Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/qtM2kctXnuJchmGpZkBYifDuRYk.roa
File: qtM2kctXnuJchmGpZkBYifDuRYk.roa (raw, json)
Hash identifier: ZfaEZVb7iupk65U466u1KICKWagoC63beOYY7AuNp38=
Subject key identifier: AA:D3:36:91:CB:57:9E:E2:5C:86:61:A9:66:40:58:89:F0:EE:45:89
Certificate issuer: /CN=aca2a1952e718944a40434a0ebefffda2bfeed5f
Certificate serial: 019B7D5B909C42825692325004A351D2F7C9
Authority key identifier: AC:A2:A1:95:2E:71:89:44:A4:04:34:A0:EB:EF:FF:DA:2B:FE:ED:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/qtM2kctXnuJchmGpZkBYifDuRYk.roa
Signing time: Fri 02 Jan 2026 06:18:31 +0000
ROA not before: Fri 02 Jan 2026 06:18:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58147
IP address blocks: 91.239.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7d:5b:90:9c:42:82:56:92:32:50:04:a3:51:d2:f7:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca2a1952e718944a40434a0ebefffda2bfeed5f
Validity
Not Before: Jan 2 06:18:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=aad33691cb579ee25c8661a966405889f0ee4589
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:5a:57:3a:8c:1b:b2:5c:4d:2c:d0:d5:2a:b9:
52:93:4c:31:81:d8:c4:3e:11:ba:38:d3:da:69:e6:
d6:a1:e9:66:0e:3b:79:88:47:b0:6a:2a:db:be:93:
6c:b5:94:2d:b0:c0:06:20:57:fd:2a:11:b9:3f:e6:
47:94:9b:fa:fd:d4:b5:20:65:76:cd:66:ce:52:f5:
8a:8a:d6:36:71:16:ca:63:10:32:0e:2c:af:31:f9:
fd:d4:c1:dc:2a:65:1d:6e:da:33:a0:07:af:f9:32:
d7:4a:e4:13:fc:0c:1f:12:30:47:f3:fb:c6:9d:fa:
05:45:b4:05:14:f8:96:6e:ee:bf:0c:18:21:8f:6e:
fb:fe:19:53:fd:d1:1b:3c:d8:40:99:f3:47:b6:dd:
d0:1c:83:60:a8:87:cf:de:8f:a4:40:8a:f6:ef:83:
64:8c:28:a1:fb:90:b7:6d:74:3e:44:a6:22:a7:96:
d0:36:0c:31:ab:87:d1:71:75:10:e1:ae:c3:b1:8c:
1f:0c:37:af:2d:1d:f2:3c:4d:3a:17:c0:48:93:3e:
ab:bc:86:14:74:32:74:cf:a8:ed:4f:d3:b5:c5:14:
3e:f4:7e:f9:09:ef:e1:71:35:3d:4c:c7:01:f8:f9:
0a:67:ed:39:4a:f5:3a:db:80:81:b7:70:13:07:0b:
c1:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:D3:36:91:CB:57:9E:E2:5C:86:61:A9:66:40:58:89:F0:EE:45:89
X509v3 Authority Key Identifier:
keyid:AC:A2:A1:95:2E:71:89:44:A4:04:34:A0:EB:EF:FF:DA:2B:FE:ED:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/qtM2kctXnuJchmGpZkBYifDuRYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.60.0/24
Signature Algorithm: sha256WithRSAEncryption
e7:e6:f2:6d:39:6e:93:ca:ad:dc:ad:74:f8:a8:9d:ef:4f:ce:
9e:25:0b:8c:3f:f7:3c:f4:0e:98:36:cd:1c:5a:63:d0:75:4f:
64:f0:83:fe:bb:b4:b6:4a:aa:5b:c9:0a:44:7a:f5:b9:b2:fc:
90:62:49:26:27:7f:39:71:16:65:06:65:a9:36:b0:96:79:90:
0d:36:99:30:82:26:b5:b7:98:12:4e:a1:a2:99:24:0a:38:28:
9b:cd:ca:ce:fd:1c:f4:7a:cd:3f:68:02:a1:47:d8:6f:50:1c:
f7:0a:3d:91:bd:b9:01:6b:29:3b:9e:35:63:3a:24:ad:7a:65:
e7:6b:c8:d8:a3:9c:1d:db:70:4b:8f:ab:1f:67:1d:30:92:57:
1e:10:34:4d:25:f4:80:36:15:5a:79:20:25:bb:35:8c:d2:22:
15:95:1d:8c:31:65:18:c9:60:5f:70:f9:9d:f9:9a:40:f9:7b:
f6:16:74:0a:c1:d7:4b:1f:93:1b:71:41:aa:70:3a:7f:f4:27:
1a:2d:89:93:4d:56:40:2f:cd:0c:cd:66:57:e5:ae:00:22:cf:
5f:60:1a:ab:af:6f:73:fd:90:9d:25:45:a6:64:7c:ec:a5:33:
f1:d4:8a:7e:d0:09:b4:c1:f8:a6:d8:9b:de:a3:db:28:7c:88:
a0:16:2e:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt9W5CcQoJWkjJQBKNR0vfJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTJhMTk1MmU3MTg5NDRhNDA0MzRhMGViZWZmZmRhMmJm
ZWVkNWYwHhcNMjYwMTAyMDYxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWQzMzY5MWNiNTc5ZWUyNWM4NjYxYTk2NjQwNTg4OWYwZWU0NTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11pXOowbslxNLNDVKrlSk0wxgdjE
PhG6ONPaaebWoelmDjt5iEewairbvpNstZQtsMAGIFf9KhG5P+ZHlJv6/dS1IGV2
zWbOUvWKitY2cRbKYxAyDiyvMfn91MHcKmUdbtozoAev+TLXSuQT/AwfEjBH8/vG
nfoFRbQFFPiWbu6/DBghj277/hlT/dEbPNhAmfNHtt3QHINgqIfP3o+kQIr274Nk
jCih+5C3bXQ+RKYip5bQNgwxq4fRcXUQ4a7DsYwfDDevLR3yPE06F8BIkz6rvIYU
dDJ0z6jtT9O1xRQ+9H75Ce/hcTU9TMcB+PkKZ+05SvU624CBt3ATBwvBnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKrTNpHLV57iXIZhqWZAWInw7kWJMB8GA1UdIwQY
MBaAFKyioZUucYlEpAQ0oOvv/9or/u1fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9hMjY0YTgtYTY2Ni00Yzg3LTg1MWMt
YWRhMjRlZjMxMGNhLzEvcXRNMmtjdFhudUpjaG1HcFprQllpZkR1UllrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9hMjY0YTgtYTY2Ni00Yzg3LTg1MWMtYWRhMjRlZjMxMGNh
LzEvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+88MA0G
CSqGSIb3DQEBCwUAA4IBAQDn5vJtOW6Tyq3crXT4qJ3vT86eJQuMP/c89A6YNs0c
WmPQdU9k8IP+u7S2SqpbyQpEevW5svyQYkkmJ385cRZlBmWpNrCWeZANNpkwgia1
t5gSTqGimSQKOCibzcrO/Rz0es0/aAKhR9hvUBz3Cj2RvbkBayk7njVjOiStemXn
a8jYo5wd23BLj6sfZx0wklceEDRNJfSANhVaeSAluzWM0iIVlR2MMWUYyWBfcPmd
+ZpA+Xv2FnQKwddLH5MbcUGqcDp/9CcaLYmTTVZAL80MzWZX5a4AIs9fYBqrr29z
/ZCdJUWmZHzspTPx1Ip+0Am0wfim2Jveo9sofIigFi7V
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:18:10 2026 by rpki-client