Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/f01f9a-cdea-4d03-aa8a-85b65bacd4fb/1/Q9bW7DT8b-bilbM4okf2-4RumJ8.roa
File: Q9bW7DT8b-bilbM4okf2-4RumJ8.roa (raw, json)
Hash identifier: VGpo3RNyhjlbXzLjR04xOlVdZxQhemrEMPSoF4PPXPI=
Subject key identifier: 43:D6:D6:EC:34:FC:6F:E6:E2:95:B3:38:A2:47:F6:FB:84:6E:98:9F
Certificate issuer: /CN=a76a90e716530f15f7399b7ac3e0d2939a21a210
Certificate serial: 019C898E8DD5FF8AC9831B5E7921052918B3
Authority key identifier: A7:6A:90:E7:16:53:0F:15:F7:39:9B:7A:C3:E0:D2:93:9A:21:A2:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p2qQ5xZTDxX3OZt6w-DSk5ohohA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/f01f9a-cdea-4d03-aa8a-85b65bacd4fb/1/Q9bW7DT8b-bilbM4okf2-4RumJ8.roa
Signing time: Mon 23 Feb 2026 08:12:26 +0000
ROA not before: Mon 23 Feb 2026 08:12:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204586
IP address blocks: 185.218.72.0/22 maxlen: 22
185.218.72.0/24 maxlen: 24
185.218.73.0/24 maxlen: 24
185.218.74.0/24 maxlen: 24
185.218.75.0/24 maxlen: 24
2a0b:d440::/29 maxlen: 29
2a0b:d440:72::/48 maxlen: 48
2a0b:d440:73::/48 maxlen: 48
2a0b:d440:74::/48 maxlen: 48
2a0b:d440:75::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/f01f9a-cdea-4d03-aa8a-85b65bacd4fb/1/p2qQ5xZTDxX3OZt6w-DSk5ohohA.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/f01f9a-cdea-4d03-aa8a-85b65bacd4fb/1/p2qQ5xZTDxX3OZt6w-DSk5ohohA.mft
rsync://rpki.ripe.net/repository/DEFAULT/p2qQ5xZTDxX3OZt6w-DSk5ohohA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 20:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:89:8e:8d:d5:ff:8a:c9:83:1b:5e:79:21:05:29:18:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a76a90e716530f15f7399b7ac3e0d2939a21a210
Validity
Not Before: Feb 23 08:12:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=43d6d6ec34fc6fe6e295b338a247f6fb846e989f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:8e:a9:cd:0b:83:08:0c:99:85:d4:f4:76:be:
1e:cd:e3:44:48:6f:c9:83:99:0f:df:82:97:2b:6a:
b6:dc:bc:aa:4f:31:01:b8:67:8b:bf:1c:2c:aa:cd:
60:58:29:8b:a2:ba:b1:c1:78:80:1d:a8:d1:39:91:
0f:b4:9c:d6:ab:34:bd:33:e8:4c:1b:28:5b:25:7c:
b5:de:05:dd:3f:1c:30:a6:1e:de:1d:a2:21:31:4c:
35:f8:16:7b:da:ca:c4:46:da:91:9a:c9:0f:83:de:
7c:ed:83:e3:88:2f:66:c1:1a:b5:70:96:b7:1f:b9:
65:6e:c8:4c:11:b4:69:bd:74:53:6c:fc:77:be:e9:
9d:cc:dc:7c:af:4e:97:23:4f:01:c2:de:18:a1:58:
9a:b2:48:1e:98:9e:08:d1:ae:74:ac:8d:f3:63:b0:
5b:6d:25:fd:d9:af:8c:f5:82:65:55:90:65:f0:d8:
02:6a:b2:56:9e:7b:f3:d3:9a:06:71:b8:8e:ca:b1:
20:54:95:82:bd:e6:20:5d:6c:8f:0c:48:49:6f:34:
1f:1b:d7:7a:1e:84:52:f7:73:ed:6d:87:52:36:96:
a5:0c:62:2a:b2:60:d9:cf:76:4e:1b:45:ba:fe:34:
d3:46:21:67:81:9e:cb:0c:6e:cf:ae:37:41:e7:e7:
68:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D6:D6:EC:34:FC:6F:E6:E2:95:B3:38:A2:47:F6:FB:84:6E:98:9F
X509v3 Authority Key Identifier:
keyid:A7:6A:90:E7:16:53:0F:15:F7:39:9B:7A:C3:E0:D2:93:9A:21:A2:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p2qQ5xZTDxX3OZt6w-DSk5ohohA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/f01f9a-cdea-4d03-aa8a-85b65bacd4fb/1/Q9bW7DT8b-bilbM4okf2-4RumJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/f01f9a-cdea-4d03-aa8a-85b65bacd4fb/1/p2qQ5xZTDxX3OZt6w-DSk5ohohA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.72.0/22
IPv6:
2a0b:d440::/29
Signature Algorithm: sha256WithRSAEncryption
71:93:31:88:2c:3b:74:72:15:c5:1b:a4:4f:f7:6b:e8:87:5e:
1f:4d:93:33:db:d9:79:60:88:08:fd:ac:9c:88:f6:bb:5b:38:
61:fb:68:01:d8:e2:8c:d8:41:c8:56:63:28:1b:a9:13:d3:33:
6b:42:0b:ed:4b:c2:11:dd:8b:a8:82:3d:24:03:e8:94:c3:bc:
16:23:ad:48:8e:0c:12:48:fb:1e:a1:e6:b2:d3:c9:70:87:80:
6a:ad:50:d4:39:ae:40:e7:8b:d6:3c:10:3e:7e:ec:24:b6:47:
bf:e5:63:0b:b0:bf:1b:ca:4e:82:c9:41:f5:37:62:f8:ba:31:
74:1f:61:dc:86:39:f1:75:42:b6:b1:bb:7a:e2:d4:ac:28:0a:
a2:bf:01:76:e1:d1:8b:74:e0:ba:74:5e:4f:64:d9:26:37:c1:
59:e0:47:10:53:df:ed:a9:63:87:e8:a6:e6:ed:aa:e0:d0:5d:
48:36:6c:92:a5:9d:5a:76:90:5a:79:01:62:ce:b3:fb:1b:98:
79:0b:b7:bc:ef:be:80:66:2f:c1:ad:56:79:cc:7a:fc:e3:3a:
de:69:be:7c:f7:14:ef:2f:4b:9d:c4:9b:17:0e:91:76:66:a8:
ab:80:b5:ce:13:47:38:a9:16:4a:90:47:ae:b1:05:1e:b5:be:
77:7a:95:04
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZyJjo3V/4rJgxteeSEFKRizMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NmE5MGU3MTY1MzBmMTVmNzM5OWI3YWMzZTBkMjkzOWEy
MWEyMTAwHhcNMjYwMjIzMDgxMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2Q2ZDZlYzM0ZmM2ZmU2ZTI5NWIzMzhhMjQ3ZjZmYjg0NmU5ODlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApo6pzQuDCAyZhdT0dr4ezeNESG/J
g5kP34KXK2q23LyqTzEBuGeLvxwsqs1gWCmLorqxwXiAHajROZEPtJzWqzS9M+hM
GyhbJXy13gXdPxwwph7eHaIhMUw1+BZ72srERtqRmskPg9587YPjiC9mwRq1cJa3
H7llbshMEbRpvXRTbPx3vumdzNx8r06XI08Bwt4YoViaskgemJ4I0a50rI3zY7Bb
bSX92a+M9YJlVZBl8NgCarJWnnvz05oGcbiOyrEgVJWCveYgXWyPDEhJbzQfG9d6
HoRS93PtbYdSNpalDGIqsmDZz3ZOG0W6/jTTRiFngZ7LDG7PrjdB5+dobQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEPW1uw0/G/m4pWzOKJH9vuEbpifMB8GA1UdIwQY
MBaAFKdqkOcWUw8V9zmbesPg0pOaIaIQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDJxUTV4WlREeFgzT1p0NnctRFNrNW9ob2hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9mMDFmOWEtY2RlYS00ZDAzLWFhOGEt
ODViNjViYWNkNGZiLzEvUTliVzdEVDhiLWJpbGJNNG9rZjItNFJ1bUo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9mMDFmOWEtY2RlYS00ZDAzLWFhOGEtODViNjViYWNkNGZi
LzEvcDJxUTV4WlREeFgzT1p0NnctRFNrNW9ob2hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudpIMA0E
AgACMAcDBQMqC9RAMA0GCSqGSIb3DQEBCwUAA4IBAQBxkzGILDt0chXFG6RP92vo
h14fTZMz29l5YIgI/ayciPa7Wzhh+2gB2OKM2EHIVmMoG6kT0zNrQgvtS8IR3Yuo
gj0kA+iUw7wWI61IjgwSSPseoeay08lwh4BqrVDUOa5A54vWPBA+fuwktke/5WML
sL8byk6CyUH1N2L4ujF0H2HchjnxdUK2sbt64tSsKAqivwF24dGLdOC6dF5PZNkm
N8FZ4EcQU9/tqWOH6Kbm7arg0F1INmySpZ1adpBaeQFizrP7G5h5C7e8776AZi/B
rVZ5zHr84zreab589xTvL0udxJsXDpF2ZqirgLXOE0c4qRZKkEeusQUetb53epUE
-----END CERTIFICATE-----
Generated at Tue Mar 3 02:26:20 2026 by rpki-client