Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/34244d-03c8-4780-87c3-45e696a5ae45/1/q38Vrr1-lrXh4gRVryv7KRjcsHU.roa
File: q38Vrr1-lrXh4gRVryv7KRjcsHU.roa (raw, json)
Hash identifier: GS4WkhgAvCrSjsSDa1MVGmMSwhXFRTBu+xrlewUGZtg=
Subject key identifier: AB:7F:15:AE:BD:7E:96:B5:E1:E2:04:55:AF:2B:FB:29:18:DC:B0:75
Certificate issuer: /CN=f13219221cc0a21326ce006c42825bac2be31e17
Certificate serial: 019C3C44D7E884A8972DA48B09888985364F
Authority key identifier: F1:32:19:22:1C:C0:A2:13:26:CE:00:6C:42:82:5B:AC:2B:E3:1E:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TIZIhzAohMmzgBsQoJbrCvjHhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/34244d-03c8-4780-87c3-45e696a5ae45/1/q38Vrr1-lrXh4gRVryv7KRjcsHU.roa
Signing time: Sun 08 Feb 2026 08:01:10 +0000
ROA not before: Sun 08 Feb 2026 08:01:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 19905
IP address blocks: 37.99.128.0/18 maxlen: 24
46.184.0.0/17 maxlen: 24
46.184.90.0/24 maxlen: 24
46.184.92.0/24 maxlen: 24
94.77.192.0/18 maxlen: 24
185.139.120.0/22 maxlen: 24
188.248.0.0/15 maxlen: 24
2a02:888::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/34244d-03c8-4780-87c3-45e696a5ae45/1/8TIZIhzAohMmzgBsQoJbrCvjHhc.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/34244d-03c8-4780-87c3-45e696a5ae45/1/8TIZIhzAohMmzgBsQoJbrCvjHhc.mft
rsync://rpki.ripe.net/repository/DEFAULT/8TIZIhzAohMmzgBsQoJbrCvjHhc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 11:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:3c:44:d7:e8:84:a8:97:2d:a4:8b:09:88:89:85:36:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13219221cc0a21326ce006c42825bac2be31e17
Validity
Not Before: Feb 8 08:01:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ab7f15aebd7e96b5e1e20455af2bfb2918dcb075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:bb:7c:8c:d2:69:66:aa:0c:6c:72:3f:5f:63:
ac:4e:bf:35:91:ff:97:05:58:81:8f:08:04:52:8b:
ca:fb:6a:93:17:61:8a:6f:ce:4d:55:6f:6b:6c:13:
d3:47:c1:69:fb:8a:17:78:39:8a:5e:f9:27:5f:5b:
c2:7a:69:1a:13:41:87:41:a7:80:d9:c6:e0:66:68:
09:e7:b4:07:ff:6d:26:16:74:64:4e:37:d9:bb:cf:
7f:4d:dd:ff:83:7c:6c:97:b6:d9:bf:5c:f4:af:81:
d9:04:46:94:5f:28:d5:3b:4d:d6:03:93:a3:71:dd:
6b:36:9a:ea:90:fc:f5:da:9d:84:81:5c:8c:5a:65:
55:50:b6:c5:eb:12:58:51:62:88:bf:b5:f5:98:5b:
84:4f:60:94:bd:84:c1:03:9e:91:54:f3:e6:e7:0f:
84:f3:3f:0a:1a:0c:5a:58:50:4c:17:ce:9c:8d:ab:
2d:22:4a:a8:78:25:d4:61:4a:fe:f7:9d:45:22:51:
a8:54:bd:12:94:54:da:d4:de:ab:63:e7:f1:2d:ab:
8c:66:c9:7a:15:9d:06:35:fe:20:e0:6f:bd:7c:e2:
aa:18:08:85:30:25:84:de:29:87:90:f4:1b:4b:34:
b7:b6:04:7d:36:86:e0:d0:e5:ee:d8:01:f1:31:5c:
59:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:7F:15:AE:BD:7E:96:B5:E1:E2:04:55:AF:2B:FB:29:18:DC:B0:75
X509v3 Authority Key Identifier:
