Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/qwZdpKjokAcofNdNU2M54zln9G0.roa
File: qwZdpKjokAcofNdNU2M54zln9G0.roa (raw, json)
Hash identifier: 5WlKYdw9vgNtfHFthuKL1OqIGldwR5DZZjXkKE0KqE4=
Subject key identifier: AB:06:5D:A4:A8:E8:90:07:28:7C:D7:4D:53:63:39:E3:39:67:F4:6D
Certificate issuer: /CN=8819956ddceae022cfe123da373c6b111640368d
Certificate serial: 019D695B3CA5C1F37F84569FD7F2590438D7
Authority key identifier: 88:19:95:6D:DC:EA:E0:22:CF:E1:23:DA:37:3C:6B:11:16:40:36:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/qwZdpKjokAcofNdNU2M54zln9G0.roa
Signing time: Tue 07 Apr 2026 19:11:20 +0000
ROA not before: Tue 07 Apr 2026 19:11:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 2600
IP address blocks: 212.109.224.0/24 maxlen: 24
212.109.225.0/24 maxlen: 24
212.109.226.0/24 maxlen: 24
212.109.227.0/24 maxlen: 24
212.109.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 13:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:69:5b:3c:a5:c1:f3:7f:84:56:9f:d7:f2:59:04:38:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8819956ddceae022cfe123da373c6b111640368d
Validity
Not Before: Apr 7 19:11:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ab065da4a8e89007287cd74d536339e33967f46d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ae:67:ad:cb:e3:fb:d6:f6:ed:cb:ca:2c:40:
2b:6f:43:f0:ab:65:11:c2:71:93:68:b4:2b:20:73:
57:7d:4f:ec:1d:99:08:46:a1:55:53:ee:36:f6:ef:
ef:28:d3:37:3d:94:2c:6a:46:0f:36:e1:d7:69:0c:
b6:40:76:21:e2:ad:44:27:f4:eb:0a:97:71:d6:2d:
66:0e:c9:51:8a:17:11:42:0d:72:74:6f:d2:4d:88:
0e:90:4f:28:ff:dc:d5:a3:ea:f9:d4:cd:b8:5d:e0:
9d:09:c0:a1:c8:a8:fa:3a:e7:43:33:0c:a9:00:f4:
3d:d5:45:8d:72:97:35:94:b8:ef:de:7b:b8:0c:b7:
57:0e:9c:00:a4:7c:9e:cd:2d:e8:1b:ad:ba:d6:cc:
33:9d:cf:d6:1b:3a:26:56:bc:0f:92:6e:39:74:59:
9b:c1:c0:41:a8:46:51:39:bf:85:a6:2b:84:e9:43:
b1:3f:b2:51:45:d1:e9:58:b1:1d:04:b5:5e:ef:57:
f2:56:9f:fd:77:50:d2:6e:d4:9b:e3:f3:c7:a2:8f:
59:d0:87:9b:3b:6c:cd:b8:8b:75:1e:d3:e2:26:3a:
7c:77:09:f4:cd:84:aa:3f:23:eb:d7:46:d0:8a:32:
6a:08:89:7d:ba:39:6b:bc:82:48:02:16:6a:24:3d:
d9:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:06:5D:A4:A8:E8:90:07:28:7C:D7:4D:53:63:39:E3:39:67:F4:6D
X509v3 Authority Key Identifier:
keyid:88:19:95:6D:DC:EA:E0:22:CF:E1:23:DA:37:3C:6B:11:16:40:36:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/qwZdpKjokAcofNdNU2M54zln9G0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.109.224.0/22
