Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QPP3ML69bbSw3MPVEj9G9wi0fwM.roa
File: QPP3ML69bbSw3MPVEj9G9wi0fwM.roa (raw, json)
Hash identifier: 8NOctU3/FY8/FHFhEmCGRFKAfQL+84yATFi/EaVB3ss=
Subject key identifier: 40:F3:F7:30:BE:BD:6D:B4:B0:DC:C3:D5:12:3F:46:F7:08:B4:7F:03
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019DDFF46992B0D323135831852EDC0E2D96
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QPP3ML69bbSw3MPVEj9G9wi0fwM.roa
Signing time: Thu 30 Apr 2026 19:53:50 +0000
ROA not before: Thu 30 Apr 2026 19:53:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209604
IP address blocks: 163.5.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:df:f4:69:92:b0:d3:23:13:58:31:85:2e:dc:0e:2d:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 30 19:53:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=40f3f730bebd6db4b0dcc3d5123f46f708b47f03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:42:a5:f9:c9:71:71:16:0e:09:f0:27:02:a6:
66:58:23:4b:06:21:7c:1e:eb:cd:a5:4e:c0:4c:60:
40:c0:f5:bf:f8:5b:fd:28:9f:e2:bf:0f:8d:14:b8:
93:db:02:55:5e:12:02:2a:d3:59:ac:8c:c3:ea:ef:
75:37:f3:22:b3:c1:eb:a0:52:28:ed:8b:c7:ee:b6:
2a:0e:ae:07:47:f4:81:4a:2f:a5:42:f2:d6:53:fd:
c4:2e:2f:d6:3e:43:d7:84:53:38:0d:e6:55:1d:4e:
21:bf:df:24:c8:84:8a:39:a9:89:c8:ba:28:84:95:
b6:42:f3:35:7f:65:05:8a:32:e6:67:0f:54:27:c6:
ef:5b:6c:f4:cc:c8:22:2d:7b:e9:cc:90:d5:cb:ed:
f0:9a:2a:66:ef:61:54:5a:51:ed:8e:04:a7:a8:2b:
b7:14:64:97:0a:50:50:d9:25:e9:7c:d9:65:68:cd:
b0:88:1e:21:d0:d8:b5:20:89:e1:01:a2:b3:5d:5f:
34:fc:0e:08:32:8d:aa:bd:c8:1d:69:08:20:f2:74:
7a:0e:f8:96:94:f7:2f:e0:77:89:a9:d0:e6:0b:a0:
ec:b3:98:de:40:3e:3f:50:79:41:e3:bf:0b:35:a1:
41:a3:c5:4a:81:dd:91:0d:ab:65:d6:b1:f2:ee:d7:
b5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:F3:F7:30:BE:BD:6D:B4:B0:DC:C3:D5:12:3F:46:F7:08:B4:7F:03
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QPP3ML69bbSw3MPVEj9G9wi0fwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.203.0/24
Signature Algorithm: sha256WithRSAEncryption
59:5f:04:99:fd:cf:d2:e8:81:8a:f9:af:b5:b6:62:31:33:f7:
0e:8a:56:93:b4:9f:3e:fe:dd:8e:4d:78:44:4f:ce:09:97:42:
9a:44:0e:d4:fc:fe:ad:39:3e:fc:96:0c:78:84:a9:7e:e7:87:
90:be:5d:b0:9e:a9:c8:7a:eb:ff:4d:96:88:e0:61:32:19:87:
a9:d6:88:25:a3:65:04:53:9e:d6:38:1e:e5:96:46:84:6d:17:
1b:5f:0d:ad:04:46:47:85:30:c0:41:a4:54:84:77:7d:69:37:
02:7f:55:95:45:8a:ca:4a:af:4d:53:b6:27:9a:6f:02:72:71:
ea:17:38:c1:9f:6f:99:45:87:78:aa:f8:17:9e:38:01:b4:c8:
52:5a:f5:4c:f9:32:17:1d:02:37:2c:cf:76:00:65:e7:d6:8f:
d7:f2:ab:57:ac:fb:e4:1a:f0:4d:46:cf:f5:3c:07:d8:df:f6:
91:77:ca:0e:1d:ad:5f:60:94:4d:fc:61:4f:7c:36:6a:0d:ff:
7e:08:fc:e9:2a:63:87:85:dc:b9:e7:fa:9a:cf:52:16:b6:14:
fa:1c:65:6e:46:31:d1:87:c2:bc:4b:c8:f5:ef:fb:e3:e7:29:
ee:c0:cc:24:4e:d3:0f:f0:66:9f:46:ed:a8:42:ba:58:05:c7:
05:d1:8f:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ3f9GmSsNMjE1gxhS7cDi2WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjYwNDMwMTk1MzUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGYzZjczMGJlYmQ2ZGI0YjBkY2MzZDUxMjNmNDZmNzA4YjQ3ZjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukKl+clxcRYOCfAnAqZmWCNLBiF8
HuvNpU7ATGBAwPW/+Fv9KJ/ivw+NFLiT2wJVXhICKtNZrIzD6u91N/Mis8HroFIo
7YvH7rYqDq4HR/SBSi+lQvLWU/3ELi/WPkPXhFM4DeZVHU4hv98kyISKOamJyLoo
hJW2QvM1f2UFijLmZw9UJ8bvW2z0zMgiLXvpzJDVy+3wmipm72FUWlHtjgSnqCu3
FGSXClBQ2SXpfNllaM2wiB4h0Ni1IInhAaKzXV80/A4IMo2qvcgdaQgg8nR6DviW
lPcv4HeJqdDmC6Dss5jeQD4/UHlB478LNaFBo8VKgd2RDatl1rHy7te1GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEDz9zC+vW20sNzD1RI/RvcItH8DMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUVBQM01MNjliYlN3M01QVkVqOUc5d2kwZndNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowXLMA0G
CSqGSIb3DQEBCwUAA4IBAQBZXwSZ/c/S6IGK+a+1tmIxM/cOilaTtJ8+/t2OTXhE
T84Jl0KaRA7U/P6tOT78lgx4hKl+54eQvl2wnqnIeuv/TZaI4GEyGYep1oglo2UE
U57WOB7llkaEbRcbXw2tBEZHhTDAQaRUhHd9aTcCf1WVRYrKSq9NU7Ynmm8CcnHq
FzjBn2+ZRYd4qvgXnjgBtMhSWvVM+TIXHQI3LM92AGXn1o/X8qtXrPvkGvBNRs/1
PAfY3/aRd8oOHa1fYJRN/GFPfDZqDf9+CPzpKmOHhdy55/qaz1IWthT6HGVuRjHR
h8K8S8j17/vj5ynuwMwkTtMP8GafRu2oQrpYBccF0Y9V
-----END CERTIFICATE-----
Generated at Tue May 12 22:03:52 2026 by rpki-client