Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/qeVRI_NFLaWOD-2zt4kPj6kYAG8.roa
File: qeVRI_NFLaWOD-2zt4kPj6kYAG8.roa (raw, json)
Hash identifier: ovysVj+biiubkNbxSo534XXtcaYbBsQvjQyeh0Tod6Q=
Subject key identifier: A9:E5:51:23:F3:45:2D:A5:8E:0F:ED:B3:B7:89:0F:8F:A9:18:00:6F
Certificate issuer: /CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Certificate serial: 019D024722FC91581EE1ABF1940A1643FB66
Authority key identifier: 95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/qeVRI_NFLaWOD-2zt4kPj6kYAG8.roa
Signing time: Wed 18 Mar 2026 18:48:29 +0000
ROA not before: Wed 18 Mar 2026 18:48:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62651
IP address blocks: 185.147.212.0/24 maxlen: 24
185.147.213.0/24 maxlen: 24
185.147.214.0/24 maxlen: 24
185.147.215.0/24 maxlen: 24
2a03:efc0:500::/40 maxlen: 40
2a03:efc0:700::/40 maxlen: 40
2a03:efc0:900::/40 maxlen: 40
2a03:efc0:1100::/40 maxlen: 40
2a03:efc0:1500::/40 maxlen: 40
2a03:efc0:1700::/40 maxlen: 40
2a03:efc0:2300::/40 maxlen: 40
2a03:efc0:2500::/40 maxlen: 40
2a03:efc0:2700::/40 maxlen: 40
2a03:efc0:2900::/40 maxlen: 40
2a03:efc0:3100::/40 maxlen: 40
2a03:efc0:3300::/40 maxlen: 40
2a03:efc0:3500::/40 maxlen: 40
2a03:efc0:3700::/40 maxlen: 40
2a03:efc0:4100::/40 maxlen: 40
2a03:efc0:5400::/40 maxlen: 40
2a03:efc0:6600::/40 maxlen: 40
2a03:efc0:7200::/40 maxlen: 40
2a03:efc0:7800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 02:18:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:02:47:22:fc:91:58:1e:e1:ab:f1:94:0a:16:43:fb:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Validity
Not Before: Mar 18 18:48:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a9e55123f3452da58e0fedb3b7890f8fa918006f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:61:a0:88:80:58:80:f2:bc:cf:77:02:c5:40:
cf:8d:ff:3e:8a:49:a4:36:02:a7:2d:fb:4d:c2:51:
9f:fe:90:40:ef:f0:47:f4:e4:10:a0:bc:da:9e:08:
be:0e:ca:a3:ff:92:5c:83:a2:e5:aa:36:e6:0d:5d:
36:01:61:6a:a1:40:1c:72:2e:57:be:37:91:a5:db:
e0:f7:48:bf:ee:e0:20:cc:95:80:0c:9b:d4:73:2d:
1c:5e:24:87:86:f6:8e:66:31:48:41:b7:52:ea:99:
f0:c5:aa:bf:89:e6:b9:ef:e3:93:09:c6:69:35:da:
12:a8:e8:92:55:67:c3:6a:b9:f4:bc:1d:18:56:97:
11:01:fe:45:cc:e4:a0:1a:ca:8e:fa:ef:93:70:1e:
bc:29:3c:ba:ca:52:ba:9c:78:95:67:21:38:a5:da:
d2:c1:f2:62:bb:cf:ee:d2:1d:ed:cb:08:0f:f1:95:
92:f1:47:b6:9b:3b:b7:37:80:9c:e9:d3:32:fe:9a:
0c:d4:d0:51:5f:3c:a0:ea:46:65:fd:e0:19:c4:be:
5b:d7:ad:8d:81:92:95:fd:bd:6c:ac:c2:bb:4e:90:
c1:65:21:1d:fe:f9:98:2a:38:f0:ca:0a:80:5d:2b:
e9:d8:72:d1:8a:41:aa:68:2c:2b:2e:23:8d:89:41:
5c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:E5:51:23:F3:45:2D:A5:8E:0F:ED:B3:B7:89:0F:8F:A9:18:00:6F
X509v3 Authority Key Identifier:
keyid:95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/qeVRI_NFLaWOD-2zt4kPj6kYAG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.212.0/22
IPv6:
2a03:efc0:500::/40
2a03:efc0:700::/40
2a03:efc0:900::/40
