Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/QJLzAcYEPZtusCbKyGwUQTxHEC8.roa
File: QJLzAcYEPZtusCbKyGwUQTxHEC8.roa (raw, json)
Hash identifier: s6kRRpAzDax5R6PcyME5uOuvdqUfyGUTl0Dg3M3bEJY=
Subject key identifier: 40:92:F3:01:C6:04:3D:9B:6E:B0:26:CA:C8:6C:14:41:3C:47:10:2F
Certificate issuer: /CN=75f1a763745c25dad28f4a8116688e82ce12028b
Certificate serial: 019E6326546681C968A345F48B99ED693829
Authority key identifier: 75:F1:A7:63:74:5C:25:DA:D2:8F:4A:81:16:68:8E:82:CE:12:02:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dfGnY3RcJdrSj0qBFmiOgs4SAos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/QJLzAcYEPZtusCbKyGwUQTxHEC8.roa
Signing time: Tue 26 May 2026 07:18:36 +0000
ROA not before: Tue 26 May 2026 07:18:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49468
IP address blocks: 45.8.45.0/24 maxlen: 24
45.8.46.0/24 maxlen: 24
45.8.47.0/24 maxlen: 24
86.104.220.0/24 maxlen: 24
89.33.247.0/24 maxlen: 24
89.34.110.0/24 maxlen: 24
91.213.11.0/24 maxlen: 24
91.213.188.0/24 maxlen: 24
128.0.44.0/24 maxlen: 24
188.211.238.0/24 maxlen: 24
194.242.46.0/24 maxlen: 24
194.246.38.0/24 maxlen: 24
194.246.84.0/24 maxlen: 24
194.246.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.mft
rsync://rpki.ripe.net/repository/DEFAULT/dfGnY3RcJdrSj0qBFmiOgs4SAos.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 07:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:63:26:54:66:81:c9:68:a3:45:f4:8b:99:ed:69:38:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75f1a763745c25dad28f4a8116688e82ce12028b
Validity
Not Before: May 26 07:18:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4092f301c6043d9b6eb026cac86c14413c47102f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1e:92:9e:73:ac:44:73:3a:5b:8b:e5:d1:37:
3d:b8:88:c5:0a:ae:56:d5:bf:97:9b:c7:ac:a9:ff:
71:f8:37:2e:a3:5c:ef:99:d3:05:85:f7:8b:87:b5:
74:dc:3d:1a:35:cc:1a:b6:f7:68:de:19:23:40:55:
aa:e9:21:3b:d5:6e:b3:6a:11:ae:0c:6a:d7:7d:b2:
fa:7a:c8:05:3f:40:38:ff:29:4e:0a:9f:7f:70:e9:
18:74:c8:84:d2:7c:bd:59:b1:7e:cc:66:eb:4d:99:
48:b6:0e:f8:f4:51:e9:87:1b:15:1b:db:db:5b:e5:
6f:ec:32:2d:11:16:75:46:3d:20:8e:93:df:90:5c:
53:43:7d:db:7a:e1:d3:75:3f:bf:d9:13:d7:e9:57:
56:6f:6b:f8:3b:7b:39:27:ac:16:09:18:41:72:c0:
0f:c0:d5:dd:7c:15:d2:76:4a:3f:5f:2d:54:6f:e8:
df:cb:2b:a0:4f:f0:88:86:88:6b:62:b1:79:a0:b1:
8f:5e:4d:36:5e:72:da:68:1a:73:03:64:a9:20:db:
d4:79:98:b7:e0:55:f0:12:bf:a2:f0:9a:f7:16:b4:
b4:b0:cf:75:1d:da:ae:b3:a1:e8:31:54:9b:e6:7d:
66:8c:d0:16:93:ab:dc:70:a8:ab:84:70:57:be:ac:
a9:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:92:F3:01:C6:04:3D:9B:6E:B0:26:CA:C8:6C:14:41:3C:47:10:2F
X509v3 Authority Key Identifier:
keyid:75:F1:A7:63:74:5C:25:DA:D2:8F:4A:81:16:68:8E:82:CE:12:02:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dfGnY3RcJdrSj0qBFmiOgs4SAos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/QJLzAcYEPZtusCbKyGwUQTxHEC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.45.0-45.8.47.255
