Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/_q_z8zirRYlcSNgzBfa2UgwhBsY.roa
File: _q_z8zirRYlcSNgzBfa2UgwhBsY.roa (raw, json)
Hash identifier: 7FvPxMebM8XNvB7UURf/gtYPKGavYRcCA/s+tW3XysQ=
Subject key identifier: FE:AF:F3:F3:38:AB:45:89:5C:48:D8:33:05:F6:B6:52:0C:21:06:C6
Certificate issuer: /CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Certificate serial: 019DC01C324C92E648017AEEC74E181B3F4D
Authority key identifier: 1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/_q_z8zirRYlcSNgzBfa2UgwhBsY.roa
Signing time: Fri 24 Apr 2026 15:29:26 +0000
ROA not before: Fri 24 Apr 2026 15:29:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57910
IP address blocks: 31.214.176.0/20 maxlen: 24
37.10.72.0/21 maxlen: 24
37.152.88.0/21 maxlen: 24
45.149.228.0/22 maxlen: 24
46.18.72.0/21 maxlen: 24
82.198.48.0/20 maxlen: 20
87.117.96.0/20 maxlen: 24
91.132.116.0/22 maxlen: 24
95.214.0.0/22 maxlen: 24
109.69.48.0/21 maxlen: 24
185.11.236.0/22 maxlen: 24
185.161.12.0/22 maxlen: 24
185.226.236.0/22 maxlen: 24
193.57.36.0/22 maxlen: 24
194.56.236.0/22 maxlen: 24
194.127.158.0/23 maxlen: 24
194.127.162.0/23 maxlen: 24
2a00:b5c0::/32 maxlen: 32
2a02:2110::/32 maxlen: 48
2a0c:7a00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.mft
rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:c0:1c:32:4c:92:e6:48:01:7a:ee:c7:4e:18:1b:3f:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Validity
Not Before: Apr 24 15:29:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=feaff3f338ab45895c48d83305f6b6520c2106c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:00:e9:c7:11:56:05:e8:f8:2e:86:54:e8:d9:
f6:1f:26:b2:25:47:cf:e5:61:6b:53:48:1e:71:2e:
fc:bd:fd:62:95:06:c2:2c:40:4d:40:e0:9b:ba:40:
d6:1c:a6:aa:1b:f3:ea:72:e3:0d:5c:a3:69:4a:ba:
6f:86:f3:fe:8b:b2:ff:51:e8:61:d5:09:cb:41:cf:
18:44:b5:61:af:9c:c6:a6:6d:60:2b:8b:b8:77:ee:
37:d2:23:e6:66:e0:e6:28:49:d9:9c:e2:56:45:c8:
fc:94:7e:8f:f8:ca:e7:15:b8:cb:21:6c:56:77:9a:
78:4e:a2:de:96:6d:38:81:17:6c:be:4f:4d:d5:30:
85:94:48:d7:45:42:ed:d7:73:a1:8a:4d:ba:88:0a:
52:29:dd:7a:5f:5b:22:27:4f:6a:e4:f7:b7:26:38:
8f:0b:12:17:25:7b:90:b8:7c:1e:e2:bb:2e:dd:7c:
90:c7:fd:54:aa:72:37:fc:b1:6f:da:b3:fd:0e:46:
d7:21:a5:ca:7e:5a:cc:1b:5d:29:ba:46:b6:14:33:
01:f7:f1:77:8b:d7:97:29:16:67:ad:c3:2e:26:e6:
3f:eb:56:21:77:91:dc:52:e7:8f:03:8a:82:ed:86:
8a:89:f7:60:8e:5b:d7:16:7d:62:d7:ab:4b:87:1b:
d6:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:AF:F3:F3:38:AB:45:89:5C:48:D8:33:05:F6:B6:52:0C:21:06:C6
X509v3 Authority Key Identifier:
keyid:1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/_q_z8zirRYlcSNgzBfa2UgwhBsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.176.0/20
37.10.72.0/21
37.152.88.0/21
45.149.228.0/22
46.18.72.0/21
82.198.48.0/20
87.117.96.0/20
