Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/QHKubAaWU3rZXqcgMw_rFgGwHlw.roa
File: QHKubAaWU3rZXqcgMw_rFgGwHlw.roa (raw, json)
Hash identifier: 84jkJFXrjsdItstz0iNY4wQwy8CG6Wjsb9Ta7TD1huA=
Subject key identifier: 40:72:AE:6C:06:96:53:7A:D9:5E:A7:20:33:0F:EB:16:01:B0:1E:5C
Certificate issuer: /CN=57b275b9bcc45dce8b3ef0172c96737800947a4e
Certificate serial: 019B7BA3BC36152D79FC2A26678D935EE6D9
Authority key identifier: 57:B2:75:B9:BC:C4:5D:CE:8B:3E:F0:17:2C:96:73:78:00:94:7A:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V7J1ubzEXc6LPvAXLJZzeACUek4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/QHKubAaWU3rZXqcgMw_rFgGwHlw.roa
Signing time: Thu 01 Jan 2026 22:18:06 +0000
ROA not before: Thu 01 Jan 2026 22:18:06 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216415
IP address blocks: 2a05:cd00::/32 maxlen: 32
2a05:cd02::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/V7J1ubzEXc6LPvAXLJZzeACUek4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/V7J1ubzEXc6LPvAXLJZzeACUek4.mft
rsync://rpki.ripe.net/repository/DEFAULT/V7J1ubzEXc6LPvAXLJZzeACUek4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7b:a3:bc:36:15:2d:79:fc:2a:26:67:8d:93:5e:e6:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57b275b9bcc45dce8b3ef0172c96737800947a4e
Validity
Not Before: Jan 1 22:18:06 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4072ae6c0696537ad95ea720330feb1601b01e5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:8b:dd:1f:f5:b4:6b:cd:c9:a4:98:00:4c:cc:
3a:68:2c:1e:6e:ed:e4:7f:58:70:e1:3b:02:bf:47:
d4:03:3f:3a:78:48:76:84:ac:56:b1:47:6b:30:e7:
66:ec:d9:23:ad:3a:cb:e9:47:e6:73:27:b9:6d:90:
65:0d:d9:8c:ac:f3:a3:04:c6:21:92:1b:b3:a6:6e:
8a:44:4e:9e:a7:d6:fc:d2:76:1b:54:83:2d:6d:fe:
d2:47:58:87:49:6f:f9:b4:85:f1:d6:a2:cf:51:ed:
af:4d:13:cd:05:e9:90:32:ea:b4:df:5b:92:bd:1a:
8c:d0:a8:52:12:13:f8:b6:b1:14:71:f9:b9:d7:8d:
fc:ea:f8:c5:e1:b6:63:22:3e:c0:cf:82:9b:47:f3:
06:72:1b:c0:7f:8c:0c:20:cf:7b:93:87:47:71:05:
70:ad:8c:a9:52:af:0b:92:9c:9f:34:19:db:fa:1e:
8a:e8:75:35:29:df:09:65:3f:49:b9:db:1c:1b:0b:
a7:c4:9a:fb:8a:63:b6:90:92:8e:c3:87:34:d1:f9:
f8:67:88:e8:b2:5e:52:dd:59:26:4f:0b:7c:eb:ac:
21:58:27:43:33:07:62:92:0e:b3:5a:04:24:ed:eb:
d9:f6:7c:af:d4:88:9c:15:30:bf:c4:ba:1c:41:48:
59:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:72:AE:6C:06:96:53:7A:D9:5E:A7:20:33:0F:EB:16:01:B0:1E:5C
X509v3 Authority Key Identifier:
keyid:57:B2:75:B9:BC:C4:5D:CE:8B:3E:F0:17:2C:96:73:78:00:94:7A:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V7J1ubzEXc6LPvAXLJZzeACUek4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/QHKubAaWU3rZXqcgMw_rFgGwHlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/V7J1ubzEXc6LPvAXLJZzeACUek4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:cd00::/32
