Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qAdZk1_yTqJ3bylFfOSH4RvYiHk.roa
File: qAdZk1_yTqJ3bylFfOSH4RvYiHk.roa (raw, json)
Hash identifier: 3mRL533IHRr9uRXv71r/x6ZnPemgqkXveeJiH1dXbYs=
Subject key identifier: A8:07:59:93:5F:F2:4E:A2:77:6F:29:45:7C:E4:87:E1:1B:D8:88:79
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019C2304F5C9722B5E05D5B0900E21F439EA
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qAdZk1_yTqJ3bylFfOSH4RvYiHk.roa
Signing time: Tue 03 Feb 2026 10:20:53 +0000
ROA not before: Tue 03 Feb 2026 10:20:53 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 22427
IP address blocks: 213.210.53.0/24 maxlen: 24
213.218.225.0/24 maxlen: 24
213.218.226.0/24 maxlen: 24
213.218.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 23 Feb 2026 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:23:04:f5:c9:72:2b:5e:05:d5:b0:90:0e:21:f4:39:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 3 10:20:53 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a80759935ff24ea2776f29457ce487e11bd88879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2e:a6:e6:20:16:2d:d5:23:e4:8b:77:62:35:
3c:0e:e9:50:cd:9c:5d:44:d9:d7:03:f8:54:1d:70:
35:da:7f:88:45:aa:f8:6a:d2:86:53:d6:89:2a:59:
3d:56:fc:5c:2c:e5:d2:dc:aa:e7:ba:84:23:0d:ce:
65:11:ba:51:87:78:56:74:25:0d:41:3d:71:01:6e:
cd:c9:0d:7d:32:e5:72:8d:12:d9:e6:f7:92:88:d1:
d9:a2:20:04:2f:7c:4f:04:35:d0:dd:c8:2e:fa:23:
dc:bc:4a:29:5a:cf:d1:05:56:07:b2:9d:1f:06:a1:
aa:d0:06:40:c8:57:2f:70:77:c0:3e:04:48:8c:ba:
3a:90:d4:5d:4a:24:dd:13:f4:99:9b:fc:64:ef:c1:
08:ca:13:f1:41:00:44:16:dc:8c:35:db:92:f6:36:
e6:ec:dd:32:4e:1d:4b:9c:d8:0c:59:e2:29:dd:d4:
37:c9:53:08:90:3d:e9:e6:40:58:52:94:be:5a:dc:
bd:bd:00:bf:de:9c:54:53:55:da:58:e1:72:70:df:
d8:01:ab:cd:51:80:8d:bb:7d:0e:f9:48:06:dc:af:
e3:c7:c1:84:fb:e4:84:ca:d7:38:ca:db:0f:89:8a:
51:7b:20:e8:31:96:42:d7:5a:b1:b2:5a:ef:0e:db:
f5:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:07:59:93:5F:F2:4E:A2:77:6F:29:45:7C:E4:87:E1:1B:D8:88:79
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qAdZk1_yTqJ3bylFfOSH4RvYiHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.210.53.0/24
213.218.225.0-213.218.226.255
213.218.232.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:3e:e6:fa:10:50:cf:ac:19:a7:9b:0b:06:f5:b5:da:ae:bb:
34:6a:97:e6:4b:31:96:c0:d8:36:3e:4f:9a:c8:e0:62:57:10:
9b:88:8c:e0:08:c6:42:9c:bb:99:73:9f:45:48:75:98:c3:4d:
40:e4:79:61:e4:a5:a0:d4:cc:aa:43:a6:f6:87:b8:bd:97:11:
f5:d7:4a:d9:78:c7:d9:d1:3a:6d:ea:c4:87:ea:53:e2:92:73:
f4:da:5f:13:82:c7:7f:bf:9b:13:43:cc:8e:e4:c6:93:9b:b1:
94:76:08:31:2d:f2:45:15:c2:fd:57:51:41:63:75:e7:8d:ae:
95:10:fd:63:7d:9c:ee:ff:79:6d:fb:94:e9:83:54:ce:f4:7a:
80:9b:5b:47:3d:ed:34:87:50:4b:8a:64:3f:21:4f:c4:6a:16:
e4:bb:65:d0:9b:ba:16:d0:fd:39:1a:a9:ee:c6:50:9f:41:68:
45:a9:80:03:3f:49:b8:03:a1:45:d2:99:cb:b7:8f:b4:a7:d1:
63:84:a0:57:11:9c:1a:03:c0:ea:5b:79:51:41:de:df:3e:09:
8f:4b:cd:73:fe:96:83:5b:4a:21:90:98:4f:b9:f6:e2:92:5a:
15:e5:a2:1b:ef:c4:00:70:1d:25:ed:dc:ba:f7:ce:bf:59:af:
48:57:87:d3
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZwjBPXJciteBdWwkA4h9DnqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwMjAzMTAyMDUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODA3NTk5MzVmZjI0ZWEyNzc2ZjI5NDU3Y2U0ODdlMTFiZDg4ODc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuy6m5iAWLdUj5It3YjU8DulQzZxd
RNnXA/hUHXA12n+IRar4atKGU9aJKlk9VvxcLOXS3KrnuoQjDc5lEbpRh3hWdCUN
QT1xAW7NyQ19MuVyjRLZ5veSiNHZoiAEL3xPBDXQ3cgu+iPcvEopWs/RBVYHsp0f
BqGq0AZAyFcvcHfAPgRIjLo6kNRdSiTdE/SZm/xk78EIyhPxQQBEFtyMNduS9jbm
7N0yTh1LnNgMWeIp3dQ3yVMIkD3p5kBYUpS+Wty9vQC/3pxUU1XaWOFycN/YAavN
UYCNu30O+UgG3K/jx8GE++SEytc4ytsPiYpReyDoMZZC11qxslrvDtv1wwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKgHWZNf8k6id28pRXzkh+Eb2Ih5MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcUFkWmsxX3lUcUozYnlsRmZPU0g0UnZZaUhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQA1dI1MAwD
BADV2uEDBADV2uIDBADV2ugwDQYJKoZIhvcNAQELBQADggEBAB4+5voQUM+sGaeb
Cwb1tdquuzRql+ZLMZbA2DY+T5rI4GJXEJuIjOAIxkKcu5lzn0VIdZjDTUDkeWHk
paDUzKpDpvaHuL2XEfXXStl4x9nROm3qxIfqU+KSc/TaXxOCx3+/mxNDzI7kxpOb
sZR2CDEt8kUVwv1XUUFjdeeNrpUQ/WN9nO7/eW37lOmDVM70eoCbW0c97TSHUEuK
ZD8hT8RqFuS7ZdCbuhbQ/Tkaqe7GUJ9BaEWpgAM/SbgDoUXSmcu3j7Sn0WOEoFcR
nBoDwOpbeVFB3t8+CY9LzXP+loNbSiGQmE+59uKSWhXlohvvxABwHSXt3Lr3zr9Z
r0hXh9M=
-----END CERTIFICATE-----
Generated at Mon Feb 23 00:06:00 2026 by rpki-client