Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/QZuKEWsyRFgAxJqF3buWryNpoGM.roa
File: QZuKEWsyRFgAxJqF3buWryNpoGM.roa (raw, json)
Hash identifier: AzkBw1CA5Ms49OJ1VyLygdFHesfl7PK9bT52uublMz8=
Subject key identifier: 41:9B:8A:11:6B:32:44:58:00:C4:9A:85:DD:BB:96:AF:23:69:A0:63
Certificate issuer: /CN=b30e3011a0fb3111fbe8493c1230974aef532704
Certificate serial: 019DBFD95D35E255ECCAC9D5FC571AE2D0CA
Authority key identifier: B3:0E:30:11:A0:FB:31:11:FB:E8:49:3C:12:30:97:4A:EF:53:27:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/QZuKEWsyRFgAxJqF3buWryNpoGM.roa
Signing time: Fri 24 Apr 2026 14:16:26 +0000
ROA not before: Fri 24 Apr 2026 14:16:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208951
IP address blocks: 31.44.0.0/22 maxlen: 22
31.44.0.0/24 maxlen: 24
31.44.1.0/24 maxlen: 24
31.44.2.0/24 maxlen: 24
31.44.3.0/24 maxlen: 24
31.44.4.0/24 maxlen: 24
31.44.5.0/24 maxlen: 24
31.44.6.0/24 maxlen: 24
31.44.7.0/24 maxlen: 24
45.14.48.0/22 maxlen: 22
45.14.48.0/24 maxlen: 24
45.14.49.0/24 maxlen: 24
45.14.50.0/24 maxlen: 24
45.14.51.0/24 maxlen: 24
45.133.16.0/22 maxlen: 22
45.133.16.0/24 maxlen: 24
45.133.17.0/24 maxlen: 24
45.133.18.0/24 maxlen: 24
45.133.19.0/24 maxlen: 24
45.138.24.0/23 maxlen: 23
45.138.24.0/24 maxlen: 24
45.138.25.0/24 maxlen: 24
45.138.26.0/24 maxlen: 24
45.138.27.0/24 maxlen: 24
78.111.84.0/22 maxlen: 22
78.111.84.0/24 maxlen: 24
78.111.85.0/24 maxlen: 24
78.111.86.0/24 maxlen: 24
78.111.88.0/23 maxlen: 23
78.111.90.0/23 maxlen: 23
78.111.90.0/24 maxlen: 24
78.111.91.0/24 maxlen: 24
92.246.128.0/24 maxlen: 24
92.246.129.0/24 maxlen: 24
92.246.130.0/24 maxlen: 24
92.246.131.0/24 maxlen: 24
94.141.96.0/24 maxlen: 24
94.141.97.0/24 maxlen: 24
109.207.168.0/24 maxlen: 24
109.207.169.0/24 maxlen: 24
109.207.170.0/24 maxlen: 24
109.207.171.0/24 maxlen: 24
109.207.172.0/22 maxlen: 22
109.207.172.0/24 maxlen: 24
109.207.173.0/24 maxlen: 24
109.207.174.0/23 maxlen: 23
188.227.56.0/22 maxlen: 22
188.227.57.0/24 maxlen: 24
188.227.58.0/24 maxlen: 24
188.227.59.0/24 maxlen: 24
188.227.84.0/22 maxlen: 22
188.227.84.0/24 maxlen: 24
188.227.85.0/24 maxlen: 24
188.227.86.0/24 maxlen: 24
188.227.87.0/24 maxlen: 24
188.227.106.0/24 maxlen: 24
188.227.107.0/24 maxlen: 24
2a0e:b80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 11:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:bf:d9:5d:35:e2:55:ec:ca:c9:d5:fc:57:1a:e2:d0:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b30e3011a0fb3111fbe8493c1230974aef532704
Validity
Not Before: Apr 24 14:16:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=419b8a116b32445800c49a85ddbb96af2369a063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:0f:cc:0c:20:df:c5:77:31:7e:13:ea:42:56:
e6:98:a6:55:31:5c:e1:59:3a:b4:ea:8a:b2:35:7e:
bb:ec:0d:b5:25:b3:c7:ea:a3:98:03:b1:ec:63:5d:
73:74:bb:b3:62:76:2d:52:f5:22:60:bd:5c:8b:06:
62:dd:51:2f:1f:8d:b2:93:bb:51:3a:57:f7:c0:ff:
17:70:5f:f6:f9:62:0c:90:60:fe:9d:8e:1c:5d:62:
09:e1:bb:7b:b3:aa:68:8d:c7:81:e5:19:b3:f6:90:
ec:f4:41:b1:22:58:50:25:0b:5c:5b:e5:8d:ff:a5:
30:7a:b5:72:55:b0:12:35:fa:9d:c1:37:6c:06:71:
d6:29:f0:2d:b9:bb:ea:2c:88:a2:a6:44:bf:8f:56:
e4:94:8f:51:ec:1d:96:60:d4:e6:e6:0e:97:79:01:
84:e1:9f:d9:95:61:d3:25:72:a7:2e:22:e6:0d:46:
fb:6a:96:ad:7e:30:ca:90:f6:d0:5a:0b:24:ce:3c:
c9:51:71:bb:61:75:bb:bb:99:47:57:ed:1e:af:9b:
