjgU/0gVkjseXH1lhe9
xhaKEA/rmpfFBDVnMOJqpG39z+6nZDWXhu2oEKA7LF1h6OxbFAhBeNC8yYt2G6c1
9mJmXN0xZCs/u1FDKZmDYrusuqksZFc5ErKk0pVPCl5XT350hPkeLGijjePLPwdd
hv9AOgRhpidGNFi6j3YIcLq1Jj0f6IiPHVcS9Y8ZucpxtWFHIzJScMEYwAIk1Gza
6LPpF0qagwAFTfOpjaj1YbcXw0FuZ4xqpfWxGdIYHI9H+9F8cPNyMUjA+wIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFCjKhUYRtaAe10KyNSa4bQhdHZDNMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvS01xRlJoRzFvQjdYUXJJMUpyaHRDRjBka00wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jCB3wQCAAEwgdgwDAME
AC2N6QMEAC2N6gMEAU6fgAMEAE6fgwMEAk6fiDAMAwQATp+VAwQATp+WAwQDTp+Y
MAwDBABbXCEDBAJbXCADBABbXCgwDAMEAVtcKgMEAFtcLjAMAwQAW1wxAwQBW1w0
MAwDBABdmM8DBABdmNADBAFdmNIwDAMEAV2Y1gMEAF2Y2jAMAwQAXZjdAwQAXZjg
AwQBXZjiAwQAXZjmAwQBXhocAwQCXhpMMAwDBABeGlkDBABeGloDBABevsMDBAG5
YPwDBAC5YP8DBADUZmkDBADUZmswDQYJKoZIhvcNAQELBQADggEBAGZNiMY1sZlC
BWJKol3emoIqdnEg3NkR/gRznCDdQduV8QqlFQRFJaN1feS5zv7rVSB253LcXvWJ
e0yKD0r4fNPaFQ5agWWLFDyBBVmohaHG2C6jkaAAVu3o2epdQTNDATh+YAbPN3g+
dtUgYfNsQu4TrH3VH3pfdlOZnQh3rYf6MPdhKE5THhOf0okEEHAcHDSbYddFC2hF
kfhsNNAx2BDBNI1NUvZMPsBm0W1Oh6Zy8HLV5IwA/ABddhBBRrETZG7tMMuQHmjS
43QAU77TIZH22CuMSC1QryU9Fvl70p4rk2630RHA/icejS2N1mloXvEl5i/1dCOP
GcHHebSSKVA=
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:19:11 2026 by rpki-client