Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/qQwoj-lvFgwrTMYCWnq277mmLYc.roa
File: qQwoj-lvFgwrTMYCWnq277mmLYc.roa (raw, json)
Hash identifier: tkvX7T4aPlyqb1XDA+Dl43Hzu/nYgxP4G9hG01NwRI0=
Subject key identifier: A9:0C:28:8F:E9:6F:16:0C:2B:4C:C6:02:5A:7A:B6:EF:B9:A6:2D:87
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 019D04C62E4FF84FA46B8383F19F4B29F3B0
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/qQwoj-lvFgwrTMYCWnq277mmLYc.roa
Signing time: Thu 19 Mar 2026 06:26:29 +0000
ROA not before: Thu 19 Mar 2026 06:26:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209737
IP address blocks: 5.180.105.0/24 maxlen: 24
5.180.106.0/24 maxlen: 24
5.180.107.0/24 maxlen: 24
45.74.242.0/24 maxlen: 24
45.74.244.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
45.131.1.0/24 maxlen: 24
45.136.4.0/24 maxlen: 24
45.136.5.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
77.83.203.0/24 maxlen: 24
91.208.204.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
2a0f:b700::/29 maxlen: 29
2a0f:e900::/29 maxlen: 29
2a0f:eb00::/29 maxlen: 29
2a0f:eb00::/32 maxlen: 32
2a0f:eb07::/32 maxlen: 32
2a0f:ed00::/29 maxlen: 29
2a0f:ed03::/32 maxlen: 32
2a0f:f900::/29 maxlen: 29
2a13:a440::/48 maxlen: 48
2a13:a440:1::/48 maxlen: 48
2a13:a440:2::/48 maxlen: 48
2a13:a440:3::/48 maxlen: 48
2a13:a440:4::/48 maxlen: 48
2a13:a440:5::/48 maxlen: 48
2a13:a440:7::/48 maxlen: 48
2a13:a441::/32 maxlen: 32
2a13:a442::/32 maxlen: 32
2a13:a443::/32 maxlen: 32
2a13:a444::/32 maxlen: 32
2a13:a445::/32 maxlen: 32
2a13:a446::/32 maxlen: 32
2a13:a447::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.mft
rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:04:c6:2e:4f:f8:4f:a4:6b:83:83:f1:9f:4b:29:f3:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Mar 19 06:26:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a90c288fe96f160c2b4cc6025a7ab6efb9a62d87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a7:db:56:6b:2c:a2:5a:7e:37:f7:47:bf:3d:
a1:cb:10:47:25:10:b8:d7:6e:12:3d:f9:bd:f4:75:
fd:34:b3:bd:73:87:28:4f:8b:37:a9:b2:2d:16:ed:
c5:d2:16:22:00:55:62:00:21:06:09:17:2b:17:3e:
b9:29:12:24:80:a3:2b:e2:50:31:c5:7b:a4:4c:ef:
da:f8:e8:04:18:38:b5:c7:1f:34:15:ce:10:50:7b:
d2:71:ff:5b:c3:e6:1c:03:92:de:39:df:99:bd:ec:
af:d7:13:6c:5e:5c:e7:0d:fa:ac:15:ab:a6:8f:cb:
3f:18:35:03:85:53:43:d3:e7:a8:bd:97:07:e7:8b:
1f:a7:d2:a1:21:97:2a:04:79:83:69:c6:6c:e4:42:
6f:cc:b4:28:bb:84:0f:74:af:55:05:2f:cc:5f:63:
d0:1c:43:1d:3b:73:e3:6e:db:95:d9:f7:e2:07:f8:
44:80:79:3e:44:3b:2b:4b:e8:e0:ca:87:e8:6d:75:
06:cc:98:3f:fa:df:b9:e2:a1:6c:3a:6d:9a:47:1c:
22:27:ee:d6:02:8a:c0:52:0c:43:5c:13:c6:f6:90:
4b:3e:0a:76:89:1e:14:7a:20:0a:03:31:df:63:2a:
20:a0:d9:b4:a4:6a:4e:79:24:ec:46:77:9d:3f:49:
ab:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:0C:28:8F:E9:6F:16:0C:2B:4C:C6:02:5A:7A:B6:EF:B9:A6:2D:87
