Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/qqeLts1D5se3KH1bAg8P4GUfVAY.roa
File: qqeLts1D5se3KH1bAg8P4GUfVAY.roa (raw, json)
Hash identifier: rNAP7UG4dj0VnYLR6ASaWaGud/Fg8fCodgzzA2jjc/w=
Subject key identifier: AA:A7:8B:B6:CD:43:E6:C7:B7:28:7D:5B:02:0F:0F:E0:65:1F:54:06
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 019DEF770BC02B0E36BD6BD7170EC274A955
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/qqeLts1D5se3KH1bAg8P4GUfVAY.roa
Signing time: Sun 03 May 2026 20:10:49 +0000
ROA not before: Sun 03 May 2026 20:10:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48678
IP address blocks: 5.180.105.0/24 maxlen: 24
5.180.106.0/24 maxlen: 24
5.180.107.0/24 maxlen: 24
45.74.242.0/24 maxlen: 24
45.74.247.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
45.131.2.0/24 maxlen: 24
45.131.3.0/24 maxlen: 24
45.136.4.0/24 maxlen: 24
45.141.149.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
2a0f:b700::/29 maxlen: 29
2a0f:e900::/29 maxlen: 29
2a0f:eb00::/29 maxlen: 29
2a0f:eb05::/32 maxlen: 32
2a0f:eb07::/32 maxlen: 32
2a0f:ed00::/29 maxlen: 29
2a0f:ed03::/32 maxlen: 32
2a0f:f900::/29 maxlen: 29
2a13:a440:7::/48 maxlen: 48
2a13:a441::/32 maxlen: 32
2a13:a442::/32 maxlen: 32
2a13:a443::/32 maxlen: 32
2a13:a444::/32 maxlen: 32
2a13:a445::/32 maxlen: 32
2a13:a446::/32 maxlen: 32
2a13:a447::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.mft
rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ef:77:0b:c0:2b:0e:36:bd:6b:d7:17:0e:c2:74:a9:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: May 3 20:10:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=aaa78bb6cd43e6c7b7287d5b020f0fe0651f5406
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c3:20:47:79:d3:40:fc:4f:15:c5:6f:72:4a:
d7:72:2a:70:1c:f3:c6:cd:9a:c2:4c:d4:92:1a:b8:
a1:98:2c:8d:ea:48:86:1d:63:6e:ef:05:93:52:96:
0e:28:89:2d:00:ff:0e:83:9c:59:4e:cb:5b:b9:a7:
2d:97:33:a0:46:f0:b1:8d:13:d8:a4:af:d4:52:d1:
c1:51:04:ea:0c:2e:69:c3:93:29:c4:5f:08:fd:55:
bf:a1:4c:e6:84:36:19:f0:ab:e6:39:d8:bb:b2:74:
85:e6:c4:f3:79:b2:82:72:2c:26:e4:fa:a7:48:96:
cf:34:91:9a:88:de:ff:13:a6:77:15:97:b6:14:0b:
40:95:0b:5a:ee:08:66:51:bd:a7:4c:b2:d9:1e:77:
bf:d2:b0:ec:cd:fd:88:cb:ce:f5:b6:95:71:1f:4a:
20:0f:79:92:1c:03:f5:ac:2b:92:a0:7a:08:3a:98:
20:d5:d7:a9:2c:84:3d:b9:12:7c:b5:e7:83:1e:68:
12:b4:8f:38:ef:de:25:81:51:8d:f3:95:2b:1e:66:
80:ec:3c:5b:d9:e8:21:da:ec:e8:d7:0a:da:e2:f3:
d6:13:d6:35:af:9c:0a:d8:0f:d4:9b:e6:dc:cf:22:
5b:c5:2b:87:28:3b:fc:b7:3b:7d:80:de:85:f8:7f:
d2:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:A7:8B:B6:CD:43:E6:C7:B7:28:7D:5B:02:0F:0F:E0:65:1F:54:06
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/qqeLts1D5se3KH1bAg8P4GUfVAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.105.0-5.180.107.255
