Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qYJ1rknXdFjVmIrSk12YNXtltM0.roa
File: qYJ1rknXdFjVmIrSk12YNXtltM0.roa (raw, json)
Hash identifier: ytliIwtZcn98LS/d6viFJGdv/8fjqnN9KvWR8sBdBh4=
Subject key identifier: A9:82:75:AE:49:D7:74:58:D5:98:8A:D2:93:5D:98:35:7B:65:B4:CD
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019C71B2E18B49C78F7BA515B125535E168E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qYJ1rknXdFjVmIrSk12YNXtltM0.roa
Signing time: Wed 18 Feb 2026 17:01:14 +0000
ROA not before: Wed 18 Feb 2026 17:01:14 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16276
IP address blocks: 37.252.26.0/24 maxlen: 24
82.152.8.0/24 maxlen: 24
82.152.57.0/24 maxlen: 24
82.152.58.0/24 maxlen: 24
82.152.68.0/24 maxlen: 24
82.152.73.0/24 maxlen: 24
82.152.75.0/24 maxlen: 24
82.152.98.0/24 maxlen: 24
82.152.109.0/24 maxlen: 24
82.152.226.0/24 maxlen: 24
82.152.240.0/24 maxlen: 24
82.152.243.0/24 maxlen: 24
82.153.66.0/24 maxlen: 24
82.153.205.0/24 maxlen: 24
109.176.40.0/21 maxlen: 24
109.176.48.0/21 maxlen: 24
109.176.153.0/24 maxlen: 24
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.218.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 23 Feb 2026 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:71:b2:e1:8b:49:c7:8f:7b:a5:15:b1:25:53:5e:16:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 18 17:01:14 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a98275ae49d77458d5988ad2935d98357b65b4cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:0a:7b:b9:71:b3:28:9f:56:34:1d:df:40:37:
77:88:b9:14:1c:df:d5:05:7a:88:3d:ad:42:fd:02:
36:af:ec:80:f2:c3:4e:a1:17:60:87:8a:cf:97:6a:
3f:9c:27:16:a4:45:f2:41:cb:20:d6:04:9e:ab:05:
2d:2d:bc:03:b4:fa:4d:16:b4:5e:09:ef:9a:b4:55:
5c:55:db:ad:99:6f:19:d6:56:4a:82:24:9c:9b:46:
9e:fd:73:0f:37:07:44:b5:50:f4:0b:24:d4:ae:68:
b2:e4:6a:23:9c:1b:18:86:b1:d5:13:47:3e:22:d3:
2c:ba:4b:19:28:24:77:5c:af:fb:8e:fe:b7:44:77:
95:00:87:83:29:97:96:53:f6:2d:4b:1f:41:c9:6c:
49:19:67:d2:48:56:bd:68:0f:d5:0c:4f:ee:c0:65:
ef:89:12:60:51:32:fe:7e:93:c8:50:63:0d:bb:cb:
30:c7:c2:5b:08:96:4d:60:c7:5d:29:95:45:64:9f:
df:f6:8f:cb:2b:be:f6:70:0b:72:45:fe:4a:c7:4c:
64:0b:5e:e7:3e:f3:7e:e8:ef:a5:02:89:9c:98:b4:
b5:62:45:e0:09:2e:f1:85:1e:fc:e4:2e:7c:9e:ee:
d9:db:2f:58:8a:b6:24:4f:bc:ad:69:72:01:0b:1a:
d8:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:82:75:AE:49:D7:74:58:D5:98:8A:D2:93:5D:98:35:7B:65:B4:CD
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qYJ1rknXdFjVmIrSk12YNXtltM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.26.0/24
82.152.8.0/24
82.152.57.0-82.152.58.255
