Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/q5X3A9QxxaMfhQJ9_S68lKxgE18.roa
File: q5X3A9QxxaMfhQJ9_S68lKxgE18.roa (raw, json)
Hash identifier: 3Tt3Peef5oCnG41VEJmUc1HvZqruzEcLYyX+uQDFDk4=
Subject key identifier: AB:95:F7:03:D4:31:C5:A3:1F:85:02:7D:FD:2E:BC:94:AC:60:13:5F
Certificate issuer: /CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Certificate serial: 019C66947C12DDCE0B89F28ACC81560C879C
Authority key identifier: 43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/q5X3A9QxxaMfhQJ9_S68lKxgE18.roa
Signing time: Mon 16 Feb 2026 13:12:12 +0000
ROA not before: Mon 16 Feb 2026 13:12:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 14618
IP address blocks: 45.155.99.0/24 maxlen: 24
213.108.24.0/24 maxlen: 24
2a10:ba00:1::/48 maxlen: 48
2a10:ba00:2::/48 maxlen: 48
2a10:ba00:3::/48 maxlen: 48
2a10:ba00:4::/48 maxlen: 48
2a10:ba00:5::/48 maxlen: 48
2a10:ba00:6::/48 maxlen: 48
2a10:ba00:7::/48 maxlen: 48
2a10:ba00:8::/48 maxlen: 48
2a10:ba00:9::/48 maxlen: 48
2a10:ba00:10::/48 maxlen: 48
2a10:ba00:11::/48 maxlen: 48
2a10:ba00:12::/48 maxlen: 48
2a10:ba00:13::/48 maxlen: 48
2a10:ba00:14::/48 maxlen: 48
2a10:ba00:15::/48 maxlen: 48
2a10:ba00:16::/48 maxlen: 48
2a10:ba00:17::/48 maxlen: 48
2a10:ba00:18::/48 maxlen: 48
2a10:ba00:19::/48 maxlen: 48
2a10:ba00:20::/48 maxlen: 48
2a10:ba00:bee0::/48 maxlen: 48
2a10:ba00:bee1::/48 maxlen: 48
2a10:ba00:bee2::/48 maxlen: 48
2a10:ba00:bee3::/48 maxlen: 48
2a10:ba00:bee4::/48 maxlen: 48
2a10:ba00:bee5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Feb 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:66:94:7c:12:dd:ce:0b:89:f2:8a:cc:81:56:0c:87:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Validity
Not Before: Feb 16 13:12:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ab95f703d431c5a31f85027dfd2ebc94ac60135f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:5a:7a:d7:1e:a0:84:7c:46:10:71:c6:f2:72:
1e:6b:c4:ee:c1:6a:b7:e3:2b:6c:95:b6:f9:ae:f6:
d8:81:e9:fb:d7:1b:87:e8:51:81:19:df:41:9b:e0:
de:89:b2:30:55:ac:6c:13:64:ee:da:e0:f9:ae:54:
1e:7c:5e:52:86:2e:b2:dd:57:7b:f7:64:e8:22:84:
1e:9a:26:82:ef:f7:6f:65:80:2d:b1:18:9a:a7:46:
be:1f:cb:66:c5:d1:84:5c:6e:f4:40:8d:de:5b:19:
d1:76:fb:44:74:01:b5:d3:b5:01:57:f3:03:a0:f2:
03:24:ce:4c:7f:c6:91:e6:67:fa:dd:65:d2:3d:e8:
df:b0:b7:e9:aa:df:6e:41:86:a5:1d:32:38:2c:bd:
4c:e1:eb:44:d6:34:db:8c:ad:2e:92:64:16:a2:d1:
5d:a2:39:3e:1c:a1:de:ad:3c:30:d4:5a:45:ac:ee:
bf:66:33:78:09:80:a9:ad:59:a0:6f:c2:2c:e6:b2:
4a:31:3d:4d:71:f5:16:75:54:39:8b:66:3d:95:08:
e0:cc:09:b6:c7:3a:fb:2d:fa:f3:e2:94:66:37:83:
f1:8e:08:c9:7e:d0:dc:bc:f0:2e:fa:17:fd:4f:93:
5c:fe:03:cd:a7:95:83:7e:aa:52:92:d2:e7:b9:e3:
43:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:95:F7:03:D4:31:C5:A3:1F:85:02:7D:FD:2E:BC:94:AC:60:13:5F
X509v3 Authority Key Identifier:
keyid:43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/q5X3A9QxxaMfhQJ9_S68lKxgE18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.99.0/24