45.74.242.0/24
45.74.247.0/24
45.131.0.0/24
45.131.2.0/23
45.136.4.0/24
45.141.149.0/24
77.83.200.0-77.83.202.255
194.116.237.0/24
IPv6:
2a09:8780::/29
2a0f:b700::/29
2a0f:e900::/29
2a0f:eb00::/29
2a0f:ed00::/29
2a0f:f900::/29
2a13:a440:7::/48
2a13:a441::-2a13:a447:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
69:e6:b5:2b:1c:bc:0f:8b:74:b7:db:28:d6:46:ba:54:4e:27:
4f:95:6d:24:64:b3:64:42:ed:84:b9:08:0f:f0:ec:de:49:ba:
d0:ff:7f:a1:86:7b:d3:3c:7f:e4:f5:8b:95:95:4c:c0:4c:78:
56:aa:df:ed:61:7e:ed:58:e4:e5:14:c4:58:a7:dd:39:be:be:
e2:93:a8:22:2f:d2:33:9a:37:45:b3:ea:e4:0e:f3:e2:69:d8:
d1:5f:c2:29:88:29:52:84:4b:a9:93:b2:6d:5b:9e:ac:a4:5b:
ca:75:36:87:1f:bb:af:e9:13:fa:06:1b:ff:ac:60:f1:e1:ad:
37:8f:93:82:13:dc:ef:63:96:17:49:0b:5c:35:a1:f5:15:6a:
8a:0e:a8:bb:62:8b:18:17:6f:96:7f:e4:b6:c5:b0:2a:36:6d:
ee:47:f2:d1:6c:7a:82:b5:43:08:a2:f9:85:22:19:c8:62:f7:
30:32:f3:9f:d9:e4:bb:85:a1:5a:bd:cd:8a:c6:ac:3e:ec:9d:
b3:ca:67:35:5d:b6:42:e6:8e:4f:9c:dd:ae:d1:df:f5:d2:09:
55:9c:63:2e:65:ff:7e:0c:71:19:06:27:f7:19:52:b9:43:e9:
13:5d:9e:27:d7:46:d6:3a:de:8a:90:54:51:c0:86:1b:9a:5f:
b2:40:0d:8c
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAZ3vdwvAKw42vWvXFw7CdKlVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjYwNTAzMjAxMDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWE3OGJiNmNkNDNlNmM3YjcyODdkNWIwMjBmMGZlMDY1MWY1NDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8MgR3nTQPxPFcVvckrXcipwHPPG
zZrCTNSSGrihmCyN6kiGHWNu7wWTUpYOKIktAP8Og5xZTstbuactlzOgRvCxjRPY
pK/UUtHBUQTqDC5pw5MpxF8I/VW/oUzmhDYZ8KvmOdi7snSF5sTzebKCciwm5Pqn
SJbPNJGaiN7/E6Z3FZe2FAtAlQta7ghmUb2nTLLZHne/0rDszf2Iy871tpVxH0og
D3mSHAP1rCuSoHoIOpgg1depLIQ9uRJ8teeDHmgStI84794lgVGN85UrHmaA7Dxb
2egh2uzo1wra4vPWE9Y1r5wK2A/Um+bczyJbxSuHKDv8tzt9gN6F+H/SrQIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFKqni7bNQ+bHtyh9WwIPD+BlH1QGMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvcXFlTHRzMUQ1c2UzS0gxYkFnOFA0R1VmVkFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTBMBAIAATBGMAwDBAAF
tGkDBAIFtGgDBAAtSvIDBAAtSvcDBAAtgwADBAEtgwIDBAAtiAQDBAAtjZUwDAME
A01TyAMEAE1TygMEAMJ07TBJBAIAAjBDAwUDKgmHgAMFAyoPtwADBQMqD+kAAwUD
Kg/rAAMFAyoP7QADBQMqD/kAAwcAKhOkQAAHMA4DBQAqE6RBAwUDKhOkQDANBgkq
hkiG9w0BAQsFAAOCAQEAaea1Kxy8D4t0t9so1ka6VE4nT5VtJGSzZELthLkID/Ds
3km60P9/oYZ70zx/5PWLlZVMwEx4Vqrf7WF+7Vjk5RTEWKfdOb6+4pOoIi/SM5o3
RbPq5A7z4mnY0V/CKYgpUoRLqZOybVuerKRbynU2hx+7r+kT+gYb/6xg8eGtN4+T
ghPc72OWF0kLXDWh9RVqig6ou2KLGBdvln/ktsWwKjZt7kfy0Wx6grVDCKL5hSIZ
yGL3MDLzn9nku4WhWr3NisasPuyds8pnNV22QuaOT5zdrtHf9dIJVZxjLmX/fgxx
GQYn9xlSuUPpE12eJ9dG1jreipBUUcCGG5pfskANjA==
-----END CERTIFICATE-----
Generated at Tue May 12 21:39:26 2026 by rpki-client