Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/jQpPOBphDwOHGz-YTTgRfMl55f4.roa
File: jQpPOBphDwOHGz-YTTgRfMl55f4.roa (raw, json)
Hash identifier: ZN+2LfzVaZonpBeZ6jR5K6U7ZyZ37D18XY7PBjVsHPg=
Subject key identifier: 8D:0A:4F:38:1A:61:0F:03:87:1B:3F:98:4D:38:11:7C:C9:79:E5:FE
Certificate issuer: /CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Certificate serial: 019E16D2B9EDFAC4A476AAB8E7133C32E6F8
Authority key identifier: B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/jQpPOBphDwOHGz-YTTgRfMl55f4.roa
Signing time: Mon 11 May 2026 11:36:09 +0000
ROA not before: Mon 11 May 2026 11:36:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198486
IP address blocks: 80.174.128.0/21 maxlen: 24
80.174.244.0/23 maxlen: 24
80.174.246.0/24 maxlen: 24
83.143.171.0/24 maxlen: 24
83.143.174.0/23 maxlen: 24
93.95.16.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.mft
rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 19:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:16:d2:b9:ed:fa:c4:a4:76:aa:b8:e7:13:3c:32:e6:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Validity
Not Before: May 11 11:36:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8d0a4f381a610f03871b3f984d38117cc979e5fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:3e:d2:a0:ee:99:f0:7e:50:7f:a2:a2:ce:90:
74:70:8d:e0:d4:58:4b:27:f0:7c:f3:68:9e:f1:8c:
db:b7:48:56:9e:7f:0b:92:4e:e7:60:a6:3e:88:0a:
d4:a9:b8:a4:01:6a:2a:42:ec:ca:56:df:6a:85:a3:
ba:af:44:b3:d0:23:d2:e4:ba:bb:36:8b:e1:d6:76:
83:ed:91:36:8d:be:1f:da:75:b6:76:85:17:ab:cc:
8c:e2:d5:e0:1b:ee:11:93:a6:d9:86:30:23:22:84:
ed:01:8c:13:74:29:9f:c5:a9:c3:e4:d0:ba:09:9c:
0a:42:60:77:00:09:b7:08:84:3a:d5:cc:c2:41:62:
40:20:f6:d7:e7:c4:38:60:1d:2c:5b:e5:d5:e6:79:
06:c4:a1:1d:eb:bd:56:86:b0:3c:9e:56:55:07:d4:
48:46:09:9b:a3:71:06:5c:27:e8:8a:37:47:0e:f4:
0a:8e:d0:6c:e5:5e:1d:2e:e4:3a:b8:13:3f:c8:79:
95:b6:a1:c3:26:c2:aa:62:f5:e3:c4:b8:ca:44:90:
1b:d8:69:0b:f8:67:67:32:6e:73:83:92:19:ee:c3:
d9:05:10:8d:0d:b8:e5:eb:a1:20:94:b2:bc:81:5a:
e1:67:f2:7f:d4:a6:b2:df:9f:0e:3c:b2:51:f1:d8:
5d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:0A:4F:38:1A:61:0F:03:87:1B:3F:98:4D:38:11:7C:C9:79:E5:FE
X509v3 Authority Key Identifier:
keyid:B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/jQpPOBphDwOHGz-YTTgRfMl55f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.174.128.0/21
80.174.244.0-80.174.246.255
83.143.171.0/24
83.143.174.0/23