82.152.68.0/24
82.152.73.0/24
82.152.75.0/24
82.152.98.0/24
82.152.109.0/24
82.152.226.0/24
82.152.240.0/24
82.152.243.0/24
82.153.66.0/24
82.153.205.0/24
109.176.40.0-109.176.55.255
109.176.153.0/24
213.130.130.0/24
213.130.149.0/24
213.218.214.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:98:f3:50:7c:1a:66:cb:92:72:3b:3c:b4:ed:8d:a7:5c:27:
f4:c2:7b:19:d6:27:dd:87:d3:16:11:fe:78:68:eb:da:e7:cc:
37:2f:27:66:bd:2e:b8:f2:7a:f1:62:71:86:4f:22:4a:a6:12:
b0:b5:a3:88:d3:bd:13:96:b9:83:0b:af:92:71:1d:08:db:44:
c9:2b:e4:40:f2:92:f6:51:03:28:9a:82:d6:67:7f:25:7b:b9:
54:25:91:fa:ba:e2:ec:f7:64:cd:cc:48:47:d0:93:b2:3e:de:
93:4d:16:0f:d1:9a:58:79:63:0a:e7:57:ef:ff:cf:75:99:46:
28:9d:ef:2a:12:c9:7b:eb:72:e1:0a:5c:03:45:f9:8b:27:71:
73:77:10:7d:62:39:65:2c:c2:e0:09:65:e5:46:2c:9d:8c:7c:
b4:80:13:8f:47:e9:f4:4e:cc:69:f3:95:1a:11:d7:31:5d:3b:
57:af:b1:a9:65:ac:1c:6b:2c:83:29:aa:38:83:0c:10:70:5c:
65:c0:b0:a1:ff:66:00:74:80:a8:f0:1f:84:78:99:99:bf:8a:
fb:3d:c0:0a:54:11:0c:58:1a:a2:42:3c:69:dc:04:74:c0:69:
5c:70:e6:69:ad:99:ad:1f:c8:01:cc:74:58:7d:9a:5e:2c:11:
e3:c7:04:90
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZxxsuGLScePe6UVsSVTXhaOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwMjE4MTcwMTE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTgyNzVhZTQ5ZDc3NDU4ZDU5ODhhZDI5MzVkOTgzNTdiNjViNGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Qp7uXGzKJ9WNB3fQDd3iLkUHN/V
BXqIPa1C/QI2r+yA8sNOoRdgh4rPl2o/nCcWpEXyQcsg1gSeqwUtLbwDtPpNFrRe
Ce+atFVcVdutmW8Z1lZKgiScm0ae/XMPNwdEtVD0CyTUrmiy5GojnBsYhrHVE0c+
ItMsuksZKCR3XK/7jv63RHeVAIeDKZeWU/YtSx9ByWxJGWfSSFa9aA/VDE/uwGXv
iRJgUTL+fpPIUGMNu8swx8JbCJZNYMddKZVFZJ/f9o/LK772cAtyRf5Kx0xkC17n
PvN+6O+lAomcmLS1YkXgCS7xhR785C58nu7Z2y9YirYkT7ytaXIBCxrYFQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFKmCda5J13RY1ZiK0pNdmDV7ZbTNMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcVlKMXJrblhkRmpWbUlyU2sxMllOWHRsdE0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEACX8
GgMEAFKYCDAMAwQAUpg5AwQAUpg6AwQAUphEAwQAUphJAwQAUphLAwQAUphiAwQA
UphtAwQAUpjiAwQAUpjwAwQAUpjzAwQAUplCAwQAUpnNMAwDBANtsCgDBANtsDAD
BABtsJkDBADVgoIDBADVgpUDBADV2tYwDQYJKoZIhvcNAQELBQADggEBABqY81B8
GmbLknI7PLTtjadcJ/TCexnWJ92H0xYR/nho69rnzDcvJ2a9LrjyevFicYZPIkqm
ErC1o4jTvROWuYMLr5JxHQjbRMkr5EDykvZRAyiagtZnfyV7uVQlkfq64uz3ZM3M
SEfQk7I+3pNNFg/Rmlh5YwrnV+//z3WZRiid7yoSyXvrcuEKXANF+YsncXN3EH1i
OWUswuAJZeVGLJ2MfLSAE49H6fROzGnzlRoR1zFdO1evsallrBxrLIMpqjiDDBBw
XGXAsKH/ZgB0gKjwH4R4mZm/ivs9wApUEQxYGqJCPGncBHTAaVxw5mmtma0fyAHM
dFh9ml4sEePHBJA=
-----END CERTIFICATE-----
Generated at Mon Feb 23 00:04:45 2026 by rpki-client