Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/QOGSs7o0xaS19gJJzLqiZ_wjHSA.roa
File: QOGSs7o0xaS19gJJzLqiZ_wjHSA.roa (raw, json)
Hash identifier: DAYAq+Yw/8IfAgBTu90/uPSW5zqPSCnAlQ3RDXpIwi4=
Subject key identifier: 40:E1:92:B3:BA:34:C5:A4:B5:F6:02:49:CC:BA:A2:67:FC:23:1D:20
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019D173039DD13542E1573390101DA83702C
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/QOGSs7o0xaS19gJJzLqiZ_wjHSA.roa
Signing time: Sun 22 Mar 2026 20:15:29 +0000
ROA not before: Sun 22 Mar 2026 20:15:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29262
IP address blocks: 93.190.13.0/24 maxlen: 24
185.85.189.0/24 maxlen: 24
185.85.190.0/24 maxlen: 24
185.85.191.0/24 maxlen: 24
185.85.237.0/24 maxlen: 24
185.85.238.0/24 maxlen: 24
185.85.239.0/24 maxlen: 24
185.86.5.0/24 maxlen: 24
185.86.13.0/24 maxlen: 24
185.86.153.0/24 maxlen: 24
185.86.154.0/24 maxlen: 24
185.86.164.0/24 maxlen: 24
185.86.165.0/24 maxlen: 24
185.86.166.0/24 maxlen: 24
185.86.167.0/24 maxlen: 24
185.87.24.0/24 maxlen: 24
185.87.26.0/24 maxlen: 24
185.87.27.0/24 maxlen: 24
185.87.121.0/24 maxlen: 24
185.87.122.0/24 maxlen: 24
185.87.123.0/24 maxlen: 24
185.119.80.0/24 maxlen: 24
185.119.81.0/24 maxlen: 24
185.119.82.0/24 maxlen: 24
185.119.83.0/24 maxlen: 24
185.141.32.0/24 maxlen: 24
2a0b:6780::/29 maxlen: 29
2a0c:46c0::/29 maxlen: 29
2a0c:67c0::/29 maxlen: 29
2a10:8b00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 02:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:17:30:39:dd:13:54:2e:15:73:39:01:01:da:83:70:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Mar 22 20:15:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=40e192b3ba34c5a4b5f60249ccbaa267fc231d20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f8:b6:44:c5:4e:11:fb:6d:63:1e:22:26:6c:
d2:ac:44:59:0c:ec:bf:31:b6:f9:ce:dc:42:ce:d2:
f7:ef:c5:c0:53:ec:9c:37:ca:16:d1:07:91:00:38:
29:f2:e4:f9:cd:46:d3:80:0a:b6:a1:13:b5:92:7f:
49:ac:09:e4:bd:a0:41:5b:13:a4:67:cf:28:c5:c2:
71:e4:96:50:bc:59:39:77:c1:94:9f:7b:a6:d4:b8:
69:1b:73:5f:fe:f3:2d:6e:4f:b9:0f:ba:5d:26:84:
57:c1:89:40:ad:cf:dd:54:30:7d:70:8e:4f:6c:ce:
94:eb:8e:a6:17:7d:9f:b6:9a:32:50:57:f4:b6:8e:
cb:fc:74:bf:c9:92:1c:31:45:81:ae:96:6d:4e:3d:
a5:20:2e:2c:f6:41:de:6b:69:6d:4d:04:76:77:05:
e5:84:0a:17:9d:2e:5f:2e:29:f5:7b:9d:3c:e9:8c:
cb:24:d3:e7:78:ac:1e:56:19:14:c5:a4:f1:18:58:
24:ec:29:fb:22:15:61:9d:94:06:c6:45:d1:38:59:
35:d9:66:f2:0b:a1:df:ee:fd:40:aa:a9:b9:0f:a3:
11:a1:d2:99:31:4d:76:a8:fe:71:c7:14:29:b4:81:
e2:f7:b8:f1:de:70:eb:21:17:47:16:f4:60:0c:c8:
77:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E1:92:B3:BA:34:C5:A4:B5:F6:02:49:CC:BA:A2:67:FC:23:1D:20
