Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/KMGsQh3KrZd-PGcm88XQjYn-CuA.roa
File: KMGsQh3KrZd-PGcm88XQjYn-CuA.roa (raw, json)
Hash identifier: pkOcByO+ucw+kbtyagBtLH9vpX98iQm1VBNleBbYLp0=
Subject key identifier: 28:C1:AC:42:1D:CA:AD:97:7E:3C:67:26:F3:C5:D0:8D:89:FE:0A:E0
Certificate issuer: /CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
Certificate serial: 019DB40C20042D9A2E2AD62E0398259B89CE
Authority key identifier: F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/KMGsQh3KrZd-PGcm88XQjYn-CuA.roa
Signing time: Wed 22 Apr 2026 07:16:26 +0000
ROA not before: Wed 22 Apr 2026 07:16:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39216
IP address blocks: 185.21.136.0/24 maxlen: 24
185.21.137.0/24 maxlen: 24
185.21.138.0/24 maxlen: 24
185.21.139.0/24 maxlen: 24
212.126.96.0/24 maxlen: 24
212.126.97.0/24 maxlen: 24
212.126.98.0/24 maxlen: 24
212.126.101.0/24 maxlen: 24
212.126.102.0/24 maxlen: 24
212.126.103.0/24 maxlen: 24
212.126.104.0/24 maxlen: 24
212.126.105.0/24 maxlen: 24
212.126.106.0/24 maxlen: 24
212.126.107.0/24 maxlen: 24
212.126.108.0/24 maxlen: 24
212.126.109.0/24 maxlen: 24
212.126.110.0/24 maxlen: 24
212.126.111.0/24 maxlen: 24
212.126.117.0/24 maxlen: 24
212.126.118.0/24 maxlen: 24
212.126.119.0/24 maxlen: 24
212.126.120.0/24 maxlen: 24
212.126.124.0/24 maxlen: 24
212.126.125.0/24 maxlen: 24
212.126.126.0/24 maxlen: 24
212.126.127.0/24 maxlen: 24
2a04:2dc0:4::/48 maxlen: 48
2a04:2dc0:e::/48 maxlen: 48
2a04:2dc0:f::/48 maxlen: 48
2a04:2dc0:19::/48 maxlen: 48
2a04:2dc0:1d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 03 May 2026 17:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b4:0c:20:04:2d:9a:2e:2a:d6:2e:03:98:25:9b:89:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
Validity
Not Before: Apr 22 07:16:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=28c1ac421dcaad977e3c6726f3c5d08d89fe0ae0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3d:a2:43:82:a1:93:dc:1e:4d:7f:f4:5a:3f:
4c:ad:8d:e0:f9:30:59:08:92:06:49:1d:bf:9b:e6:
8f:89:c6:98:fa:64:d7:f4:73:00:09:82:bf:52:2f:
9a:00:df:ba:78:f1:64:51:d6:af:a0:54:80:3f:10:
67:e0:4b:05:8b:f9:8b:a0:65:14:21:c6:46:64:dc:
6f:1e:41:bd:f4:aa:7b:98:35:d2:9f:38:5f:8f:bb:
a0:04:2c:a0:80:3b:02:69:44:ca:5a:b6:12:95:c2:
66:e1:44:e3:75:35:e8:9f:c7:6c:14:e8:7e:f2:2a:
4c:fe:79:a0:ac:8e:dd:f6:5d:81:15:a4:8e:d9:a7:
79:ce:0c:e0:a0:e8:cd:72:11:5f:66:b9:e3:d6:37:
8c:da:6d:8c:84:63:5d:bb:77:f4:dd:01:62:3f:86:
9c:e8:d1:64:8a:5b:e1:57:6c:16:b5:1a:82:88:43:
19:3f:ce:b3:7c:c9:76:19:8f:90:83:cb:04:02:ee:
88:12:73:4f:b0:b2:74:aa:d5:ad:a1:85:6a:92:08:
86:17:8b:9d:b3:68:36:79:9d:e9:26:e3:21:45:f7:
65:e4:94:1e:4a:45:bc:28:4f:de:3c:d7:7d:2c:c1:
dd:6d:24:f4:33:ce:fe:2e:14:29:d8:01:5e:31:2f:
b8:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C1:AC:42:1D:CA:AD:97:7E:3C:67:26:F3:C5:D0:8D:89:FE:0A:E0
X509v3 Authority Key Identifier:
keyid:F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/KMGsQh3KrZd-PGcm88XQjYn-CuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.136.0/22
212.126.96.0-212.126.98.255
212.126.101.0-212.126.111.255
212.126.117.0-212.126.120.255
212.126.124.0/22
IPv6:
2a04:2dc0:4::/48
2a04:2dc0:e::/47
2a04:2dc0:19::/48
2a04:2dc0:1d::/48
Signature Algorithm: sha256WithRSAEncryption
0c:73:fa:c3:19:16:e5:b5:1c:7b:2e:a8:7a:d9:7c:63:66:6d:
88:dc:24:aa:d3:72:ef:ae:fb:a1:3b:b9:11:db:c7:1f:3e:73:
f6:e7:8f:db:c7:04:c8:0c:ee:5e:ee:f3:ec:39:1f:21:33:41:
95:0b:64:6d:7b:83:2a:f4:16:03:07:eb:6a:27:aa:75:b2:93:
b4:2f:d2:84:02:3e:7e:ba:d2:9a:33:4f:29:e8:3c:73:c9:b1:
10:e0:9d:1c:78:10:16:a2:53:61:ea:14:4b:3e:ec:10:c4:e1:
07:01:80:2f:20:ba:9e:2f:cf:b1:7c:df:d1:fc:0a:82:5a:2c:
a4:1a:76:18:1b:10:cd:d4:9c:a6:aa:1b:01:26:41:c7:87:0b:
04:06:5b:db:2c:f7:c1:08:8f:58:94:7e:bd:de:23:d3:ca:e1:
cd:95:37:fb:c6:32:34:a2:81:cd:ad:bf:e8:73:01:c3:5c:53:
25:40:96:6f:81:07:c9:68:b3:67:d0:a9:93:26:0e:14:47:64:
26:ee:c8:ea:52:df:ee:d7:88:7b:f3:95:99:37:d0:b4:8b:6c:
06:fc:65:3e:85:91:21:97:49:51:94:3f:84:72:5c:f6:2f:5b:
9a:47:64:b4:57:a7:72:ba:37:ee:27:92:36:12:1b:7e:40:39:
50:ea:dc:f0
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZ20DCAELZouKtYuA5glm4nOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5OGEwMmQyMGM2YjdkZTM1NzEyNWYzOGIxNzM1Y2ExYjkx
Zjg3YjMwHhcNMjYwNDIyMDcxNjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGMxYWM0MjFkY2FhZDk3N2UzYzY3MjZmM2M1ZDA4ZDg5ZmUwYWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApj2iQ4Khk9weTX/0Wj9MrY3g+TBZ
CJIGSR2/m+aPicaY+mTX9HMACYK/Ui+aAN+6ePFkUdavoFSAPxBn4EsFi/mLoGUU
IcZGZNxvHkG99Kp7mDXSnzhfj7ugBCyggDsCaUTKWrYSlcJm4UTjdTXon8dsFOh+
8ipM/nmgrI7d9l2BFaSO2ad5zgzgoOjNchFfZrnj1jeM2m2MhGNdu3f03QFiP4ac
6NFkilvhV2wWtRqCiEMZP86zfMl2GY+Qg8sEAu6IEnNPsLJ0qtWtoYVqkgiGF4ud
s2g2eZ3pJuMhRfdl5JQeSkW8KE/ePNd9LMHdbST0M87+LhQp2AFeMS+4+wIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFCjBrEIdyq2XfjxnJvPF0I2J/grgMB8GA1UdIwQY
MBaAFPmKAtIMa33jVxJfOLFzXKG5H4ezMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Zb0MwZ3hyZmVOWEVsODRzWE5jb2JrZmg3TS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMz
LWFjZTNkNjc1ZDNjZC8xL0tNR3NRaDNLclpkLVBHY204OFhRalluLUN1QS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMzLWFjZTNkNjc1ZDNj
ZC8xLzEtWW9DMGd4cmZlTlhFbDg0c1hOY29ia2ZoN00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwewYIKwYBBQUHAQcBAf8EbDBqMDwEAgABMDYDBAK5FYgw
DAMEBdR+YAMEANR+YjAMAwQA1H5lAwQE1H5gMAwDBADUfnUDBADUfngDBALUfnww
KgQCAAIwJAMHACoELcAABAMHASoELcAADgMHACoELcAAGQMHACoELcAAHTANBgkq
hkiG9w0BAQsFAAOCAQEADHP6wxkW5bUcey6oetl8Y2ZtiNwkqtNy7677oTu5EdvH
Hz5z9ueP28cEyAzuXu7z7DkfITNBlQtkbXuDKvQWAwfraieqdbKTtC/ShAI+frrS
mjNPKeg8c8mxEOCdHHgQFqJTYeoUSz7sEMThBwGALyC6ni/PsXzf0fwKglospBp2
GBsQzdScpqobASZBx4cLBAZb2yz3wQiPWJR+vd4j08rhzZU3+8YyNKKBza2/6HMB
w1xTJUCWb4EHyWizZ9CpkyYOFEdkJu7I6lLf7teIe/OVmTfQtItsBvxlPoWRIZdJ
UZQ/hHJc9i9bmkdktFencro37ieSNhIbfkA5UOrc8A==
-----END CERTIFICATE-----
Generated at Sun May 3 02:50:41 2026 by rpki-client