Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/305360-2203-4a21-a2fd-91e8599ddbf7/1/QQvg19RwajXD2HR6-dIlare9_Rk.roa
File: QQvg19RwajXD2HR6-dIlare9_Rk.roa (raw, json)
Hash identifier: NDZGZHbva25Eq3lCZo+AeGz2C0nVtEPW/31zQHhJYJ0=
Subject key identifier: 41:0B:E0:D7:D4:70:6A:35:C3:D8:74:7A:F9:D2:25:6A:B7:BD:FD:19
Certificate issuer: /CN=a724383490a105bdc0d21597bfb1478ef04630b1
Certificate serial: 019D6D6FDA6979D17C0FA029CB3AECB4933A
Authority key identifier: A7:24:38:34:90:A1:05:BD:C0:D2:15:97:BF:B1:47:8E:F0:46:30:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pyQ4NJChBb3A0hWXv7FHjvBGMLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/305360-2203-4a21-a2fd-91e8599ddbf7/1/QQvg19RwajXD2HR6-dIlare9_Rk.roa
Signing time: Wed 08 Apr 2026 14:12:20 +0000
ROA not before: Wed 08 Apr 2026 14:12:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50588
IP address blocks: 45.145.120.0/23 maxlen: 24
185.149.12.0/23 maxlen: 24
193.109.63.0/24 maxlen: 24
2a12:f7c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/305360-2203-4a21-a2fd-91e8599ddbf7/1/pyQ4NJChBb3A0hWXv7FHjvBGMLE.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/305360-2203-4a21-a2fd-91e8599ddbf7/1/pyQ4NJChBb3A0hWXv7FHjvBGMLE.mft
rsync://rpki.ripe.net/repository/DEFAULT/pyQ4NJChBb3A0hWXv7FHjvBGMLE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 05:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6d:6f:da:69:79:d1:7c:0f:a0:29:cb:3a:ec:b4:93:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a724383490a105bdc0d21597bfb1478ef04630b1
Validity
Not Before: Apr 8 14:12:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=410be0d7d4706a35c3d8747af9d2256ab7bdfd19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:e8:75:f8:25:ee:a1:fb:fd:a9:b6:92:44:89:
dc:04:a3:54:9e:a9:17:8d:e2:8e:38:40:42:f6:4a:
56:89:37:64:fd:cf:22:cf:d7:06:58:1a:73:b2:eb:
28:7e:de:fd:c2:0a:d8:f9:46:52:c1:f8:ac:2f:5c:
c3:5e:69:23:ee:3d:e6:04:c2:08:4b:43:fd:31:59:
7b:a0:c7:5d:f6:51:92:c8:b1:63:23:b7:73:d8:4e:
7d:0a:32:1d:e1:11:bd:87:4b:7f:d8:9e:a5:09:d4:
7b:c0:5b:3d:29:0f:06:03:21:c6:96:8e:9f:2b:e4:
de:95:85:2f:c1:ef:69:5d:27:5b:a2:4f:b4:a1:f2:
17:11:81:01:07:14:da:70:d1:74:d8:16:b2:09:cd:
25:b0:eb:db:b7:d3:4d:65:c3:8f:c5:df:63:2c:f3:
9f:f5:a0:53:d0:ae:19:72:03:9f:c8:dd:4a:52:e3:
91:ad:da:13:08:c9:bb:cb:71:c8:a4:19:98:80:b4:
4b:d9:7a:70:83:ab:e6:6b:d0:6b:7a:85:05:35:3a:
8b:91:79:d9:c8:21:55:df:8f:53:72:79:d0:a0:35:
ea:c5:23:85:16:27:8d:7e:c2:ba:9a:fa:8c:4e:4c:
da:ec:7a:c0:92:72:51:c9:6c:21:2d:c1:c3:7a:93:
de:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:0B:E0:D7:D4:70:6A:35:C3:D8:74:7A:F9:D2:25:6A:B7:BD:FD:19
X509v3 Authority Key Identifier:
keyid:A7:24:38:34:90:A1:05:BD:C0:D2:15:97:BF:B1:47:8E:F0:46:30:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pyQ4NJChBb3A0hWXv7FHjvBGMLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/305360-2203-4a21-a2fd-91e8599ddbf7/1/QQvg19RwajXD2HR6-dIlare9_Rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/305360-2203-4a21-a2fd-91e8599ddbf7/1/pyQ4NJChBb3A0hWXv7FHjvBGMLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.120.0/23
185.149.12.0/23
193.109.63.0/24
IPv6:
2a12:f7c0::/29
Signature Algorithm: sha256WithRSAEncryption
46:a7:43:bc:56:14:e2:5e:be:f2:d6:e3:2e:2d:ad:5b:49:71:
ae:fd:44:7a:a2:64:8b:af:24:14:ea:5b:9f:f1:08:38:96:00:
91:eb:85:22:4e:6e:d0:4e:33:6e:a3:50:26:f0:bb:4d:61:1b:
51:e8:2b:9e:9e:a8:e4:df:a1:9d:ac:91:1e:e6:cd:db:09:6b:
a3:c7:5f:5c:22:c2:03:6b:84:a2:13:50:0a:b0:90:5d:36:12:
e3:2b:6d:cb:ba:0d:07:b4:8f:58:bd:7b:25:24:0a:01:48:26:
63:58:71:e0:d1:2b:85:4d:46:71:d0:7d:53:70:ab:18:1f:34:
e5:51:88:b9:bb:45:b7:97:f1:53:c2:a4:9b:fc:dc:2c:ef:46:
95:62:8d:bb:11:06:e5:8c:4e:41:ce:6a:52:4a:c1:91:18:57:
65:d0:eb:dc:af:c0:50:e9:f0:0a:dc:b7:99:7f:51:86:b7:88:
ec:0a:8b:41:4f:19:b1:ee:4a:f1:0b:a6:b3:e6:f5:6c:bd:8a:
82:45:4c:ac:70:98:34:ad:d9:a5:21:cf:c3:cf:f2:53:1a:59:
a6:e8:6c:9c:30:68:35:36:34:c5:ec:56:f1:40:6d:a0:31:02:
9c:0c:fa:ac:13:62:c9:d8:c7:5b:42:b6:d2:b8:ce:c5:e3:6b:
3c:2d:66:eb
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZ1tb9ppedF8D6ApyzrstJM6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MjQzODM0OTBhMTA1YmRjMGQyMTU5N2JmYjE0NzhlZjA0
NjMwYjEwHhcNMjYwNDA4MTQxMjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTBiZTBkN2Q0NzA2YTM1YzNkODc0N2FmOWQyMjU2YWI3YmRmZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/Oh1+CXuofv9qbaSRIncBKNUnqkX
jeKOOEBC9kpWiTdk/c8iz9cGWBpzsusoft79wgrY+UZSwfisL1zDXmkj7j3mBMII
S0P9MVl7oMdd9lGSyLFjI7dz2E59CjId4RG9h0t/2J6lCdR7wFs9KQ8GAyHGlo6f
K+TelYUvwe9pXSdbok+0ofIXEYEBBxTacNF02BayCc0lsOvbt9NNZcOPxd9jLPOf
9aBT0K4ZcgOfyN1KUuORrdoTCMm7y3HIpBmYgLRL2Xpwg6vma9BreoUFNTqLkXnZ
yCFV349TcnnQoDXqxSOFFieNfsK6mvqMTkza7HrAknJRyWwhLcHDepPetwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEEL4NfUcGo1w9h0evnSJWq3vf0ZMB8GA1UdIwQY
MBaAFKckODSQoQW9wNIVl7+xR47wRjCxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHlRNE5KQ2hCYjNBMGhXWHY3RkhqdkJHTUxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8zMDUzNjAtMjIwMy00YTIxLWEyZmQt
OTFlODU5OWRkYmY3LzEvUVF2ZzE5UndhalhEMkhSNi1kSWxhcmU5X1JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8zMDUzNjAtMjIwMy00YTIxLWEyZmQtOTFlODU5OWRkYmY3
LzEvcHlRNE5KQ2hCYjNBMGhXWHY3RkhqdkJHTUxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBLZF4AwQB
uZUMAwQAwW0/MA0EAgACMAcDBQMqEvfAMA0GCSqGSIb3DQEBCwUAA4IBAQBGp0O8
VhTiXr7y1uMuLa1bSXGu/UR6omSLryQU6luf8Qg4lgCR64UiTm7QTjNuo1Am8LtN
YRtR6Cuenqjk36GdrJEe5s3bCWujx19cIsIDa4SiE1AKsJBdNhLjK23Lug0HtI9Y
vXslJAoBSCZjWHHg0SuFTUZx0H1TcKsYHzTlUYi5u0W3l/FTwqSb/Nws70aVYo27
EQbljE5BzmpSSsGRGFdl0Ovcr8BQ6fAK3LeZf1GGt4jsCotBTxmx7krxC6az5vVs
vYqCRUyscJg0rdmlIc/Dz/JTGlmm6GycMGg1NjTF7FbxQG2gMQKcDPqsE2LJ2Mdb
QrbSuM7F42s8LWbr
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:25:44 2026 by rpki-client