Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/qpUfl_XYfk-wpY8S_RuYjZdGIlY.roa
File: qpUfl_XYfk-wpY8S_RuYjZdGIlY.roa (raw, json)
Hash identifier: oW88xHzZDSwQzMcs3I0Fm28eQZ0HPJ5YU+LAAZNcBCM=
Subject key identifier: AA:95:1F:97:F5:D8:7E:4F:B0:A5:8F:12:FD:1B:98:8D:97:46:22:56
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019DC8CCF00F1A26DE47C27CAD2342521667
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/qpUfl_XYfk-wpY8S_RuYjZdGIlY.roa
Signing time: Sun 26 Apr 2026 07:59:27 +0000
ROA not before: Sun 26 Apr 2026 07:59:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 5650
IP address blocks: 5.182.114.0/24 maxlen: 24
88.209.221.0/24 maxlen: 24
88.209.240.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 21:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:c8:cc:f0:0f:1a:26:de:47:c2:7c:ad:23:42:52:16:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Apr 26 07:59:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=aa951f97f5d87e4fb0a58f12fd1b988d97462256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:6f:24:f2:4a:e4:bc:65:5b:7f:f3:51:16:e4:
00:00:9b:c1:b4:a6:02:ff:b3:d1:6d:95:b3:fb:56:
cd:ea:ad:f9:d9:61:b2:23:7e:9f:e5:13:0d:85:d4:
db:a1:cf:01:3d:8c:65:7e:a8:05:f8:28:30:ef:21:
a7:e4:4d:31:34:27:a7:4a:12:e0:17:70:e6:0b:6b:
02:52:ff:eb:20:22:25:09:1f:dc:7f:e1:99:79:46:
66:6b:63:76:57:01:b9:36:32:c0:f3:61:2e:20:f4:
23:8e:be:db:67:8c:ef:7f:20:c2:dd:16:0b:2b:f0:
50:a3:e8:5a:7a:a0:ab:85:67:aa:d5:ad:c8:e5:73:
ce:36:cb:8a:f3:a6:08:56:89:b1:5b:7f:2d:40:87:
51:d5:f9:00:b3:c4:b8:18:4b:ff:1e:f1:17:69:ee:
e0:8b:14:60:5d:d9:ec:5f:32:78:dc:c7:e4:60:9e:
60:b2:19:ef:31:de:0f:16:6a:cc:45:aa:29:18:68:
d4:39:7a:19:d4:af:96:18:12:00:86:8a:d0:2b:98:
df:38:1c:e7:c3:01:61:12:32:ef:4f:9c:e0:31:bd:
88:eb:97:9f:1c:32:30:49:e7:fb:8b:d8:73:94:cd:
77:43:b6:a6:47:03:57:84:c3:f6:ff:13:8c:8e:f2:
ec:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:95:1F:97:F5:D8:7E:4F:B0:A5:8F:12:FD:1B:98:8D:97:46:22:56
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/qpUfl_XYfk-wpY8S_RuYjZdGIlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.114.0/24
88.209.221.0/24
88.209.240.0/22
Signature Algorithm: sha256WithRSAEncryption
25:0d:07:9c:29:3e:53:c8:46:cf:cd:b6:99:93:be:53:93:9f:
03:69:77:03:47:3b:79:c7:2e:53:66:d6:8f:94:48:90:cf:88:
e4:ac:f4:75:92:0e:c8:bf:f6:a8:d8:b6:d4:a0:b8:6c:38:b3:
5d:ba:63:4b:0c:50:07:a6:32:0e:5a:3e:42:b3:8c:3e:fd:8e:
7a:1c:da:9e:7e:54:12:7f:52:81:f2:e1:87:2b:a9:bf:dd:44:
d1:ca:7c:2b:05:46:e0:15:67:16:3f:fb:3f:78:7a:bd:f1:1a:
6e:fb:40:64:a6:3c:ef:38:0e:68:ce:12:05:c8:1c:3b:e9:43:
7b:10:9c:c2:03:b6:9b:43:67:c0:0b:e2:d1:30:4a:7f:be:5d:
6e:73:9c:3f:5f:0b:13:e6:96:fd:52:07:37:83:da:ce:cf:12:
ed:1a:53:29:53:46:20:a0:48:98:43:a1:ac:be:78:b6:ed:85:
62:8a:3c:b8:4a:12:0c:09:6e:33:32:e1:db:90:4d:26:c6:ef:
9b:96:26:4c:08:b3:f4:13:02:3a:83:31:55:29:67:ac:fd:63:
b8:fc:4c:7b:a6:0a:72:52:27:b0:2c:61:d3:1a:e7:01:1a:c3:
f2:47:42:d0:66:02:ed:45:37:ee:c8:af:dc:8c:e2:fc:7e:b3:
e5:ab:f9:b7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ3IzPAPGibeR8J8rSNCUhZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjYwNDI2MDc1OTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTk1MWY5N2Y1ZDg3ZTRmYjBhNThmMTJmZDFiOTg4ZDk3NDYyMjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4W8k8krkvGVbf/NRFuQAAJvBtKYC
/7PRbZWz+1bN6q352WGyI36f5RMNhdTboc8BPYxlfqgF+Cgw7yGn5E0xNCenShLg
F3DmC2sCUv/rICIlCR/cf+GZeUZma2N2VwG5NjLA82EuIPQjjr7bZ4zvfyDC3RYL
K/BQo+haeqCrhWeq1a3I5XPONsuK86YIVomxW38tQIdR1fkAs8S4GEv/HvEXae7g
ixRgXdnsXzJ43MfkYJ5gshnvMd4PFmrMRaopGGjUOXoZ1K+WGBIAhorQK5jfOBzn
wwFhEjLvT5zgMb2I65efHDIwSef7i9hzlM13Q7amRwNXhMP2/xOMjvLsoQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKqVH5f12H5PsKWPEv0bmI2XRiJWMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvcXBVZmxfWFlmay13cFk4U19SdVlqWmRHSWxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABbZyAwQA
WNHdAwQCWNHwMA0GCSqGSIb3DQEBCwUAA4IBAQAlDQecKT5TyEbPzbaZk75Tk58D
aXcDRzt5xy5TZtaPlEiQz4jkrPR1kg7Iv/ao2LbUoLhsOLNdumNLDFAHpjIOWj5C
s4w+/Y56HNqeflQSf1KB8uGHK6m/3UTRynwrBUbgFWcWP/s/eHq98Rpu+0Bkpjzv
OA5ozhIFyBw76UN7EJzCA7abQ2fAC+LRMEp/vl1uc5w/XwsT5pb9Ugc3g9rOzxLt
GlMpU0YgoEiYQ6Gsvni27YViijy4ShIMCW4zMuHbkE0mxu+bliZMCLP0EwI6gzFV
KWes/WO4/Ex7pgpyUiewLGHTGucBGsPyR0LQZgLtRTfuyK/cjOL8frPlq/m3
-----END CERTIFICATE-----
Generated at Wed May 13 06:38:14 2026 by rpki-client