Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/QY-eyTIUxbAEtCPM92iCWrclED4.roa
File: QY-eyTIUxbAEtCPM92iCWrclED4.roa (raw, json)
Hash identifier: 7vJzow5xdGwBK91ajTaFEtdXovSvl9ZRcFZhttSomM8=
Subject key identifier: 41:8F:9E:C9:32:14:C5:B0:04:B4:23:CC:F7:68:82:5A:B7:25:10:3E
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 019D43EA8E2D3D52FD3094B44F286B4FF79B
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/QY-eyTIUxbAEtCPM92iCWrclED4.roa
Signing time: Tue 31 Mar 2026 12:42:18 +0000
ROA not before: Tue 31 Mar 2026 12:42:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58061
IP address blocks: 45.8.89.0/24 maxlen: 24
45.15.75.0/24 maxlen: 24
45.140.17.0/24 maxlen: 24
77.83.95.0/24 maxlen: 24
92.119.128.0/24 maxlen: 24
92.119.130.0/24 maxlen: 24
93.157.105.0/24 maxlen: 24
194.93.3.0/24 maxlen: 24
194.169.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:43:ea:8e:2d:3d:52:fd:30:94:b4:4f:28:6b:4f:f7:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Mar 31 12:42:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=418f9ec93214c5b004b423ccf768825ab725103e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:92:d0:39:52:1e:d0:5d:a2:07:5e:ff:3e:3e:
c3:67:50:e2:ab:26:b8:fc:1d:b9:90:5c:06:4d:54:
10:eb:1a:4a:d0:fa:4c:c1:9b:c6:16:56:01:8e:52:
21:a7:3b:66:dd:a0:95:a2:59:73:8d:27:07:48:67:
d0:83:00:fa:17:58:b7:83:a0:c7:51:70:ba:dd:53:
a5:95:19:b4:89:bf:29:dd:68:fd:3e:c3:cc:37:56:
e2:5e:f9:0a:9e:70:21:6a:f2:be:13:78:47:18:ba:
b7:6f:29:47:4f:57:20:11:d1:ee:9c:af:5b:32:40:
ad:da:54:1c:50:c7:41:67:01:13:36:73:cc:c4:f0:
fb:64:9e:46:37:18:e3:1e:04:c6:8e:1e:05:7a:64:
11:03:f5:92:f0:5a:f8:2d:71:ba:d8:75:56:69:41:
d1:16:1a:fc:f9:27:95:12:85:12:9c:4c:15:ee:57:
2a:42:1d:01:67:08:df:f5:95:d4:d6:ce:a5:be:82:
9e:8e:4a:b2:2b:e6:f4:78:98:c7:6c:8e:79:90:85:
bc:ff:6d:1b:12:ca:5b:82:3c:6c:74:a0:0d:1d:47:
8d:a6:c5:46:38:d7:b8:72:01:38:2e:fb:c2:af:23:
e0:f7:43:39:4b:26:8e:20:aa:af:44:fc:59:85:ce:
da:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:8F:9E:C9:32:14:C5:B0:04:B4:23:CC:F7:68:82:5A:B7:25:10:3E
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/QY-eyTIUxbAEtCPM92iCWrclED4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.89.0/24
45.15.75.0/24
45.140.17.0/24
77.83.95.0/24
92.119.128.0/24
92.119.130.0/24
93.157.105.0/24
194.93.3.0/24
194.169.161.0/24
Signature Algorithm: sha256WithRSAEncryption
29:f3:25:67:a4:2c:24:42:85:9d:f4:b6:dc:d0:df:3d:77:45:
7a:b0:11:52:75:f2:ca:84:97:25:b6:25:e3:1e:7e:8c:c9:41:
8c:43:d8:24:18:29:d8:5e:2b:df:19:64:f0:32:07:6e:a3:c2:
8c:29:da:74:42:19:f0:10:e4:72:d1:ba:20:b1:70:2a:b4:58:
b8:98:61:2f:f9:f5:ff:b9:ae:c1:c7:2a:ac:28:7d:f1:2a:c4:
4b:2c:6e:8e:10:62:32:ad:dc:3c:40:3c:66:77:57:b7:fd:4d:
9d:a1:7d:29:d3:8a:76:5c:67:73:84:d8:32:f7:cf:25:34:eb:
64:d3:3e:93:1d:4c:3a:9f:f8:b0:6a:69:6e:9b:47:19:59:b5:
a6:b5:61:0e:a6:b6:c4:e8:18:79:6a:44:7f:4c:97:e2:ac:40:
dc:7d:36:68:26:33:86:9c:57:10:64:76:a8:1c:a7:9f:1f:ff:
98:3c:fc:19:f4:be:3e:36:af:d6:f0:82:5d:fa:f8:a8:6f:c2:
47:15:10:fa:0d:73:55:33:fc:64:2a:72:d7:76:d0:28:ed:62:
3c:ab:ea:06:a5:40:68:6c:e3:8d:62:b1:07:b9:88:e8:93:c1:
49:e1:ec:98:d2:ac:27:80:9d:20:9f:0c:9e:c9:b7:a1:33:5c:
98:30:48:a9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZ1D6o4tPVL9MJS0TyhrT/ebMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjYwMzMxMTI0MjE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MThmOWVjOTMyMTRjNWIwMDRiNDIzY2NmNzY4ODI1YWI3MjUxMDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZLQOVIe0F2iB17/Pj7DZ1Diqya4
/B25kFwGTVQQ6xpK0PpMwZvGFlYBjlIhpztm3aCVollzjScHSGfQgwD6F1i3g6DH
UXC63VOllRm0ib8p3Wj9PsPMN1biXvkKnnAhavK+E3hHGLq3bylHT1cgEdHunK9b
MkCt2lQcUMdBZwETNnPMxPD7ZJ5GNxjjHgTGjh4FemQRA/WS8Fr4LXG62HVWaUHR
Fhr8+SeVEoUSnEwV7lcqQh0BZwjf9ZXU1s6lvoKejkqyK+b0eJjHbI55kIW8/20b
EspbgjxsdKANHUeNpsVGONe4cgE4LvvCryPg90M5SyaOIKqvRPxZhc7ayQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFEGPnskyFMWwBLQjzPdoglq3JRA+MB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvUVktZXlUSVV4YkFFdENQTTkyaUNXcmNsRUQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQhZAwQA
LQ9LAwQALYwRAwQATVNfAwQAXHeAAwQAXHeCAwQAXZ1pAwQAwl0DAwQAwqmhMA0G
CSqGSIb3DQEBCwUAA4IBAQAp8yVnpCwkQoWd9Lbc0N89d0V6sBFSdfLKhJcltiXj
Hn6MyUGMQ9gkGCnYXivfGWTwMgduo8KMKdp0QhnwEORy0bogsXAqtFi4mGEv+fX/
ua7BxyqsKH3xKsRLLG6OEGIyrdw8QDxmd1e3/U2doX0p04p2XGdzhNgy988lNOtk
0z6THUw6n/iwamlum0cZWbWmtWEOprbE6Bh5akR/TJfirEDcfTZoJjOGnFcQZHao
HKefH/+YPPwZ9L4+Nq/W8IJd+viob8JHFRD6DXNVM/xkKnLXdtAo7WI8q+oGpUBo
bOONYrEHuYjok8FJ4eyY0qwngJ0gnwyeybehM1yYMEip
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:51:26 2026 by rpki-client