Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/QmtTzyy0B6VINllZo5hoGV_0tME.roa
File: QmtTzyy0B6VINllZo5hoGV_0tME.roa (raw, json)
Hash identifier: Kss8BrAGEQwDauIv9e80R/ByqBQjOIdQoGwsK/YXN9o=
Subject key identifier: 42:6B:53:CF:2C:B4:07:A5:48:36:59:59:A3:98:68:19:5F:F4:B4:C1
Certificate issuer: /CN=ab6f6a36ec2960d4d05f3d9dcb187b9b904ea59b
Certificate serial: 019DD87E9B624A7E1C5B25A0EB95B479A1B5
Authority key identifier: AB:6F:6A:36:EC:29:60:D4:D0:5F:3D:9D:CB:18:7B:9B:90:4E:A5:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q29qNuwpYNTQXz2dyxh7m5BOpZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/QmtTzyy0B6VINllZo5hoGV_0tME.roa
Signing time: Wed 29 Apr 2026 09:07:49 +0000
ROA not before: Wed 29 Apr 2026 09:07:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197882
IP address blocks: 31.25.136.0/24 maxlen: 24
31.25.137.0/24 maxlen: 24
31.25.138.0/24 maxlen: 24
31.25.139.0/24 maxlen: 24
31.25.140.0/24 maxlen: 24
31.25.141.0/24 maxlen: 24
31.25.142.0/23 maxlen: 23
31.25.142.0/24 maxlen: 24
31.25.143.0/24 maxlen: 24
130.255.92.0/24 maxlen: 24
130.255.93.0/24 maxlen: 24
130.255.94.0/24 maxlen: 24
130.255.95.0/24 maxlen: 24
159.255.160.0/22 maxlen: 22
159.255.160.0/24 maxlen: 24
159.255.161.0/24 maxlen: 24
159.255.162.0/24 maxlen: 24
159.255.163.0/24 maxlen: 24
159.255.164.0/24 maxlen: 24
159.255.165.0/24 maxlen: 24
159.255.166.0/23 maxlen: 23
159.255.166.0/24 maxlen: 24
159.255.167.0/24 maxlen: 24
185.14.248.0/23 maxlen: 23
185.14.250.0/24 maxlen: 24
185.14.251.0/24 maxlen: 24
185.101.236.0/24 maxlen: 24
185.101.237.0/24 maxlen: 24
185.101.238.0/24 maxlen: 24
185.101.239.0/24 maxlen: 24
185.184.198.0/24 maxlen: 24
185.184.199.0/24 maxlen: 24
185.212.33.0/24 maxlen: 24
2a03:bcc0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/q29qNuwpYNTQXz2dyxh7m5BOpZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/q29qNuwpYNTQXz2dyxh7m5BOpZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/q29qNuwpYNTQXz2dyxh7m5BOpZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 21:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d8:7e:9b:62:4a:7e:1c:5b:25:a0:eb:95:b4:79:a1:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab6f6a36ec2960d4d05f3d9dcb187b9b904ea59b
Validity
Not Before: Apr 29 09:07:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=426b53cf2cb407a548365959a39868195ff4b4c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3c:f2:2a:74:d1:4c:e8:5c:a3:91:d6:33:3c:
65:6a:6c:d4:4b:60:78:e0:95:ff:8b:41:7a:82:dc:
9f:fc:d7:a0:4b:fa:6b:2c:47:1d:a5:b9:d6:7f:88:
bf:39:df:e8:16:7d:4d:38:9b:11:a1:08:d9:a7:0e:
f8:67:ef:6d:4d:23:fa:1b:8a:30:93:93:8f:1f:b0:
73:ba:9e:98:30:5b:de:83:f8:93:6d:e3:2f:06:46:
75:b5:44:c6:dd:07:55:fb:9c:5b:03:08:d2:a5:af:
ae:fd:60:0a:c6:ba:9e:d3:da:34:69:60:0e:e8:dc:
1b:ae:9c:b4:d4:64:52:74:a9:77:cb:80:5b:f9:15:
dd:a7:30:25:04:5e:0b:5b:1e:24:2e:d7:15:b8:16:
5f:3c:30:60:69:28:43:7d:c5:20:6c:f7:ee:c5:b2:
1d:9b:f7:f2:38:e4:77:e0:f3:f4:2d:2b:7b:6e:ae:
76:da:ac:ac:37:8a:11:e5:ee:fe:82:85:ed:df:d8:
6c:9e:7e:a8:84:55:55:4d:48:df:36:0e:7d:6d:8a:
3a:b7:3b:4a:20:82:df:5f:c8:24:b6:6c:2c:b1:ae:
b6:01:6b:16:56:d6:80:a3:c2:51:d9:35:5e:59:11:
a4:4f:eb:76:33:07:ae:7f:e7:f9:b3:d5:94:e7:6d:
d5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:6B:53:CF:2C:B4:07:A5:48:36:59:59:A3:98:68:19:5F:F4:B4:C1
X509v3 Authority Key Identifier:
keyid:AB:6F:6A:36:EC:29:60:D4:D0:5F:3D:9D:CB:18:7B:9B:90:4E:A5:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q29qNuwpYNTQXz2dyxh7m5BOpZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/QmtTzyy0B6VINllZo5hoGV_0tME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/q29qNuwpYNTQXz2dyxh7m5BOpZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.136.0/21
130.255.92.0/22
159.255.160.0/21
185.14.248.0/22
185.101.236.0/22
185.184.198.0/23
185.212.33.0/24
IPv6:
2a03:bcc0:1::/48
Signature Algorithm: sha256WithRSAEncryption
54:ce:62:48:e0:8d:5c:6b:a9:fa:c6:0c:2c:23:72:fa:47:d7:
78:89:80:72:89:47:0c:f9:36:71:9f:b6:a3:1a:ec:2e:3e:fb:
79:84:5a:93:7b:34:8b:e4:17:17:ad:b7:26:c1:63:4a:ca:fb:
65:de:55:56:07:3e:5a:00:9a:db:df:f9:6d:52:bd:b4:03:84:
8a:c5:c0:f4:8d:8f:02:de:4f:f0:9b:49:6a:86:b1:ed:af:38:
b3:cb:ff:8e:e3:ed:a4:6c:5c:26:92:c2:a2:bc:46:ed:52:a2:
d8:ea:e6:ef:8c:6f:c6:b2:fc:ce:f6:23:04:00:68:3b:c2:24:
46:7a:57:83:ea:6d:f1:b4:81:ea:50:e1:d5:5b:58:a7:20:f9:
8b:2c:9a:5d:a5:35:36:58:61:05:69:6d:d7:99:d6:2b:83:9d:
dd:0a:63:4d:35:8b:16:dd:46:23:7d:f5:43:60:1e:87:fa:21:
d7:57:ad:0b:cb:d8:2f:80:1f:9e:8d:c0:51:52:93:e2:92:8d:
b1:a0:a4:5a:fe:12:86:91:56:48:bc:66:6a:47:4c:bd:b8:84:
c2:23:16:0c:a5:6b:46:be:46:14:1a:e6:04:22:4f:a1:c3:2a:
a1:ee:ea:02:3d:40:80:4c:1b:77:60:39:ff:1f:83:36:55:be:
92:c3:0d:44
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZ3YfptiSn4cWyWg65W0eaG1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNmY2YTM2ZWMyOTYwZDRkMDVmM2Q5ZGNiMTg3YjliOTA0
ZWE1OWIwHhcNMjYwNDI5MDkwNzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjZiNTNjZjJjYjQwN2E1NDgzNjU5NTlhMzk4NjgxOTVmZjRiNGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDzyKnTRTOhco5HWMzxlamzUS2B4
4JX/i0F6gtyf/NegS/prLEcdpbnWf4i/Od/oFn1NOJsRoQjZpw74Z+9tTSP6G4ow
k5OPH7Bzup6YMFveg/iTbeMvBkZ1tUTG3QdV+5xbAwjSpa+u/WAKxrqe09o0aWAO
6Nwbrpy01GRSdKl3y4Bb+RXdpzAlBF4LWx4kLtcVuBZfPDBgaShDfcUgbPfuxbId
m/fyOOR34PP0LSt7bq522qysN4oR5e7+goXt39hsnn6ohFVVTUjfNg59bYo6tztK
IILfX8gktmwssa62AWsWVtaAo8JR2TVeWRGkT+t2Mweuf+f5s9WU523V6QIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFEJrU88stAelSDZZWaOYaBlf9LTBMB8GA1UdIwQY
MBaAFKtvajbsKWDU0F89ncsYe5uQTqWbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTI5cU51d3BZTlRRWHoyZHl4aDdtNUJPcFpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80ZDliYWQtZDJhYy00MTc5LTg5NDUt
OTRiYjgzYTIwMDI5LzEvUW10VHp5eTBCNlZJTmxsWm81aG9HVl8wdE1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80ZDliYWQtZDJhYy00MTc5LTg5NDUtOTRiYjgzYTIwMDI5
LzEvcTI5cU51d3BZTlRRWHoyZHl4aDdtNUJPcFpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQDHxmIAwQC
gv9cAwQDn/+gAwQCuQ74AwQCuWXsAwQBubjGAwQAudQhMA8EAgACMAkDBwAqA7zA
AAEwDQYJKoZIhvcNAQELBQADggEBAFTOYkjgjVxrqfrGDCwjcvpH13iJgHKJRwz5
NnGftqMa7C4++3mEWpN7NIvkFxettybBY0rK+2XeVVYHPloAmtvf+W1SvbQDhIrF
wPSNjwLeT/CbSWqGse2vOLPL/47j7aRsXCaSwqK8Ru1Sotjq5u+Mb8ay/M72IwQA
aDvCJEZ6V4PqbfG0gepQ4dVbWKcg+Yssml2lNTZYYQVpbdeZ1iuDnd0KY001ixbd
RiN99UNgHof6IddXrQvL2C+AH56NwFFSk+KSjbGgpFr+EoaRVki8ZmpHTL24hMIj
Fgyla0a+RhQa5gQiT6HDKqHu6gI9QIBMG3dgOf8fgzZVvpLDDUQ=
-----END CERTIFICATE-----
Generated at Wed May 13 08:51:49 2026 by rpki-client