Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/Q-GYq2m_tr6W_RtM0sCvHlInTxU.roa
File: Q-GYq2m_tr6W_RtM0sCvHlInTxU.roa (raw, json)
Hash identifier: 1xrCYD5jiDLXpxJne8P+wvXM1GVUiEeJQXgzUbLbWSM=
Subject key identifier: 43:E1:98:AB:69:BF:B6:BE:96:FD:1B:4C:D2:C0:AF:1E:52:27:4F:15
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 019D87210120630C2BE5F4073DFDF82E4735
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/Q-GYq2m_tr6W_RtM0sCvHlInTxU.roa
Signing time: Mon 13 Apr 2026 13:56:20 +0000
ROA not before: Mon 13 Apr 2026 13:56:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
91.205.228.0/24 maxlen: 24
185.92.45.0/24 maxlen: 24
185.92.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:87:21:01:20:63:0c:2b:e5:f4:07:3d:fd:f8:2e:47:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Apr 13 13:56:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=43e198ab69bfb6be96fd1b4cd2c0af1e52274f15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b1:0f:0f:93:6c:24:48:1b:d4:27:81:0f:ca:
8a:3e:7a:02:84:35:77:28:56:48:ee:e4:36:ae:12:
f6:25:5b:6d:ed:06:10:30:73:2d:53:55:59:67:d2:
77:e2:a0:90:91:84:6c:4f:af:33:27:55:db:be:c9:
87:f4:dd:e2:6d:55:fd:b2:60:ba:d1:96:96:a0:50:
f9:73:50:e5:0c:c6:39:f7:71:17:95:89:6f:df:9e:
f7:70:16:52:a3:59:43:bc:6f:9a:a5:00:4c:4f:a2:
7e:e3:e5:33:67:e6:3b:f9:2e:6c:f5:87:2c:70:dd:
e4:d2:0c:0a:63:1c:5d:a0:c7:c6:5f:bd:53:f4:5f:
22:6f:77:ec:49:0e:13:33:8a:f5:a7:45:3d:ee:ce:
aa:c4:b9:fe:47:c3:d0:6a:33:31:c0:14:78:4e:00:
81:27:69:7d:93:12:9e:e2:ec:af:14:13:22:d5:24:
57:ba:21:77:b6:a2:d0:56:86:e6:8c:43:9c:5c:2e:
41:b7:59:d6:86:2a:5f:29:ed:f8:be:93:46:9b:19:
e6:cf:9f:1d:71:8c:f3:fd:c8:d5:86:b6:32:88:2d:
96:cd:eb:bf:d0:ae:bd:44:b9:d3:63:2c:80:fc:dd:
d5:54:34:ca:fe:fb:98:a5:aa:49:7c:66:7f:7b:50:
6f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E1:98:AB:69:BF:B6:BE:96:FD:1B:4C:D2:C0:AF:1E:52:27:4F:15
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/Q-GYq2m_tr6W_RtM0sCvHlInTxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.113.0/24
91.205.228.0/24
185.92.45.0-185.92.46.255
Signature Algorithm: sha256WithRSAEncryption
9d:e7:bc:67:2e:37:1b:91:72:34:b0:9b:dc:16:a2:26:fd:ae:
01:05:d0:85:f8:8f:5d:d1:b2:c9:73:5b:00:9c:93:b7:95:ef:
f6:c7:e7:51:fd:18:29:1d:ef:cf:3f:28:b4:c7:ce:5f:52:5e:
ae:03:cd:a0:15:b3:91:a8:4e:1d:13:bf:1b:ee:0c:1b:b3:4b:
ae:04:2f:a2:7f:ec:56:4a:a5:25:15:82:ef:d8:fe:07:75:4d:
a4:38:2f:f1:81:f7:d5:db:1f:35:9e:49:fe:3d:e9:7f:bb:75:
42:2c:b3:0f:c3:74:d5:08:62:0c:6a:d2:00:6d:26:b4:98:da:
b0:66:01:e3:d7:c8:68:b8:d5:21:d6:39:dc:b3:ea:07:33:5e:
de:d1:36:ef:e2:b0:ba:fb:17:7e:d2:eb:dc:60:94:30:d0:3b:
44:bd:1f:6a:91:55:d5:75:e9:39:f9:8b:c2:91:b8:66:0f:de:
0c:1e:52:c2:f6:da:62:92:48:ca:d2:b1:42:6c:f9:1a:0e:09:
c9:d7:38:48:89:02:65:fe:4c:65:4c:db:21:e4:33:6f:86:f2:
75:d6:54:da:a1:8c:d0:25:e3:f5:56:9e:5b:d6:4a:1c:11:13:
e3:4a:d0:97:86:21:a9:8b:62:e3:6b:d6:8c:a5:20:73:d8:28:
bf:4e:b2:0f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ2HIQEgYwwr5fQHPf34Lkc1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjYwNDEzMTM1NjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2UxOThhYjY5YmZiNmJlOTZmZDFiNGNkMmMwYWYxZTUyMjc0ZjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbEPD5NsJEgb1CeBD8qKPnoChDV3
KFZI7uQ2rhL2JVtt7QYQMHMtU1VZZ9J34qCQkYRsT68zJ1XbvsmH9N3ibVX9smC6
0ZaWoFD5c1DlDMY593EXlYlv3573cBZSo1lDvG+apQBMT6J+4+UzZ+Y7+S5s9Ycs
cN3k0gwKYxxdoMfGX71T9F8ib3fsSQ4TM4r1p0U97s6qxLn+R8PQajMxwBR4TgCB
J2l9kxKe4uyvFBMi1SRXuiF3tqLQVobmjEOcXC5Bt1nWhipfKe34vpNGmxnmz58d
cYzz/cjVhrYyiC2Wzeu/0K69RLnTYyyA/N3VVDTK/vuYpapJfGZ/e1BvfwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFEPhmKtpv7a+lv0bTNLArx5SJ08VMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvUS1HWXEybV90cjZXX1J0TTBzQ3ZIbEluVHhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALiViAwQA
LiVxAwQAW83kMAwDBAC5XC0DBAC5XC4wDQYJKoZIhvcNAQELBQADggEBAJ3nvGcu
NxuRcjSwm9wWoib9rgEF0IX4j13RsslzWwCck7eV7/bH51H9GCkd788/KLTHzl9S
Xq4DzaAVs5GoTh0TvxvuDBuzS64EL6J/7FZKpSUVgu/Y/gd1TaQ4L/GB99XbHzWe
Sf496X+7dUIssw/DdNUIYgxq0gBtJrSY2rBmAePXyGi41SHWOdyz6gczXt7RNu/i
sLr7F37S69xglDDQO0S9H2qRVdV16Tn5i8KRuGYP3gweUsL22mKSSMrSsUJs+RoO
CcnXOEiJAmX+TGVM2yHkM2+G8nXWVNqhjNAl4/VWnlvWShwRE+NK0JeGIamLYuNr
1oylIHPYKL9Osg8=
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:37:46 2026 by rpki-client