Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/QLUMXeRjYMm_-Wtp37tHErjQZJI.roa
File: QLUMXeRjYMm_-Wtp37tHErjQZJI.roa (raw, json)
Hash identifier: qw3EzKUtqXfDQigFCOd8xoQ6CAWheydfmKwu4Qvs2ls=
Subject key identifier: 40:B5:0C:5D:E4:63:60:C9:BF:F9:6B:69:DF:BB:47:12:B8:D0:64:92
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 019C03C9A25C480DBEF829FC9F60814DA15F
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/QLUMXeRjYMm_-Wtp37tHErjQZJI.roa
Signing time: Wed 28 Jan 2026 08:47:51 +0000
ROA not before: Wed 28 Jan 2026 08:47:51 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208555
IP address blocks: 62.220.124.0/23 maxlen: 24
62.220.126.0/23 maxlen: 24
81.12.24.0/22 maxlen: 24
81.12.30.0/23 maxlen: 24
87.107.6.0/23 maxlen: 24
87.107.8.0/23 maxlen: 24
87.107.108.0/23 maxlen: 24
87.107.110.0/23 maxlen: 24
87.107.110.0/24 maxlen: 24
87.107.111.0/24 maxlen: 24
87.107.144.0/24 maxlen: 24
87.107.152.0/23 maxlen: 24
87.107.166.0/23 maxlen: 24
87.107.174.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:03:c9:a2:5c:48:0d:be:f8:29:fc:9f:60:81:4d:a1:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 28 08:47:51 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=40b50c5de46360c9bff96b69dfbb4712b8d06492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f2:b8:a7:f4:ab:92:5d:87:ee:0f:64:79:1a:
f1:63:1a:bf:70:65:23:1c:6c:b9:c8:fa:52:4f:63:
98:46:7a:dc:25:84:7d:14:d5:a8:65:0c:be:28:0a:
9f:6d:40:d2:ff:89:f0:a4:e4:8b:30:9b:6d:b5:4a:
96:a0:27:ce:57:04:f3:67:89:c9:16:97:11:f0:c1:
54:61:1b:7c:92:dd:2e:5d:84:37:f7:b0:40:3a:48:
98:56:af:b9:cf:b8:02:26:89:0b:f3:5a:94:2a:6c:
05:99:50:46:28:77:01:8f:73:9f:c4:df:76:5f:fe:
4f:73:6b:2d:17:f5:ea:4f:92:23:91:25:b3:b7:5c:
28:5a:01:23:cf:d8:78:09:30:42:3c:62:35:35:44:
66:25:a7:71:15:6e:c0:68:52:1b:b3:c2:24:b0:40:
77:d9:b0:37:67:25:51:04:7f:c2:74:d8:2a:27:79:
be:ba:22:ca:e7:f8:28:29:81:32:8d:a2:98:6b:2e:
d2:4a:de:96:bc:01:27:66:22:62:80:bc:ab:e7:22:
3f:71:f0:4a:de:ab:d9:29:35:d8:5b:08:cf:6c:be:
0f:92:8b:97:0b:e7:fe:d3:35:ce:34:6e:15:d6:f9:
0d:44:63:26:3c:4b:cb:9c:16:4f:f1:78:83:59:8c:
0e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:B5:0C:5D:E4:63:60:C9:BF:F9:6B:69:DF:BB:47:12:B8:D0:64:92
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/QLUMXeRjYMm_-Wtp37tHErjQZJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.124.0/22
81.12.24.0/22
81.12.30.0/23