93.95.16.0/21
Signature Algorithm: sha256WithRSAEncryption
8c:24:fe:29:cf:20:d9:64:4e:b8:fb:ae:f7:53:9b:d4:43:02:
bd:50:b4:5c:80:e9:60:47:3e:f6:7a:73:c3:7a:b3:e4:94:5e:
36:3e:1c:8a:f1:0f:e9:fe:e5:a1:55:ea:01:5c:a8:c4:cb:b8:
af:61:30:5e:02:e1:38:cf:73:7c:2b:88:2e:79:1c:39:79:76:
09:9f:8e:4e:71:57:53:50:a2:f1:e8:f7:3f:ba:78:10:50:d3:
e4:96:7e:98:4f:c8:f2:2a:63:72:d8:66:f4:4f:c3:31:79:e2:
dd:4b:c3:92:1d:e3:a1:9b:b9:eb:0c:0c:03:be:f3:91:f3:66:
bd:74:a8:d8:75:e7:6e:ab:dd:30:99:fe:78:bc:de:ef:50:71:
c8:4b:62:a5:dc:e0:74:40:56:d9:c4:b9:5a:d3:0b:ec:b4:9e:
0a:6c:e7:81:97:06:31:f7:d7:7b:04:ff:36:84:39:39:d7:1a:
f3:a3:79:aa:09:3b:a7:06:21:74:08:98:c3:36:80:d1:a5:34:
a0:de:b8:a1:d0:06:67:c0:7f:b8:ee:c4:34:96:47:9b:0d:45:
ff:80:d4:93:25:66:24:0d:f6:c4:39:55:46:92:28:cc:2c:ff:
b9:ad:98:1e:24:9f:22:7f:74:a4:46:4a:db:10:6c:8c:91:70:
38:c1:45:bf
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ4W0rnt+sSkdqq45xM8Mub4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTk5OTg5OWY3NmQyZTJlNGNjZGZjODE3Zjk4NzljZmFj
MDZiYmUwHhcNMjYwNTExMTEzNjA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDBhNGYzODFhNjEwZjAzODcxYjNmOTg0ZDM4MTE3Y2M5NzllNWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzj7SoO6Z8H5Qf6KizpB0cI3g1FhL
J/B882ie8Yzbt0hWnn8Lkk7nYKY+iArUqbikAWoqQuzKVt9qhaO6r0Sz0CPS5Lq7
Novh1naD7ZE2jb4f2nW2doUXq8yM4tXgG+4Rk6bZhjAjIoTtAYwTdCmfxanD5NC6
CZwKQmB3AAm3CIQ61czCQWJAIPbX58Q4YB0sW+XV5nkGxKEd671WhrA8nlZVB9RI
Rgmbo3EGXCfoijdHDvQKjtBs5V4dLuQ6uBM/yHmVtqHDJsKqYvXjxLjKRJAb2GkL
+GdnMm5zg5IZ7sPZBRCNDbjl66EglLK8gVrhZ/J/1Kay358OPLJR8dhdUwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFI0KTzgaYQ8Dhxs/mE04EXzJeeX+MB8GA1UdIwQY
MBaAFLRZmYmfdtLi5MzfyBf5h5z6wGu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUt
NzM0MjhmOWM3YmZmLzEvalFwUE9CcGhEd09IR3otWVRUZ1JmTWw1NWY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUtNzM0MjhmOWM3YmZm
LzEvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQDUK6AMAwD
BAJQrvQDBABQrvYDBABTj6sDBAFTj64DBANdXxAwDQYJKoZIhvcNAQELBQADggEB
AIwk/inPINlkTrj7rvdTm9RDAr1QtFyA6WBHPvZ6c8N6s+SUXjY+HIrxD+n+5aFV
6gFcqMTLuK9hMF4C4TjPc3wriC55HDl5dgmfjk5xV1NQovHo9z+6eBBQ0+SWfphP
yPIqY3LYZvRPwzF54t1Lw5Id46GbuesMDAO+85HzZr10qNh1526r3TCZ/ni83u9Q
cchLYqXc4HRAVtnEuVrTC+y0ngps54GXBjH313sE/zaEOTnXGvOjeaoJO6cGIXQI
mMM2gNGlNKDeuKHQBmfAf7juxDSWR5sNRf+A1JMlZiQN9sQ5VUaSKMws/7mtmB4k
nyJ/dKRGStsQbIyRcDjBRb8=
-----END CERTIFICATE-----
Generated at Wed May 13 06:26:16 2026 by rpki-client