keyid:F1:32:19:22:1C:C0:A2:13:26:CE:00:6C:42:82:5B:AC:2B:E3:1E:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TIZIhzAohMmzgBsQoJbrCvjHhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/34244d-03c8-4780-87c3-45e696a5ae45/1/q38Vrr1-lrXh4gRVryv7KRjcsHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/34244d-03c8-4780-87c3-45e696a5ae45/1/8TIZIhzAohMmzgBsQoJbrCvjHhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.99.128.0/18
46.184.0.0/17
94.77.192.0/18
185.139.120.0/22
188.248.0.0/15
IPv6:
2a02:888::/29
Signature Algorithm: sha256WithRSAEncryption
7e:4f:76:c2:48:a0:0f:1a:5a:62:8d:b8:a3:48:5f:81:af:85:
f1:76:2c:8a:b7:c1:4a:b8:f1:ca:ca:42:1a:bd:6c:de:37:c3:
e2:f5:27:9a:f7:82:2c:41:3e:29:de:f4:e0:78:eb:39:2d:e9:
8b:3d:d6:c9:84:13:ee:a4:98:b7:ba:71:be:ff:96:e1:0d:05:
0b:55:f6:f3:3e:bd:af:db:2f:ee:e4:9e:ff:c1:77:e4:22:41:
0a:a9:4c:c4:71:78:b0:e9:e1:9c:1b:b7:06:e2:d0:c9:6b:da:
49:b9:53:90:fa:5e:5a:7a:88:27:fd:eb:15:e8:90:e4:d4:da:
00:0c:a6:90:ff:24:09:e8:bb:4e:40:2e:51:68:09:86:8c:72:
b7:fd:e1:02:4d:d6:17:fa:2e:e6:a1:4a:0c:2e:42:e0:dd:3a:
f0:65:17:f6:08:1a:44:9f:9b:33:cd:2f:36:2e:24:fb:9c:d0:
04:58:2d:ee:9f:e4:cf:ef:8a:94:40:3d:d4:4e:6c:f2:a9:97:
4c:94:28:b5:09:22:3a:8c:a4:9a:fa:bf:58:75:96:62:79:04:
6e:01:89:80:1b:61:5b:2f:85:43:4f:9c:3b:94:3b:8a:5c:b1:
c7:1e:76:c4:84:d7:1e:52:3b:58:b5:10:64:f7:83:a1:0f:d7:
69:f2:14:7a
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZw8RNfohKiXLaSLCYiJhTZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzIxOTIyMWNjMGEyMTMyNmNlMDA2YzQyODI1YmFjMmJl
MzFlMTcwHhcNMjYwMjA4MDgwMTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjdmMTVhZWJkN2U5NmI1ZTFlMjA0NTVhZjJiZmIyOTE4ZGNiMDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Lt8jNJpZqoMbHI/X2OsTr81kf+X
BViBjwgEUovK+2qTF2GKb85NVW9rbBPTR8Fp+4oXeDmKXvknX1vCemkaE0GHQaeA
2cbgZmgJ57QH/20mFnRkTjfZu89/Td3/g3xsl7bZv1z0r4HZBEaUXyjVO03WA5Oj
cd1rNprqkPz12p2EgVyMWmVVULbF6xJYUWKIv7X1mFuET2CUvYTBA56RVPPm5w+E
8z8KGgxaWFBMF86cjastIkqoeCXUYUr+951FIlGoVL0SlFTa1N6rY+fxLauMZsl6
FZ0GNf4g4G+9fOKqGAiFMCWE3imHkPQbSzS3tgR9Nobg0OXu2AHxMVxZpQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFKt/Fa69fpa14eIEVa8r+ykY3LB1MB8GA1UdIwQY
MBaAFPEyGSIcwKITJs4AbEKCW6wr4x4XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRJWkloekFvaE1temdCc1FvSmJyQ3ZqSGhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zNDI0NGQtMDNjOC00NzgwLTg3YzMt
NDVlNjk2YTVhZTQ1LzEvcTM4VnJyMS1sclhoNGdSVnJ5djdLUmpjc0hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zNDI0NGQtMDNjOC00NzgwLTg3YzMtNDVlNjk2YTVhZTQ1
LzEvOFRJWkloekFvaE1temdCc1FvSmJyQ3ZqSGhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwQGJWOAAwQH
LrgAAwQGXk3AAwQCuYt4AwMBvPgwDQQCAAIwBwMFAyoCCIgwDQYJKoZIhvcNAQEL
BQADggEBAH5PdsJIoA8aWmKNuKNIX4GvhfF2LIq3wUq48crKQhq9bN43w+L1J5r3
gixBPine9OB46zkt6Ys91smEE+6kmLe6cb7/luENBQtV9vM+va/bL+7knv/Bd+Qi
QQqpTMRxeLDp4Zwbtwbi0Mlr2km5U5D6Xlp6iCf96xXokOTU2gAMppD/JAnou05A
LlFoCYaMcrf94QJN1hf6LuahSgwuQuDdOvBlF/YIGkSfmzPNLzYuJPuc0ARYLe6f
5M/vipRAPdRObPKpl0yUKLUJIjqMpJr6v1h1lmJ5BG4BiYAbYVsvhUNPnDuUO4pc
sccedsSE1x5SO1i1EGT3g6EP12nyFHo=
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:25:41 2026 by rpki-client