Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QqPlv8Jhrx-gmZazsqFtA_LgbK8.roa
File: QqPlv8Jhrx-gmZazsqFtA_LgbK8.roa (raw, json)
Hash identifier: jzW5Vhc+lM4QXN/g1VqVPTJUv/731M9yngI3yq4ihi8=
Subject key identifier: 42:A3:E5:BF:C2:61:AF:1F:A0:99:96:B3:B2:A1:6D:03:F2:E0:6C:AF
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019C8EAEC1D9C9521D3EB9E3659BDF93ECAD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QqPlv8Jhrx-gmZazsqFtA_LgbK8.roa
Signing time: Tue 24 Feb 2026 08:05:43 +0000
ROA not before: Tue 24 Feb 2026 08:05:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214432
IP address blocks: 80.240.90.0/24 maxlen: 24
81.168.32.0/24 maxlen: 24
213.210.28.0/24 maxlen: 24
217.145.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8e:ae:c1:d9:c9:52:1d:3e:b9:e3:65:9b:df:93:ec:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 24 08:05:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=42a3e5bfc261af1fa09996b3b2a16d03f2e06caf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:74:56:6b:b7:e9:64:11:88:6e:7a:c4:28:98:
49:03:ee:fd:1f:fb:f9:b9:47:0a:08:10:e0:40:a2:
fd:bb:4c:8d:09:1f:fd:6f:a8:87:b1:98:40:9e:1a:
41:d5:10:d6:ff:44:7f:eb:25:9e:4f:c9:12:13:a4:
c2:9d:bd:22:e3:73:69:6a:26:c5:b1:bc:e2:24:3a:
6e:92:43:dc:d7:51:85:53:92:db:97:a2:3b:a8:bf:
b5:31:c5:78:a2:c1:00:33:1b:61:31:44:9b:e8:cf:
76:e5:39:b6:76:07:43:18:02:4f:ee:df:c6:ae:94:
eb:82:1c:3b:5b:9b:67:c2:0b:66:b1:7d:8f:06:25:
d2:5a:6c:d3:d0:08:b1:57:56:cc:80:57:e5:6c:ef:
9c:63:29:7e:e4:a6:8e:60:6a:e2:25:41:0c:6f:a1:
6f:e5:c3:1a:ec:94:a6:6e:14:95:3f:21:8b:41:9c:
41:3d:3b:cf:42:2c:43:35:52:01:b5:4c:26:11:3d:
52:f9:c2:23:a3:4f:70:e7:90:b9:0a:b2:b5:60:a8:
57:e6:05:17:38:5d:21:e6:3c:f9:f8:4e:3a:71:43:
c2:3c:46:ae:3b:76:2c:c4:62:d2:13:be:91:b9:35:
5c:3b:99:d3:f2:07:01:db:9d:bb:e5:27:45:da:8a:
26:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:A3:E5:BF:C2:61:AF:1F:A0:99:96:B3:B2:A1:6D:03:F2:E0:6C:AF
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QqPlv8Jhrx-gmZazsqFtA_LgbK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.90.0/24
81.168.32.0/24
213.210.28.0/24
217.145.75.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:96:32:f5:d2:7e:3c:2f:43:fe:f2:c4:1f:9c:ab:60:48:51:
bd:93:f2:14:ca:ad:f4:b6:ec:f5:be:52:2f:1d:a9:9b:88:ce:
5a:8e:3a:9b:be:5c:c5:1d:44:ce:7a:aa:f9:f6:99:03:db:d2:
72:04:b0:90:34:f5:02:5a:fd:d6:94:7c:74:0c:b1:c3:1f:6c:
19:5d:7c:17:65:ee:94:29:ad:5d:b5:a8:05:49:51:f9:57:3a:
69:5c:3d:46:6a:02:07:99:93:94:ff:82:28:30:da:90:ad:fd:
51:0b:81:0b:27:d9:f1:ec:8a:13:fd:2d:17:b7:be:87:10:60:
ec:22:ec:f6:5a:7c:62:03:66:b1:76:50:c9:e8:d5:9e:77:52:
b8:bb:94:3e:ba:37:bc:96:cd:bd:54:1c:da:16:07:a7:bb:51:
30:40:5a:99:db:39:23:e2:f8:c3:46:3e:09:02:20:f7:3b:f1:
57:42:2a:55:99:e8:67:2c:4d:b5:16:e9:05:82:db:12:18:61:
95:27:61:89:bd:9f:f5:e2:cd:d3:e0:e9:e2:58:50:7a:4a:69:
ec:62:e2:45:65:23:8f:62:41:20:c6:84:7c:6d:95:0f:4f:c4:
b9:29:a3:7a:10:60:f2:10:6c:41:a8:2b:7f:36:5c:85:78:9b:
04:b8:0f:1e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZyOrsHZyVIdPrnjZZvfk+ytMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwMjI0MDgwNTQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmEzZTViZmMyNjFhZjFmYTA5OTk2YjNiMmExNmQwM2YyZTA2Y2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7nRWa7fpZBGIbnrEKJhJA+79H/v5
uUcKCBDgQKL9u0yNCR/9b6iHsZhAnhpB1RDW/0R/6yWeT8kSE6TCnb0i43NpaibF
sbziJDpukkPc11GFU5Lbl6I7qL+1McV4osEAMxthMUSb6M925Tm2dgdDGAJP7t/G
rpTrghw7W5tnwgtmsX2PBiXSWmzT0AixV1bMgFflbO+cYyl+5KaOYGriJUEMb6Fv
5cMa7JSmbhSVPyGLQZxBPTvPQixDNVIBtUwmET1S+cIjo09w55C5CrK1YKhX5gUX
OF0h5jz5+E46cUPCPEauO3YsxGLSE76RuTVcO5nT8gcB25275SdF2oomAQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEKj5b/CYa8foJmWs7KhbQPy4GyvMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUXFQbHY4SmhyeC1nbVphenNxRnRBX0xnYks4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUPBaAwQA
UaggAwQA1dIcAwQA2ZFLMA0GCSqGSIb3DQEBCwUAA4IBAQB7ljL10n48L0P+8sQf
nKtgSFG9k/IUyq30tuz1vlIvHambiM5ajjqbvlzFHUTOeqr59pkD29JyBLCQNPUC
Wv3WlHx0DLHDH2wZXXwXZe6UKa1dtagFSVH5VzppXD1GagIHmZOU/4IoMNqQrf1R
C4ELJ9nx7IoT/S0Xt76HEGDsIuz2WnxiA2axdlDJ6NWed1K4u5Q+uje8ls29VBza
Fgenu1EwQFqZ2zkj4vjDRj4JAiD3O/FXQipVmehnLE21FukFgtsSGGGVJ2GJvZ/1
4s3T4OniWFB6SmnsYuJFZSOPYkEgxoR8bZUPT8S5KaN6EGDyEGxBqCt/NlyFeJsE
uA8e
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:28:06 2026 by rpki-client