Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/kqmzm016eJM-jijUIFSE8gE6p00.roa
File: kqmzm016eJM-jijUIFSE8gE6p00.roa (raw, json)
Hash identifier: gAMMlg6BzmaFhWE/fM7vHF/m24ObBw3vzLwmqGTTkPI=
Subject key identifier: 92:A9:B3:9B:4D:7A:78:93:3E:8E:28:D4:20:54:84:F2:01:3A:A7:4D
Certificate issuer: /CN=fef918c5a9330dbbe6eee17cb9a1d62fbc855bde
Certificate serial: 019C9FC3104E23CAD4DC4EDEC49C3B7CCC0C
Authority key identifier: FE:F9:18:C5:A9:33:0D:BB:E6:EE:E1:7C:B9:A1:D6:2F:BC:85:5B:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_vkYxakzDbvm7uF8uaHWL7yFW94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/kqmzm016eJM-jijUIFSE8gE6p00.roa
Signing time: Fri 27 Feb 2026 15:41:26 +0000
ROA not before: Fri 27 Feb 2026 15:41:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 59395
IP address blocks: 5.133.16.0/21 maxlen: 21
46.31.80.0/21 maxlen: 21
46.31.168.0/21 maxlen: 21
46.231.64.0/21 maxlen: 21
82.144.224.0/19 maxlen: 19
82.215.0.0/18 maxlen: 18
87.238.216.0/21 maxlen: 21
89.105.0.0/19 maxlen: 19
89.105.25.0/24 maxlen: 24
109.235.120.0/21 maxlen: 21
109.235.127.0/24 maxlen: 24
185.7.188.0/22 maxlen: 22
185.36.248.0/22 maxlen: 22
185.45.24.0/22 maxlen: 22
185.63.80.0/22 maxlen: 22
185.65.24.0/22 maxlen: 22
185.74.232.0/21 maxlen: 21
185.74.232.0/22 maxlen: 22
185.74.236.0/22 maxlen: 22
185.109.104.0/22 maxlen: 22
185.109.106.0/24 maxlen: 24
185.159.216.0/22 maxlen: 22
185.175.112.0/22 maxlen: 22
217.119.128.0/24 maxlen: 24
217.119.137.0/24 maxlen: 24
2a02:73c0::/32 maxlen: 32
2a05:4b80::/29 maxlen: 29
2a05:4bc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/_vkYxakzDbvm7uF8uaHWL7yFW94.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/_vkYxakzDbvm7uF8uaHWL7yFW94.mft
rsync://rpki.ripe.net/repository/DEFAULT/_vkYxakzDbvm7uF8uaHWL7yFW94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9f:c3:10:4e:23:ca:d4:dc:4e:de:c4:9c:3b:7c:cc:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fef918c5a9330dbbe6eee17cb9a1d62fbc855bde
Validity
Not Before: Feb 27 15:41:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=92a9b39b4d7a78933e8e28d4205484f2013aa74d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:24:b8:51:dd:55:7b:f5:25:e8:f7:e0:84:69:
86:a2:17:b4:31:f5:6d:66:14:6d:72:35:4d:ee:86:
86:a7:20:c9:04:fd:8b:e2:cd:4f:48:a6:33:85:c7:
ce:c8:39:39:9f:aa:72:51:32:3f:9d:62:45:22:80:
61:b2:00:78:59:40:70:16:f7:c7:d8:2e:55:0f:fa:
c3:f2:23:41:b7:e2:33:e5:27:a0:17:32:fd:65:14:
83:db:26:a2:10:73:4a:33:7d:13:da:e9:d6:e8:dc:
f9:96:8a:6c:ed:54:b5:ba:d2:04:c4:aa:de:e0:43:
c7:61:59:40:9b:95:c7:c4:e1:62:72:d1:33:e0:c1:
76:b1:3d:a4:b7:3c:64:cb:ce:1c:34:7f:96:53:1d:
ef:b7:e3:de:3e:89:25:c6:b4:ad:3d:19:5f:8e:3f:
b2:3c:9f:9d:89:8e:93:19:13:1b:de:94:f8:d7:7c:
27:f4:f2:8e:eb:4c:e9:e9:e9:f0:b9:60:5f:fc:60:
d2:a0:1f:a0:fa:46:fd:13:84:52:01:71:63:4e:b0:
76:f4:3d:7f:1e:9b:d6:f4:72:0a:86:20:6c:c9:f1:
0c:53:60:2f:b3:53:7e:e0:75:2c:65:70:4e:29:3d:
c7:7b:cc:b4:65:5d:56:63:47:5d:be:32:2f:df:21:
7d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:A9:B3:9B:4D:7A:78:93:3E:8E:28:D4:20:54:84:F2:01:3A:A7:4D
X509v3 Authority Key Identifier:
keyid:FE:F9:18:C5:A9:33:0D:BB:E6:EE:E1:7C:B9:A1:D6:2F:BC:85:5B:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_vkYxakzDbvm7uF8uaHWL7yFW94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/kqmzm016eJM-jijUIFSE8gE6p00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/_vkYxakzDbvm7uF8uaHWL7yFW94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.16.0/21
