Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/dcf32f-326d-4e40-85a3-ccc877b5a375/1/AZQrl-Fp_XZDQj5jRrIIFtOdVJY.roa
File: AZQrl-Fp_XZDQj5jRrIIFtOdVJY.roa (raw, json)
Hash identifier: kcWKwgXv8rCa1D22N2vYzSu4ZKjgkLNHlxiOMaTJr0g=
Subject key identifier: 01:94:2B:97:E1:69:FD:76:43:42:3E:63:46:B2:08:16:D3:9D:54:96
Certificate issuer: /CN=b31536abee3d7b54b8303b9bc69a8aabbe9700e4
Certificate serial: 019D019B043EFAC12C7DAF2CCDE021BA3DD0
Authority key identifier: B3:15:36:AB:EE:3D:7B:54:B8:30:3B:9B:C6:9A:8A:AB:BE:97:00:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sxU2q-49e1S4MDubxpqKq76XAOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/dcf32f-326d-4e40-85a3-ccc877b5a375/1/AZQrl-Fp_XZDQj5jRrIIFtOdVJY.roa
Signing time: Wed 18 Mar 2026 15:40:29 +0000
ROA not before: Wed 18 Mar 2026 15:40:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208592
IP address blocks: 45.94.216.0/24 maxlen: 24
45.94.217.0/24 maxlen: 24
45.94.218.0/24 maxlen: 24
45.94.219.0/24 maxlen: 24
185.121.2.0/24 maxlen: 24
185.121.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/dcf32f-326d-4e40-85a3-ccc877b5a375/1/sxU2q-49e1S4MDubxpqKq76XAOQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/dcf32f-326d-4e40-85a3-ccc877b5a375/1/sxU2q-49e1S4MDubxpqKq76XAOQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/sxU2q-49e1S4MDubxpqKq76XAOQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:01:9b:04:3e:fa:c1:2c:7d:af:2c:cd:e0:21:ba:3d:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b31536abee3d7b54b8303b9bc69a8aabbe9700e4
Validity
Not Before: Mar 18 15:40:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=01942b97e169fd7643423e6346b20816d39d5496
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b2:c6:5c:1e:34:40:6f:32:cb:95:5f:03:48:
0b:86:4c:cf:b7:f6:dc:3c:0f:55:1a:c2:d2:bc:93:
63:fd:da:20:56:cc:a9:39:76:24:ba:01:08:ac:c4:
73:f1:70:eb:12:6e:76:56:d1:34:2f:ea:1e:9f:54:
44:c6:86:8c:21:59:b7:32:06:f7:be:d9:1c:73:eb:
16:6e:2e:da:a8:57:f4:4c:9a:1d:63:2f:16:0e:7a:
ee:56:59:fc:69:25:a1:60:55:25:b2:f6:b7:e4:6b:
bb:25:9c:d1:01:db:2a:d9:f6:7c:7a:c8:b3:be:92:
97:87:01:66:ad:fe:40:e7:24:82:14:22:fb:79:a5:
cc:aa:d6:18:0e:3f:a3:05:78:26:e9:28:17:4e:c6:
30:58:b4:07:0d:15:29:2d:a8:0e:e1:88:5b:47:df:
7f:68:9e:85:c5:10:30:59:ff:70:86:38:2f:fb:66:
25:39:b6:4d:df:29:83:5e:2e:3a:b9:c7:76:a7:bd:
d4:57:8d:52:f0:77:6b:70:ba:ba:db:23:5e:89:e1:
04:e0:f8:82:46:66:05:a2:6d:da:ea:8b:17:32:68:
34:0f:cc:95:e6:ba:be:70:46:b7:0c:4f:3b:29:0b:
48:23:ea:9b:9a:5a:ee:d2:c7:d8:3b:c1:14:88:f4:
6a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:94:2B:97:E1:69:FD:76:43:42:3E:63:46:B2:08:16:D3:9D:54:96
X509v3 Authority Key Identifier:
keyid:B3:15:36:AB:EE:3D:7B:54:B8:30:3B:9B:C6:9A:8A:AB:BE:97:00:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxU2q-49e1S4MDubxpqKq76XAOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/dcf32f-326d-4e40-85a3-ccc877b5a375/1/AZQrl-Fp_XZDQj5jRrIIFtOdVJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/dcf32f-326d-4e40-85a3-ccc877b5a375/1/sxU2q-49e1S4MDubxpqKq76XAOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.216.0/22
185.121.2.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:90:33:5f:21:cd:91:26:78:4c:4d:1c:ef:ba:24:c3:09:3a:
0a:7f:2c:08:97:9c:8c:6c:73:9a:cc:de:cb:e6:04:c9:11:51:
03:bb:d5:c6:5b:3f:47:7c:8e:dd:a2:4b:47:da:83:23:fe:e0:
ca:92:5c:2a:37:31:61:77:24:63:82:10:b0:9a:00:90:81:17:
d6:c7:d2:e1:eb:11:b4:42:17:af:ad:08:9a:2b:90:6e:53:04:
99:e9:9f:c2:93:e2:bd:81:c0:17:52:16:19:0d:ba:e6:90:88:
74:b7:5a:a8:11:82:09:48:fa:36:b1:01:50:95:1d:66:7e:9d:
20:d3:71:b6:c8:9b:1b:4c:43:83:f4:2f:cc:41:50:b1:18:ba:
20:23:8c:d3:8c:8d:41:b4:33:11:36:61:fa:a1:9f:b5:1b:89:
37:f3:9a:0d:25:0a:43:73:3c:51:06:88:48:c6:4c:c0:78:e9:
e3:87:4b:3d:67:32:f5:88:01:35:8f:0e:5a:33:90:a9:d1:e7:
9b:b4:b9:ff:f0:ed:ad:c8:10:18:7d:3f:b7:63:0c:08:a7:62:
73:db:99:82:60:47:79:fb:b8:2c:ee:ab:36:33:2b:4c:53:66:
08:a6:47:41:83:db:1b:d6:e0:10:a9:e7:7c:4c:61:f5:53:2b:
c1:da:5c:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0BmwQ++sEsfa8szeAhuj3QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMTUzNmFiZWUzZDdiNTRiODMwM2I5YmM2OWE4YWFiYmU5
NzAwZTQwHhcNMjYwMzE4MTU0MDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTk0MmI5N2UxNjlmZDc2NDM0MjNlNjM0NmIyMDgxNmQzOWQ1NDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurLGXB40QG8yy5VfA0gLhkzPt/bc
PA9VGsLSvJNj/dogVsypOXYkugEIrMRz8XDrEm52VtE0L+oen1RExoaMIVm3Mgb3
vtkcc+sWbi7aqFf0TJodYy8WDnruVln8aSWhYFUlsva35Gu7JZzRAdsq2fZ8esiz
vpKXhwFmrf5A5ySCFCL7eaXMqtYYDj+jBXgm6SgXTsYwWLQHDRUpLagO4YhbR99/
aJ6FxRAwWf9whjgv+2YlObZN3ymDXi46ucd2p73UV41S8HdrcLq62yNeieEE4PiC
RmYFom3a6osXMmg0D8yV5rq+cEa3DE87KQtII+qbmlru0sfYO8EUiPRqwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAGUK5fhaf12Q0I+Y0ayCBbTnVSWMB8GA1UdIwQY
MBaAFLMVNqvuPXtUuDA7m8aaiqu+lwDkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3hVMnEtNDllMVM0TUR1YnhwcUtxNzZYQU9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9kY2YzMmYtMzI2ZC00ZTQwLTg1YTMt
Y2NjODc3YjVhMzc1LzEvQVpRcmwtRnBfWFpEUWo1alJySUlGdE9kVkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9kY2YzMmYtMzI2ZC00ZTQwLTg1YTMtY2NjODc3YjVhMzc1
LzEvc3hVMnEtNDllMVM0TUR1YnhwcUtxNzZYQU9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLV7YAwQB
uXkCMA0GCSqGSIb3DQEBCwUAA4IBAQB7kDNfIc2RJnhMTRzvuiTDCToKfywIl5yM
bHOazN7L5gTJEVEDu9XGWz9HfI7doktH2oMj/uDKklwqNzFhdyRjghCwmgCQgRfW
x9Lh6xG0QhevrQiaK5BuUwSZ6Z/Ck+K9gcAXUhYZDbrmkIh0t1qoEYIJSPo2sQFQ
lR1mfp0g03G2yJsbTEOD9C/MQVCxGLogI4zTjI1BtDMRNmH6oZ+1G4k385oNJQpD
czxRBohIxkzAeOnjh0s9ZzL1iAE1jw5aM5Cp0eebtLn/8O2tyBAYfT+3YwwIp2Jz
25mCYEd5+7gs7qs2MytMU2YIpkdBg9sb1uAQqed8TGH1UyvB2lxm
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:47:58 2026 by rpki-client