Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/QiuDIuRkSViN_0aiLux397WPPaM.roa
File: QiuDIuRkSViN_0aiLux397WPPaM.roa (raw, json)
Hash identifier: 0ZwM9X61p4unEOmNfSSTesI8zR2qkfQh2THCBqFCSqM=
Subject key identifier: 42:2B:83:22:E4:64:49:58:8D:FF:46:A2:2E:EC:77:F7:B5:8F:3D:A3
Certificate issuer: /CN=5d129b0460cf9ee0500ee880a2cfa1a524e4df00
Certificate serial: 019D2914BFB7A5798559F3D3DFE8D7349D96
Authority key identifier: 5D:12:9B:04:60:CF:9E:E0:50:0E:E8:80:A2:CF:A1:A5:24:E4:DF:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XRKbBGDPnuBQDuiAos-hpSTk3wA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/QiuDIuRkSViN_0aiLux397WPPaM.roa
Signing time: Thu 26 Mar 2026 07:38:38 +0000
ROA not before: Thu 26 Mar 2026 07:38:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214875
IP address blocks: 37.97.0.0/20 maxlen: 20
37.97.2.0/24 maxlen: 24
37.97.3.0/24 maxlen: 24
37.97.48.0/21 maxlen: 21
37.97.58.0/23 maxlen: 23
37.97.62.0/23 maxlen: 23
45.13.240.0/22 maxlen: 22
188.228.8.0/22 maxlen: 22
188.228.14.0/24 maxlen: 24
188.228.48.0/23 maxlen: 23
188.228.54.0/24 maxlen: 24
188.228.68.0/23 maxlen: 23
188.228.78.0/24 maxlen: 24
188.228.80.0/22 maxlen: 22
188.228.88.0/22 maxlen: 22
188.228.92.0/23 maxlen: 23
188.228.96.0/22 maxlen: 22
188.228.102.0/23 maxlen: 23
2a00:fd01::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/XRKbBGDPnuBQDuiAos-hpSTk3wA.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/XRKbBGDPnuBQDuiAos-hpSTk3wA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XRKbBGDPnuBQDuiAos-hpSTk3wA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 07:38:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:14:bf:b7:a5:79:85:59:f3:d3:df:e8:d7:34:9d:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d129b0460cf9ee0500ee880a2cfa1a524e4df00
Validity
Not Before: Mar 26 07:38:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=422b8322e46449588dff46a22eec77f7b58f3da3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:3d:da:82:41:ba:26:d4:d5:07:ec:cb:88:a4:
02:37:96:41:f1:74:60:a2:0e:c3:76:32:72:b1:8c:
e8:45:fd:8a:22:e6:c7:7e:cd:7a:b1:4f:98:52:dc:
4a:6c:0e:35:d6:53:83:7d:d2:75:cd:ff:6a:46:3a:
89:e6:22:e7:84:12:7c:7a:70:f7:56:da:48:ec:59:
a5:eb:44:21:34:58:af:23:2a:da:2b:4c:9b:0a:14:
ef:9c:7e:e8:38:9b:21:b1:a4:69:0b:85:2a:45:47:
f0:fc:6b:99:48:2c:68:e1:9c:15:ba:38:18:7b:70:
11:76:85:f3:45:59:e5:4d:92:6d:42:ad:f5:64:63:
37:c8:ad:f6:f0:0d:bf:64:9b:ba:99:c4:be:68:c6:
87:27:94:77:56:b3:26:f8:4b:a5:29:35:f7:63:a6:
6b:a8:87:3c:96:a3:cc:9a:ef:ba:97:4a:e5:c2:ec:
2c:c4:1b:f6:32:ad:76:50:3b:77:a1:68:bb:4f:2c:
b3:ce:c5:5a:9a:ed:7c:75:9c:dd:85:f6:46:28:38:
45:3f:8f:05:e7:98:6d:51:a3:0e:ea:aa:29:6f:09:
52:27:34:3c:c9:fa:c5:a4:e1:8d:5a:66:82:3a:79:
6e:e8:ab:42:23:6a:a7:9c:c5:00:32:eb:25:87:14:
3d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:2B:83:22:E4:64:49:58:8D:FF:46:A2:2E:EC:77:F7:B5:8F:3D:A3
X509v3 Authority Key Identifier:
keyid:5D:12:9B:04:60:CF:9E:E0:50:0E:E8:80:A2:CF:A1:A5:24:E4:DF:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XRKbBGDPnuBQDuiAos-hpSTk3wA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/QiuDIuRkSViN_0aiLux397WPPaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/XRKbBGDPnuBQDuiAos-hpSTk3wA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.0.0/20
