Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/Q_GDlNF7cK8B95qZojWcrc4afdU.roa
File: Q_GDlNF7cK8B95qZojWcrc4afdU.roa (raw, json)
Hash identifier: LjEzjQgJhMLQIyhzGC77T1fGxckoIM3+ZyoGULP6VX0=
Subject key identifier: 43:F1:83:94:D1:7B:70:AF:01:F7:9A:99:A2:35:9C:AD:CE:1A:7D:D5
Certificate issuer: /CN=4c7844abef711c232c84f83c807a420af3804728
Certificate serial: 019E168C2886B48C67E307653E4F75C990BB
Authority key identifier: 4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/Q_GDlNF7cK8B95qZojWcrc4afdU.roa
Signing time: Mon 11 May 2026 10:19:04 +0000
ROA not before: Mon 11 May 2026 10:19:04 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51747
IP address blocks: 5.133.192.0/19 maxlen: 20
5.198.248.0/21 maxlen: 24
45.142.64.0/22 maxlen: 24
45.146.48.0/22 maxlen: 24
45.150.72.0/22 maxlen: 24
80.248.224.0/20 maxlen: 20
95.215.168.0/22 maxlen: 24
141.138.208.0/21 maxlen: 24
151.248.0.0/21 maxlen: 21
151.252.24.0/21 maxlen: 21
176.74.192.0/21 maxlen: 21
185.12.148.0/22 maxlen: 22
185.12.248.0/22 maxlen: 22
185.13.40.0/22 maxlen: 24
185.122.112.0/22 maxlen: 24
185.123.32.0/22 maxlen: 24
185.123.92.0/22 maxlen: 24
185.129.24.0/22 maxlen: 24
185.129.64.0/22 maxlen: 24
185.130.244.0/22 maxlen: 24
185.139.152.0/22 maxlen: 24
185.139.160.0/22 maxlen: 24
185.139.164.0/22 maxlen: 24
185.139.172.0/22 maxlen: 24
185.141.72.0/22 maxlen: 24
185.141.88.0/22 maxlen: 24
185.142.80.0/22 maxlen: 24
185.142.228.0/22 maxlen: 24
185.150.112.0/22 maxlen: 24
185.159.184.0/22 maxlen: 24
185.159.192.0/22 maxlen: 24
185.236.40.0/22 maxlen: 24
193.19.80.0/23 maxlen: 24
193.247.74.0/23 maxlen: 24
193.247.126.0/23 maxlen: 24
195.88.110.0/23 maxlen: 24
195.95.184.0/24 maxlen: 24
195.189.112.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/THhEq-9xHCMshPg8gHpCCvOARyg.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/THhEq-9xHCMshPg8gHpCCvOARyg.mft
rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:16:8c:28:86:b4:8c:67:e3:07:65:3e:4f:75:c9:90:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c7844abef711c232c84f83c807a420af3804728
Validity
Not Before: May 11 10:19:04 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=43f18394d17b70af01f79a99a2359cadce1a7dd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:09:9d:26:51:da:ed:40:7a:18:d3:63:c3:aa:
4f:de:01:3f:d0:3d:8e:e7:73:35:5a:1e:41:e4:60:
fb:25:8a:e4:75:16:d1:ed:93:11:31:0e:0d:b8:7d:
35:ea:7d:a5:e4:99:a9:2a:ef:81:58:2a:1b:20:d5:
3d:c2:39:24:f5:72:d5:b9:20:2f:63:6c:23:88:bc:
b9:3a:9b:90:dd:63:e5:4b:ca:61:65:3a:a4:e8:bc:
85:4a:84:5c:f3:9c:2b:7e:89:38:c5:2a:7a:94:17:
57:52:42:06:3a:a3:5f:2e:c6:f3:a8:e7:ec:e0:78:
15:b1:ae:91:33:f6:88:8d:2d:40:47:b1:24:46:28:
6e:5e:48:21:56:ad:5b:6c:6a:e5:19:b7:54:f1:6a:
2c:76:96:cd:1d:6c:1c:13:21:d5:7c:c4:b5:63:00:
db:95:d4:ad:da:1a:29:df:40:10:28:a0:f4:96:9a:
f7:b5:65:7b:0f:35:9c:cc:6e:b4:95:3a:12:cc:91:
38:e5:d1:1b:de:39:5b:19:69:47:95:d6:45:2f:5e:
d4:76:88:44:0a:a2:05:73:d1:eb:b9:d0:18:82:eb:
99:cc:b8:39:51:67:9a:0b:20:fc:cb:92:e2:f9:95:
ef:03:fa:1f:5d:12:d4:d0:e8:87:d8:20:be:23:19:
c8:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:F1:83:94:D1:7B:70:AF:01:F7:9A:99:A2:35:9C:AD:CE:1A:7D:D5
X509v3 Authority Key Identifier:
keyid:4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/Q_GDlNF7cK8B95qZojWcrc4afdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/THhEq-9xHCMshPg8gHpCCvOARyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.192.0/19