2a03:efc0:1100::/40
2a03:efc0:1500::/40
2a03:efc0:1700::/40
2a03:efc0:2300::/40
2a03:efc0:2500::/40
2a03:efc0:2700::/40
2a03:efc0:2900::/40
2a03:efc0:3100::/40
2a03:efc0:3300::/40
2a03:efc0:3500::/40
2a03:efc0:3700::/40
2a03:efc0:4100::/40
2a03:efc0:5400::/40
2a03:efc0:6600::/40
2a03:efc0:7200::/40
2a03:efc0:7800::/40
Signature Algorithm: sha256WithRSAEncryption
be:85:8c:48:e7:a2:37:5c:2b:87:1b:a3:68:1e:b6:28:08:e0:
1d:84:ec:b6:30:61:e6:7f:66:6b:0f:ac:87:be:10:69:92:99:
b8:d7:0a:f2:fe:d6:5f:11:f5:38:41:31:6f:f9:b9:30:6e:9f:
15:7a:59:86:f6:91:78:ce:37:55:dc:b0:24:be:88:51:e3:fa:
ac:ed:ab:e6:24:13:c2:7e:99:c7:0f:7e:e3:6a:4b:46:7f:6f:
cc:af:bf:cb:78:10:79:f9:25:49:48:20:08:bd:75:2d:e7:56:
19:f6:ab:78:59:f2:44:c0:c9:71:e6:13:37:3e:81:0c:67:a6:
b5:fa:e4:86:93:7b:3e:3f:ab:b8:d2:42:5c:68:e5:39:3e:2a:
6f:b8:83:2f:8c:01:18:b8:03:c3:f5:eb:d1:8f:65:ba:bd:0f:
98:fd:a9:7c:69:c3:01:54:37:b6:6f:0c:6a:17:2a:ea:c7:a2:
00:8f:1d:fa:b2:3f:62:73:52:1b:0e:b5:9f:52:93:0f:77:dd:
46:ac:06:5c:a3:8c:51:0b:d3:68:02:fb:59:a6:a0:50:5c:9b:
b6:42:22:a7:99:b9:b5:2c:2b:58:b4:91:47:31:b0:e4:64:18:
ce:bf:60:83:67:c1:ff:1b:a3:bf:bb:bb:f9:3d:ca:21:de:3e:
97:2e:d2:27
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAZ0CRyL8kVge4avxlAoWQ/tmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDJkOGI4MjY5YzZiMDdmODE0YWNmMGM3ZWQ3MjliM2Y0
YjU5ODQwHhcNMjYwMzE4MTg0ODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWU1NTEyM2YzNDUyZGE1OGUwZmVkYjNiNzg5MGY4ZmE5MTgwMDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWGgiIBYgPK8z3cCxUDPjf8+ikmk
NgKnLftNwlGf/pBA7/BH9OQQoLzangi+Dsqj/5Jcg6LlqjbmDV02AWFqoUAcci5X
vjeRpdvg90i/7uAgzJWADJvUcy0cXiSHhvaOZjFIQbdS6pnwxaq/iea57+OTCcZp
NdoSqOiSVWfDarn0vB0YVpcRAf5FzOSgGsqO+u+TcB68KTy6ylK6nHiVZyE4pdrS
wfJiu8/u0h3tywgP8ZWS8Ue2mzu3N4Cc6dMy/poM1NBRXzyg6kZl/eAZxL5b162N
gZKV/b1srMK7TpDBZSEd/vmYKjjwygqAXSvp2HLRikGqaCwrLiONiUFcCQIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFKnlUSPzRS2ljg/ts7eJD4+pGABvMB8GA1UdIwQY
MBaAFJUC2LgmnGsH+BSs8Mftcps/S1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYt
MDFiOGJiNmFkOTBhLzEvcWVWUklfTkZMYVdPRC0yenQ0a1BqNmtZQUc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYtMDFiOGJiNmFkOTBh
LzEvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDAMBAIAATAGAwQCuZPU
MIGfBAIAAjCBmAMGACoD78AFAwYAKgPvwAcDBgAqA+/ACQMGACoD78ARAwYAKgPv
wBUDBgAqA+/AFwMGACoD78AjAwYAKgPvwCUDBgAqA+/AJwMGACoD78ApAwYAKgPv
wDEDBgAqA+/AMwMGACoD78A1AwYAKgPvwDcDBgAqA+/AQQMGACoD78BUAwYAKgPv
wGYDBgAqA+/AcgMGACoD78B4MA0GCSqGSIb3DQEBCwUAA4IBAQC+hYxI56I3XCuH
G6NoHrYoCOAdhOy2MGHmf2ZrD6yHvhBpkpm41wry/tZfEfU4QTFv+bkwbp8VelmG
9pF4zjdV3LAkvohR4/qs7avmJBPCfpnHD37jaktGf2/Mr7/LeBB5+SVJSCAIvXUt
51YZ9qt4WfJEwMlx5hM3PoEMZ6a1+uSGk3s+P6u40kJcaOU5PipvuIMvjAEYuAPD
9evRj2W6vQ+Y/al8acMBVDe2bwxqFyrqx6IAjx36sj9ic1IbDrWfUpMPd91GrAZc
o4xRC9NoAvtZpqBQXJu2QiKnmbm1LCtYtJFHMbDkZBjOv2CDZ8H/G6O/u7v5Pcoh
3j6XLtIn
-----END CERTIFICATE-----
Generated at Sat Mar 21 12:16:27 2026 by rpki-client