Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/RSqPJhJmjCIX0qYWTCkVHV3x1No.roa
File: RSqPJhJmjCIX0qYWTCkVHV3x1No.roa (raw, json)
Hash identifier: 5c17YPLTHgN/lD3MLHQ8nFE54DN3F5eOJOK020Ype7U=
Subject key identifier: 45:2A:8F:26:12:66:8C:22:17:D2:A6:16:4C:29:15:1D:5D:F1:D4:DA
Certificate issuer: /CN=70e5b30272e43053208978dbe44bfee10a5d007e
Certificate serial: 019C9427AB71F264D23E1495C66DD63D0514
Authority key identifier: 70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/RSqPJhJmjCIX0qYWTCkVHV3x1No.roa
Signing time: Wed 25 Feb 2026 09:35:53 +0000
ROA not before: Wed 25 Feb 2026 09:35:53 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48018
IP address blocks: 31.172.64.0/24 maxlen: 24
31.172.66.0/24 maxlen: 24
31.172.67.0/24 maxlen: 24
31.172.76.0/24 maxlen: 24
81.85.78.0/24 maxlen: 24
199.68.197.0/24 maxlen: 24
217.177.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:94:27:ab:71:f2:64:d2:3e:14:95:c6:6d:d6:3d:05:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70e5b30272e43053208978dbe44bfee10a5d007e
Validity
Not Before: Feb 25 09:35:53 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=452a8f2612668c2217d2a6164c29151d5df1d4da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:f7:6f:88:50:e6:05:c3:09:7e:c0:45:e1:bb:
3e:df:eb:27:fd:0d:79:a2:b6:80:d9:88:e6:9e:be:
b3:08:6c:aa:c8:06:fc:19:5a:4e:4b:79:7c:c8:12:
cb:74:2f:cd:e5:7c:e5:89:fa:da:30:97:ff:ab:ff:
eb:2f:88:05:d7:6f:94:61:2a:d7:7c:49:cc:3f:15:
d6:a3:7d:b1:f6:c1:80:eb:55:63:ed:73:31:31:b7:
98:19:33:9e:8f:1d:5e:1a:be:84:5b:8f:a9:9e:37:
2a:f4:cf:6d:99:de:94:37:35:d9:7b:dd:48:c3:eb:
ef:1e:c2:bb:f1:cc:a8:ec:ea:32:4f:d2:96:0a:3a:
c9:15:3b:3c:6a:b7:b2:5d:18:b6:f6:2f:6a:d9:24:
c0:c4:ab:b5:a3:4b:be:f5:16:9a:65:1b:00:2e:fb:
2b:e1:8f:d6:4f:16:a4:20:35:e7:2f:8f:75:12:7e:
1d:dd:51:96:55:66:5f:6a:88:0b:b4:17:50:b6:b7:
e0:a9:24:bb:ce:44:8c:93:61:84:06:34:ee:01:50:
11:8a:de:a0:d4:4e:2f:11:8d:99:c2:20:bd:64:36:
fd:8f:00:73:74:04:90:e5:f1:b2:78:f7:0e:69:21:
4f:a7:f2:70:30:8b:ff:56:88:e4:0e:99:de:54:9d:
56:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:2A:8F:26:12:66:8C:22:17:D2:A6:16:4C:29:15:1D:5D:F1:D4:DA
X509v3 Authority Key Identifier:
keyid:70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/RSqPJhJmjCIX0qYWTCkVHV3x1No.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.64.0/24
31.172.66.0/23
31.172.76.0/24
81.85.78.0/24
199.68.197.0/24