212.109.229.0/24
Signature Algorithm: sha256WithRSAEncryption
23:78:5c:bc:62:e9:24:d9:bd:52:55:f4:5f:1d:48:03:7c:8d:
43:98:0f:a7:1e:29:ed:73:c5:91:e3:d8:73:b1:5c:80:00:10:
d5:34:e2:60:d1:55:58:67:2a:a6:a2:b4:7b:c4:a8:87:af:bd:
90:6a:6c:2a:c5:ee:e2:34:0b:3b:4c:52:8f:1f:d4:c6:5f:25:
fa:f1:7f:b2:70:ed:41:22:1a:c8:ab:d3:f1:0e:81:dd:e8:65:
6c:77:aa:c9:98:61:29:c5:db:22:17:c7:f9:58:ed:fb:ca:4c:
aa:19:78:d7:42:9c:ae:d9:ca:44:49:e8:1d:75:3f:05:1c:f0:
8f:1f:8c:0a:5c:02:94:a0:f9:45:78:29:be:6f:d4:a3:10:59:
d1:b0:47:04:5b:45:19:a2:32:32:02:79:2b:5d:e3:5f:c8:e1:
42:fd:cb:53:49:4b:fa:79:68:8f:5e:86:77:81:19:ca:36:6a:
1c:5a:b5:ae:c3:eb:ea:68:b2:05:85:91:8d:b8:01:f4:03:90:
4f:dd:a7:1f:e2:02:e1:ee:44:97:63:98:e3:d6:19:7b:2c:f6:
a4:0c:42:3b:12:7c:9b:46:24:36:76:4e:ca:20:5a:5a:50:a9:
f8:c4:bb:f9:d0:6f:b4:50:c0:db:3e:fc:7f:f8:41:54:43:77:
75:51:dc:fe
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ1pWzylwfN/hFaf1/JZBDjXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTk5NTZkZGNlYWUwMjJjZmUxMjNkYTM3M2M2YjExMTY0
MDM2OGQwHhcNMjYwNDA3MTkxMTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjA2NWRhNGE4ZTg5MDA3Mjg3Y2Q3NGQ1MzYzMzllMzM5NjdmNDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs65nrcvj+9b27cvKLEArb0Pwq2UR
wnGTaLQrIHNXfU/sHZkIRqFVU+429u/vKNM3PZQsakYPNuHXaQy2QHYh4q1EJ/Tr
Cpdx1i1mDslRihcRQg1ydG/STYgOkE8o/9zVo+r51M24XeCdCcChyKj6OudDMwyp
APQ91UWNcpc1lLjv3nu4DLdXDpwApHyezS3oG6261swznc/WGzomVrwPkm45dFmb
wcBBqEZROb+FpiuE6UOxP7JRRdHpWLEdBLVe71fyVp/9d1DSbtSb4/PHoo9Z0Ieb
O2zNuIt1HtPiJjp8dwn0zYSqPyPr10bQijJqCIl9ujlrvIJIAhZqJD3ZmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKsGXaSo6JAHKHzXTVNjOeM5Z/RtMB8GA1UdIwQY
MBaAFIgZlW3c6uAiz+Ej2jc8axEWQDaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85ODg3NjgtZjE3Yi00ZjU5LWJlMDkt
MmRlYjE0YzI5MGVkLzEvcXdaZHBLam9rQWNvZk5kTlUyTTU0emxuOUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85ODg3NjgtZjE3Yi00ZjU5LWJlMDktMmRlYjE0YzI5MGVk
LzEvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQC1G3gAwQA
1G3lMA0GCSqGSIb3DQEBCwUAA4IBAQAjeFy8Yukk2b1SVfRfHUgDfI1DmA+nHint
c8WR49hzsVyAABDVNOJg0VVYZyqmorR7xKiHr72Qamwqxe7iNAs7TFKPH9TGXyX6
8X+ycO1BIhrIq9PxDoHd6GVsd6rJmGEpxdsiF8f5WO37ykyqGXjXQpyu2cpESegd
dT8FHPCPH4wKXAKUoPlFeCm+b9SjEFnRsEcEW0UZojIyAnkrXeNfyOFC/ctTSUv6
eWiPXoZ3gRnKNmocWrWuw+vqaLIFhZGNuAH0A5BP3acf4gLh7kSXY5jj1hl7LPak
DEI7EnybRiQ2dk7KIFpaUKn4xLv50G+0UMDbPvx/+EFUQ3d1Udz+
-----END CERTIFICATE-----
Generated at Fri Apr 17 22:12:23 2026 by rpki-client