Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/qBdBxkrsMe-QAThbnuUqYyq9XxY.roa
File: qBdBxkrsMe-QAThbnuUqYyq9XxY.roa (raw, json)
Hash identifier: 21WM2SzHhwGMLLSoVXMeEp7KJQLIRB96uxsn5RrDRgw=
Subject key identifier: A8:17:41:C6:4A:EC:31:EF:90:01:38:5B:9E:E5:2A:63:2A:BD:5F:16
Certificate issuer: /CN=5fc90518df70b13d706bfe237aa5a76926a576d1
Certificate serial: 019D72B297DCD0318520A44B41ABFC99F1A5
Authority key identifier: 5F:C9:05:18:DF:70:B1:3D:70:6B:FE:23:7A:A5:A7:69:26:A5:76:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X8kFGN9wsT1wa_4jeqWnaSaldtE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/qBdBxkrsMe-QAThbnuUqYyq9XxY.roa
Signing time: Thu 09 Apr 2026 14:43:20 +0000
ROA not before: Thu 09 Apr 2026 14:43:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48014
IP address blocks: 31.41.33.0/24 maxlen: 24
45.88.89.0/24 maxlen: 24
46.183.20.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.121.60.0/24 maxlen: 24
87.121.61.0/24 maxlen: 24
93.123.113.0/24 maxlen: 24
151.123.186.0/24 maxlen: 24
2001:3781::/32 maxlen: 32
2001:3783::/32 maxlen: 32
2001:3787::/32 maxlen: 32
2a12:4040::/32 maxlen: 32
2a12:4045::/32 maxlen: 32
2a12:4047::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/X8kFGN9wsT1wa_4jeqWnaSaldtE.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/X8kFGN9wsT1wa_4jeqWnaSaldtE.mft
rsync://rpki.ripe.net/repository/DEFAULT/X8kFGN9wsT1wa_4jeqWnaSaldtE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 02:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:b2:97:dc:d0:31:85:20:a4:4b:41:ab:fc:99:f1:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fc90518df70b13d706bfe237aa5a76926a576d1
Validity
Not Before: Apr 9 14:43:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a81741c64aec31ef9001385b9ee52a632abd5f16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d4:ac:1e:0a:ba:cd:9a:39:ad:d5:0a:fd:86:
42:79:80:80:06:df:c6:53:28:64:27:87:70:54:0e:
ca:48:58:31:ff:b2:91:b5:c2:57:74:c1:21:68:16:
cf:8e:b2:f2:51:50:87:ff:7d:9b:19:33:c2:33:08:
51:58:1f:32:e3:a1:ba:56:0d:f2:e5:51:05:6a:0e:
90:56:50:3f:d8:f8:55:f3:ab:01:5f:e6:e3:b2:d9:
a1:80:55:ce:6d:55:cb:c9:c2:2b:9c:86:ea:91:a7:
95:56:39:fe:f1:a9:97:e6:63:3f:d1:d1:18:e9:5f:
13:f1:a2:f3:00:99:d8:e8:f9:c6:d4:db:ef:77:74:
b1:8e:02:51:1f:8c:5c:eb:3e:81:d7:6e:65:43:0d:
38:2a:27:37:a9:75:62:6b:ae:e6:a3:5e:ae:d7:1e:
b8:eb:d8:b4:6f:bd:25:84:37:5b:18:ec:ef:3c:7e:
21:12:fe:a9:28:da:e7:8e:23:4e:55:ef:d1:c4:82:
e5:2a:8a:39:30:76:db:da:e1:b4:08:be:0d:3c:b5:
0d:30:5c:7e:ae:3b:b9:e1:dd:9b:41:90:00:b1:f3:
01:53:b0:b4:10:bf:35:b4:9a:79:81:2a:bb:00:20:
fb:db:7e:d9:6e:f6:68:9f:41:e0:ff:0a:d2:7a:4a:
88:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:17:41:C6:4A:EC:31:EF:90:01:38:5B:9E:E5:2A:63:2A:BD:5F:16
X509v3 Authority Key Identifier:
keyid:5F:C9:05:18:DF:70:B1:3D:70:6B:FE:23:7A:A5:A7:69:26:A5:76:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X8kFGN9wsT1wa_4jeqWnaSaldtE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/qBdBxkrsMe-QAThbnuUqYyq9XxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/X8kFGN9wsT1wa_4jeqWnaSaldtE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.33.0/24