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/QOGSs7o0xaS19gJJzLqiZ_wjHSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.13.0/24
185.85.189.0-185.85.191.255
185.85.237.0-185.85.239.255
185.86.5.0/24
185.86.13.0/24
185.86.153.0-185.86.154.255
185.86.164.0/22
185.87.24.0/24
185.87.26.0/23
185.87.121.0-185.87.123.255
185.119.80.0/22
185.141.32.0/24
IPv6:
2a0b:6780::/29
2a0c:46c0::/29
2a0c:67c0::/29
2a10:8b00::/29
Signature Algorithm: sha256WithRSAEncryption
4f:57:23:01:5c:c2:2a:9e:88:7e:4d:79:d4:d9:08:fb:39:53:
4c:17:f3:81:8f:fe:7f:e7:9b:b4:df:18:c0:e0:69:5f:f2:3a:
81:5f:68:4f:c2:93:41:b4:77:e6:cd:94:6b:eb:cd:ec:5d:a1:
73:e1:4e:c4:a1:ae:4d:9c:b3:45:34:b5:b2:bd:21:4b:fe:70:
d1:8c:7a:4e:95:5c:97:d0:ce:f7:4f:b3:75:a5:36:1e:5a:25:
88:0a:4c:13:26:0e:e9:38:9e:88:b0:7c:8f:d9:8a:e8:d6:a4:
d4:5a:1f:d7:94:5d:c4:8e:c7:f7:c1:7f:4b:da:64:c7:7d:05:
0b:ce:a9:8a:57:7c:a3:23:0d:eb:2b:18:ce:24:21:92:fa:97:
99:d6:01:76:9e:41:a0:f7:22:96:41:87:0b:d6:fd:3d:b4:a9:
11:a5:a2:6c:01:93:01:67:b9:01:04:2b:a0:7b:39:d4:44:f6:
a3:ca:9f:a6:d6:50:17:c8:e2:5a:51:4d:f2:6d:00:11:24:05:
ce:a8:51:b3:2c:bd:fc:ed:5b:8b:29:e3:4b:c6:68:ae:22:e3:
42:ac:5a:fb:4f:ae:a2:88:a5:f6:d5:69:1d:8a:12:4a:a2:b5:
5e:95:cb:59:8e:bf:65:97:57:31:c1:95:09:23:24:36:88:de:
f5:a2:e0:b6
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZ0XMDndE1QuFXM5AQHag3AsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjYwMzIyMjAxNTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGUxOTJiM2JhMzRjNWE0YjVmNjAyNDljY2JhYTI2N2ZjMjMxZDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPi2RMVOEfttYx4iJmzSrERZDOy/
Mbb5ztxCztL378XAU+ycN8oW0QeRADgp8uT5zUbTgAq2oRO1kn9JrAnkvaBBWxOk
Z88oxcJx5JZQvFk5d8GUn3um1LhpG3Nf/vMtbk+5D7pdJoRXwYlArc/dVDB9cI5P
bM6U646mF32ftpoyUFf0to7L/HS/yZIcMUWBrpZtTj2lIC4s9kHea2ltTQR2dwXl
hAoXnS5fLin1e5086YzLJNPneKweVhkUxaTxGFgk7Cn7IhVhnZQGxkXROFk12Wby
C6Hf7v1Aqqm5D6MRodKZMU12qP5xxxQptIHi97jx3nDrIRdHFvRgDMh3QQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFEDhkrO6NMWktfYCScy6omf8Ix0gMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvUU9HU3M3bzB4YVMxOWdKSnpMcWlaX3dqSFNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDBuBAIAATBoAwQAXb4N
MAwDBAC5Vb0DBAa5VYAwDAMEALlV7QMEBLlV4AMEALlWBQMEALlWDTAMAwQAuVaZ
AwQAuVaaAwQCuVakAwQAuVcYAwQBuVcaMAwDBAC5V3kDBAK5V3gDBAK5d1ADBAC5
jSAwIgQCAAIwHAMFAyoLZ4ADBQMqDEbAAwUDKgxnwAMFAyoQiwAwDQYJKoZIhvcN
AQELBQADggEBAE9XIwFcwiqeiH5NedTZCPs5U0wX84GP/n/nm7TfGMDgaV/yOoFf
aE/Ck0G0d+bNlGvrzexdoXPhTsShrk2cs0U0tbK9IUv+cNGMek6VXJfQzvdPs3Wl
Nh5aJYgKTBMmDuk4noiwfI/ZiujWpNRaH9eUXcSOx/fBf0vaZMd9BQvOqYpXfKMj
DesrGM4kIZL6l5nWAXaeQaD3IpZBhwvW/T20qRGlomwBkwFnuQEEK6B7OdRE9qPK
n6bWUBfI4lpRTfJtABEkBc6oUbMsvfztW4sp40vGaK4i40KsWvtPrqKIpfbVaR2K
EkqitV6Vy1mOv2WXVzHBlQkjJDaI3vWi4LY=
-----END CERTIFICATE-----
Generated at Sat Mar 28 12:15:26 2026 by rpki-client