Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/d26a1c-1870-4821-bb8a-84f95d33e2c6/1/Q-CfOKzteQbTOtrpZkjGGeS4tDc.roa
File: Q-CfOKzteQbTOtrpZkjGGeS4tDc.roa (raw, json)
Hash identifier: vXtQZLtQ6dU2I9o5LgOiMGmVeD5PpOqrDv70NWNoyzU=
Subject key identifier: 43:E0:9F:38:AC:ED:79:06:D3:3A:DA:E9:66:48:C6:19:E4:B8:B4:37
Certificate issuer: /CN=950453ed485e76870617a0e4f4675144c3192cb2
Certificate serial: 019E665268EEA31522105046A4B5069EA3B7
Authority key identifier: 95:04:53:ED:48:5E:76:87:06:17:A0:E4:F4:67:51:44:C3:19:2C:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQRT7UhedocGF6Dk9GdRRMMZLLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/d26a1c-1870-4821-bb8a-84f95d33e2c6/1/Q-CfOKzteQbTOtrpZkjGGeS4tDc.roa
Signing time: Tue 26 May 2026 22:05:37 +0000
ROA not before: Tue 26 May 2026 22:05:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 64096
IP address blocks: 31.132.44.0/22 maxlen: 22
31.132.44.0/24 maxlen: 24
31.132.45.0/24 maxlen: 24
185.26.84.0/24 maxlen: 24
2a0d:9fc0::/29 maxlen: 29
2a0d:9fc0::/32 maxlen: 32
2a0d:9fc0::/36 maxlen: 36
2a0d:9fc1::/32 maxlen: 32
2a0d:9fc1::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/d26a1c-1870-4821-bb8a-84f95d33e2c6/1/lQRT7UhedocGF6Dk9GdRRMMZLLI.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/d26a1c-1870-4821-bb8a-84f95d33e2c6/1/lQRT7UhedocGF6Dk9GdRRMMZLLI.mft
rsync://rpki.ripe.net/repository/DEFAULT/lQRT7UhedocGF6Dk9GdRRMMZLLI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:66:52:68:ee:a3:15:22:10:50:46:a4:b5:06:9e:a3:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=950453ed485e76870617a0e4f4675144c3192cb2
Validity
Not Before: May 26 22:05:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=43e09f38aced7906d33adae96648c619e4b8b437
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:03:75:d2:9f:d0:4a:a5:de:1c:67:7e:ee:ef:
db:57:08:ef:5e:63:cd:18:65:d3:1f:c9:e6:d6:e0:
c9:a6:d4:a9:63:73:06:a1:10:66:04:92:b5:bc:8d:
1e:b9:0f:6e:48:26:23:d9:06:dc:f5:34:57:fa:2a:
dc:39:7e:d7:6a:26:7b:ad:46:0b:20:a0:0a:61:44:
0c:ae:f5:b4:e4:04:2f:2a:81:8e:14:44:5b:a3:7c:
55:ee:79:b5:67:80:69:90:ff:0c:bc:be:42:14:ca:
cf:b8:47:d8:c1:41:1e:7b:51:ae:c7:90:f2:02:53:
d9:70:cb:16:15:74:6f:b8:ed:78:9a:48:83:3f:00:
f9:bd:e4:cc:42:56:5e:fe:ed:7f:a7:31:2b:3a:95:
4f:92:eb:a9:6a:7e:22:25:be:4b:63:aa:c4:e4:ea:
ac:40:f1:94:64:b7:6b:b0:06:7c:5e:1f:bb:d0:d3:
a5:9f:c1:ab:fd:6b:6b:d0:c3:98:42:49:a3:7e:da:
05:38:b0:63:39:66:8a:82:c5:19:57:5c:56:b4:97:
59:90:56:8c:d6:15:d1:16:87:83:19:10:4f:f8:49:
3f:a7:b8:2d:29:cf:f8:3e:8f:bd:5b:ad:b1:09:93:
cc:04:ef:ff:d8:dc:4d:5d:62:4b:3a:39:44:63:47:
ff:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E0:9F:38:AC:ED:79:06:D3:3A:DA:E9:66:48:C6:19:E4:B8:B4:37
X509v3 Authority Key Identifier:
keyid:95:04:53:ED:48:5E:76:87:06:17:A0:E4:F4:67:51:44:C3:19:2C:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQRT7UhedocGF6Dk9GdRRMMZLLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/d26a1c-1870-4821-bb8a-84f95d33e2c6/1/Q-CfOKzteQbTOtrpZkjGGeS4tDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/d26a1c-1870-4821-bb8a-84f95d33e2c6/1/lQRT7UhedocGF6Dk9GdRRMMZLLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.132.44.0/22
185.26.84.0/24
IPv6:
2a0d:9fc0::/29
Signature Algorithm: sha256WithRSAEncryption
1f:95:6b:4a:ba:f9:3b:fb:96:9f:63:b9:70:c6:db:70:1b:f3:
46:9f:24:44:e9:48:51:f5:d6:8e:62:fb:39:78:df:1c:ed:e0:
cc:38:63:98:05:80:ab:e1:c7:86:c4:d1:70:a8:67:d9:72:05:
75:f7:0b:04:fa:5b:f0:f9:e0:5b:b9:3e:48:6e:68:0e:05:3f:
69:df:5a:e2:81:49:38:bc:ff:73:3e:b0:17:36:37:e4:53:5e:
c8:db:be:22:be:9b:13:ee:3d:22:d2:22:d5:d3:81:fd:c9:4b:
a5:35:15:0b:2f:cc:70:86:6a:98:47:d2:dc:ce:d6:84:75:39:
7e:82:ef:b8:af:2a:b0:78:a0:3d:cd:67:b1:c0:b3:1a:61:7b:
6f:8d:48:d8:e4:1e:79:08:1a:e0:09:3d:27:2e:2f:1f:7c:07:
ca:ca:6f:85:b5:3e:d6:e6:46:e0:21:f8:99:6f:f0:dc:6f:7d:
d0:a9:33:39:86:15:9c:25:2e:52:a6:a0:59:51:9d:4e:c7:23:
c4:f2:36:02:c8:44:a2:b1:00:90:b9:f4:cc:53:77:47:76:30:
18:a0:f9:c1:89:b0:1e:e4:6d:5e:d4:37:9b:cb:35:51:50:44:
7b:60:88:08:fb:7f:8b:2f:65:f7:87:c4:c4:44:1a:e9:c3:1f:
65:31:ac:ab
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ5mUmjuoxUiEFBGpLUGnqO3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDQ1M2VkNDg1ZTc2ODcwNjE3YTBlNGY0Njc1MTQ0YzMx
OTJjYjIwHhcNMjYwNTI2MjIwNTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2UwOWYzOGFjZWQ3OTA2ZDMzYWRhZTk2NjQ4YzYxOWU0YjhiNDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwN10p/QSqXeHGd+7u/bVwjvXmPN
GGXTH8nm1uDJptSpY3MGoRBmBJK1vI0euQ9uSCYj2Qbc9TRX+ircOX7XaiZ7rUYL
IKAKYUQMrvW05AQvKoGOFERbo3xV7nm1Z4BpkP8MvL5CFMrPuEfYwUEee1Gux5Dy
AlPZcMsWFXRvuO14mkiDPwD5veTMQlZe/u1/pzErOpVPkuupan4iJb5LY6rE5Oqs
QPGUZLdrsAZ8Xh+70NOln8Gr/Wtr0MOYQkmjftoFOLBjOWaKgsUZV1xWtJdZkFaM
1hXRFoeDGRBP+Ek/p7gtKc/4Po+9W62xCZPMBO//2NxNXWJLOjlEY0f/VQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEPgnzis7XkG0zra6WZIxhnkuLQ3MB8GA1UdIwQY
MBaAFJUEU+1IXnaHBheg5PRnUUTDGSyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFSVDdVaGVkb2NHRjZEazlHZFJSTU1aTExJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9kMjZhMWMtMTg3MC00ODIxLWJiOGEt
ODRmOTVkMzNlMmM2LzEvUS1DZk9LenRlUWJUT3RycFprakdHZVM0dERjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9kMjZhMWMtMTg3MC00ODIxLWJiOGEtODRmOTVkMzNlMmM2
LzEvbFFSVDdVaGVkb2NHRjZEazlHZFJSTU1aTExJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCH4QsAwQA
uRpUMA0EAgACMAcDBQMqDZ/AMA0GCSqGSIb3DQEBCwUAA4IBAQAflWtKuvk7+5af
Y7lwxttwG/NGnyRE6UhR9daOYvs5eN8c7eDMOGOYBYCr4ceGxNFwqGfZcgV19wsE
+lvw+eBbuT5IbmgOBT9p31rigUk4vP9zPrAXNjfkU17I274ivpsT7j0i0iLV04H9
yUulNRULL8xwhmqYR9LcztaEdTl+gu+4ryqweKA9zWexwLMaYXtvjUjY5B55CBrg
CT0nLi8ffAfKym+FtT7W5kbgIfiZb/Dcb33QqTM5hhWcJS5SpqBZUZ1OxyPE8jYC
yESisQCQufTMU3dHdjAYoPnBibAe5G1e1DebyzVRUER7YIgI+3+LL2X3h8TERBrp
wx9lMayr
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:06:06 2026 by rpki-client