Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/qq9jEWnUkq7RixjGSRxp41ikMoQ.roa
File: qq9jEWnUkq7RixjGSRxp41ikMoQ.roa (raw, json)
Hash identifier: YTairbAOKk2TzoyqKR+ve0ERswXp2cOBJyd3vALW04Q=
Subject key identifier: AA:AF:63:11:69:D4:92:AE:D1:8B:18:C6:49:1C:69:E3:58:A4:32:84
Certificate issuer: /CN=7d4d1c8790a913e832c733dff778dee79129700a
Certificate serial: 019B7759218F55DD0E1ECE66E70ECA921730
Authority key identifier: 7D:4D:1C:87:90:A9:13:E8:32:C7:33:DF:F7:78:DE:E7:91:29:70:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fU0ch5CpE-gyxzPf93je55EpcAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/qq9jEWnUkq7RixjGSRxp41ikMoQ.roa
Signing time: Thu 01 Jan 2026 02:18:08 +0000
ROA not before: Thu 01 Jan 2026 02:18:08 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8222
IP address blocks: 185.227.12.0/22 maxlen: 24
188.92.112.0/21 maxlen: 24
194.59.179.0/24 maxlen: 24
213.183.0.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/fU0ch5CpE-gyxzPf93je55EpcAo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/fU0ch5CpE-gyxzPf93je55EpcAo.mft
rsync://rpki.ripe.net/repository/DEFAULT/fU0ch5CpE-gyxzPf93je55EpcAo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:77:59:21:8f:55:dd:0e:1e:ce:66:e7:0e:ca:92:17:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d4d1c8790a913e832c733dff778dee79129700a
Validity
Not Before: Jan 1 02:18:08 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=aaaf631169d492aed18b18c6491c69e358a43284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:82:4d:e0:ab:dc:6e:f2:4d:d7:4c:fd:fc:96:
4a:1a:f7:a5:0b:60:6e:56:04:2e:36:08:55:e0:c6:
be:6d:ec:05:e5:5d:0c:c1:42:70:65:e8:39:f8:ce:
09:7b:60:26:43:e8:28:d1:89:cb:4a:f0:03:9c:4d:
c2:6c:24:d1:a1:68:7d:e2:10:4f:f7:6c:9c:f0:c9:
2d:0b:46:21:7c:cd:e0:92:66:92:67:44:2b:7d:24:
0b:9d:37:e4:e7:ca:70:ac:d7:06:4b:19:2b:35:bd:
b5:92:92:57:3a:ba:b8:d9:1c:12:28:6a:5c:07:54:
65:2f:bb:3a:73:a0:52:27:4c:a6:9f:91:bf:08:7f:
c0:2e:83:68:5b:e9:e9:11:3d:d4:e5:bb:41:80:0d:
43:7b:46:a7:b3:f6:2f:36:a1:e1:d9:7c:e7:bd:f9:
00:76:8a:31:6c:6b:a0:a5:00:cf:8d:34:96:87:f4:
07:de:6f:b3:61:7b:a4:b3:ac:ed:ef:2c:54:c1:aa:
b3:80:a3:b6:20:0a:55:e6:3c:bf:c8:d5:c7:01:5a:
af:e1:dd:a6:83:a8:4b:88:cd:30:1f:e3:2b:90:d8:
35:e4:22:2c:c1:08:25:f0:05:8a:d5:7b:19:ec:1e:
06:90:bd:dd:6d:51:cb:1d:d5:dc:fa:c0:97:1d:3e:
d2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:AF:63:11:69:D4:92:AE:D1:8B:18:C6:49:1C:69:E3:58:A4:32:84
X509v3 Authority Key Identifier:
keyid:7D:4D:1C:87:90:A9:13:E8:32:C7:33:DF:F7:78:DE:E7:91:29:70:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fU0ch5CpE-gyxzPf93je55EpcAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/qq9jEWnUkq7RixjGSRxp41ikMoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/fU0ch5CpE-gyxzPf93je55EpcAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.227.12.0/22