37.97.48.0/21
37.97.58.0/23
37.97.62.0/23
45.13.240.0/22
188.228.8.0/22
188.228.14.0/24
188.228.48.0/23
188.228.54.0/24
188.228.68.0/23
188.228.78.0/24
188.228.80.0/22
188.228.88.0-188.228.93.255
188.228.96.0/22
188.228.102.0/23
IPv6:
2a00:fd01::/32
Signature Algorithm: sha256WithRSAEncryption
75:75:e0:90:03:3c:67:f8:83:f1:e9:db:c5:e4:50:3b:29:42:
b5:a4:22:a4:09:d5:b8:54:8b:a0:f3:24:0d:be:fd:c0:b7:7e:
7d:37:2a:3f:4a:90:94:de:17:a1:2c:9a:ae:13:0c:65:c1:8b:
f8:ab:04:ab:c8:a6:48:ac:36:e5:d7:83:f5:b6:47:29:a9:13:
1d:d0:a1:c0:d7:50:78:a2:e0:5a:7e:72:4d:7e:03:bd:47:20:
1e:ac:e2:8c:08:6d:f4:e7:fd:e2:19:4a:48:4a:db:eb:96:4c:
85:7c:59:01:f2:d3:43:c1:87:5d:1f:e3:5d:b6:a8:d2:5c:3c:
d6:79:4c:09:e2:27:0d:97:c8:2e:0b:69:e1:e8:6f:a9:ba:ed:
72:98:bf:ea:17:a6:b5:31:76:60:23:54:7c:31:3a:f5:fd:fd:
18:34:37:0d:93:6d:75:18:25:dc:b7:04:9a:46:cf:77:ab:85:
6b:99:75:8a:21:cd:86:b6:13:64:05:b5:d3:ac:94:33:96:6d:
54:28:16:8d:47:e2:29:78:7a:d1:02:90:4d:4b:56:37:67:9e:
26:bd:73:c2:f2:3e:2e:9c:83:9a:8d:96:da:87:48:65:6a:2f:
77:38:e0:af:d4:77:34:5b:ae:06:78:56:01:92:19:88:53:9c:
78:d6:37:68
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAZ0pFL+3pXmFWfPT3+jXNJ2WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMTI5YjA0NjBjZjllZTA1MDBlZTg4MGEyY2ZhMWE1MjRl
NGRmMDAwHhcNMjYwMzI2MDczODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjJiODMyMmU0NjQ0OTU4OGRmZjQ2YTIyZWVjNzdmN2I1OGYzZGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsz3agkG6JtTVB+zLiKQCN5ZB8XRg
og7DdjJysYzoRf2KIubHfs16sU+YUtxKbA411lODfdJ1zf9qRjqJ5iLnhBJ8enD3
VtpI7Fml60QhNFivIyraK0ybChTvnH7oOJshsaRpC4UqRUfw/GuZSCxo4ZwVujgY
e3ARdoXzRVnlTZJtQq31ZGM3yK328A2/ZJu6mcS+aMaHJ5R3VrMm+EulKTX3Y6Zr
qIc8lqPMmu+6l0rlwuwsxBv2Mq12UDt3oWi7TyyzzsVamu18dZzdhfZGKDhFP48F
55htUaMO6qopbwlSJzQ8yfrFpOGNWmaCOnlu6KtCI2qnnMUAMuslhxQ9eQIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFEIrgyLkZElYjf9Goi7sd/e1jz2jMB8GA1UdIwQY
MBaAFF0SmwRgz57gUA7ogKLPoaUk5N8AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFJLYkJHRFBudUJRRHVpQW9zLWhwU1RrM3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi84NTU3ZTAtMzY4ZC00ZDhlLTk3NDEt
YTg3N2RkNTFiYzQ5LzEvUWl1REl1UmtTVmlOXzBhaUx1eDM5N1dQUGFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi84NTU3ZTAtMzY4ZC00ZDhlLTk3NDEtYTg3N2RkNTFiYzQ5
LzEvWFJLYkJHRFBudUJRRHVpQW9zLWhwU1RrM3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwaAQCAAEwYgMEBCVhAAME
AyVhMAMEASVhOgMEASVhPgMEAi0N8AMEArzkCAMEALzkDgMEAbzkMAMEALzkNgME
AbzkRAMEALzkTgMEArzkUDAMAwQDvORYAwQBvORcAwQCvORgAwQBvORmMA0EAgAC
MAcDBQAqAP0BMA0GCSqGSIb3DQEBCwUAA4IBAQB1deCQAzxn+IPx6dvF5FA7KUK1
pCKkCdW4VIug8yQNvv3At359Nyo/SpCU3hehLJquEwxlwYv4qwSryKZIrDbl14P1
tkcpqRMd0KHA11B4ouBafnJNfgO9RyAerOKMCG305/3iGUpIStvrlkyFfFkB8tND
wYddH+NdtqjSXDzWeUwJ4icNl8guC2nh6G+puu1ymL/qF6a1MXZgI1R8MTr1/f0Y
NDcNk211GCXctwSaRs93q4VrmXWKIc2GthNkBbXTrJQzlm1UKBaNR+IpeHrRApBN
S1Y3Z54mvXPC8j4unIOajZbah0hlai93OOCv1Hc0W64GeFYBkhmIU5x41jdo
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:32:30 2026 by rpki-client