46.31.80.0/21
46.31.168.0/21
46.231.64.0/21
82.144.224.0/19
82.215.0.0/18
87.238.216.0/21
89.105.0.0/19
109.235.120.0/21
185.7.188.0/22
185.36.248.0/22
185.45.24.0/22
185.63.80.0/22
185.65.24.0/22
185.74.232.0/21
185.109.104.0/22
185.159.216.0/22
185.175.112.0/22
217.119.128.0/24
217.119.137.0/24
IPv6:
2a02:73c0::/32
2a05:4b80::/29
2a05:4bc0::/29
Signature Algorithm: sha256WithRSAEncryption
9f:41:07:65:69:18:d8:b0:8d:5f:a5:2d:cf:30:63:30:f5:04:
60:ec:99:07:3e:f1:de:15:93:58:c7:96:34:8e:2f:12:93:5d:
bc:b9:a7:46:02:63:64:e7:85:7e:df:90:d3:8f:6c:4b:95:22:
78:a7:59:44:2a:c4:5e:b7:4a:4b:2c:18:16:bd:66:41:78:2c:
a6:a0:c1:84:95:7a:85:b4:ec:7d:62:bd:92:bd:17:13:8d:00:
2e:25:85:2b:e0:8f:02:d5:b6:24:bb:19:2f:d9:ed:88:ac:ae:
39:5e:4e:10:80:b8:5b:2f:62:ff:04:e6:17:c7:f1:6c:aa:e6:
50:52:bf:99:1c:43:e9:9c:63:61:c7:a5:29:53:c0:49:c8:6b:
b6:f0:5e:53:dd:49:2e:b3:ac:57:03:6a:5e:ba:a0:43:8a:97:
d6:31:f0:d4:b8:c1:6e:94:e5:0e:3f:73:a9:5e:4a:c3:6e:3c:
a7:31:5c:c3:4c:8b:12:b1:60:ca:7f:78:38:ea:67:32:f8:4a:
71:a3:e1:92:ba:e7:28:09:10:0c:ac:b4:38:4e:81:44:aa:c0:
24:39:3f:8f:d5:57:5c:df:28:34:a2:42:71:6b:22:79:71:70:
25:6d:de:be:83:a4:6e:f8:c5:02:91:18:dd:13:a0:ed:0c:b1:
f5:24:88:9f
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAZyfwxBOI8rU3E7exJw7fMwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZjkxOGM1YTkzMzBkYmJlNmVlZTE3Y2I5YTFkNjJmYmM4
NTViZGUwHhcNMjYwMjI3MTU0MTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmE5YjM5YjRkN2E3ODkzM2U4ZTI4ZDQyMDU0ODRmMjAxM2FhNzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSS4Ud1Ve/Ul6PfghGmGohe0MfVt
ZhRtcjVN7oaGpyDJBP2L4s1PSKYzhcfOyDk5n6pyUTI/nWJFIoBhsgB4WUBwFvfH
2C5VD/rD8iNBt+Iz5SegFzL9ZRSD2yaiEHNKM30T2unW6Nz5lops7VS1utIExKre
4EPHYVlAm5XHxOFictEz4MF2sT2ktzxky84cNH+WUx3vt+PePoklxrStPRlfjj+y
PJ+diY6TGRMb3pT413wn9PKO60zp6enwuWBf/GDSoB+g+kb9E4RSAXFjTrB29D1/
HpvW9HIKhiBsyfEMU2Avs1N+4HUsZXBOKT3He8y0ZV1WY0ddvjIv3yF9mQIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFJKps5tNeniTPo4o1CBUhPIBOqdNMB8GA1UdIwQY
MBaAFP75GMWpMw275u7hfLmh1i+8hVveMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3ZrWXhha3pEYnZtN3VGOHVhSFdMN3lGVzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lZDY1NWQtNTEwMi00OTMyLWIxZGIt
YmEyODg5YWZhYWRkLzEva3Ftem0wMTZlSk0tamlqVUlGU0U4Z0U2cDAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lZDY1NWQtNTEwMi00OTMyLWIxZGItYmEyODg5YWZhYWRk
LzEvX3ZrWXhha3pEYnZtN3VGOHVhSFdMN3lGVzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTB+BAIAATB4AwQDBYUQ
AwQDLh9QAwQDLh+oAwQDLudAAwQFUpDgAwQGUtcAAwQDV+7YAwQFWWkAAwQDbet4
AwQCuQe8AwQCuST4AwQCuS0YAwQCuT9QAwQCuUEYAwQDuUroAwQCuW1oAwQCuZ/Y
AwQCua9wAwQA2XeAAwQA2XeJMBsEAgACMBUDBQAqAnPAAwUDKgVLgAMFAyoFS8Aw
DQYJKoZIhvcNAQELBQADggEBAJ9BB2VpGNiwjV+lLc8wYzD1BGDsmQc+8d4Vk1jH
ljSOLxKTXby5p0YCY2TnhX7fkNOPbEuVIninWUQqxF63SkssGBa9ZkF4LKagwYSV
eoW07H1ivZK9FxONAC4lhSvgjwLVtiS7GS/Z7YisrjleThCAuFsvYv8E5hfH8Wyq
5lBSv5kcQ+mcY2HHpSlTwEnIa7bwXlPdSS6zrFcDal66oEOKl9Yx8NS4wW6U5Q4/
c6leSsNuPKcxXMNMixKxYMp/eDjqZzL4SnGj4ZK65ygJEAystDhOgUSqwCQ5P4/V
V1zfKDSiQnFrInlxcCVt3r6DpG74xQKRGN0ToO0MsfUkiJ8=
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:18:32 2026 by rpki-client