Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/q3zdhlMiIDDFhZoNDJiFrFR24pQ.roa
File: q3zdhlMiIDDFhZoNDJiFrFR24pQ.roa (raw, json)
Hash identifier: /+L3XjiMbjbOp6jxOwSCM0b9QKCTQR84OoE2ODY1gPQ=
Subject key identifier: AB:7C:DD:86:53:22:20:30:C5:85:9A:0D:0C:98:85:AC:54:76:E2:94
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019E90B2145F6F9836F716E85D208B43E93E
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/q3zdhlMiIDDFhZoNDJiFrFR24pQ.roa
Signing time: Thu 04 Jun 2026 03:34:10 +0000
ROA not before: Thu 04 Jun 2026 03:34:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 45.139.6.0/23 maxlen: 24
82.115.0.0/24 maxlen: 24
82.115.9.0/24 maxlen: 24
89.251.10.0/24 maxlen: 24
159.255.32.0/22 maxlen: 22
159.255.36.0/22 maxlen: 22
185.215.247.0/24 maxlen: 24
185.231.172.0/24 maxlen: 24
185.231.173.0/24 maxlen: 24
188.209.156.0/22 maxlen: 24
202.133.90.0/23 maxlen: 24
212.90.100.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:90:b2:14:5f:6f:98:36:f7:16:e8:5d:20:8b:43:e9:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jun 4 03:34:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ab7cdd8653222030c5859a0d0c9885ac5476e294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c9:f7:89:2a:f5:b1:0b:0c:eb:6f:08:b6:cc:
f2:19:7a:f1:d6:e2:14:cc:dd:8e:b8:83:60:34:a8:
0b:9b:78:75:db:37:63:32:2e:41:94:7c:55:50:52:
16:0e:cf:fa:7f:e9:4a:19:1e:37:bf:7b:6e:7e:4d:
b1:dc:86:7d:37:75:71:1f:da:9f:ed:e1:da:25:6b:
b7:3f:de:d7:96:96:5f:e5:06:c5:7c:f0:ef:dd:89:
d0:39:0b:6b:3b:d1:a9:61:55:ed:6b:25:69:2d:fa:
66:b1:56:4d:bd:6a:b8:49:3a:b7:94:de:08:c0:b2:
8f:ae:3d:34:dc:59:8d:c0:ec:24:cf:7a:9d:55:3f:
67:71:c4:c9:dd:7f:ba:66:47:d7:3d:ce:1b:e8:b4:
3c:d1:67:fa:31:06:64:a5:63:76:ec:77:93:b4:65:
40:cf:d2:3f:a6:04:5f:f4:34:49:28:91:66:ed:4b:
39:1e:fc:a1:82:89:fe:8e:ed:9c:3f:92:69:cc:ac:
73:a0:f7:07:6e:a0:d6:6b:b8:8c:bf:0e:e1:d1:a7:
94:21:7f:3d:ce:81:8e:3f:1d:93:b9:ea:ec:a7:c0:
dd:39:91:f0:7a:29:ce:4d:34:30:3e:a4:73:dc:e5:
2e:9d:67:95:10:12:3a:43:bd:8f:17:b7:cd:e4:82:
af:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:7C:DD:86:53:22:20:30:C5:85:9A:0D:0C:98:85:AC:54:76:E2:94
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/q3zdhlMiIDDFhZoNDJiFrFR24pQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.6.0/23
82.115.0.0/24
82.115.9.0/24
89.251.10.0/24
159.255.32.0/21
185.215.247.0/24
185.231.172.0/23
188.209.156.0/22
202.133.90.0/23
212.90.100.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:58:0a:0f:43:7f:6a:cf:de:f1:f4:9a:fa:c7:b3:20:e7:ca:
2f:48:b4:f1:24:67:58:02:a8:5b:a3:cf:ad:d1:22:0b:a6:54:
4a:b9:d0:44:c9:48:19:c8:86:f9:33:8b:58:d4:13:d4:c6:56:
b6:e0:02:4e:fd:60:2b:7e:df:99:92:2c:45:db:1d:23:de:d2:
ce:c0:86:27:8d:4e:c4:e4:48:b4:51:5f:0b:e8:2c:2b:06:ef:
f7:60:7c:4c:e7:c4:d7:d5:cd:05:9b:e5:2a:55:e7:9e:4f:8c:
dc:cd:50:33:c9:63:fa:a7:1d:cd:8d:2d:96:6c:3c:e2:f3:bc:
5b:d7:17:86:8a:ea:b2:cf:ae:86:94:cd:d2:57:4d:6c:61:e8:
33:5c:59:cd:f2:be:63:47:84:b2:63:91:9b:a1:31:fd:52:9f:
20:fe:a9:e6:e6:09:67:0d:03:35:e0:2b:ca:25:41:88:c1:fc:
89:4f:98:55:e0:9c:64:49:f0:76:31:8c:db:58:a7:26:e2:e4:
7a:94:c9:1d:4a:ba:79:39:aa:9f:76:cb:55:9f:a6:f0:ae:69:
f6:8d:65:23:0c:fc:90:d0:d3:fe:83:4f:a7:02:6d:dd:b7:a9:
14:5c:da:0a:e0:60:28:4d:fb:e5:c4:3a:57:eb:21:13:2d:c6:
21:ec:8d:4e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZ6QshRfb5g29xboXSCLQ+k+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjYwNjA0MDMzNDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjdjZGQ4NjUzMjIyMDMwYzU4NTlhMGQwYzk4ODVhYzU0NzZlMjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcn3iSr1sQsM628ItszyGXrx1uIU
zN2OuINgNKgLm3h12zdjMi5BlHxVUFIWDs/6f+lKGR43v3tufk2x3IZ9N3VxH9qf
7eHaJWu3P97XlpZf5QbFfPDv3YnQOQtrO9GpYVXtayVpLfpmsVZNvWq4STq3lN4I
wLKPrj003FmNwOwkz3qdVT9nccTJ3X+6ZkfXPc4b6LQ80Wf6MQZkpWN27HeTtGVA
z9I/pgRf9DRJKJFm7Us5Hvyhgon+ju2cP5JpzKxzoPcHbqDWa7iMvw7h0aeUIX89
zoGOPx2Tuersp8DdOZHweinOTTQwPqRz3OUunWeVEBI6Q72PF7fN5IKvMwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFKt83YZTIiAwxYWaDQyYhaxUduKUMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvcTN6ZGhsTWlJRERGaFpvTkRKaUZyRlIyNHBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBLYsGAwQA
UnMAAwQAUnMJAwQAWfsKAwQDn/8gAwQAudf3AwQBueesAwQCvNGcAwQByoVaAwQC
1FpkMA0GCSqGSIb3DQEBCwUAA4IBAQBOWAoPQ39qz97x9Jr6x7Mg58ovSLTxJGdY
Aqhbo8+t0SILplRKudBEyUgZyIb5M4tY1BPUxla24AJO/WArft+ZkixF2x0j3tLO
wIYnjU7E5Ei0UV8L6CwrBu/3YHxM58TX1c0Fm+UqVeeeT4zczVAzyWP6px3NjS2W
bDzi87xb1xeGiuqyz66GlM3SV01sYegzXFnN8r5jR4SyY5GboTH9Up8g/qnm5gln
DQM14CvKJUGIwfyJT5hV4JxkSfB2MYzbWKcm4uR6lMkdSrp5OaqfdstVn6bwrmn2
jWUjDPyQ0NP+g0+nAm3dt6kUXNoK4GAoTfvlxDpX6yETLcYh7I1O
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:49:41 2026 by rpki-client