Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Q56xGXw1razffYRXGnZQELCp1jI.roa
File: Q56xGXw1razffYRXGnZQELCp1jI.roa (raw, json)
Hash identifier: j13cPcV4YiybwJDXXEOEVBzVZVzbPVOyhZLLFpDSrvI=
Subject key identifier: 43:9E:B1:19:7C:35:AD:AC:DF:7D:84:57:1A:76:50:10:B0:A9:D6:32
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019D42B51CB192A73BC386F0A541C5FCF465
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Q56xGXw1razffYRXGnZQELCp1jI.roa
Signing time: Tue 31 Mar 2026 07:04:18 +0000
ROA not before: Tue 31 Mar 2026 07:04:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57169
IP address blocks: 192.36.38.0/24 maxlen: 24
192.36.41.0/24 maxlen: 24
192.36.56.0/24 maxlen: 24
192.36.61.0/24 maxlen: 24
192.71.26.0/24 maxlen: 24
192.71.233.0/24 maxlen: 24
192.71.247.0/24 maxlen: 24
192.71.249.0/24 maxlen: 24
192.121.16.0/24 maxlen: 24
192.121.17.0/24 maxlen: 24
192.121.163.0/24 maxlen: 24
192.121.170.0/24 maxlen: 24
192.121.171.0/24 maxlen: 24
193.182.145.0/24 maxlen: 24
193.235.147.0/24 maxlen: 24
194.14.208.0/24 maxlen: 24
194.68.225.0/24 maxlen: 24
194.71.107.0/24 maxlen: 24
194.71.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:42:b5:1c:b1:92:a7:3b:c3:86:f0:a5:41:c5:fc:f4:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Mar 31 07:04:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=439eb1197c35adacdf7d84571a765010b0a9d632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c5:70:33:c8:da:0c:4a:50:c9:cf:35:f2:d2:
d9:64:48:30:5f:37:3d:da:cb:49:1b:a1:51:03:7b:
c4:e9:1a:99:f1:00:fd:bf:05:e3:2b:2a:af:89:1d:
67:87:e2:85:82:04:d4:0d:13:11:de:3c:ec:12:8f:
59:f3:a2:1b:65:7c:08:aa:ca:ce:93:b7:18:5e:3e:
42:93:19:70:fe:a0:e5:ba:ae:4c:ec:1b:42:aa:3a:
f2:78:12:42:51:21:2a:ec:5a:9c:0c:47:dd:9d:61:
0a:81:43:81:14:13:a1:f9:8a:a0:d3:81:3e:f4:23:
84:76:16:d1:0b:1c:bb:60:ef:3e:7c:fe:20:85:f4:
2d:41:40:ce:36:04:18:dc:0b:92:79:17:7f:78:fd:
64:22:2f:1d:a2:06:82:71:1e:28:5c:13:43:a9:2e:
f2:79:67:ee:36:c5:df:20:98:74:b3:38:fa:aa:72:
6b:84:fa:ad:73:61:9a:f8:a8:a6:68:ee:62:ef:15:
97:5e:11:30:f8:1f:a3:be:fe:c0:44:03:44:ca:af:
82:e3:6c:55:61:45:a7:44:4b:20:f1:35:e5:3d:18:
cf:95:3b:c2:1d:4f:24:02:03:d3:de:3f:2c:a6:5b:
ac:2d:35:b7:a9:61:5c:ae:8f:cd:06:db:af:bd:93:
3a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:9E:B1:19:7C:35:AD:AC:DF:7D:84:57:1A:76:50:10:B0:A9:D6:32
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Q56xGXw1razffYRXGnZQELCp1jI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.38.0/24
192.36.41.0/24
192.36.56.0/24
192.36.61.0/24