91.132.116.0/22
95.214.0.0/22
109.69.48.0/21
185.11.236.0/22
185.161.12.0/22
185.226.236.0/22
193.57.36.0/22
194.56.236.0/22
194.127.158.0/23
194.127.162.0/23
IPv6:
2a00:b5c0::/32
2a02:2110::/32
2a0c:7a00::/29
Signature Algorithm: sha256WithRSAEncryption
72:74:25:24:dc:3e:20:d6:b0:30:1a:1f:e0:6a:cf:e3:cc:fe:
9a:ac:65:37:21:41:a9:68:27:58:0f:ee:e3:8c:70:11:ab:1f:
b0:61:fd:79:56:d1:53:28:cc:88:b5:82:14:aa:ba:eb:8c:93:
a6:4f:d2:0a:a5:f9:99:b8:4c:c8:25:db:37:de:60:97:94:2c:
57:49:23:e0:b0:a3:24:d0:b8:85:86:d4:ee:77:c6:7b:15:52:
f0:82:74:fe:ed:90:6a:62:8c:41:4d:36:4f:4a:b6:d4:5a:fe:
a8:1a:f2:84:80:8f:af:0c:ee:c5:c4:51:f1:eb:bb:21:b2:b4:
9f:5f:16:7f:69:05:d7:92:82:ac:55:5a:9e:d5:a4:56:e4:19:
b2:43:fc:13:ca:71:d1:73:c8:45:20:c2:f1:45:ac:c6:07:9d:
4a:94:5c:c9:8a:27:84:cf:c8:a0:6b:32:f3:11:20:61:61:c9:
36:e6:24:b2:65:82:0c:69:68:1e:c5:0a:d2:96:1b:ee:a4:96:
3f:fe:a7:1e:05:86:87:fd:22:f0:84:66:03:c1:e9:6f:24:ee:
8e:c7:c9:ec:4c:28:78:7f:da:4d:79:da:1b:c9:c5:62:1e:e0:
a4:10:e2:b1:c0:57:54:60:44:2c:67:37:d9:df:bc:08:bf:c7:
49:01:63:84
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAZ3AHDJMkuZIAXrux04YGz9NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWFhZjNkMDY4M2RjOGEwZDU4YzY0MzgyNmUxNjZkM2My
OGNjYTkwHhcNMjYwNDI0MTUyOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWFmZjNmMzM4YWI0NTg5NWM0OGQ4MzMwNWY2YjY1MjBjMjEwNmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzADpxxFWBej4LoZU6Nn2HyayJUfP
5WFrU0gecS78vf1ilQbCLEBNQOCbukDWHKaqG/PqcuMNXKNpSrpvhvP+i7L/Uehh
1QnLQc8YRLVhr5zGpm1gK4u4d+430iPmZuDmKEnZnOJWRcj8lH6P+MrnFbjLIWxW
d5p4TqLelm04gRdsvk9N1TCFlEjXRULt13Ohik26iApSKd16X1siJ09q5Pe3JjiP
CxIXJXuQuHwe4rsu3XyQx/1UqnI3/LFv2rP9DkbXIaXKflrMG10puka2FDMB9/F3
i9eXKRZnrcMuJuY/61Yhd5HcUuePA4qC7YaKifdgjlvXFn1i16tLhxvWFwIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFP6v8/M4q0WJXEjYMwX2tlIMIQbGMB8GA1UdIwQY
MBaAFB5arz0Gg9yKDVjGQ4JuFm08KMypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMt
NGNkMzhiNzU4ZDVjLzEvX3Ffejh6aXJSWWxjU05nekJmYTJVZ3doQnNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMtNGNkMzhiNzU4ZDVj
LzEvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizBsBAIAATBmAwQEH9aw
AwQDJQpIAwQDJZhYAwQCLZXkAwQDLhJIAwQEUsYwAwQEV3VgAwQCW4R0AwQCX9YA
AwQDbUUwAwQCuQvsAwQCuaEMAwQCueLsAwQCwTkkAwQCwjjsAwQBwn+eAwQBwn+i
MBsEAgACMBUDBQAqALXAAwUAKgIhEAMFAyoMegAwDQYJKoZIhvcNAQELBQADggEB
AHJ0JSTcPiDWsDAaH+Bqz+PM/pqsZTchQaloJ1gP7uOMcBGrH7Bh/XlW0VMozIi1
ghSquuuMk6ZP0gql+Zm4TMgl2zfeYJeULFdJI+CwoyTQuIWG1O53xnsVUvCCdP7t
kGpijEFNNk9KttRa/qga8oSAj68M7sXEUfHruyGytJ9fFn9pBdeSgqxVWp7VpFbk
GbJD/BPKcdFzyEUgwvFFrMYHnUqUXMmKJ4TPyKBrMvMRIGFhyTbmJLJlggxpaB7F
CtKWG+6klj/+px4Fhof9IvCEZgPB6W8k7o7HyexMKHh/2k152hvJxWIe4KQQ4rHA
V1RgRCxnN9nfvAi/x0kBY4Q=
-----END CERTIFICATE-----
Generated at Wed May 13 12:40:31 2026 by rpki-client