Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/XQgaYP5gY1ydpVbiWsv5P-EB5-A.roa
File: XQgaYP5gY1ydpVbiWsv5P-EB5-A.roa (raw, json)
Hash identifier: nsvwY1vJ7ktI1eOY0M7VmsNoL86xHPAjslqQYSwiEGI=
Subject key identifier: 5D:08:1A:60:FE:60:63:5C:9D:A5:56:E2:5A:CB:F9:3F:E1:01:E7:E0
Certificate issuer: /CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Certificate serial: 019C66947CA6F560A5DC347EA6EE0CFA9D2A
Authority key identifier: 43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/XQgaYP5gY1ydpVbiWsv5P-EB5-A.roa
Signing time: Mon 16 Feb 2026 13:12:13 +0000
ROA not before: Mon 16 Feb 2026 13:12:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16509
IP address blocks: 45.155.99.0/24 maxlen: 24
213.108.24.0/24 maxlen: 24
2a10:ba00:1::/48 maxlen: 48
2a10:ba00:2::/48 maxlen: 48
2a10:ba00:3::/48 maxlen: 48
2a10:ba00:4::/48 maxlen: 48
2a10:ba00:5::/48 maxlen: 48
2a10:ba00:6::/48 maxlen: 48
2a10:ba00:7::/48 maxlen: 48
2a10:ba00:8::/48 maxlen: 48
2a10:ba00:9::/48 maxlen: 48
2a10:ba00:10::/48 maxlen: 48
2a10:ba00:11::/48 maxlen: 48
2a10:ba00:12::/48 maxlen: 48
2a10:ba00:13::/48 maxlen: 48
2a10:ba00:14::/48 maxlen: 48
2a10:ba00:15::/48 maxlen: 48
2a10:ba00:16::/48 maxlen: 48
2a10:ba00:17::/48 maxlen: 48
2a10:ba00:18::/48 maxlen: 48
2a10:ba00:19::/48 maxlen: 48
2a10:ba00:20::/48 maxlen: 48
2a10:ba00:bee0::/48 maxlen: 48
2a10:ba00:bee1::/48 maxlen: 48
2a10:ba00:bee2::/48 maxlen: 48
2a10:ba00:bee3::/48 maxlen: 48
2a10:ba00:bee4::/48 maxlen: 48
2a10:ba00:bee5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Feb 2026 00:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:66:94:7c:a6:f5:60:a5:dc:34:7e:a6:ee:0c:fa:9d:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Validity
Not Before: Feb 16 13:12:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5d081a60fe60635c9da556e25acbf93fe101e7e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ce:60:7d:66:07:4a:c8:11:d6:3e:97:82:32:
59:b6:e1:cb:0a:1e:e7:d2:4c:74:c9:51:13:03:04:
71:68:17:ff:ae:34:72:19:05:e4:7e:84:fd:85:4b:
40:f3:b4:73:59:e2:8d:72:0e:86:78:f1:ea:07:3e:
36:bc:4f:e9:a4:3d:15:e0:79:fb:7a:b3:76:f0:6e:
45:fe:a6:b8:85:da:cb:49:9e:83:0f:bd:66:0c:d3:
c2:c5:d1:aa:60:e7:6c:f2:db:f6:54:0f:37:09:2a:
e4:44:71:c1:7a:c4:65:4c:8a:fc:61:c2:95:6e:2f:
37:e7:84:65:b2:6f:3d:4f:88:a1:ad:a6:db:66:22:
08:e9:6c:8e:2e:27:60:8b:58:30:a4:42:c0:3c:e7:
38:53:a3:69:f0:7e:59:e3:37:58:2f:5c:8a:1b:5a:
d1:bd:af:76:2d:88:61:54:18:c0:67:70:06:a7:e3:
25:94:60:21:69:e6:df:b6:e2:a3:10:1c:0a:97:08:
8a:63:48:bb:95:ef:3a:4b:5e:3b:07:d6:9d:b2:ae:
03:02:bf:19:43:98:79:8b:3b:9c:fb:84:ee:8c:b2:
d9:9c:dd:ad:54:f8:23:7c:74:28:28:e9:ed:3f:05:
35:88:3d:31:06:f4:cd:fa:c0:f3:ff:56:a8:12:81:
33:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:08:1A:60:FE:60:63:5C:9D:A5:56:E2:5A:CB:F9:3F:E1:01:E7:E0
X509v3 Authority Key Identifier:
keyid:43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/XQgaYP5gY1ydpVbiWsv5P-EB5-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.99.0/24