217.177.74.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:15:5f:e1:31:71:6e:9a:83:65:c0:ae:12:aa:80:90:56:87:
d2:76:2c:25:8a:5a:e0:f4:6d:8d:54:6d:a0:ff:77:d9:1b:ad:
4f:b0:b0:86:db:f4:74:8e:14:54:52:2e:b5:64:87:c5:4c:8a:
3d:ab:74:1b:6e:1b:73:49:56:ef:58:ba:ff:35:a3:0a:ee:88:
58:c6:67:eb:20:de:c4:d2:02:8b:35:74:8f:06:88:1b:dc:fb:
3d:cb:ca:40:09:00:34:dd:31:ae:ea:f1:35:9a:f6:d7:47:fe:
01:86:e0:45:21:a4:19:40:c4:e2:60:3a:2c:1b:1f:5b:71:d3:
4d:97:5b:a6:f8:20:31:33:b1:ee:55:95:42:f0:05:f0:b0:e0:
c1:7d:2a:e6:35:f0:19:4f:6e:ee:00:1b:56:5c:f1:31:2e:72:
75:72:fb:0f:9d:bd:e6:d4:10:a6:94:6d:29:c3:53:11:9f:83:
1a:d4:1d:ab:7a:aa:8c:a0:53:58:4e:4c:45:08:35:41:f9:7d:
03:d2:18:29:0e:e7:27:03:a6:12:e0:5e:07:c0:ff:9a:89:6a:
c9:55:42:a1:e3:48:69:70:19:b2:1b:d8:19:97:28:97:c4:14:
ea:30:11:a6:a6:c9:f9:00:75:49:38:b8:b4:20:e5:78:ca:e0:
9b:65:cd:17
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZyUJ6tx8mTSPhSVxm3WPQUUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZTViMzAyNzJlNDMwNTMyMDg5NzhkYmU0NGJmZWUxMGE1
ZDAwN2UwHhcNMjYwMjI1MDkzNTUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTJhOGYyNjEyNjY4YzIyMTdkMmE2MTY0YzI5MTUxZDVkZjFkNGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfdviFDmBcMJfsBF4bs+3+sn/Q15
oraA2Yjmnr6zCGyqyAb8GVpOS3l8yBLLdC/N5XzlifraMJf/q//rL4gF12+UYSrX
fEnMPxXWo32x9sGA61Vj7XMxMbeYGTOejx1eGr6EW4+pnjcq9M9tmd6UNzXZe91I
w+vvHsK78cyo7OoyT9KWCjrJFTs8areyXRi29i9q2STAxKu1o0u+9RaaZRsALvsr
4Y/WTxakIDXnL491En4d3VGWVWZfaogLtBdQtrfgqSS7zkSMk2GEBjTuAVARit6g
1E4vEY2ZwiC9ZDb9jwBzdASQ5fGyePcOaSFPp/JwMIv/VojkDpneVJ1WWQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEUqjyYSZowiF9KmFkwpFR1d8dTaMB8GA1UdIwQY
MBaAFHDlswJy5DBTIIl42+RL/uEKXQB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEt
MWZiYzY0MWI1MGIxLzEvUlNxUEpoSm1qQ0lYMHFZV1RDa1ZIVjN4MU5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEtMWZiYzY0MWI1MGIx
LzEvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAH6xAAwQB
H6xCAwQAH6xMAwQAUVVOAwQAx0TFAwQA2bFKMA0GCSqGSIb3DQEBCwUAA4IBAQBK
FV/hMXFumoNlwK4SqoCQVofSdiwlilrg9G2NVG2g/3fZG61PsLCG2/R0jhRUUi61
ZIfFTIo9q3QbbhtzSVbvWLr/NaMK7ohYxmfrIN7E0gKLNXSPBogb3Ps9y8pACQA0
3TGu6vE1mvbXR/4BhuBFIaQZQMTiYDosGx9bcdNNl1um+CAxM7HuVZVC8AXwsODB
fSrmNfAZT27uABtWXPExLnJ1cvsPnb3m1BCmlG0pw1MRn4Ma1B2reqqMoFNYTkxF
CDVB+X0D0hgpDucnA6YS4F4HwP+aiWrJVUKh40hpcBmyG9gZlyiXxBTqMBGmpsn5
AHVJOLi0IOV4yuCbZc0X
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:01:14 2026 by rpki-client