188.92.112.0/21
194.59.179.0/24
213.183.0.0/19
Signature Algorithm: sha256WithRSAEncryption
1e:b1:47:1f:ef:6d:d1:92:a1:ff:3c:5a:b2:55:18:98:98:7e:
ac:83:33:67:f0:b5:c5:07:8a:ae:12:70:5c:68:b6:c3:af:02:
72:13:a8:47:8f:26:16:31:d1:98:99:a3:38:ec:3a:e8:ae:03:
da:91:ca:cd:3b:84:56:51:2a:b1:f8:91:0a:35:e8:f7:26:49:
fb:69:ca:cd:fa:f2:7e:7a:99:d5:65:51:46:11:a9:b6:0b:1f:
89:9a:d2:7c:46:f7:66:4a:23:99:9d:89:81:15:b8:f8:0e:1f:
80:ef:b0:86:1d:41:7e:95:74:33:03:d4:7e:82:3c:06:34:13:
3c:78:49:81:cf:a4:eb:a2:a2:48:e4:22:56:95:cd:97:32:42:
d6:eb:82:2c:fb:78:d6:7a:a3:85:e6:70:c6:f2:a4:66:17:40:
a3:61:c6:a2:18:2c:8f:4b:cd:bc:4d:a4:49:87:07:5c:a8:57:
c6:5b:9e:46:d7:d3:12:1d:88:e3:88:fd:9f:12:6c:ad:ab:a2:
9f:fa:64:e3:b0:94:04:52:8d:72:9a:ae:d3:05:b4:5e:e2:82:
60:b9:0d:a6:90:b9:89:4b:64:42:dc:68:8b:43:42:50:78:7a:
2c:29:c2:81:e1:06:5f:5f:fd:eb:10:c8:eb:25:1e:0c:63:06:
fc:5a:58:85
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZt3WSGPVd0OHs5m5w7KkhcwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNGQxYzg3OTBhOTEzZTgzMmM3MzNkZmY3NzhkZWU3OTEy
OTcwMGEwHhcNMjYwMTAxMDIxODA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWFmNjMxMTY5ZDQ5MmFlZDE4YjE4YzY0OTFjNjllMzU4YTQzMjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIJN4KvcbvJN10z9/JZKGvelC2Bu
VgQuNghV4Ma+bewF5V0MwUJwZeg5+M4Je2AmQ+go0YnLSvADnE3CbCTRoWh94hBP
92yc8MktC0YhfM3gkmaSZ0QrfSQLnTfk58pwrNcGSxkrNb21kpJXOrq42RwSKGpc
B1RlL7s6c6BSJ0ymn5G/CH/ALoNoW+npET3U5btBgA1De0ans/YvNqHh2XznvfkA
dooxbGugpQDPjTSWh/QH3m+zYXuks6zt7yxUwaqzgKO2IApV5jy/yNXHAVqv4d2m
g6hLiM0wH+MrkNg15CIswQgl8AWK1XsZ7B4GkL3dbVHLHdXc+sCXHT7SoQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKqvYxFp1JKu0YsYxkkcaeNYpDKEMB8GA1UdIwQY
MBaAFH1NHIeQqRPoMscz3/d43ueRKXAKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlUwY2g1Q3BFLWd5eHpQZjkzamU1NUVwY0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8xYzYxODAtOTk1MC00Y2U4LTgxMWUt
ZjhkNjYyYjk2ZGFiLzEvcXE5akVXblVrcTdSaXhqR1NSeHA0MWlrTW9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8xYzYxODAtOTk1MC00Y2U4LTgxMWUtZjhkNjYyYjk2ZGFi
LzEvZlUwY2g1Q3BFLWd5eHpQZjkzamU1NUVwY0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCueMMAwQD
vFxwAwQAwjuzAwQF1bcAMA0GCSqGSIb3DQEBCwUAA4IBAQAesUcf723RkqH/PFqy
VRiYmH6sgzNn8LXFB4quEnBcaLbDrwJyE6hHjyYWMdGYmaM47DrorgPakcrNO4RW
USqx+JEKNej3Jkn7acrN+vJ+epnVZVFGEam2Cx+JmtJ8RvdmSiOZnYmBFbj4Dh+A
77CGHUF+lXQzA9R+gjwGNBM8eEmBz6TroqJI5CJWlc2XMkLW64Is+3jWeqOF5nDG
8qRmF0CjYcaiGCyPS828TaRJhwdcqFfGW55G19MSHYjjiP2fEmytq6Kf+mTjsJQE
Uo1ymq7TBbRe4oJguQ2mkLmJS2RC3GiLQ0JQeHosKcKB4QZfX/3rEMjrJR4MYwb8
WliF
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:14:36 2026 by rpki-client