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/qQwoj-lvFgwrTMYCWnq277mmLYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.105.0-5.180.107.255
45.74.242.0/24
45.74.244.0/24
45.131.0.0/23
45.136.4.0/23
77.83.200.0/22
91.208.204.0/24
194.116.237.0/24
IPv6:
2a09:8780::/29
2a0f:b700::/29
2a0f:e900::/29
2a0f:eb00::/29
2a0f:ed00::/29
2a0f:f900::/29
2a13:a440::-2a13:a440:5:ffff:ffff:ffff:ffff:ffff
2a13:a440:7::/48
2a13:a441::-2a13:a447:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9b:78:92:b6:01:94:bd:31:3d:a4:f1:ef:75:b3:9c:4a:d3:bb:
33:cb:8e:6d:80:a5:7c:53:22:b3:b3:0d:b3:f7:13:8b:96:75:
4c:9d:43:98:d4:27:21:25:9a:54:c1:a1:93:8e:06:44:eb:81:
b7:7e:93:5b:04:c6:dc:42:f5:6a:9a:fa:6a:b8:8a:8d:1a:56:
6b:59:0c:2d:24:6d:e0:19:06:4e:63:8a:c2:53:ee:c8:af:25:
f0:82:db:64:65:0a:bc:38:44:06:94:02:8a:e7:69:44:06:27:
49:c9:16:4c:f4:14:1b:37:ae:4d:15:1b:14:dd:96:f1:f6:f5:
3c:87:76:f1:26:53:56:ea:b9:15:a0:36:18:05:7a:27:ad:89:
66:19:09:fe:b6:20:09:fb:c7:33:94:8a:4d:39:cc:87:71:27:
13:9d:75:16:0b:b3:28:8f:5d:22:b2:bb:d4:78:5f:4f:1a:89:
bd:87:a5:53:8f:bf:a9:51:68:e3:da:68:ab:e6:56:af:62:c9:
1a:02:f7:45:79:53:e4:41:70:ae:54:64:3e:f4:48:ce:90:d4:
b2:52:71:da:b3:39:c4:32:ee:fb:95:81:45:89:d9:1e:fa:9c:
5c:e2:19:a4:1c:ae:18:ed:c4:28:18:15:a8:21:fc:d5:0f:fe:
5b:56:0e:08
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAZ0Exi5P+E+ka4OD8Z9LKfOwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjYwMzE5MDYyNjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTBjMjg4ZmU5NmYxNjBjMmI0Y2M2MDI1YTdhYjZlZmI5YTYyZDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKfbVmssolp+N/dHvz2hyxBHJRC4
124SPfm99HX9NLO9c4coT4s3qbItFu3F0hYiAFViACEGCRcrFz65KRIkgKMr4lAx
xXukTO/a+OgEGDi1xx80Fc4QUHvScf9bw+YcA5LeOd+Zveyv1xNsXlznDfqsFaum
j8s/GDUDhVND0+eovZcH54sfp9KhIZcqBHmDacZs5EJvzLQou4QPdK9VBS/MX2PQ
HEMdO3PjbtuV2ffiB/hEgHk+RDsrS+jgyofobXUGzJg/+t+54qFsOm2aRxwiJ+7W
AorAUgxDXBPG9pBLPgp2iR4UeiAKAzHfYyogoNm0pGpOeSTsRnedP0mrbQIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFKkMKI/pbxYMK0zGAlp6tu+5pi2HMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvcVF3b2otbHZGZ3dyVE1ZQ1ducTI3N21tTFljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTA+BAIAATA4MAwDBAAF
tGkDBAIFtGgDBAAtSvIDBAAtSvQDBAEtgwADBAEtiAQDBAJNU8gDBABb0MwDBADC
dO0wWwQCAAIwVQMFAyoJh4ADBQMqD7cAAwUDKg/pAAMFAyoP6wADBQMqD+0AAwUD
Kg/5ADAQAwUGKhOkQAMHASoTpEAABAMHACoTpEAABzAOAwUAKhOkQQMFAyoTpEAw
DQYJKoZIhvcNAQELBQADggEBAJt4krYBlL0xPaTx73WznErTuzPLjm2ApXxTIrOz
DbP3E4uWdUydQ5jUJyElmlTBoZOOBkTrgbd+k1sExtxC9Wqa+mq4io0aVmtZDC0k
beAZBk5jisJT7sivJfCC22RlCrw4RAaUAornaUQGJ0nJFkz0FBs3rk0VGxTdlvH2
9TyHdvEmU1bquRWgNhgFeietiWYZCf62IAn7xzOUik05zIdxJxOddRYLsyiPXSKy
u9R4X08aib2HpVOPv6lRaOPaaKvmVq9iyRoC90V5U+RBcK5UZD70SM6Q1LJScdqz
OcQy7vuVgUWJ2R76nFziGaQcrhjtxCgYFagh/NUP/ltWDgg=
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:44:36 2026 by rpki-client