Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/060f32-a48b-4657-a58b-41b730327c78/1/QIVGwWpDhmP0Lt1vWLEMeupfAyk.roa
File: QIVGwWpDhmP0Lt1vWLEMeupfAyk.roa (raw, json)
Hash identifier: OEQd4UwgEr9+CWSpGLqPnKGVZ8XYzfyB9h22FefazmM=
Subject key identifier: 40:85:46:C1:6A:43:86:63:F4:2E:DD:6F:58:B1:0C:7A:EA:5F:03:29
Certificate issuer: /CN=da7d5fca1e469929d4a8b6f57af3cbcdc639a35e
Certificate serial: 019C9A09CE968F0CB7A6D0473BB13B7FAB86
Authority key identifier: DA:7D:5F:CA:1E:46:99:29:D4:A8:B6:F5:7A:F3:CB:CD:C6:39:A3:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2n1fyh5GmSnUqLb1evPLzcY5o14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/060f32-a48b-4657-a58b-41b730327c78/1/QIVGwWpDhmP0Lt1vWLEMeupfAyk.roa
Signing time: Thu 26 Feb 2026 13:00:59 +0000
ROA not before: Thu 26 Feb 2026 13:00:59 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210644
IP address blocks: 2a01:e5c0:2000::/36 maxlen: 36
2a01:e5c0:3000::/36 maxlen: 36
2a01:e5c0:4000::/36 maxlen: 36
2a01:e5c0:5000::/36 maxlen: 36
2a01:e5c0:6000::/36 maxlen: 36
2a01:e5c0:7000::/36 maxlen: 36
2a01:e5c0:8000::/48 maxlen: 48
2a01:e5c0:8003::/48 maxlen: 48
2a01:e5c0:8004::/48 maxlen: 48
2a01:e5c0:8008::/48 maxlen: 48
2a01:e5c0:9000::/36 maxlen: 36
2a01:e5c0:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/060f32-a48b-4657-a58b-41b730327c78/1/2n1fyh5GmSnUqLb1evPLzcY5o14.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/060f32-a48b-4657-a58b-41b730327c78/1/2n1fyh5GmSnUqLb1evPLzcY5o14.mft
rsync://rpki.ripe.net/repository/DEFAULT/2n1fyh5GmSnUqLb1evPLzcY5o14.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 13:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9a:09:ce:96:8f:0c:b7:a6:d0:47:3b:b1:3b:7f:ab:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da7d5fca1e469929d4a8b6f57af3cbcdc639a35e
Validity
Not Before: Feb 26 13:00:59 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=408546c16a438663f42edd6f58b10c7aea5f0329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:97:65:1d:25:df:22:6d:51:7c:b7:05:54:da:
bd:60:24:d8:37:4a:67:dd:84:2e:ce:87:d8:33:a8:
83:77:0a:31:64:71:4f:27:e2:00:d7:7b:35:21:ec:
e5:58:41:6b:3a:42:a1:2b:b6:ec:ad:25:31:f2:de:
06:02:27:04:e7:0f:f1:93:51:5b:ce:32:ea:19:31:
f5:23:89:ae:45:a0:82:a8:28:69:fb:66:09:20:68:
fc:03:e5:4e:cd:d3:8b:75:48:9f:62:fb:db:64:bf:
5c:8c:89:9a:f5:4f:c2:ab:d6:24:a3:33:1a:fe:39:
59:10:71:94:d4:db:65:62:c5:3a:70:ca:82:83:6b:
05:43:6b:bc:58:e3:12:ff:09:74:ba:a2:88:94:74:
c2:96:e5:5a:8c:46:97:37:a5:f3:41:67:15:06:81:
6a:76:53:f8:79:77:fb:df:1b:2e:7f:24:62:9f:4a:
cc:77:57:19:dd:77:1e:c8:46:f7:01:d1:c2:f6:33:
1f:77:69:a6:49:8b:4e:27:7b:3e:06:b2:c4:9f:8d:
79:3f:3f:21:ed:54:7f:d6:0d:3a:6d:d6:b4:83:cd:
db:ea:80:75:ac:cc:5c:5f:69:88:5d:9f:f3:ba:c7:
f4:8b:98:8c:28:17:52:4b:a5:2c:15:2c:db:f3:bd:
1f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:85:46:C1:6A:43:86:63:F4:2E:DD:6F:58:B1:0C:7A:EA:5F:03:29
X509v3 Authority Key Identifier:
keyid:DA:7D:5F:CA:1E:46:99:29:D4:A8:B6:F5:7A:F3:CB:CD:C6:39:A3:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2n1fyh5GmSnUqLb1evPLzcY5o14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/060f32-a48b-4657-a58b-41b730327c78/1/QIVGwWpDhmP0Lt1vWLEMeupfAyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/060f32-a48b-4657-a58b-41b730327c78/1/2n1fyh5GmSnUqLb1evPLzcY5o14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e5c0:2000::-2a01:e5c0:8000:ffff:ffff:ffff:ffff:ffff
2a01:e5c0:8003::-2a01:e5c0:8004:ffff:ffff:ffff:ffff:ffff
2a01:e5c0:8008::/48
2a01:e5c0:9000::/36
2a01:e5c0:f000::/36
Signature Algorithm: sha256WithRSAEncryption
40:29:0a:38:44:cb:c3:be:e2:7c:3e:f4:a8:25:5d:11:98:f4:
e9:5a:31:b5:d9:82:5e:18:bf:83:d9:88:de:8c:25:12:e4:27:
14:c6:1e:61:67:91:58:68:14:24:f8:91:ad:65:38:6f:61:ee:
79:0e:c8:71:59:ca:79:8b:4f:d3:19:c0:50:67:b2:cd:96:5c:
1a:cf:81:02:e8:42:23:37:02:c1:b7:d9:a8:1e:83:45:c3:ed:
78:40:ec:2d:9a:0b:0d:1d:3f:af:81:b5:9b:43:43:df:6d:61:
ac:3c:fc:39:c4:01:f5:12:db:ff:1a:61:65:cd:b8:2b:c4:0d:
f6:3e:77:f0:70:9e:eb:af:68:80:00:00:5a:db:4c:d9:4a:ee:
dc:48:ea:17:16:74:f9:5f:47:0b:6d:c6:36:d3:0d:b8:82:ea:
57:65:21:29:c3:dc:60:4b:cd:5b:82:eb:f1:6a:c2:8e:d1:43:
5a:16:9d:d1:a5:9c:4b:74:8f:77:2e:59:d7:4a:7c:ed:ef:d4:
21:13:20:6f:62:c5:4f:20:fa:da:1c:99:27:e4:5d:5c:e5:23:
d6:46:db:12:d0:0f:e7:fe:fb:6e:a2:51:42:9c:7c:0c:6b:d6:
0f:32:40:2b:d2:47:1b:c4:44:09:ab:49:08:37:3a:1a:62:93:
c2:d0:ab:24
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZyaCc6Wjwy3ptBHO7E7f6uGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhN2Q1ZmNhMWU0Njk5MjlkNGE4YjZmNTdhZjNjYmNkYzYz
OWEzNWUwHhcNMjYwMjI2MTMwMDU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDg1NDZjMTZhNDM4NjYzZjQyZWRkNmY1OGIxMGM3YWVhNWYwMzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZdlHSXfIm1RfLcFVNq9YCTYN0pn
3YQuzofYM6iDdwoxZHFPJ+IA13s1IezlWEFrOkKhK7bsrSUx8t4GAicE5w/xk1Fb
zjLqGTH1I4muRaCCqChp+2YJIGj8A+VOzdOLdUifYvvbZL9cjIma9U/Cq9YkozMa
/jlZEHGU1NtlYsU6cMqCg2sFQ2u8WOMS/wl0uqKIlHTCluVajEaXN6XzQWcVBoFq
dlP4eXf73xsufyRin0rMd1cZ3XceyEb3AdHC9jMfd2mmSYtOJ3s+BrLEn415Pz8h
7VR/1g06bda0g83b6oB1rMxcX2mIXZ/zusf0i5iMKBdSS6UsFSzb870f9wIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFECFRsFqQ4Zj9C7db1ixDHrqXwMpMB8GA1UdIwQY
MBaAFNp9X8oeRpkp1Ki29Xrzy83GOaNeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm4xZnloNUdtU25VcUxiMWV2UEx6Y1k1bzE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8wNjBmMzItYTQ4Yi00NjU3LWE1OGIt
NDFiNzMwMzI3Yzc4LzEvUUlWR3dXcERobVAwTHQxdldMRU1ldXBmQXlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8wNjBmMzItYTQ4Yi00NjU3LWE1OGItNDFiNzMwMzI3Yzc4
LzEvMm4xZnloNUdtU25VcUxiMWV2UEx6Y1k1bzE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAAjBAMBEDBgUqAeXA
IAMHACoB5cCAADASAwcAKgHlwIADAwcAKgHlwIAEAwcAKgHlwIAIAwYEKgHlwJAD
BgQqAeXA8DANBgkqhkiG9w0BAQsFAAOCAQEAQCkKOETLw77ifD70qCVdEZj06Vox
tdmCXhi/g9mI3owlEuQnFMYeYWeRWGgUJPiRrWU4b2HueQ7IcVnKeYtP0xnAUGey
zZZcGs+BAuhCIzcCwbfZqB6DRcPteEDsLZoLDR0/r4G1m0ND321hrDz8OcQB9RLb
/xphZc24K8QN9j538HCe669ogAAAWttM2Uru3EjqFxZ0+V9HC23GNtMNuILqV2Uh
KcPcYEvNW4Lr8WrCjtFDWhad0aWcS3SPdy5Z10p87e/UIRMgb2LFTyD62hyZJ+Rd
XOUj1kbbEtAP5/77bqJRQpx8DGvWDzJAK9JHG8RECatJCDc6GmKTwtCrJA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:02:50 2026 by rpki-client