Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/dQp1_bF-2hRgZhoSUp2j8-OiYAI.roa
File: dQp1_bF-2hRgZhoSUp2j8-OiYAI.roa (raw, json)
Hash identifier: Ktp1XPuBOcTSPdwju+u+aKIoeTI5yi+j2Ty+pydNaPA=
Subject key identifier: 75:0A:75:FD:B1:7E:DA:14:60:66:1A:12:52:9D:A3:F3:E3:A2:60:02
Certificate issuer: /CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Certificate serial: 019D4D580027689D1F3D9315933A0A4D08F4
Authority key identifier: A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/dQp1_bF-2hRgZhoSUp2j8-OiYAI.roa
Signing time: Thu 02 Apr 2026 08:38:25 +0000
ROA not before: Thu 02 Apr 2026 08:38:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56899
IP address blocks: 185.126.252.0/24 maxlen: 24
194.4.68.0/22 maxlen: 24
194.4.68.0/24 maxlen: 24
194.4.69.0/24 maxlen: 24
194.4.70.0/24 maxlen: 24
194.4.71.0/24 maxlen: 24
212.79.112.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.mft
rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:4d:58:00:27:68:9d:1f:3d:93:15:93:3a:0a:4d:08:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Validity
Not Before: Apr 2 08:38:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=750a75fdb17eda1460661a12529da3f3e3a26002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:6d:af:e9:23:39:0d:24:a8:10:1c:e3:50:cf:
ee:25:e1:3a:e7:f6:9f:5d:01:63:69:66:5a:f7:ed:
41:08:9c:c6:ce:9e:76:56:cd:27:36:03:53:60:1a:
93:66:44:ea:6f:11:d6:d6:a5:a1:ca:36:ed:d7:9b:
26:21:ef:61:90:5f:0a:d2:69:c6:76:bd:70:c4:4b:
7a:5d:1e:d4:09:97:e8:85:54:3f:73:0a:2c:ce:8d:
2a:40:30:6d:f0:61:4d:d3:8e:12:0c:72:6a:39:d9:
43:af:68:54:fc:a0:e0:6c:80:86:eb:fb:0b:54:d7:
1d:66:33:b5:a2:80:2b:f3:f0:ef:4d:38:3f:36:d4:
cf:7b:f0:59:fb:e6:59:6f:a4:20:d1:07:f9:7b:60:
36:03:cb:23:38:40:1f:83:04:20:3d:13:76:61:1e:
9e:81:9d:02:43:60:8b:72:08:e6:c8:c9:3f:d6:6f:
16:5c:3d:99:bd:6e:f4:fd:d1:50:0c:b6:50:40:a5:
6c:20:b0:44:ce:4f:9c:78:5f:fc:e4:ba:e2:01:3c:
27:c3:26:5b:83:4d:f2:87:fc:f4:60:c3:e8:e4:61:
ee:4a:37:b9:96:44:62:24:4d:f4:6e:30:d5:7b:12:
43:d8:d4:d7:ef:6b:15:cd:b8:f5:75:12:57:93:f3:
e7:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:0A:75:FD:B1:7E:DA:14:60:66:1A:12:52:9D:A3:F3:E3:A2:60:02
X509v3 Authority Key Identifier:
keyid:A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/dQp1_bF-2hRgZhoSUp2j8-OiYAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.252.0/24
194.4.68.0/22
212.79.112.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:b4:df:49:3d:e1:ce:22:75:68:d7:b4:a2:e1:84:d2:3c:e3:
3f:a3:37:96:99:65:98:5e:d2:88:23:64:25:73:80:29:f0:7a:
c8:d1:0a:77:9d:a7:e7:8e:08:1e:ba:bd:e3:88:71:45:1e:3b:
5b:0d:bf:9b:e4:7a:35:70:3a:c7:ed:2b:b7:a7:b1:3e:00:dd:
de:1e:cd:44:90:c4:61:58:2f:09:4b:e3:52:e3:25:e5:3e:ec:
7b:a7:ca:2d:25:18:2a:be:8e:88:9a:ce:91:c0:e6:1c:b3:9a:
d1:dd:cc:19:b4:76:4e:b0:14:b0:c6:6c:2d:77:e9:d9:f0:52:
29:9f:c4:01:75:e8:d3:4a:a2:7a:80:13:a1:92:b0:33:22:ab:
18:4a:7e:ae:db:70:8f:a0:17:31:4a:7a:a7:8a:f6:a1:8f:8b:
17:53:57:5a:0c:f0:57:10:8b:f9:11:77:ef:af:e6:36:0f:66:
9c:be:50:15:62:a1:5c:d1:33:76:a0:f8:bf:99:e7:c4:3d:f1:
3c:33:8d:00:1d:83:a2:59:18:7c:d4:54:58:3b:49:24:65:37:
19:9b:8b:dd:46:09:b7:43:94:9b:2d:33:2e:7f:25:76:a8:1f:
fd:84:b1:1e:80:f5:c6:47:07:33:6e:58:d7:34:e9:f0:34:41:
68:20:f7:1c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ1NWAAnaJ0fPZMVkzoKTQj0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjViYWUyNTc3OGJlZWQ4ODgwYzA4ZGYyZDNmMzdmYzM3
YWJjMWUwHhcNMjYwNDAyMDgzODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTBhNzVmZGIxN2VkYTE0NjA2NjFhMTI1MjlkYTNmM2UzYTI2MDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5m2v6SM5DSSoEBzjUM/uJeE65/af
XQFjaWZa9+1BCJzGzp52Vs0nNgNTYBqTZkTqbxHW1qWhyjbt15smIe9hkF8K0mnG
dr1wxEt6XR7UCZfohVQ/cwoszo0qQDBt8GFN044SDHJqOdlDr2hU/KDgbICG6/sL
VNcdZjO1ooAr8/DvTTg/NtTPe/BZ++ZZb6Qg0Qf5e2A2A8sjOEAfgwQgPRN2YR6e
gZ0CQ2CLcgjmyMk/1m8WXD2ZvW70/dFQDLZQQKVsILBEzk+ceF/85LriATwnwyZb
g03yh/z0YMPo5GHuSje5lkRiJE30bjDVexJD2NTX72sVzbj1dRJXk/PnqwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHUKdf2xftoUYGYaElKdo/PjomACMB8GA1UdIwQY
MBaAFKhluuJXeL7tiIDAjfLT83/DerweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTkt
MWI2Zjc1MGNmOWEyLzEvZFFwMV9iRi0yaFJnWmhvU1VwMmo4LU9pWUFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTktMWI2Zjc1MGNmOWEy
LzEvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuX78AwQC
wgREAwQC1E9wMA0GCSqGSIb3DQEBCwUAA4IBAQBOtN9JPeHOInVo17Si4YTSPOM/
ozeWmWWYXtKII2Qlc4Ap8HrI0Qp3nafnjggeur3jiHFFHjtbDb+b5Ho1cDrH7Su3
p7E+AN3eHs1EkMRhWC8JS+NS4yXlPux7p8otJRgqvo6Ims6RwOYcs5rR3cwZtHZO
sBSwxmwtd+nZ8FIpn8QBdejTSqJ6gBOhkrAzIqsYSn6u23CPoBcxSnqnivahj4sX
U1daDPBXEIv5EXfvr+Y2D2acvlAVYqFc0TN2oPi/mefEPfE8M40AHYOiWRh81FRY
O0kkZTcZm4vdRgm3Q5SbLTMufyV2qB/9hLEegPXGRwczbljXNOnwNEFoIPcc
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:05:57 2026 by rpki-client