61:3e:9a:10:f2:34:5f:b9:59:9f:0b:df:80:e0:89:
68:06:45:e2:3b:c1:4b:76:46:a3:92:ad:3c:af:92:
b0:6a:1b:72:ce:89:4f:51:17:93:d0:1a:88:da:9c:
1a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:9B:8A:11:6B:32:44:58:00:C4:9A:85:DD:BB:96:AF:23:69:A0:63
X509v3 Authority Key Identifier:
keyid:B3:0E:30:11:A0:FB:31:11:FB:E8:49:3C:12:30:97:4A:EF:53:27:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/QZuKEWsyRFgAxJqF3buWryNpoGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.0.0/21
45.14.48.0/22
45.133.16.0/22
45.138.24.0/22
78.111.84.0-78.111.91.255
92.246.128.0/22
94.141.96.0/23
109.207.168.0/21
188.227.56.0/22
188.227.84.0/22
188.227.106.0/23
IPv6:
2a0e:b80::/29
Signature Algorithm: sha256WithRSAEncryption
6c:37:b9:39:11:3c:c9:bd:fd:43:9f:3d:86:b3:3e:47:c5:f4:
ea:e5:1d:b9:ae:97:a2:2e:c5:ad:4e:ce:26:ba:05:f9:aa:c3:
e8:2c:0e:99:da:d5:46:81:9c:37:33:9f:a3:fc:d0:14:4e:4b:
2d:de:2f:d9:d5:41:61:88:1d:40:45:9b:05:d8:bc:54:56:9a:
b9:60:dc:e3:f8:7e:3a:a4:03:01:45:e3:af:2e:2c:0e:b9:61:
2f:28:58:d2:88:8b:02:c4:90:5c:f0:cd:b1:a4:9a:78:21:48:
d3:ee:67:ba:5f:ed:51:aa:9c:20:95:4a:71:84:c9:df:42:bc:
ad:11:89:f4:8c:e1:01:93:04:7c:6e:3e:e3:01:f5:63:f4:bb:
d7:d7:6d:dd:4c:ca:1b:d5:dd:9d:01:a2:ce:d0:a4:68:4b:69:
d0:30:fe:17:c8:1d:d0:29:dc:ba:54:f7:57:5e:6c:d0:db:5a:
69:46:e3:4e:e7:f5:c6:fc:6f:fc:54:c9:36:8a:d0:6b:29:f7:
9d:c1:88:61:9c:08:7a:3e:14:2b:7c:54:7e:a4:d8:7d:36:53:
2c:f7:f8:a0:e1:a9:bf:a0:34:88:88:0f:5b:d1:9e:21:9f:cd:
56:20:d3:08:60:e3:f2:4d:87:e5:e2:1c:3b:18:d2:63:0d:0c:
2f:3b:19:2f
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZ2/2V014lXsysnV/Fca4tDKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMGUzMDExYTBmYjMxMTFmYmU4NDkzYzEyMzA5NzRhZWY1
MzI3MDQwHhcNMjYwNDI0MTQxNjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTliOGExMTZiMzI0NDU4MDBjNDlhODVkZGJiOTZhZjIzNjlhMDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Q/MDCDfxXcxfhPqQlbmmKZVMVzh
WTq06oqyNX677A21JbPH6qOYA7HsY11zdLuzYnYtUvUiYL1ciwZi3VEvH42yk7tR
Olf3wP8XcF/2+WIMkGD+nY4cXWIJ4bt7s6pojceB5Rmz9pDs9EGxIlhQJQtcW+WN
/6UwerVyVbASNfqdwTdsBnHWKfAtubvqLIiipkS/j1bklI9R7B2WYNTm5g6XeQGE
4Z/ZlWHTJXKnLiLmDUb7apatfjDKkPbQWgskzjzJUXG7YXW7u5lHV+0er5thPpoQ
8jRfuVmfC9+A4IloBkXiO8FLdkajkq08r5KwahtyzolPUReT0BqI2pwaIQIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFEGbihFrMkRYAMSahd27lq8jaaBjMB8GA1UdIwQY
MBaAFLMOMBGg+zER++hJPBIwl0rvUycEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3c0d0VhRDdNUkg3NkVrOEVqQ1hTdTlUSndRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8wZmZiNjQtZWZjYi00OWY1LTgzNDIt
ZjlmYjM4Yzc3YzU1LzEvUVp1S0VXc3lSRmdBeEpxRjNidVdyeU5wb0dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8wZmZiNjQtZWZjYi00OWY1LTgzNDItZjlmYjM4Yzc3YzU1
LzEvc3c0d0VhRDdNUkg3NkVrOEVqQ1hTdTlUSndRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQDHywAAwQC
LQ4wAwQCLYUQAwQCLYoYMAwDBAJOb1QDBAJOb1gDBAJc9oADBAFejWADBANtz6gD
BAK84zgDBAK841QDBAG842owDQQCAAIwBwMFAyoOC4AwDQYJKoZIhvcNAQELBQAD
ggEBAGw3uTkRPMm9/UOfPYazPkfF9OrlHbmul6Iuxa1Ozia6Bfmqw+gsDpna1UaB
nDczn6P80BROSy3eL9nVQWGIHUBFmwXYvFRWmrlg3OP4fjqkAwFF468uLA65YS8o
WNKIiwLEkFzwzbGkmnghSNPuZ7pf7VGqnCCVSnGEyd9CvK0RifSM4QGTBHxuPuMB
9WP0u9fXbd1MyhvV3Z0Bos7QpGhLadAw/hfIHdAp3LpU91debNDbWmlG407n9cb8
b/xUyTaK0Gsp953BiGGcCHo+FCt8VH6k2H02Uyz3+KDhqb+gNIiID1vRniGfzVYg
0whg4/JNh+XiHDsY0mMNDC87GS8=
-----END CERTIFICATE-----
Generated at Tue May 12 21:32:39 2026 by rpki-client