2a05:cd02::/32
Signature Algorithm: sha256WithRSAEncryption
8d:d7:ca:fb:e4:2f:43:5c:5e:36:8a:65:ab:a6:fb:d6:94:77:
56:3e:c2:23:9a:58:ce:99:cd:31:b9:15:4f:5d:02:93:95:1c:
9c:ab:ef:06:63:ab:38:93:35:4b:6a:ea:ed:ee:a1:ee:85:93:
e3:77:31:67:61:01:95:1f:7d:d5:16:25:ac:c1:ff:43:06:d8:
88:10:1c:f9:df:41:c7:5c:b5:3a:e8:f0:87:b8:91:6f:d2:9f:
97:e8:ab:de:2a:4e:9b:6b:07:57:de:2f:e0:d3:86:c4:57:38:
ab:af:53:54:e1:26:a1:fd:c6:89:49:9f:e2:f4:18:4c:30:e7:
25:56:17:0b:01:db:bb:d7:d1:0c:e9:ce:73:a0:d1:47:9c:9b:
af:74:cb:14:06:b4:c4:8e:d3:9d:7b:55:05:e9:08:ed:7f:eb:
b1:31:12:c3:57:ed:a1:3c:5a:72:ac:8a:ef:66:6c:fc:82:9f:
40:f0:dc:a7:fa:2c:7e:c5:60:c6:cf:09:bd:b5:ef:3a:00:2b:
fd:8a:8e:ae:46:10:b1:0c:fe:36:6b:98:ba:d2:72:8c:af:aa:
f3:f3:ee:56:ce:a8:70:47:63:95:45:e5:43:41:2f:0b:34:0a:
e4:23:02:29:75:e1:ac:55:1b:6d:a5:21:c4:dd:fb:23:6c:c1:
96:6d:c2:4b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZt7o7w2FS15/ComZ42TXubZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YjI3NWI5YmNjNDVkY2U4YjNlZjAxNzJjOTY3Mzc4MDA5
NDdhNGUwHhcNMjYwMTAxMjIxODA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDcyYWU2YzA2OTY1MzdhZDk1ZWE3MjAzMzBmZWIxNjAxYjAxZTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYvdH/W0a83JpJgATMw6aCwebu3k
f1hw4TsCv0fUAz86eEh2hKxWsUdrMOdm7NkjrTrL6Ufmcye5bZBlDdmMrPOjBMYh
khuzpm6KRE6ep9b80nYbVIMtbf7SR1iHSW/5tIXx1qLPUe2vTRPNBemQMuq031uS
vRqM0KhSEhP4trEUcfm514386vjF4bZjIj7Az4KbR/MGchvAf4wMIM97k4dHcQVw
rYypUq8LkpyfNBnb+h6K6HU1Kd8JZT9JudscGwunxJr7imO2kJKOw4c00fn4Z4jo
sl5S3VkmTwt866whWCdDMwdikg6zWgQk7evZ9nyv1IicFTC/xLocQUhZXwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEByrmwGllN62V6nIDMP6xYBsB5cMB8GA1UdIwQY
MBaAFFeydbm8xF3Oiz7wFyyWc3gAlHpOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjdKMXViekVYYzZMUHZBWExKWnplQUNVZWs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9hMzUwNTItNzMzNi00MjVmLWE3YmEt
ODdmNjhiNzFlNDRkLzEvUUhLdWJBYVdVM3JaWHFjZ013X3JGZ0d3SGx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9hMzUwNTItNzMzNi00MjVmLWE3YmEtODdmNjhiNzFlNDRk
LzEvVjdKMXViekVYYzZMUHZBWExKWnplQUNVZWs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgXNAAMF
ACoFzQIwDQYJKoZIhvcNAQELBQADggEBAI3XyvvkL0NcXjaKZaum+9aUd1Y+wiOa
WM6ZzTG5FU9dApOVHJyr7wZjqziTNUtq6u3uoe6Fk+N3MWdhAZUffdUWJazB/0MG
2IgQHPnfQcdctTro8Ie4kW/Sn5foq94qTptrB1feL+DThsRXOKuvU1ThJqH9xolJ
n+L0GEww5yVWFwsB27vX0QzpznOg0Uecm690yxQGtMSO0517VQXpCO1/67ExEsNX
7aE8WnKsiu9mbPyCn0Dw3Kf6LH7FYMbPCb217zoAK/2Kjq5GELEM/jZrmLrScoyv
qvPz7lbOqHBHY5VF5UNBLws0CuQjAil14axVG22lIcTd+yNswZZtwks=
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:42:36 2026 by rpki-client