Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/QrcFbOR4DAAMYD0DDghoqF2GSfM.roa
File: QrcFbOR4DAAMYD0DDghoqF2GSfM.roa (raw, json)
Hash identifier: QGtHb51hChbBqYUnbm9bBQhfbbGCgb2yzMdOBCNMB48=
Subject key identifier: 42:B7:05:6C:E4:78:0C:00:0C:60:3D:03:0E:08:68:A8:5D:86:49:F3
Certificate issuer: /CN=d79785de62dcf9e7930babd7b1d39c5853d1944f
Certificate serial: 019C4CD6843AB70013C9E382009C62D3621B
Authority key identifier: D7:97:85:DE:62:DC:F9:E7:93:0B:AB:D7:B1:D3:9C:58:53:D1:94:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/QrcFbOR4DAAMYD0DDghoqF2GSfM.roa
Signing time: Wed 11 Feb 2026 13:14:12 +0000
ROA not before: Wed 11 Feb 2026 13:14:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 19905
IP address blocks: 5.57.16.0/24 maxlen: 24
5.57.17.0/24 maxlen: 24
5.57.18.0/24 maxlen: 24
5.57.19.0/24 maxlen: 24
5.57.20.0/24 maxlen: 24
5.57.21.0/24 maxlen: 24
5.57.23.0/24 maxlen: 24
37.10.0.0/24 maxlen: 24
37.10.1.0/24 maxlen: 24
37.10.3.0/24 maxlen: 24
37.10.4.0/22 maxlen: 22
37.10.4.0/24 maxlen: 24
37.10.5.0/24 maxlen: 24
37.10.6.0/24 maxlen: 24
37.10.7.0/24 maxlen: 24
37.10.12.0/24 maxlen: 24
37.10.13.0/24 maxlen: 24
37.10.30.0/24 maxlen: 24
37.10.31.0/24 maxlen: 24
37.10.63.0/24 maxlen: 24
185.28.220.0/24 maxlen: 24
185.28.221.0/24 maxlen: 24
185.28.222.0/24 maxlen: 24
185.28.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/15eF3mLc-eeTC6vXsdOcWFPRlE8.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/15eF3mLc-eeTC6vXsdOcWFPRlE8.mft
rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:4c:d6:84:3a:b7:00:13:c9:e3:82:00:9c:62:d3:62:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d79785de62dcf9e7930babd7b1d39c5853d1944f
Validity
Not Before: Feb 11 13:14:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=42b7056ce4780c000c603d030e0868a85d8649f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:5b:d4:52:f1:67:b2:a1:87:9d:5f:c4:7a:86:
a2:d7:37:1d:99:98:7f:e1:e9:be:ba:fc:4e:fc:ee:
37:9f:dc:13:53:d6:eb:73:5b:5c:d6:f5:b4:f3:85:
bc:55:5e:6a:47:6e:72:39:53:1e:9a:3d:91:78:21:
b3:27:57:f1:86:25:5a:c8:7b:bf:ce:75:f4:38:78:
88:24:f9:cf:78:1d:d5:89:75:ea:cf:4f:bc:c6:9d:
04:ba:59:0b:cb:66:df:32:9e:76:32:fa:7c:30:5e:
1d:f9:3f:07:43:e9:34:c9:a8:35:64:37:7b:2a:a0:
dc:f9:94:9d:23:1a:35:f4:5f:88:0a:44:7b:f7:39:
10:5c:38:0d:f9:5e:0a:a4:48:ca:06:e2:53:75:c5:
24:ce:5d:09:70:60:5f:89:a1:4b:5a:6c:da:88:c1:
ab:15:e1:25:86:32:43:a3:6b:c2:f0:d0:95:a8:f5:
3e:32:e3:b0:eb:91:a6:fb:67:78:34:5b:a6:da:da:
c7:a5:a3:b9:8e:3f:cd:5c:14:57:68:59:cb:22:ee:
b1:b4:cb:cc:c1:7b:81:d3:3b:36:45:a7:32:72:93:
7a:e4:f5:5d:b3:39:10:b2:c7:e4:08:74:87:5c:bb:
da:c8:0f:c1:61:5c:99:8a:de:40:2a:1a:2c:ff:66:
5a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:B7:05:6C:E4:78:0C:00:0C:60:3D:03:0E:08:68:A8:5D:86:49:F3
X509v3 Authority Key Identifier:
keyid:D7:97:85:DE:62:DC:F9:E7:93:0B:AB:D7:B1:D3:9C:58:53:D1:94:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/QrcFbOR4DAAMYD0DDghoqF2GSfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/15eF3mLc-eeTC6vXsdOcWFPRlE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.16.0-5.57.21.255
5.57.23.0/24
37.10.0.0/23
37.10.3.0-37.10.7.255
37.10.12.0/23
37.10.30.0/23
37.10.63.0/24
185.28.220.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:10:39:2f:f6:60:0e:01:96:f2:fa:89:02:be:34:7e:bf:36:
2f:24:e4:1f:6a:7f:70:74:78:20:cb:fd:c7:0b:56:0f:3d:5f:
e4:12:77:a5:14:79:40:3e:97:66:81:15:c1:66:57:1b:d9:2a:
cc:2a:82:80:69:49:08:04:bb:7e:a8:4c:a2:20:83:78:b7:66:
e7:c5:3d:2b:74:38:12:34:fa:8f:3b:48:44:cc:8f:9d:14:08:
26:59:ad:5c:b5:a7:65:25:a1:38:ef:e3:55:72:78:06:ad:d3:
53:ac:42:da:a0:2b:a7:2c:c7:6a:10:28:29:6f:73:2a:a6:9f:
a8:ea:97:6d:bf:27:33:42:d6:cf:69:27:1a:52:6f:93:64:ab:
06:e1:77:5f:93:b3:45:a6:56:f1:b5:4f:80:34:66:cb:64:bc:
cc:1f:7f:84:b4:0e:46:4f:b4:6a:fe:10:84:b0:4f:d5:36:87:
ec:b9:78:b5:1c:a6:4e:e3:e5:5d:7c:aa:a9:de:4c:72:a2:69:
49:02:38:e1:03:ba:84:4c:dd:d3:5f:be:12:19:bd:6c:4d:42:
d4:77:fd:14:d9:60:90:02:72:36:a8:a2:4e:86:6f:b2:e0:7f:
c6:94:bc:70:b7:3e:ba:e2:29:f0:d3:c7:d9:9e:65:40:65:c4:
6f:48:72:5b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZxM1oQ6twATyeOCAJxi02IbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OTc4NWRlNjJkY2Y5ZTc5MzBiYWJkN2IxZDM5YzU4NTNk
MTk0NGYwHhcNMjYwMjExMTMxNDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmI3MDU2Y2U0NzgwYzAwMGM2MDNkMDMwZTA4NjhhODVkODY0OWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllvUUvFnsqGHnV/Eeoai1zcdmZh/
4em+uvxO/O43n9wTU9brc1tc1vW084W8VV5qR25yOVMemj2ReCGzJ1fxhiVayHu/
znX0OHiIJPnPeB3ViXXqz0+8xp0EulkLy2bfMp52Mvp8MF4d+T8HQ+k0yag1ZDd7
KqDc+ZSdIxo19F+ICkR79zkQXDgN+V4KpEjKBuJTdcUkzl0JcGBfiaFLWmzaiMGr
FeElhjJDo2vC8NCVqPU+MuOw65Gm+2d4NFum2trHpaO5jj/NXBRXaFnLIu6xtMvM
wXuB0zs2RacycpN65PVdszkQssfkCHSHXLvayA/BYVyZit5AKhos/2ZacQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFEK3BWzkeAwADGA9Aw4IaKhdhknzMB8GA1UdIwQY
MBaAFNeXhd5i3Pnnkwur17HTnFhT0ZRPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTVlRjNtTGMtZWVUQzZ2WHNkT2NXRlBSbEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi83Zjk3MjgtOTU1OS00MjYzLWJjZmEt
NzU4NTVkYjcxNTFmLzEvUXJjRmJPUjREQUFNWUQwRERnaG9xRjJHU2ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi83Zjk3MjgtOTU1OS00MjYzLWJjZmEtNzU4NTVkYjcxNTFm
LzEvMTVlRjNtTGMtZWVUQzZ2WHNkT2NXRlBSbEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAMAwDBAQFORAD
BAEFORQDBAAFORcDBAElCgAwDAMEACUKAwMEAyUKAAMEASUKDAMEASUKHgMEACUK
PwMEArkc3DANBgkqhkiG9w0BAQsFAAOCAQEAGxA5L/ZgDgGW8vqJAr40fr82LyTk
H2p/cHR4IMv9xwtWDz1f5BJ3pRR5QD6XZoEVwWZXG9kqzCqCgGlJCAS7fqhMoiCD
eLdm58U9K3Q4EjT6jztIRMyPnRQIJlmtXLWnZSWhOO/jVXJ4Bq3TU6xC2qArpyzH
ahAoKW9zKqafqOqXbb8nM0LWz2knGlJvk2SrBuF3X5OzRaZW8bVPgDRmy2S8zB9/
hLQORk+0av4QhLBP1TaH7Ll4tRymTuPlXXyqqd5McqJpSQI44QO6hEzd01++Ehm9
bE1C1Hf9FNlgkAJyNqiiToZvsuB/xpS8cLc+uuIp8NPH2Z5lQGXEb0hyWw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:36:26 2026 by rpki-client