Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/af1aae-c5f9-42c7-a7ff-e296f818ade9/1/Qgxf57MIAaUh2izrQbJxHll1rZk.roa
File: Qgxf57MIAaUh2izrQbJxHll1rZk.roa (raw, json)
Hash identifier: ysJPiSoLiEWtNYzZGXULJmHPqHhXSoqXkjRsWNMouC0=
Subject key identifier: 42:0C:5F:E7:B3:08:01:A5:21:DA:2C:EB:41:B2:71:1E:59:75:AD:99
Certificate issuer: /CN=990d9fe793b18eef91dc76fbcba2b2cfc52e0bc4
Certificate serial: 019C80547E54816F42DEDF974156E5E55772
Authority key identifier: 99:0D:9F:E7:93:B1:8E:EF:91:DC:76:FB:CB:A2:B2:CF:C5:2E:0B:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mQ2f55Oxju-R3Hb7y6Kyz8UuC8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/af1aae-c5f9-42c7-a7ff-e296f818ade9/1/Qgxf57MIAaUh2izrQbJxHll1rZk.roa
Signing time: Sat 21 Feb 2026 13:12:26 +0000
ROA not before: Sat 21 Feb 2026 13:12:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 15691
IP address blocks: 185.127.164.0/22 maxlen: 22
185.175.124.0/22 maxlen: 22
185.175.124.0/23 maxlen: 23
185.175.126.0/24 maxlen: 24
185.175.127.0/24 maxlen: 24
212.19.96.0/20 maxlen: 20
212.19.112.0/21 maxlen: 21
212.19.120.0/22 maxlen: 22
212.19.124.0/23 maxlen: 23
212.19.126.0/24 maxlen: 24
212.19.127.0/24 maxlen: 24
212.77.64.0/21 maxlen: 21
212.77.72.0/22 maxlen: 22
212.77.76.0/23 maxlen: 23
212.77.78.0/23 maxlen: 23
212.77.80.0/24 maxlen: 24
212.77.81.0/24 maxlen: 24
212.77.82.0/23 maxlen: 23
212.77.84.0/22 maxlen: 22
212.77.88.0/22 maxlen: 22
212.77.92.0/22 maxlen: 22
2a01:bf40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/af1aae-c5f9-42c7-a7ff-e296f818ade9/1/mQ2f55Oxju-R3Hb7y6Kyz8UuC8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/af1aae-c5f9-42c7-a7ff-e296f818ade9/1/mQ2f55Oxju-R3Hb7y6Kyz8UuC8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/mQ2f55Oxju-R3Hb7y6Kyz8UuC8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 04:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:80:54:7e:54:81:6f:42:de:df:97:41:56:e5:e5:57:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=990d9fe793b18eef91dc76fbcba2b2cfc52e0bc4
Validity
Not Before: Feb 21 13:12:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=420c5fe7b30801a521da2ceb41b2711e5975ad99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a2:d4:1c:72:bc:00:bb:9d:20:08:65:3f:ea:
f8:e9:7e:68:f5:fb:cd:81:39:0d:53:59:e6:d1:7b:
01:c7:84:77:09:6b:8f:d4:cf:df:10:f5:7c:a4:a1:
f4:e2:1a:6c:96:29:64:29:82:da:04:ff:51:a5:b3:
62:ab:14:be:e4:10:37:82:89:41:25:de:20:32:bb:
be:75:05:56:b7:10:22:84:55:54:ed:5d:68:ec:52:
66:27:df:f9:5c:d6:31:35:e9:33:28:18:75:13:60:
92:eb:4f:19:a3:e1:1e:13:4c:4c:15:c7:2a:5b:25:
07:c4:e6:45:74:b3:12:7e:bc:bb:6e:fc:9e:f6:e5:
53:2e:f1:af:6b:da:42:0f:c3:58:0c:e7:32:24:3b:
97:17:3f:0c:58:ed:6b:6e:a5:f9:58:f0:08:3b:09:
ee:dc:b9:ab:2f:ef:17:ca:3d:f6:d6:c9:6b:34:eb:
07:a9:f3:37:84:98:a0:e1:d9:cd:c8:8e:a5:a1:c5:
3a:b5:15:06:06:f1:94:ab:1c:e2:28:5e:3a:7e:a2:
3a:0a:83:96:ee:45:d7:23:50:04:e6:bf:5a:96:52:
58:d9:f1:73:03:60:1b:c2:a7:a9:4e:80:a6:9e:c0:
08:a2:6e:ad:cb:f2:53:b4:b8:35:74:27:b2:3c:18:
b5:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:0C:5F:E7:B3:08:01:A5:21:DA:2C:EB:41:B2:71:1E:59:75:AD:99
