Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QlJBRnj9JatFrGkseYhIPHf9D9I.roa
File: QlJBRnj9JatFrGkseYhIPHf9D9I.roa (raw, json)
Hash identifier: uw/0LJ660xXgmFpTIfDEJrFHoqx6lkKddyPwokN6PbQ=
Subject key identifier: 42:52:41:46:78:FD:25:AB:45:AC:69:2C:79:88:48:3C:77:FD:0F:D2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019E8C957F95AA2AB4D77F9D80F9144ED9AC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QlJBRnj9JatFrGkseYhIPHf9D9I.roa
Signing time: Wed 03 Jun 2026 08:24:28 +0000
ROA not before: Wed 03 Jun 2026 08:24:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9009
IP address blocks: 45.128.234.0/24 maxlen: 24
83.219.98.0/24 maxlen: 24
85.31.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 08:24:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8c:95:7f:95:aa:2a:b4:d7:7f:9d:80:f9:14:4e:d9:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 3 08:24:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4252414678fd25ab45ac692c7988483c77fd0fd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:16:a4:26:90:f1:01:2f:c6:65:81:f9:44:25:
30:fa:cd:d6:11:26:c8:c8:4d:a3:d4:ad:5e:a2:9c:
f8:4c:c2:a5:91:7e:a8:89:c9:22:ac:75:19:6c:14:
4f:21:e2:98:c4:53:58:c1:fc:a6:32:70:62:d4:c2:
70:f8:dc:8f:fd:f2:8c:b0:f1:71:f8:d4:1f:76:94:
cd:18:91:78:82:12:77:ec:f8:de:9c:ec:3a:cf:44:
60:36:e2:18:1b:62:e9:83:40:3b:7d:33:59:52:e8:
24:01:52:73:ea:38:9c:90:5a:13:c0:94:44:de:9f:
dd:68:4d:b3:87:13:1c:fb:5f:ce:6d:ef:5a:69:02:
d2:5a:f4:06:f4:95:16:9d:b2:19:30:07:f0:36:0c:
a1:38:b1:2a:fa:0d:05:aa:ab:59:c7:72:f8:36:fd:
05:14:c0:38:6b:42:bc:61:66:f8:93:a3:07:ce:7a:
ff:a3:aa:56:97:65:15:a9:c6:6d:66:5b:99:cb:45:
1a:27:fc:2b:ac:ba:51:c8:7e:ab:24:2e:b2:dc:57:
3e:4a:4d:28:fa:97:e5:98:53:f4:d5:50:38:ba:ab:
9d:b3:f6:a1:af:64:9a:e8:c5:ee:e5:97:e1:80:17:
cc:f3:b1:20:ec:5a:38:95:6c:fc:53:67:81:12:da:
25:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:52:41:46:78:FD:25:AB:45:AC:69:2C:79:88:48:3C:77:FD:0F:D2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QlJBRnj9JatFrGkseYhIPHf9D9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.234.0/24
83.219.98.0/24
85.31.44.0/24
Signature Algorithm: sha256WithRSAEncryption
97:9c:e4:11:05:2b:bb:bd:59:7c:01:e8:16:25:25:b1:43:48:
a5:b9:52:e4:ca:2a:ec:a8:b7:5f:18:e0:a8:8e:4e:2a:38:d7:
ae:af:d7:1c:45:82:ea:86:83:86:28:1f:0c:c5:a6:9a:c3:2b:
2a:43:b2:a7:6e:5c:7d:4c:94:3a:ce:83:73:1f:3c:db:58:7a:
28:7b:77:6f:82:41:ec:8c:16:e4:68:6f:a1:d7:98:a0:39:3c:
27:83:1e:c5:11:ef:30:7c:ac:c9:ee:c3:9d:6b:06:8e:04:6b:
62:a7:76:bb:d9:59:32:51:27:21:74:c8:0c:d0:14:bf:2c:b2:
d5:c8:7e:e9:0a:ca:a1:67:a3:5f:03:f8:45:9a:6d:11:f3:e9:
17:7e:51:c6:29:9e:4d:bb:2c:5e:1e:81:c0:11:e2:3c:db:f3:
10:98:85:48:27:81:4a:3a:35:40:be:09:b0:ae:83:d3:d8:c0:
0f:e3:49:d1:2e:76:86:25:30:0c:79:59:d1:51:23:50:74:82:
d0:28:93:ad:b9:85:57:8c:0d:e8:9e:a5:f7:83:d8:7d:4e:8d:
9f:72:8c:a1:69:b4:c7:e8:ff:df:95:00:1f:2d:84:ee:d3:f8:
9d:ab:f0:31:db:cd:48:ef:7f:7a:f9:7b:0e:54:a7:7a:fb:1f:
83:f8:bd:11
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ6MlX+Vqiq013+dgPkUTtmsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNjAzMDgyNDI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjUyNDE0Njc4ZmQyNWFiNDVhYzY5MmM3OTg4NDgzYzc3ZmQwZmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxakJpDxAS/GZYH5RCUw+s3WESbI
yE2j1K1eopz4TMKlkX6oickirHUZbBRPIeKYxFNYwfymMnBi1MJw+NyP/fKMsPFx
+NQfdpTNGJF4ghJ37PjenOw6z0RgNuIYG2Lpg0A7fTNZUugkAVJz6jickFoTwJRE
3p/daE2zhxMc+1/Obe9aaQLSWvQG9JUWnbIZMAfwNgyhOLEq+g0FqqtZx3L4Nv0F
FMA4a0K8YWb4k6MHznr/o6pWl2UVqcZtZluZy0UaJ/wrrLpRyH6rJC6y3Fc+Sk0o
+pflmFP01VA4uquds/ahr2Sa6MXu5ZfhgBfM87Eg7Fo4lWz8U2eBEtoloQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEJSQUZ4/SWrRaxpLHmISDx3/Q/SMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUWxKQlJuajlKYXRGckdrc2VZaElQSGY5RDlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYDqAwQA
U9tiAwQAVR8sMA0GCSqGSIb3DQEBCwUAA4IBAQCXnOQRBSu7vVl8AegWJSWxQ0il
uVLkyirsqLdfGOCojk4qONeur9ccRYLqhoOGKB8MxaaawysqQ7Knblx9TJQ6zoNz
HzzbWHooe3dvgkHsjBbkaG+h15igOTwngx7FEe8wfKzJ7sOdawaOBGtip3a72Vky
USchdMgM0BS/LLLVyH7pCsqhZ6NfA/hFmm0R8+kXflHGKZ5NuyxeHoHAEeI82/MQ
mIVIJ4FKOjVAvgmwroPT2MAP40nRLnaGJTAMeVnRUSNQdILQKJOtuYVXjA3onqX3
g9h9To2fcoyhabTH6P/flQAfLYTu0/idq/Ax281I7396+XsOVKd6+x+D+L0R
-----END CERTIFICATE-----
Generated at Wed Jun 3 12:50:56 2026 by rpki-client