45.88.89.0/24
46.183.20.0/24
84.54.48.0/24
87.121.60.0/23
93.123.113.0/24
151.123.186.0/24
IPv6:
2001:3781::/32
2001:3783::/32
2001:3787::/32
2a12:4040::/32
2a12:4045::/32
2a12:4047::/32
Signature Algorithm: sha256WithRSAEncryption
60:91:bb:d0:f9:9f:61:08:99:ef:93:58:95:89:22:b1:cc:78:
dd:2c:d0:81:ad:63:2c:fb:c2:2b:c0:85:9d:c1:bc:61:80:10:
67:04:32:86:1b:3e:c5:94:d8:3c:3e:0f:93:51:9a:79:ec:d5:
22:63:57:95:cc:73:f7:d9:32:74:71:c0:32:b7:18:42:1e:77:
40:63:16:4e:c2:e5:93:35:e8:99:d5:96:c5:5a:de:19:a5:9b:
a7:bc:f5:08:f3:29:b1:73:1d:18:7b:3f:77:cd:71:0c:ab:07:
d3:ee:06:2a:c6:0e:c9:27:af:7f:e7:5c:d8:68:de:6e:43:0f:
69:3c:e6:d2:7c:dc:14:49:a0:64:9a:2a:fb:27:84:39:a2:2b:
07:0d:64:4b:88:4d:b6:09:b9:04:3c:de:7e:1e:1c:75:ad:4a:
42:7f:85:52:34:30:3f:73:54:9e:53:7c:9b:28:ed:ad:3c:96:
cd:86:3a:98:8c:64:83:cd:a4:31:c1:4d:ae:c2:38:56:4d:eb:
4d:ec:84:00:33:ff:af:3d:ba:da:a5:53:e8:66:99:79:9e:0f:
51:2a:0b:1f:b3:3f:24:d4:4b:8d:2e:4c:9d:16:df:6e:c7:e3:
02:02:d3:2c:f3:74:e2:66:73:12:e4:9a:87:f6:3d:65:74:4f:
8e:99:40:ec
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZ1yspfc0DGFIKRLQav8mfGlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYzkwNTE4ZGY3MGIxM2Q3MDZiZmUyMzdhYTVhNzY5MjZh
NTc2ZDEwHhcNMjYwNDA5MTQ0MzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODE3NDFjNjRhZWMzMWVmOTAwMTM4NWI5ZWU1MmE2MzJhYmQ1ZjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltSsHgq6zZo5rdUK/YZCeYCABt/G
UyhkJ4dwVA7KSFgx/7KRtcJXdMEhaBbPjrLyUVCH/32bGTPCMwhRWB8y46G6Vg3y
5VEFag6QVlA/2PhV86sBX+bjstmhgFXObVXLycIrnIbqkaeVVjn+8amX5mM/0dEY
6V8T8aLzAJnY6PnG1Nvvd3SxjgJRH4xc6z6B125lQw04Kic3qXVia67mo16u1x64
69i0b70lhDdbGOzvPH4hEv6pKNrnjiNOVe/RxILlKoo5MHbb2uG0CL4NPLUNMFx+
rju54d2bQZAAsfMBU7C0EL81tJp5gSq7ACD7237ZbvZon0Hg/wrSekqINwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFKgXQcZK7DHvkAE4W57lKmMqvV8WMB8GA1UdIwQY
MBaAFF/JBRjfcLE9cGv+I3qlp2kmpXbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDhrRkdOOXdzVDF3YV80amVxV25hU2FsZHRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82NWNjMjAtMGRmYi00MTgwLTlhYzEt
YzgzMDJlODJlYTIyLzEvcUJkQnhrcnNNZS1RQVRoYm51VXFZeXE5WHhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82NWNjMjAtMGRmYi00MTgwLTlhYzEtYzgzMDJlODJlYTIy
LzEvWDhrRkdOOXdzVDF3YV80amVxV25hU2FsZHRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDAwBAIAATAqAwQAHykhAwQA
LVhZAwQALrcUAwQAVDYwAwQBV3k8AwQAXXtxAwQAl3u6MDAEAgACMCoDBQAgATeB
AwUAIAE3gwMFACABN4cDBQAqEkBAAwUAKhJARQMFACoSQEcwDQYJKoZIhvcNAQEL
BQADggEBAGCRu9D5n2EIme+TWJWJIrHMeN0s0IGtYyz7wivAhZ3BvGGAEGcEMoYb
PsWU2Dw+D5NRmnns1SJjV5XMc/fZMnRxwDK3GEIed0BjFk7C5ZM16JnVlsVa3hml
m6e89QjzKbFzHRh7P3fNcQyrB9PuBirGDsknr3/nXNho3m5DD2k85tJ83BRJoGSa
KvsnhDmiKwcNZEuITbYJuQQ83n4eHHWtSkJ/hVI0MD9zVJ5TfJso7a08ls2GOpiM
ZIPNpDHBTa7COFZN603shAAz/689utqlU+hmmXmeD1EqCx+zPyTUS40uTJ0W327H
4wIC0yzzdOJmcxLkmof2PWV0T46ZQOw=
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:02:11 2026 by rpki-client