Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Q319puPuZ6pEVFIow6HSoz6aiu4.roa
File: Q319puPuZ6pEVFIow6HSoz6aiu4.roa (raw, json)
Hash identifier: w5OU1Qsqqe0TAPMfpoTlrKdZQKLeQmRMZSWdZEzQ0ZA=
Subject key identifier: 43:7D:7D:A6:E3:EE:67:AA:44:54:52:28:C3:A1:D2:A3:3E:9A:8A:EE
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 019BF9F6E8EE5BCB65F84DBF8C5ED67AFEA4
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Q319puPuZ6pEVFIow6HSoz6aiu4.roa
Signing time: Mon 26 Jan 2026 11:01:06 +0000
ROA not before: Mon 26 Jan 2026 11:01:06 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.97.0/24 maxlen: 24
46.20.105.0/24 maxlen: 24
46.20.108.0/24 maxlen: 24
46.20.110.0/24 maxlen: 24
185.160.193.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
2a14:80::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Feb 2026 05:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:f9:f6:e8:ee:5b:cb:65:f8:4d:bf:8c:5e:d6:7a:fe:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Jan 26 11:01:06 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=437d7da6e3ee67aa44545228c3a1d2a33e9a8aee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:41:79:e2:bc:fe:98:57:10:3a:4f:c3:5b:84:
12:55:7c:87:ee:00:e0:2f:a7:c3:9b:03:b0:f0:2d:
e4:58:7b:7c:e4:ea:11:e1:3e:1e:e3:25:24:a4:59:
27:83:47:f4:7d:b8:9f:c3:e0:ef:0c:56:c1:31:ef:
a8:05:bc:75:0e:c7:39:e3:ff:b4:14:8f:18:77:05:
d9:09:53:a3:ea:cc:51:66:21:8b:b0:22:7f:49:08:
4b:3a:ba:a6:55:19:e2:0d:1f:8b:ae:40:18:73:5f:
3b:bc:b7:c8:bf:b3:5b:4d:55:86:da:12:52:b1:fd:
32:98:83:9a:65:c6:7f:90:9a:72:11:a7:76:c5:a4:
86:21:ba:f8:4a:87:b3:7d:60:74:d7:53:9e:48:da:
63:9a:8b:55:63:c0:ce:f6:73:f5:2b:96:31:c1:fa:
69:df:b7:5e:3a:90:da:e6:55:09:2c:1b:70:b8:d6:
9f:de:e4:cd:e9:b3:73:e8:7f:42:cc:54:87:0e:bf:
47:bf:0d:db:4d:17:82:eb:eb:99:7b:e4:9e:0c:1c:
60:a4:93:98:ce:d2:96:03:ac:f4:48:f3:94:0a:60:
a0:1b:7a:f7:fb:31:61:ca:18:76:02:3b:09:c9:a6:
81:8f:0a:f8:f4:a3:7d:3f:a8:80:af:33:1d:37:49:
76:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:7D:7D:A6:E3:EE:67:AA:44:54:52:28:C3:A1:D2:A3:3E:9A:8A:EE
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Q319puPuZ6pEVFIow6HSoz6aiu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.97.0/24
46.20.105.0/24
46.20.108.0/24
46.20.110.0/24
185.160.193.0-185.160.195.255
185.169.221.0-185.169.223.255
IPv6:
2a14:80::/48
Signature Algorithm: sha256WithRSAEncryption
6e:66:02:65:40:02:d6:17:f1:1e:b2:6c:3b:fe:6d:63:89:c6:
b5:78:3e:c7:dc:46:ff:fe:1c:61:98:72:25:df:40:37:d9:c1:
7e:a7:26:80:46:1d:c6:c5:5a:82:b7:9a:2d:6f:5f:d9:e6:68:
66:ab:df:e1:f7:7b:2b:71:51:bd:1d:7c:f9:04:fd:8b:b6:31:
ad:4e:0b:d6:03:85:c6:54:bc:d8:0a:28:31:26:4a:c2:f7:66:
dc:9e:23:a9:a0:d2:e6:29:c0:c1:7f:d9:a8:c6:62:3b:91:3d:
5f:26:ed:92:89:9a:2d:1b:25:19:8d:da:ef:80:c2:b0:8c:46:
ff:ab:70:fb:93:ef:ef:b6:37:bb:1f:18:ec:0c:1e:01:46:a9:
ee:13:4f:74:32:75:d9:79:79:e7:0e:13:02:7b:a6:df:5a:2b:
0f:4b:16:be:cd:3b:f1:83:ac:25:8c:08:6a:6f:41:24:e0:84:
ee:80:c3:83:cf:7f:26:9f:d5:a5:92:87:95:30:5d:1a:ac:91:
66:4c:35:9b:8c:8f:ce:41:3b:e7:07:2c:c8:6d:87:cd:ca:ff:
37:b7:92:80:04:e5:32:ad:41:54:a7:10:b9:08:2f:8c:cc:9d:
6b:5a:30:4d:7a:ec:a9:24:8b:87:c7:8b:d1:2b:63:c6:1e:af:
9d:aa:e4:a7
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZv59ujuW8tl+E2/jF7Wev6kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjYwMTI2MTEwMTA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzdkN2RhNmUzZWU2N2FhNDQ1NDUyMjhjM2ExZDJhMzNlOWE4YWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0F54rz+mFcQOk/DW4QSVXyH7gDg
L6fDmwOw8C3kWHt85OoR4T4e4yUkpFkng0f0fbifw+DvDFbBMe+oBbx1Dsc54/+0
FI8YdwXZCVOj6sxRZiGLsCJ/SQhLOrqmVRniDR+LrkAYc187vLfIv7NbTVWG2hJS
sf0ymIOaZcZ/kJpyEad2xaSGIbr4SoezfWB011OeSNpjmotVY8DO9nP1K5Yxwfpp
37deOpDa5lUJLBtwuNaf3uTN6bNz6H9CzFSHDr9Hvw3bTReC6+uZe+SeDBxgpJOY
ztKWA6z0SPOUCmCgG3r3+zFhyhh2AjsJyaaBjwr49KN9P6iArzMdN0l29wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFEN9fabj7meqRFRSKMOh0qM+moruMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvUTMxOXB1UHVaNnBFVkZJb3c2SFNvejZhaXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA6BAIAATA0AwQALhRhAwQA
LhRpAwQALhRsAwQALhRuMAwDBAC5oMEDBAK5oMAwDAMEALmp3QMEBbmpwDAPBAIA
AjAJAwcAKhQAgAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBuZgJlQALWF/Eesmw7/m1j
ica1eD7H3Eb//hxhmHIl30A32cF+pyaARh3GxVqCt5otb1/Z5mhmq9/h93srcVG9
HXz5BP2LtjGtTgvWA4XGVLzYCigxJkrC92bcniOpoNLmKcDBf9moxmI7kT1fJu2S
iZotGyUZjdrvgMKwjEb/q3D7k+/vtje7HxjsDB4BRqnuE090MnXZeXnnDhMCe6bf
WisPSxa+zTvxg6wljAhqb0Ek4ITugMODz38mn9WlkoeVMF0arJFmTDWbjI/OQTvn
ByzIbYfNyv83t5KABOUyrUFUpxC5CC+MzJ1rWjBNeuypJIuHx4vRK2PGHq+dquSn
-----END CERTIFICATE-----
Generated at Tue Feb 17 13:48:59 2026 by rpki-client