87.107.6.0-87.107.9.255
87.107.108.0/22
87.107.144.0/24
87.107.152.0/23
87.107.166.0/23
87.107.174.0/23
Signature Algorithm: sha256WithRSAEncryption
33:99:75:3a:de:98:e0:ea:7a:92:76:42:1e:4b:17:13:24:b4:
f1:ce:33:3b:f7:d3:37:1f:fa:69:11:56:e5:11:7e:53:a1:70:
09:b5:27:cf:bf:6d:73:86:c0:8f:02:ed:bf:c9:5f:39:94:23:
5e:a2:69:10:a7:37:69:76:b7:82:03:81:19:f4:5d:6b:1b:0e:
2a:f3:cf:42:ca:30:8f:4b:2d:1e:5f:8e:82:f7:c6:54:73:74:
54:17:9d:df:80:ca:ce:fe:e7:3d:1c:47:e0:10:6c:43:80:bd:
03:87:66:23:1a:8a:8a:34:e1:66:c6:c4:53:af:e7:5b:55:10:
04:a9:04:75:4a:30:5e:07:a8:2b:86:07:08:e7:ff:c9:50:5c:
18:70:69:0f:aa:80:d2:90:60:e6:88:e1:c6:fe:22:fb:ef:af:
65:4b:24:1f:ea:d6:68:c9:0b:ec:ff:5f:9a:59:24:f0:66:7c:
b7:f8:59:3b:1b:0e:ba:b7:ce:4c:f1:1b:cb:0c:b4:a0:18:3f:
05:7f:93:af:63:79:81:56:2c:92:13:df:64:f3:8d:e4:f9:2d:
c8:fe:10:7d:a3:c7:08:ce:2c:7b:74:77:52:27:15:f8:43:6e:
9c:b2:82:50:62:a8:c8:2a:d0:a7:d9:24:a2:3a:5e:0c:d7:93:
0c:bd:8e:89
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZwDyaJcSA2++Cn8n2CBTaFfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjYwMTI4MDg0NzUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGI1MGM1ZGU0NjM2MGM5YmZmOTZiNjlkZmJiNDcxMmI4ZDA2NDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofK4p/Srkl2H7g9keRrxYxq/cGUj
HGy5yPpST2OYRnrcJYR9FNWoZQy+KAqfbUDS/4nwpOSLMJtttUqWoCfOVwTzZ4nJ
FpcR8MFUYRt8kt0uXYQ397BAOkiYVq+5z7gCJokL81qUKmwFmVBGKHcBj3OfxN92
X/5Pc2stF/XqT5IjkSWzt1woWgEjz9h4CTBCPGI1NURmJadxFW7AaFIbs8IksEB3
2bA3ZyVRBH/CdNgqJ3m+uiLK5/goKYEyjaKYay7SSt6WvAEnZiJigLyr5yI/cfBK
3qvZKTXYWwjPbL4PkouXC+f+0zXONG4V1vkNRGMmPEvLnBZP8XiDWYwOtwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFEC1DF3kY2DJv/lrad+7RxK40GSSMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvUUxVTVhlUmpZTW1fLVd0cDM3dEhFcmpRWkpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQCPtx8AwQC
UQwYAwQBUQweMAwDBAFXawYDBAFXawgDBAJXa2wDBABXa5ADBAFXa5gDBAFXa6YD
BAFXa64wDQYJKoZIhvcNAQELBQADggEBADOZdTremODqepJ2Qh5LFxMktPHOMzv3
0zcf+mkRVuURflOhcAm1J8+/bXOGwI8C7b/JXzmUI16iaRCnN2l2t4IDgRn0XWsb
Dirzz0LKMI9LLR5fjoL3xlRzdFQXnd+Ays7+5z0cR+AQbEOAvQOHZiMaioo04WbG
xFOv51tVEASpBHVKMF4HqCuGBwjn/8lQXBhwaQ+qgNKQYOaI4cb+Ivvvr2VLJB/q
1mjJC+z/X5pZJPBmfLf4WTsbDrq3zkzxG8sMtKAYPwV/k69jeYFWLJIT32TzjeT5
Lcj+EH2jxwjOLHt0d1InFfhDbpyyglBiqMgq0KfZJKI6XgzXkwy9jok=
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:59:59 2026 by rpki-client