213.108.24.0/24
IPv6:
2a10:ba00:1::-2a10:ba00:9:ffff:ffff:ffff:ffff:ffff
2a10:ba00:10::-2a10:ba00:19:ffff:ffff:ffff:ffff:ffff
2a10:ba00:20::/48
2a10:ba00:bee0::-2a10:ba00:bee5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
57:08:42:9f:a4:16:66:db:a9:7a:9c:92:8a:37:0e:5b:a6:e6:
98:70:78:97:f3:41:e4:f7:86:5c:f6:21:6c:c7:ae:b6:ab:e0:
f5:d2:a4:a1:70:59:5c:ca:d2:58:71:4e:30:5d:72:6d:2f:40:
88:2e:9f:4c:88:70:26:11:06:4e:5b:b6:28:e9:21:7f:45:93:
1f:37:08:35:52:79:07:f6:64:41:34:50:21:fc:cd:4a:b1:4f:
f9:08:ac:e3:60:26:0b:a6:1b:53:e6:0c:21:d1:47:1e:37:59:
10:98:84:fa:ec:04:f1:e9:9a:49:88:e9:19:79:77:0b:d8:85:
cf:27:64:cd:40:77:2c:10:79:35:b9:fb:46:75:8f:85:3a:22:
7f:4d:0e:93:6f:7b:8e:71:b8:c5:30:15:f2:d7:4c:0e:50:12:
f0:86:ea:92:45:f1:b8:81:ee:9a:9a:25:90:86:e4:ff:b2:2b:
1f:52:67:60:6d:cf:e3:cf:e8:47:6b:35:37:57:b0:bc:6b:f5:
be:4d:fe:9c:c4:f9:5c:d3:83:03:40:9b:22:b1:e7:53:71:f8:
c8:8f:ed:75:dd:db:e8:49:9b:21:a7:6a:7d:ef:4e:f5:89:a1:
7f:d3:a3:42:17:07:ec:9e:62:92:35:16:4d:c6:8d:7a:5c:5d:
bd:f6:d2:16
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZxmlHwS3c4LifKKzIFWDIecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZGZjMDY2Y2U3Y2QzZTM4MjU3NGE2ODY2Nzk3M2IwYjQ2
OGRmM2MwHhcNMjYwMjE2MTMxMjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjk1ZjcwM2Q0MzFjNWEzMWY4NTAyN2RmZDJlYmM5NGFjNjAxMzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Vp61x6ghHxGEHHG8nIea8TuwWq3
4ytslbb5rvbYgen71xuH6FGBGd9Bm+DeibIwVaxsE2Tu2uD5rlQefF5Shi6y3Vd7
92ToIoQemiaC7/dvZYAtsRiap0a+H8tmxdGEXG70QI3eWxnRdvtEdAG107UBV/MD
oPIDJM5Mf8aR5mf63WXSPejfsLfpqt9uQYalHTI4LL1M4etE1jTbjK0ukmQWotFd
ojk+HKHerTww1FpFrO6/ZjN4CYCprVmgb8Is5rJKMT1NcfUWdVQ5i2Y9lQjgzAm2
xzr7Lfrz4pRmN4PxjgjJftDcvPAu+hf9T5Nc/gPNp5WDfqpSktLnueNDQQIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFKuV9wPUMcWjH4UCff0uvJSsYBNfMB8GA1UdIwQY
MBaAFEPfwGbOfNPjgldKaGZ5c7C0aN88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlfQVpzNTgwLU9DVjBwb1pubHpzTFJvM3p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xNjM2ZjgtNTAyNi00MDRlLWExYWUt
MjUwOTc0M2FkMjllLzEvcTVYM0E5UXh4YU1maFFKOV9TNjhsS3hnRTE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xNjM2ZjgtNTAyNi00MDRlLWExYWUtMjUwOTc0M2FkMjll
LzEvUTlfQVpzNTgwLU9DVjBwb1pubHpzTFJvM3p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTASBAIAATAMAwQALZtjAwQA
1WwYMEsEAgACMEUwEgMHACoQugAAAQMHASoQugAACDASAwcEKhC6AAAQAwcBKhC6
AAAYAwcAKhC6AAAgMBIDBwUqELoAvuADBwEqELoAvuQwDQYJKoZIhvcNAQELBQAD
ggEBAFcIQp+kFmbbqXqckoo3Dlum5phweJfzQeT3hlz2IWzHrrar4PXSpKFwWVzK
0lhxTjBdcm0vQIgun0yIcCYRBk5btijpIX9Fkx83CDVSeQf2ZEE0UCH8zUqxT/kI
rONgJgumG1PmDCHRRx43WRCYhPrsBPHpmkmI6Rl5dwvYhc8nZM1AdywQeTW5+0Z1
j4U6In9NDpNve45xuMUwFfLXTA5QEvCG6pJF8biB7pqaJZCG5P+yKx9SZ2Btz+PP
6EdrNTdXsLxr9b5N/pzE+VzTgwNAmyKx51Nx+MiP7XXd2+hJmyGnan3vTvWJoX/T
o0IXB+yeYpI1Fk3GjXpcXb320hY=
-----END CERTIFICATE-----
Generated at Sat Feb 21 04:51:30 2026 by rpki-client