86.104.220.0/24
89.33.247.0/24
89.34.110.0/24
91.213.11.0/24
91.213.188.0/24
128.0.44.0/24
188.211.238.0/24
194.242.46.0/24
194.246.38.0/24
194.246.84.0/24
194.246.100.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:48:0b:01:18:2a:b6:3a:07:8c:1a:57:50:68:2f:da:1b:fd:
67:61:19:b5:e6:f7:8f:28:8d:e7:90:59:5e:82:37:94:80:b4:
f5:56:af:44:dd:b3:1a:d8:43:48:14:25:88:94:46:ae:eb:1a:
d6:6a:a0:ae:a3:02:64:bf:06:90:2d:61:b4:58:92:19:77:b3:
f5:45:b2:0f:26:08:85:04:11:98:f0:fa:46:89:61:68:3c:17:
70:c9:eb:6d:34:6e:a9:af:b8:ae:9a:4b:e2:82:18:d6:05:4a:
ad:f7:e9:1c:be:b9:28:a8:6b:08:ce:10:51:47:c2:e9:80:f9:
00:0b:f7:4d:78:42:26:29:ad:bf:86:10:5e:cb:a4:39:9f:f3:
8b:25:f9:d9:23:76:49:78:87:0e:df:76:0f:1a:10:ab:f1:76:
70:bb:8e:79:3e:f0:66:ac:17:69:0c:31:56:a2:a5:0b:d3:9f:
02:13:24:45:57:06:6a:ce:b0:85:34:ec:09:98:12:a3:79:45:
e3:4b:84:b9:61:a4:b0:1a:41:82:a0:71:99:f1:4e:9b:81:18:
9c:65:b5:a7:6a:cd:f7:a1:ef:89:d3:3b:40:3b:6a:9f:11:d5:
a8:db:b4:70:80:dd:54:07:bd:ec:6c:59:98:5d:61:56:f3:38:
2d:16:12:1f
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZ5jJlRmgcloo0X0i5ntaTgpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZjFhNzYzNzQ1YzI1ZGFkMjhmNGE4MTE2Njg4ZTgyY2Ux
MjAyOGIwHhcNMjYwNTI2MDcxODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDkyZjMwMWM2MDQzZDliNmViMDI2Y2FjODZjMTQ0MTNjNDcxMDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAph6SnnOsRHM6W4vl0Tc9uIjFCq5W
1b+Xm8esqf9x+Dcuo1zvmdMFhfeLh7V03D0aNcwatvdo3hkjQFWq6SE71W6zahGu
DGrXfbL6esgFP0A4/ylOCp9/cOkYdMiE0ny9WbF+zGbrTZlItg749FHphxsVG9vb
W+Vv7DItERZ1Rj0gjpPfkFxTQ33beuHTdT+/2RPX6VdWb2v4O3s5J6wWCRhBcsAP
wNXdfBXSdko/Xy1Ub+jfyyugT/CIhohrYrF5oLGPXk02XnLaaBpzA2SpINvUeZi3
4FXwEr+i8Jr3FrS0sM91Hdqus6HoMVSb5n1mjNAWk6vccKirhHBXvqypSwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFECS8wHGBD2bbrAmyshsFEE8RxAvMB8GA1UdIwQY
MBaAFHXxp2N0XCXa0o9KgRZojoLOEgKLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGZHblkzUmNKZHJTajBxQkZtaU9nczRTQW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi85ODBlNjYtMzYzMS00ZmRlLThlMmQt
Yzg0OWJjMGYzNTliLzEvUUpMekFjWUVQWnR1c0NiS3lHd1VRVHhIRUM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi85ODBlNjYtMzYzMS00ZmRlLThlMmQtYzg0OWJjMGYzNTli
LzEvZGZHblkzUmNKZHJTajBxQkZtaU9nczRTQW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQMAwDBAAtCC0D
BAQtCCADBABWaNwDBABZIfcDBABZIm4DBABb1QsDBABb1bwDBACAACwDBAC80+4D
BADC8i4DBADC9iYDBADC9lQDBADC9mQwDQYJKoZIhvcNAQELBQADggEBAF9ICwEY
KrY6B4waV1BoL9ob/WdhGbXm948ojeeQWV6CN5SAtPVWr0TdsxrYQ0gUJYiURq7r
GtZqoK6jAmS/BpAtYbRYkhl3s/VFsg8mCIUEEZjw+kaJYWg8F3DJ6200bqmvuK6a
S+KCGNYFSq336Ry+uSioawjOEFFHwumA+QAL9014QiYprb+GEF7LpDmf84sl+dkj
dkl4hw7fdg8aEKvxdnC7jnk+8GasF2kMMVaipQvTnwITJEVXBmrOsIU07AmYEqN5
ReNLhLlhpLAaQYKgcZnxTpuBGJxltadqzfeh74nTO0A7ap8R1ajbtHCA3VQHvexs
WZhdYVbzOC0WEh8=
-----END CERTIFICATE-----
Generated at Sat Jun 13 12:41:18 2026 by rpki-client