X509v3 Authority Key Identifier:
keyid:99:0D:9F:E7:93:B1:8E:EF:91:DC:76:FB:CB:A2:B2:CF:C5:2E:0B:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mQ2f55Oxju-R3Hb7y6Kyz8UuC8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/af1aae-c5f9-42c7-a7ff-e296f818ade9/1/Qgxf57MIAaUh2izrQbJxHll1rZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/af1aae-c5f9-42c7-a7ff-e296f818ade9/1/mQ2f55Oxju-R3Hb7y6Kyz8UuC8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.164.0/22
185.175.124.0/22
212.19.96.0/19
212.77.64.0/19
IPv6:
2a01:bf40::/32
Signature Algorithm: sha256WithRSAEncryption
ea:11:f8:41:a3:32:82:28:2e:17:5d:79:6f:67:c3:35:f1:0e:
d9:90:72:13:4f:c6:62:dc:99:dc:41:d9:3c:c3:04:aa:eb:6e:
09:68:0b:1a:d2:25:5f:ea:40:42:9a:8e:41:db:e2:89:7a:c9:
dc:e8:ac:a3:66:16:65:7f:6b:c9:52:14:2a:1b:c5:7b:fd:a9:
c4:0f:99:4f:cd:39:b9:fc:fa:13:e1:43:0f:9a:c7:62:59:1a:
5b:05:ac:92:e4:36:88:02:3b:cd:eb:db:5f:72:44:46:26:cf:
e3:9a:f7:32:c7:0a:6e:9e:1e:66:bb:27:95:06:a8:7e:bd:26:
28:13:dc:d0:07:b4:21:27:45:07:13:ab:25:9d:cb:0e:3a:a6:
5c:23:6e:02:56:93:8e:bc:00:e2:ed:d7:d6:dd:4a:f0:ca:a2:
78:f0:1f:73:ef:dd:9e:2e:c9:2b:d7:50:21:82:66:fa:a1:46:
1d:45:6d:23:2a:02:6e:a1:5e:57:b6:60:76:ad:8c:c7:1e:a2:
49:67:34:a8:e0:31:12:74:a4:d6:3f:8a:5a:f4:92:35:e1:5e:
ac:91:0b:49:ae:64:01:77:c4:c1:e3:ff:7b:fb:f1:0f:b7:c9:
bd:2d:f0:17:2e:be:4b:ad:22:f8:97:bf:fe:60:bd:49:8f:04:
4e:cd:9d:6c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZyAVH5UgW9C3t+XQVbl5VdyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MGQ5ZmU3OTNiMThlZWY5MWRjNzZmYmNiYTJiMmNmYzUy
ZTBiYzQwHhcNMjYwMjIxMTMxMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjBjNWZlN2IzMDgwMWE1MjFkYTJjZWI0MWIyNzExZTU5NzVhZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKLUHHK8ALudIAhlP+r46X5o9fvN
gTkNU1nm0XsBx4R3CWuP1M/fEPV8pKH04hpslilkKYLaBP9RpbNiqxS+5BA3golB
Jd4gMru+dQVWtxAihFVU7V1o7FJmJ9/5XNYxNekzKBh1E2CS608Zo+EeE0xMFccq
WyUHxOZFdLMSfry7bvye9uVTLvGva9pCD8NYDOcyJDuXFz8MWO1rbqX5WPAIOwnu
3LmrL+8Xyj321slrNOsHqfM3hJig4dnNyI6locU6tRUGBvGUqxziKF46fqI6CoOW
7kXXI1AE5r9allJY2fFzA2AbwqepToCmnsAIom6ty/JTtLg1dCeyPBi1/QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEIMX+ezCAGlIdos60GycR5Zda2ZMB8GA1UdIwQY
MBaAFJkNn+eTsY7vkdx2+8uiss/FLgvEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVEyZjU1T3hqdS1SM0hiN3k2S3l6OFV1QzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9hZjFhYWUtYzVmOS00MmM3LWE3ZmYt
ZTI5NmY4MThhZGU5LzEvUWd4ZjU3TUlBYVVoMml6clFiSnhIbGwxclprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9hZjFhYWUtYzVmOS00MmM3LWE3ZmYtZTI5NmY4MThhZGU5
LzEvbVEyZjU1T3hqdS1SM0hiN3k2S3l6OFV1QzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuX+kAwQC
ua98AwQF1BNgAwQF1E1AMA0EAgACMAcDBQAqAb9AMA0GCSqGSIb3DQEBCwUAA4IB
AQDqEfhBozKCKC4XXXlvZ8M18Q7ZkHITT8Zi3JncQdk8wwSq624JaAsa0iVf6kBC
mo5B2+KJesnc6KyjZhZlf2vJUhQqG8V7/anED5lPzTm5/PoT4UMPmsdiWRpbBayS
5DaIAjvN69tfckRGJs/jmvcyxwpunh5muyeVBqh+vSYoE9zQB7QhJ0UHE6slncsO
OqZcI24CVpOOvADi7dfW3UrwyqJ48B9z792eLskr11Ahgmb6oUYdRW0jKgJuoV5X
tmB2rYzHHqJJZzSo4DESdKTWP4pa9JI14V6skQtJrmQBd8TB4/97+/EPt8m9LfAX
Lr5LrSL4l7/+YL1JjwROzZ1s
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:17:54 2026 by rpki-client