Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/QAQqyGViM6nC5i8XAnkTLj2Fjlw.roa
File: QAQqyGViM6nC5i8XAnkTLj2Fjlw.roa (raw, json)
Hash identifier: C9pNA0dXzzng1peuC0V7+/A3P+D1i1wR3XipGNDFMzY=
Subject key identifier: 40:04:2A:C8:65:62:33:A9:C2:E6:2F:17:02:79:13:2E:3D:85:8E:5C
Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Certificate serial: 019E3C0BF4F41B16A6DDE01DF724AABF1FC5
Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/QAQqyGViM6nC5i8XAnkTLj2Fjlw.roa
Signing time: Mon 18 May 2026 17:04:36 +0000
ROA not before: Mon 18 May 2026 17:04:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48950
IP address blocks: 5.157.30.0/23 maxlen: 23
5.157.30.0/24 maxlen: 24
5.157.31.0/24 maxlen: 24
104.160.3.0/24 maxlen: 24
104.160.4.0/24 maxlen: 24
104.160.10.0/24 maxlen: 24
158.222.3.0/24 maxlen: 24
158.222.5.0/24 maxlen: 24
158.222.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 19:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3c:0b:f4:f4:1b:16:a6:dd:e0:1d:f7:24:aa:bf:1f:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Validity
Not Before: May 18 17:04:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=40042ac8656233a9c2e62f170279132e3d858e5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:d5:76:6f:11:e9:0e:17:ac:ce:d6:e9:35:6d:
c4:e5:a3:d5:f4:74:53:32:20:9b:83:fe:77:d6:a1:
27:4e:83:b6:71:c8:32:ce:b8:3a:36:21:b3:20:ff:
3c:d6:1d:d1:60:12:ea:3c:3a:88:30:f1:f5:dd:94:
33:e9:df:60:d4:b6:9e:9b:a4:5c:44:57:6d:f8:74:
39:a1:39:00:ae:5e:d6:59:05:81:77:7d:61:b1:49:
cf:5a:d5:39:cc:eb:62:b5:e8:20:b1:6f:c9:d5:bc:
6d:2b:fc:d2:51:7d:bd:8e:be:c9:ce:5f:ae:5d:43:
a1:f1:ee:9a:be:63:52:79:6f:29:dd:db:d2:b6:0b:
18:63:a1:42:fc:ec:35:3c:27:e1:8f:03:a4:ed:37:
70:f8:ed:70:cb:aa:86:5b:a0:48:74:98:2d:76:49:
8b:c7:80:57:23:ca:07:fe:b6:1b:06:53:51:2e:e7:
6d:4c:0e:ab:a8:9b:f3:0c:17:97:2d:f1:b6:5f:5b:
f5:54:ba:25:a4:43:27:10:f0:43:ce:83:9f:ad:d7:
6a:6d:c3:e0:ac:87:bb:d6:b7:99:9e:7c:bb:bd:0f:
07:4f:3b:41:de:66:e0:a4:f6:ce:06:01:91:d6:97:
8e:22:74:57:3e:77:1d:4e:3f:10:f4:d0:53:bf:c4:
b1:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:04:2A:C8:65:62:33:A9:C2:E6:2F:17:02:79:13:2E:3D:85:8E:5C
X509v3 Authority Key Identifier:
keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/QAQqyGViM6nC5i8XAnkTLj2Fjlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.30.0/23
104.160.3.0-104.160.4.255
104.160.10.0/24
158.222.3.0/24
158.222.5.0/24
158.222.7.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:e2:55:87:a8:c9:2f:23:df:ae:42:d8:f1:76:02:7f:2f:9e:
c6:3c:76:6c:98:0b:22:09:5b:15:b0:eb:65:97:30:13:e1:f8:
f7:f0:7d:ab:dc:ae:06:8d:84:84:1d:7c:60:81:7e:0e:ff:5f:
21:92:c4:2f:e8:1b:8d:ad:a8:ba:5f:a8:47:95:5b:af:eb:49:
ae:96:ed:9b:a9:50:29:db:ef:c9:df:10:d7:d9:1a:67:ba:81:
e5:84:40:cb:90:54:d2:3d:c6:b5:a3:27:89:b0:45:34:dd:ad:
be:34:ad:2d:24:5f:38:95:b1:d2:07:a5:d4:6b:f2:0d:54:aa:
c9:d5:70:3d:11:76:b2:d5:82:98:d5:64:13:cb:8b:35:dc:ed:
4f:f0:56:20:ab:86:3b:5c:9b:0b:e2:a7:d3:f0:99:2f:c3:01:
7c:17:d6:c1:6b:5e:2a:5c:0a:87:5a:08:5b:e9:e3:73:50:a1:
20:cf:18:c7:94:ce:36:b0:55:e1:04:3b:f5:d8:7a:5c:3d:8c:
05:11:6e:ac:2c:b1:7d:1d:4a:04:21:8a:06:ae:93:18:9f:af:
ff:fe:50:94:29:f2:31:1a:3d:20:db:ba:e7:26:fd:6f:fa:83:
3d:06:24:44:a8:90:4a:b2:62:a5:63:54:f6:95:06:64:b0:10:
b5:05:04:9d
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZ48C/T0Gxam3eAd9ySqvx/FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy
MDdmZDIwHhcNMjYwNTE4MTcwNDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDA0MmFjODY1NjIzM2E5YzJlNjJmMTcwMjc5MTMyZTNkODU4ZTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7NV2bxHpDhesztbpNW3E5aPV9HRT
MiCbg/531qEnToO2ccgyzrg6NiGzIP881h3RYBLqPDqIMPH13ZQz6d9g1Laem6Rc
RFdt+HQ5oTkArl7WWQWBd31hsUnPWtU5zOtiteggsW/J1bxtK/zSUX29jr7Jzl+u
XUOh8e6avmNSeW8p3dvStgsYY6FC/Ow1PCfhjwOk7Tdw+O1wy6qGW6BIdJgtdkmL
x4BXI8oH/rYbBlNRLudtTA6rqJvzDBeXLfG2X1v1VLolpEMnEPBDzoOfrddqbcPg
rIe71reZnny7vQ8HTztB3mbgpPbOBgGR1peOInRXPncdTj8Q9NBTv8SxsQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFEAEKshlYjOpwuYvFwJ5Ey49hY5cMB8GA1UdIwQY
MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt
MTVmMTNlM2Y3ZDg1LzEvUUFRcXlHVmlNNm5DNWk4WEFua1RMajJGamx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1
LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQBBZ0eMAwD
BABooAMDBABooAQDBABooAoDBACe3gMDBACe3gUDBACe3gcwDQYJKoZIhvcNAQEL
BQADggEBACziVYeoyS8j365C2PF2An8vnsY8dmyYCyIJWxWw62WXMBPh+Pfwfavc
rgaNhIQdfGCBfg7/XyGSxC/oG42tqLpfqEeVW6/rSa6W7ZupUCnb78nfENfZGme6
geWEQMuQVNI9xrWjJ4mwRTTdrb40rS0kXziVsdIHpdRr8g1UqsnVcD0RdrLVgpjV
ZBPLizXc7U/wViCrhjtcmwvip9PwmS/DAXwX1sFrXipcCodaCFvp43NQoSDPGMeU
zjawVeEEO/XYelw9jAURbqwssX0dSgQhigaukxifr//+UJQp8jEaPSDbuucm/W/6
gz0GJESokEqyYqVjVPaVBmSwELUFBJ0=
-----END CERTIFICATE-----
Generated at Sun Jun 14 04:46:58 2026 by rpki-client