192.71.26.0/24
192.71.233.0/24
192.71.247.0/24
192.71.249.0/24
192.121.16.0/23
192.121.163.0/24
192.121.170.0/23
193.182.145.0/24
193.235.147.0/24
194.14.208.0/24
194.68.225.0/24
194.71.107.0/24
194.71.227.0/24
Signature Algorithm: sha256WithRSAEncryption
05:fe:25:1e:95:6a:fa:de:b7:20:5c:f9:ba:b0:c2:6c:c1:ff:
59:af:a9:ad:59:2e:ed:21:ff:91:09:30:95:75:f8:a2:0f:52:
92:fa:ae:c1:74:90:e3:f3:16:9d:d3:05:cf:07:cd:c4:c4:15:
c7:b9:a6:49:77:0e:b1:3e:13:17:34:61:e3:47:0f:61:9c:04:
fd:0f:d5:dd:8b:c8:1a:29:aa:65:83:15:e2:b7:b3:21:7c:3c:
bf:e3:5b:4f:f3:ff:6f:83:9c:44:d9:9e:3b:a4:76:a2:b6:9b:
26:7b:17:85:34:c7:ee:a3:c3:64:5c:5c:0d:89:ee:28:7c:6b:
f3:bf:1d:f4:94:b1:aa:e4:57:7d:9e:8e:34:c0:d9:bb:28:6e:
21:5c:b0:e6:86:72:d2:05:b6:f9:6e:67:b8:a5:85:4f:38:ff:
5a:85:b8:91:6f:ba:5a:c6:2c:e2:cf:dc:3a:bb:66:df:77:bd:
07:20:a7:c1:74:3a:fb:d9:3a:d2:de:1c:29:3d:ea:f9:a2:21:
75:02:f4:c1:fb:32:7f:c6:c2:10:65:50:7d:af:c3:84:f1:f7:
36:ea:13:2c:f1:ac:e2:43:85:b1:bc:d6:9d:fd:40:80:92:08:
2c:54:17:29:86:a6:c3:04:b7:fc:22:79:4b:72:ec:0e:cb:29:
68:bc:e3:77
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZ1CtRyxkqc7w4bwpUHF/PRlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjYwMzMxMDcwNDE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzllYjExOTdjMzVhZGFjZGY3ZDg0NTcxYTc2NTAxMGIwYTlkNjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MVwM8jaDEpQyc818tLZZEgwXzc9
2stJG6FRA3vE6RqZ8QD9vwXjKyqviR1nh+KFggTUDRMR3jzsEo9Z86IbZXwIqsrO
k7cYXj5Ckxlw/qDluq5M7BtCqjryeBJCUSEq7FqcDEfdnWEKgUOBFBOh+Yqg04E+
9COEdhbRCxy7YO8+fP4ghfQtQUDONgQY3AuSeRd/eP1kIi8dogaCcR4oXBNDqS7y
eWfuNsXfIJh0szj6qnJrhPqtc2Ga+KimaO5i7xWXXhEw+B+jvv7ARANEyq+C42xV
YUWnREsg8TXlPRjPlTvCHU8kAgPT3j8splusLTW3qWFcro/NBtuvvZM6yQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFEOesRl8Na2s332EVxp2UBCwqdYyMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvUTU2eEdYdzFyYXpmZllSWEduWlFFTENwMWpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAwCQmAwQA
wCQpAwQAwCQ4AwQAwCQ9AwQAwEcaAwQAwEfpAwQAwEf3AwQAwEf5AwQBwHkQAwQA
wHmjAwQBwHmqAwQAwbaRAwQAweuTAwQAwg7QAwQAwkThAwQAwkdrAwQAwkfjMA0G
CSqGSIb3DQEBCwUAA4IBAQAF/iUelWr63rcgXPm6sMJswf9Zr6mtWS7tIf+RCTCV
dfiiD1KS+q7BdJDj8xad0wXPB83ExBXHuaZJdw6xPhMXNGHjRw9hnAT9D9Xdi8ga
KaplgxXit7MhfDy/41tP8/9vg5xE2Z47pHaitpsmexeFNMfuo8NkXFwNie4ofGvz
vx30lLGq5Fd9no40wNm7KG4hXLDmhnLSBbb5bme4pYVPOP9ahbiRb7paxiziz9w6
u2bfd70HIKfBdDr72TrS3hwpPer5oiF1AvTB+zJ/xsIQZVB9r8OE8fc26hMs8azi
Q4WxvNad/UCAkggsVBcphqbDBLf8InlLcuwOyylovON3
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:59:30 2026 by rpki-client