Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/qfUrBPnf_VG_h7kV9B-jzvTPit4.roa
File: qfUrBPnf_VG_h7kV9B-jzvTPit4.roa (raw, json)
Hash identifier: +20XFA70AX8vngJ7txy5jI5Jd2aIgatbCk/6Z6TRl6A=
Subject key identifier: A9:F5:2B:04:F9:DF:FD:51:BF:87:B9:15:F4:1F:A3:CE:F4:CF:8A:DE
Certificate issuer: /CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Certificate serial: 019D91D701FB9FE67C839F81383A2DA516E1
Authority key identifier: 91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/qfUrBPnf_VG_h7kV9B-jzvTPit4.roa
Signing time: Wed 15 Apr 2026 15:51:20 +0000
ROA not before: Wed 15 Apr 2026 15:51:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 26769
IP address blocks: 222.167.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:91:d7:01:fb:9f:e6:7c:83:9f:81:38:3a:2d:a5:16:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Validity
Not Before: Apr 15 15:51:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a9f52b04f9dffd51bf87b915f41fa3cef4cf8ade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:34:ba:3e:08:e8:31:95:e1:54:5a:88:46:a3:
89:1d:f8:0a:6c:51:a1:86:fc:e2:aa:89:15:e4:c6:
a0:88:02:96:cc:ed:12:a5:88:6b:09:73:8e:7e:1c:
b3:54:9d:91:b0:4d:ce:e5:55:85:e0:5e:b7:9d:2d:
6f:dc:87:05:d9:25:5d:d7:2d:55:9a:db:ca:01:a3:
8f:ee:c2:68:c9:19:27:31:0c:97:51:52:5d:58:90:
f7:a0:09:1e:a9:13:0a:7d:b0:b7:78:d2:7a:44:5f:
7c:97:60:47:94:7a:e1:6a:82:00:dd:91:a3:e5:8b:
c2:34:af:99:88:3e:10:98:78:5b:a1:c5:99:37:46:
ef:ff:92:0f:12:31:77:c4:2c:26:2c:0a:10:81:84:
4e:bf:b1:0f:20:3f:55:f1:56:a5:b3:29:8c:f6:95:
b6:c7:5d:8a:49:de:83:cd:3e:6a:e4:7f:8c:66:f6:
12:7c:b4:f5:97:c1:5d:31:38:ce:d0:e7:76:75:4c:
3c:a9:30:f7:0f:a6:00:98:b7:b2:38:88:bd:3f:be:
b1:d8:5b:24:f5:46:1f:d1:e7:9f:c1:63:70:c4:c9:
a9:ba:6e:9e:fa:e5:46:12:93:55:2a:ad:f3:2e:50:
da:18:1c:4b:d5:22:5e:92:71:ec:9c:27:4d:3c:8f:
e1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:F5:2B:04:F9:DF:FD:51:BF:87:B9:15:F4:1F:A3:CE:F4:CF:8A:DE
X509v3 Authority Key Identifier:
keyid:91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/qfUrBPnf_VG_h7kV9B-jzvTPit4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
222.167.241.0/24
Signature Algorithm: sha256WithRSAEncryption
39:21:a0:2a:42:fa:34:49:4f:a4:59:a8:72:8a:41:a9:d0:ca:
61:9d:1f:fe:cc:c5:be:2c:b1:bc:e6:ce:f2:49:53:00:45:58:
f0:fc:04:21:8a:dc:7d:72:12:16:a9:35:82:fa:58:2c:44:30:
cb:6f:f1:3d:d2:41:64:9f:44:99:b3:80:03:e8:93:6d:ff:0d:
cf:1c:fa:f0:a3:9f:dc:45:bb:71:21:f8:69:47:3f:09:cf:92:
b3:2d:ed:c2:1c:11:d2:21:3e:19:a5:a9:53:88:a4:be:f4:91:
91:00:c1:06:20:75:f4:0f:bd:b1:49:13:48:e8:83:f0:3e:aa:
8e:67:d2:64:0f:b4:13:21:d7:44:f2:87:4e:48:25:56:dc:e9:
9a:2a:d2:77:1b:ac:45:d9:49:59:77:53:e4:f5:d6:bb:76:4f:
fc:b2:e1:eb:c3:bb:08:c1:34:67:42:5f:c2:9f:91:44:e3:0e:
68:19:8e:06:6a:c5:34:3a:e4:ed:de:25:38:93:a7:9d:f2:00:
ed:90:de:18:88:09:79:0a:b4:a6:a0:ce:7c:79:b7:03:80:4f:
17:e1:69:3f:e3:06:4a:94:0e:76:3a:eb:f6:ec:4a:25:27:84:
6b:ad:7a:37:9f:6d:cd:b3:1e:a3:ed:65:b2:1b:92:5e:ec:b3:
41:a3:c0:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ2R1wH7n+Z8g5+BODotpRbhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNGFhNTU3YzNkM2QxZTZiN2YwNTI1YzM0Y2MxZDQ4OGE1
YTkyOTQwHhcNMjYwNDE1MTU1MTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWY1MmIwNGY5ZGZmZDUxYmY4N2I5MTVmNDFmYTNjZWY0Y2Y4YWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDS6PgjoMZXhVFqIRqOJHfgKbFGh
hvziqokV5MagiAKWzO0SpYhrCXOOfhyzVJ2RsE3O5VWF4F63nS1v3IcF2SVd1y1V
mtvKAaOP7sJoyRknMQyXUVJdWJD3oAkeqRMKfbC3eNJ6RF98l2BHlHrhaoIA3ZGj
5YvCNK+ZiD4QmHhbocWZN0bv/5IPEjF3xCwmLAoQgYROv7EPID9V8ValsymM9pW2
x12KSd6DzT5q5H+MZvYSfLT1l8FdMTjO0Od2dUw8qTD3D6YAmLeyOIi9P76x2Fsk
9UYf0eefwWNwxMmpum6e+uVGEpNVKq3zLlDaGBxL1SJeknHsnCdNPI/hMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKn1KwT53/1Rv4e5FfQfo870z4reMB8GA1UdIwQY
MBaAFJFKpVfD09Hmt/BSXDTMHUiKWpKUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYt
NGEzNDhlN2JlNDQxLzEvcWZVckJQbmZfVkdfaDdrVjlCLWp6dlRQaXQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYtNGEzNDhlN2JlNDQx
LzEva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3qfxMA0G
CSqGSIb3DQEBCwUAA4IBAQA5IaAqQvo0SU+kWahyikGp0MphnR/+zMW+LLG85s7y
SVMARVjw/AQhitx9chIWqTWC+lgsRDDLb/E90kFkn0SZs4AD6JNt/w3PHPrwo5/c
RbtxIfhpRz8Jz5KzLe3CHBHSIT4ZpalTiKS+9JGRAMEGIHX0D72xSRNI6IPwPqqO
Z9JkD7QTIddE8odOSCVW3OmaKtJ3G6xF2UlZd1Pk9da7dk/8suHrw7sIwTRnQl/C
n5FE4w5oGY4GasU0OuTt3iU4k6ed8gDtkN4YiAl5CrSmoM58ebcDgE8X4Wk/4wZK
lA52Ouv27EolJ4RrrXo3n23Nsx6j7WWyG5Je7LNBo8B2
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:29:07 2026 by rpki-client