213.108.24.0/24
IPv6:
2a10:ba00:1::-2a10:ba00:9:ffff:ffff:ffff:ffff:ffff
2a10:ba00:10::-2a10:ba00:19:ffff:ffff:ffff:ffff:ffff
2a10:ba00:20::/48
2a10:ba00:bee0::-2a10:ba00:bee5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
49:44:31:18:f3:3d:62:a3:a5:2d:7e:c7:80:f1:44:a3:37:78:
00:c8:c5:9d:b5:c9:7a:33:1a:80:66:a8:42:f3:29:e3:4c:54:
bd:a2:65:6a:0e:cd:64:7d:61:85:69:ff:5d:a2:2f:28:e2:e0:
1d:f8:72:ae:cb:16:00:24:20:09:63:3d:b4:60:89:79:7a:be:
e7:f2:c4:2f:74:0f:c9:28:29:17:2e:f2:60:40:80:12:f4:9d:
9d:49:59:6e:66:98:59:3d:5f:5b:50:33:6b:74:92:12:74:75:
37:41:2b:6d:9e:0e:fa:d6:c2:3a:1b:d4:5f:ec:4d:5c:f8:2a:
0f:51:0c:33:e6:e6:fa:3a:8e:71:77:c5:82:ad:39:e8:ee:fb:
78:e7:95:9b:dd:8f:f2:d8:06:e8:07:69:63:52:a1:f5:74:99:
41:b2:49:ef:79:ae:1c:f5:ae:a9:40:0f:ac:06:b4:a9:0f:ce:
e3:dd:56:b3:d2:4a:df:92:15:34:8a:a2:91:63:53:c4:65:8a:
29:45:cf:fa:a1:59:f8:43:5d:e9:5d:38:c2:fb:ca:57:d0:64:
90:72:c4:a0:b1:b5:5d:96:eb:ee:25:b6:34:f9:e0:49:ab:6b:
34:4d:b9:f9:2c:bc:f5:c2:61:8b:8b:f2:63:f7:76:b7:95:f7:
90:82:87:11
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZxmlHym9WCl3DR+pu4M+p0qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZGZjMDY2Y2U3Y2QzZTM4MjU3NGE2ODY2Nzk3M2IwYjQ2
OGRmM2MwHhcNMjYwMjE2MTMxMjEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDA4MWE2MGZlNjA2MzVjOWRhNTU2ZTI1YWNiZjkzZmUxMDFlN2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAos5gfWYHSsgR1j6XgjJZtuHLCh7n
0kx0yVETAwRxaBf/rjRyGQXkfoT9hUtA87RzWeKNcg6GePHqBz42vE/ppD0V4Hn7
erN28G5F/qa4hdrLSZ6DD71mDNPCxdGqYOds8tv2VA83CSrkRHHBesRlTIr8YcKV
bi8354Rlsm89T4ihrabbZiII6WyOLidgi1gwpELAPOc4U6Np8H5Z4zdYL1yKG1rR
va92LYhhVBjAZ3AGp+MllGAhaebftuKjEBwKlwiKY0i7le86S147B9adsq4DAr8Z
Q5h5izuc+4TujLLZnN2tVPgjfHQoKOntPwU1iD0xBvTN+sDz/1aoEoEzvwIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFF0IGmD+YGNcnaVW4lrL+T/hAefgMB8GA1UdIwQY
MBaAFEPfwGbOfNPjgldKaGZ5c7C0aN88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlfQVpzNTgwLU9DVjBwb1pubHpzTFJvM3p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xNjM2ZjgtNTAyNi00MDRlLWExYWUt
MjUwOTc0M2FkMjllLzEvWFFnYVlQNWdZMXlkcFZiaVdzdjVQLUVCNS1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xNjM2ZjgtNTAyNi00MDRlLWExYWUtMjUwOTc0M2FkMjll
LzEvUTlfQVpzNTgwLU9DVjBwb1pubHpzTFJvM3p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTASBAIAATAMAwQALZtjAwQA
1WwYMEsEAgACMEUwEgMHACoQugAAAQMHASoQugAACDASAwcEKhC6AAAQAwcBKhC6
AAAYAwcAKhC6AAAgMBIDBwUqELoAvuADBwEqELoAvuQwDQYJKoZIhvcNAQELBQAD
ggEBAElEMRjzPWKjpS1+x4DxRKM3eADIxZ21yXozGoBmqELzKeNMVL2iZWoOzWR9
YYVp/12iLyji4B34cq7LFgAkIAljPbRgiXl6vufyxC90D8koKRcu8mBAgBL0nZ1J
WW5mmFk9X1tQM2t0khJ0dTdBK22eDvrWwjob1F/sTVz4Kg9RDDPm5vo6jnF3xYKt
Oeju+3jnlZvdj/LYBugHaWNSofV0mUGySe95rhz1rqlAD6wGtKkPzuPdVrPSSt+S
FTSKopFjU8RliilFz/qhWfhDXeldOML7ylfQZJByxKCxtV2W6+4ltjT54EmrazRN
ufksvPXCYYuL8mP3dreV95CChxE=
-----END CERTIFICATE-----
Generated at Sat Feb 21 07:24:30 2026 by rpki-client