5.198.248.0/21
45.142.64.0/22
45.146.48.0/22
45.150.72.0/22
80.248.224.0/20
95.215.168.0/22
141.138.208.0/21
151.248.0.0/21
151.252.24.0/21
176.74.192.0/21
185.12.148.0/22
185.12.248.0/22
185.13.40.0/22
185.122.112.0/22
185.123.32.0/22
185.123.92.0/22
185.129.24.0/22
185.129.64.0/22
185.130.244.0/22
185.139.152.0/22
185.139.160.0/21
185.139.172.0/22
185.141.72.0/22
185.141.88.0/22
185.142.80.0/22
185.142.228.0/22
185.150.112.0/22
185.159.184.0/22
185.159.192.0/22
185.236.40.0/22
193.19.80.0/23
193.247.74.0/23
193.247.126.0/23
195.88.110.0/23
195.95.184.0/24
195.189.112.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:4f:a1:02:12:45:3d:23:c5:eb:03:f0:af:9d:79:62:44:a4:
8e:30:57:cb:5f:d3:3d:17:ea:ff:07:7a:df:bd:6f:13:21:6d:
58:af:ff:92:8a:d3:c2:05:11:6b:a4:27:00:5e:bc:6e:4e:e6:
f0:9f:99:12:50:b9:1d:ca:92:13:2f:c5:67:9c:e3:a9:83:81:
bb:87:88:7b:23:e6:51:f1:4f:37:91:96:93:8b:08:fb:f4:31:
a7:22:a0:50:9a:d6:c0:28:26:77:0a:bd:c2:12:c5:88:a4:47:
86:8b:b9:46:77:b2:27:9b:9e:58:0b:ac:d1:6d:57:24:7c:5c:
97:56:a7:f4:59:8c:ba:1d:4f:14:2f:a5:4d:48:b1:f4:ef:2e:
2c:42:f4:22:21:6b:0a:06:62:eb:fa:1c:e5:68:0c:aa:31:92:
6d:f3:29:1e:d9:c1:e2:d8:7a:e7:19:42:65:8a:7e:91:87:6f:
3d:6a:62:1d:a1:70:02:a4:67:3f:e1:21:52:ec:71:b4:30:10:
fd:2f:74:e7:d2:81:50:62:a2:4b:d1:32:b9:08:0a:8f:22:ee:
0f:19:77:bf:d9:6b:e0:b9:c9:bd:28:a0:7e:ec:99:d4:81:1e:
44:cf:9c:ed:53:f2:f7:6c:e0:3d:e4:95:b6:d8:80:dd:77:7e:
03:68:25:fa
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAZ4WjCiGtIxn4wdlPk91yZC7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzg0NGFiZWY3MTFjMjMyYzg0ZjgzYzgwN2E0MjBhZjM4
MDQ3MjgwHhcNMjYwNTExMTAxOTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2YxODM5NGQxN2I3MGFmMDFmNzlhOTlhMjM1OWNhZGNlMWE3ZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAmdJlHa7UB6GNNjw6pP3gE/0D2O
53M1Wh5B5GD7JYrkdRbR7ZMRMQ4NuH016n2l5JmpKu+BWCobINU9wjkk9XLVuSAv
Y2wjiLy5OpuQ3WPlS8phZTqk6LyFSoRc85wrfok4xSp6lBdXUkIGOqNfLsbzqOfs
4HgVsa6RM/aIjS1AR7EkRihuXkghVq1bbGrlGbdU8WosdpbNHWwcEyHVfMS1YwDb
ldSt2hop30AQKKD0lpr3tWV7DzWczG60lToSzJE45dEb3jlbGWlHldZFL17UdohE
CqIFc9HrudAYguuZzLg5UWeaCyD8y5Li+ZXvA/ofXRLU0OiH2CC+IxnIxwIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFEPxg5TRe3CvAfeamaI1nK3OGn3VMB8GA1UdIwQY
MBaAFEx4RKvvcRwjLIT4PIB6QgrzgEcoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgt
ZGFiNmI4M2NmN2VjLzEvUV9HRGxORjdjSzhCOTVxWm9qV2NyYzRhZmRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgtZGFiNmI4M2NmN2Vj
LzEvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCB5QQCAAEwgd4DBAUF
hcADBAMFxvgDBAItjkADBAItkjADBAItlkgDBARQ+OADBAJf16gDBAONitADBAOX
+AADBAOX/BgDBAOwSsADBAK5DJQDBAK5DPgDBAK5DSgDBAK5enADBAK5eyADBAK5
e1wDBAK5gRgDBAK5gUADBAK5gvQDBAK5i5gDBAO5i6ADBAK5i6wDBAK5jUgDBAK5
jVgDBAK5jlADBAK5juQDBAK5lnADBAK5n7gDBAK5n8ADBAK57CgDBAHBE1ADBAHB
90oDBAHB934DBAHDWG4DBADDX7gDBALDvXAwDQYJKoZIhvcNAQELBQADggEBAE5P
oQISRT0jxesD8K+deWJEpI4wV8tf0z0X6v8Het+9bxMhbViv/5KK08IFEWukJwBe
vG5O5vCfmRJQuR3KkhMvxWec46mDgbuHiHsj5lHxTzeRlpOLCPv0MacioFCa1sAo
JncKvcISxYikR4aLuUZ3siebnlgLrNFtVyR8XJdWp/RZjLodTxQvpU1IsfTvLixC
9CIhawoGYuv6HOVoDKoxkm3zKR7ZweLYeucZQmWKfpGHbz1qYh2hcAKkZz/hIVLs
cbQwEP0vdOfSgVBiokvRMrkICo8i7g8Zd7/Za+C5yb0ooH7smdSBHkTPnO1T8vds
4D3klbbYgN13fgNoJfo=
-----END CERTIFICATE-----
Generated at Wed May 13 04:17:23 2026 by rpki-client