Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/b30e30-6b81-4585-8b54-61a8ec8166fe/1/QxtGFQLDBMtwcXQIYvKECB6M8PQ.roa
File: QxtGFQLDBMtwcXQIYvKECB6M8PQ.roa (raw, json)
Hash identifier: 8rNe9XZWHz25/AzS0lELU8ToNgCQJWZ458eNl8uH1hg=
Subject key identifier: 43:1B:46:15:02:C3:04:CB:70:71:74:08:62:F2:84:08:1E:8C:F0:F4
Certificate issuer: /CN=ad4a1495484ce2bf9ec28199a82998ad02638316
Certificate serial: 019DDF7E4AFEF42B93EE8685B2B41358EFF5
Authority key identifier: AD:4A:14:95:48:4C:E2:BF:9E:C2:81:99:A8:29:98:AD:02:63:83:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rUoUlUhM4r-ewoGZqCmYrQJjgxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/b30e30-6b81-4585-8b54-61a8ec8166fe/1/QxtGFQLDBMtwcXQIYvKECB6M8PQ.roa
Signing time: Thu 30 Apr 2026 17:44:49 +0000
ROA not before: Thu 30 Apr 2026 17:44:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 47169
IP address blocks: 185.11.172.0/24 maxlen: 24
185.11.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/b30e30-6b81-4585-8b54-61a8ec8166fe/1/rUoUlUhM4r-ewoGZqCmYrQJjgxY.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/b30e30-6b81-4585-8b54-61a8ec8166fe/1/rUoUlUhM4r-ewoGZqCmYrQJjgxY.mft
rsync://rpki.ripe.net/repository/DEFAULT/rUoUlUhM4r-ewoGZqCmYrQJjgxY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:df:7e:4a:fe:f4:2b:93:ee:86:85:b2:b4:13:58:ef:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad4a1495484ce2bf9ec28199a82998ad02638316
Validity
Not Before: Apr 30 17:44:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=431b461502c304cb7071740862f284081e8cf0f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:55:13:ba:dc:85:3d:c2:a0:d8:af:6f:48:53:
9c:61:42:3c:ea:76:76:46:5d:9f:1f:2d:42:e9:7c:
cc:c3:15:89:52:15:af:54:14:cb:22:07:02:b8:11:
3e:cd:a5:78:4d:4a:db:58:ea:47:f0:3c:f2:7a:f4:
d0:c2:09:3d:5f:5f:ba:ff:33:90:20:0e:a6:f7:8e:
47:aa:ae:e3:d4:68:8c:87:8b:48:c8:5c:ce:29:44:
9e:3f:94:70:ba:a4:ff:ec:8e:fe:21:53:4c:e8:99:
aa:21:29:7d:ed:40:db:4c:e2:b2:2c:64:8b:64:66:
02:e9:a7:69:00:ff:5e:49:a5:7e:04:d5:5c:ff:72:
3e:fa:26:d1:ef:e1:37:8d:4b:53:d6:73:8f:f7:5e:
c6:16:d3:13:8d:99:9d:14:31:b3:cb:cc:6b:5d:3b:
a1:8c:e7:a0:7e:f7:34:28:bd:6f:09:0d:e5:99:25:
b6:95:8e:f2:93:99:5b:28:ec:30:ee:1a:44:79:c9:
5c:5d:b2:e3:66:92:ce:6f:47:47:52:61:59:0e:b0:
cf:7d:39:ef:03:3d:bc:e9:ef:de:a7:b9:e8:08:e3:
1f:56:8c:47:d8:e3:6a:5a:88:b8:7e:96:42:6c:36:
3d:86:19:28:aa:3b:79:5b:80:44:5b:59:16:61:8a:
32:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:1B:46:15:02:C3:04:CB:70:71:74:08:62:F2:84:08:1E:8C:F0:F4
X509v3 Authority Key Identifier:
keyid:AD:4A:14:95:48:4C:E2:BF:9E:C2:81:99:A8:29:98:AD:02:63:83:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rUoUlUhM4r-ewoGZqCmYrQJjgxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/b30e30-6b81-4585-8b54-61a8ec8166fe/1/QxtGFQLDBMtwcXQIYvKECB6M8PQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/b30e30-6b81-4585-8b54-61a8ec8166fe/1/rUoUlUhM4r-ewoGZqCmYrQJjgxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.172.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:1d:49:0a:85:5a:3a:41:ec:9a:1f:d9:a9:91:6b:c3:05:be:
39:d0:e0:b1:4a:4d:a2:06:58:14:23:0d:a1:4a:17:6a:01:ed:
1a:26:3c:0d:c5:fd:45:ff:6f:fe:4f:23:9e:d2:60:f2:04:db:
28:ba:33:8a:f0:c3:0d:fc:0f:70:1e:a6:b8:5f:b2:e9:87:34:
df:51:02:3c:cf:a8:92:77:73:e7:64:4a:f9:37:f5:a4:f1:84:
71:0a:0b:99:35:71:89:f4:85:84:40:68:a2:0c:b5:0e:27:c3:
cd:3e:5a:df:3e:63:6b:fb:4b:d7:24:f6:e8:e1:1a:3f:7a:bd:
b5:12:3c:f3:71:3d:68:b6:49:d3:03:d4:3d:e8:93:74:c4:39:
2e:6e:fb:b2:70:95:6b:ba:a9:43:1e:a4:5d:be:47:ae:b8:8e:
da:79:ad:38:32:3e:a8:5c:c6:3c:11:70:d7:a6:2e:b2:c1:c0:
75:87:52:6c:09:c6:cb:7d:66:de:c7:d6:3f:f7:be:25:7f:8a:
60:60:0d:85:25:2a:6c:fb:7b:50:3d:fa:9e:a7:ed:c7:e7:f9:
87:b4:5e:f4:91:c0:0b:74:8a:5d:85:5a:02:a2:df:b4:61:81:
28:95:0e:fe:cb:09:43:93:4e:07:b4:4f:2f:c8:02:4c:60:c7:
be:bf:25:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ3ffkr+9CuT7oaFsrQTWO/1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNGExNDk1NDg0Y2UyYmY5ZWMyODE5OWE4Mjk5OGFkMDI2
MzgzMTYwHhcNMjYwNDMwMTc0NDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzFiNDYxNTAyYzMwNGNiNzA3MTc0MDg2MmYyODQwODFlOGNmMGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1UTutyFPcKg2K9vSFOcYUI86nZ2
Rl2fHy1C6XzMwxWJUhWvVBTLIgcCuBE+zaV4TUrbWOpH8DzyevTQwgk9X1+6/zOQ
IA6m945Hqq7j1GiMh4tIyFzOKUSeP5RwuqT/7I7+IVNM6JmqISl97UDbTOKyLGSL
ZGYC6adpAP9eSaV+BNVc/3I++ibR7+E3jUtT1nOP917GFtMTjZmdFDGzy8xrXTuh
jOegfvc0KL1vCQ3lmSW2lY7yk5lbKOww7hpEeclcXbLjZpLOb0dHUmFZDrDPfTnv
Az286e/ep7noCOMfVoxH2ONqWoi4fpZCbDY9hhkoqjt5W4BEW1kWYYoy5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEMbRhUCwwTLcHF0CGLyhAgejPD0MB8GA1UdIwQY
MBaAFK1KFJVITOK/nsKBmagpmK0CY4MWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclVvVWxVaE00ci1ld29HWnFDbVlyUUpqZ3hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9iMzBlMzAtNmI4MS00NTg1LThiNTQt
NjFhOGVjODE2NmZlLzEvUXh0R0ZRTERCTXR3Y1hRSVl2S0VDQjZNOFBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9iMzBlMzAtNmI4MS00NTg1LThiNTQtNjFhOGVjODE2NmZl
LzEvclVvVWxVaE00ci1ld29HWnFDbVlyUUpqZ3hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuQusMA0G
CSqGSIb3DQEBCwUAA4IBAQBPHUkKhVo6QeyaH9mpkWvDBb450OCxSk2iBlgUIw2h
ShdqAe0aJjwNxf1F/2/+TyOe0mDyBNsoujOK8MMN/A9wHqa4X7LphzTfUQI8z6iS
d3PnZEr5N/Wk8YRxCguZNXGJ9IWEQGiiDLUOJ8PNPlrfPmNr+0vXJPbo4Ro/er21
EjzzcT1otknTA9Q96JN0xDkubvuycJVruqlDHqRdvkeuuI7aea04Mj6oXMY8EXDX
pi6ywcB1h1JsCcbLfWbex9Y/974lf4pgYA2FJSps+3tQPfqep+3H5/mHtF70kcAL
dIpdhVoCot+0YYEolQ7+ywlDk04HtE8vyAJMYMe+vyWZ
-----END CERTIFICATE-----
Generated at Wed May 13 06:04:48 2026 by rpki-client