Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/xqwqkvhEHHtfKMR1DggBvZ_qWNM.roa
File: xqwqkvhEHHtfKMR1DggBvZ_qWNM.roa (raw, json)
Hash identifier: t5OZwhX//N0DuIjrzLkQNjBPbXOPV8gkDPE6FX/cXLw=
Subject key identifier: C6:AC:2A:92:F8:44:1C:7B:5F:28:C4:75:0E:08:01:BD:9F:EA:58:D3
Certificate issuer: /CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Certificate serial: 019D00EA522D5C85C75C51A7ABDF77A80B01
Authority key identifier: 49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/xqwqkvhEHHtfKMR1DggBvZ_qWNM.roa
Signing time: Wed 18 Mar 2026 12:27:29 +0000
ROA not before: Wed 18 Mar 2026 12:27:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212477
IP address blocks: 62.233.36.0/24 maxlen: 32
91.246.59.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.mft
rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:00:ea:52:2d:5c:85:c7:5c:51:a7:ab:df:77:a8:0b:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Validity
Not Before: Mar 18 12:27:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c6ac2a92f8441c7b5f28c4750e0801bd9fea58d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:eb:62:ec:56:ec:9d:8d:17:47:6a:46:e2:d0:
d6:4a:2c:b1:99:53:a5:d6:23:e9:50:e4:a9:92:f3:
b5:82:0b:f2:25:09:c7:9c:ed:59:1a:1e:62:d9:ca:
88:41:b5:93:11:26:4a:65:73:ae:50:94:b9:00:55:
37:ad:15:06:ec:d1:07:79:63:45:bd:22:93:19:47:
26:7a:b0:fa:5a:5c:6c:cc:96:81:24:66:0c:92:4f:
df:68:52:9a:59:c4:94:58:1e:32:e3:93:aa:b6:7c:
f8:47:e9:98:10:30:55:5a:05:42:f4:4e:2c:b5:00:
e1:06:50:4c:0c:f1:dd:7b:e8:25:9a:88:24:8c:e2:
21:67:d3:76:00:32:3b:ff:c1:6d:39:8e:74:2f:0f:
0e:62:9e:82:e4:86:2e:75:35:7b:25:9b:57:f3:6f:
40:98:7e:b7:2c:d5:9b:63:3c:e5:3f:66:2b:03:4e:
b4:f3:a3:af:4d:0a:20:8d:70:1a:d0:61:3e:6f:39:
aa:4e:ab:96:77:84:6f:24:bc:e1:f5:9b:89:df:80:
de:00:fe:60:ce:35:a1:d1:e0:f0:92:c0:8b:03:b4:
39:d3:e1:f2:85:76:57:69:3c:18:17:80:a9:38:4a:
27:69:19:a5:ac:1d:2e:c6:86:88:42:98:38:99:28:
78:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:AC:2A:92:F8:44:1C:7B:5F:28:C4:75:0E:08:01:BD:9F:EA:58:D3
X509v3 Authority Key Identifier:
keyid:49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/xqwqkvhEHHtfKMR1DggBvZ_qWNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.233.36.0/24
91.246.59.0/24
Signature Algorithm: sha256WithRSAEncryption
31:0d:21:55:07:4a:9e:28:85:06:30:21:d4:0b:3e:29:c9:aa:
9c:4d:2f:f5:2c:0e:47:4a:dc:04:68:b3:4c:ed:88:c7:90:e4:
b1:3f:9d:0a:22:5f:34:7c:f8:97:02:0b:07:6d:7a:2a:a9:d3:
94:1d:17:38:24:fb:58:8b:b7:a4:46:52:56:59:28:42:e1:4a:
c0:1a:48:c2:7e:2a:6d:42:54:f4:92:20:bb:8c:7b:7f:22:26:
42:f0:b8:ee:94:7f:93:64:a6:b6:27:1f:e0:78:e3:9e:89:01:
98:63:4e:b8:7e:b3:51:6c:e3:95:6b:f1:c3:aa:c7:f4:3a:e6:
c6:bc:92:5d:7e:ac:c3:c3:c1:c2:79:c1:c8:62:38:51:de:a0:
db:4f:39:4f:d1:24:48:1a:35:ef:4d:c1:0c:61:3b:27:34:97:
ce:94:7a:bf:83:b1:98:07:75:35:84:13:3f:5f:c4:91:c7:7e:
07:90:b9:34:d1:f4:2f:c8:a9:3f:1f:b2:40:a1:d9:fe:4b:69:
53:1a:76:2a:c1:fe:49:00:5b:7a:41:96:0a:ab:bd:d1:9b:e8:
00:3c:42:ad:aa:59:9a:8e:e3:68:b0:95:23:8b:93:3a:6d:d4:
8f:16:b1:7a:4e:53:95:fe:2c:67:cb:5e:aa:13:de:d4:56:ea:
fb:19:d1:08
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0A6lItXIXHXFGnq993qAsBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTE0YmY3NmY0MmRhNGYyYWMwMDNhNmM2OWQ2MWMyMzIw
ZTJjZDgwHhcNMjYwMzE4MTIyNzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmFjMmE5MmY4NDQxYzdiNWYyOGM0NzUwZTA4MDFiZDlmZWE1OGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveti7FbsnY0XR2pG4tDWSiyxmVOl
1iPpUOSpkvO1ggvyJQnHnO1ZGh5i2cqIQbWTESZKZXOuUJS5AFU3rRUG7NEHeWNF
vSKTGUcmerD6WlxszJaBJGYMkk/faFKaWcSUWB4y45Oqtnz4R+mYEDBVWgVC9E4s
tQDhBlBMDPHde+glmogkjOIhZ9N2ADI7/8FtOY50Lw8OYp6C5IYudTV7JZtX829A
mH63LNWbYzzlP2YrA06086OvTQogjXAa0GE+bzmqTquWd4RvJLzh9ZuJ34DeAP5g
zjWh0eDwksCLA7Q50+HyhXZXaTwYF4CpOEonaRmlrB0uxoaIQpg4mSh4eQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMasKpL4RBx7XyjEdQ4IAb2f6ljTMB8GA1UdIwQY
MBaAFEnhS/dvQtpPKsADpsadYcIyDizYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEt
M2JlY2NhYWUzMzZkLzEveHF3cWt2aEVISHRmS01SMURnZ0J2Wl9xV05NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEtM2JlY2NhYWUzMzZk
LzEvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPukkAwQA
W/Y7MA0GCSqGSIb3DQEBCwUAA4IBAQAxDSFVB0qeKIUGMCHUCz4pyaqcTS/1LA5H
StwEaLNM7YjHkOSxP50KIl80fPiXAgsHbXoqqdOUHRc4JPtYi7ekRlJWWShC4UrA
GkjCfiptQlT0kiC7jHt/IiZC8LjulH+TZKa2Jx/geOOeiQGYY064frNRbOOVa/HD
qsf0OubGvJJdfqzDw8HCecHIYjhR3qDbTzlP0SRIGjXvTcEMYTsnNJfOlHq/g7GY
B3U1hBM/X8SRx34HkLk00fQvyKk/H7JAodn+S2lTGnYqwf5JAFt6QZYKq73Rm+gA
PEKtqlmajuNosJUji5M6bdSPFrF6TlOV/ixny16qE97UVur7GdEI
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:41:04 2026 by rpki-client