Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/dqsYbbjCxnAptr8zjkd-iezgLz4.roa
File: dqsYbbjCxnAptr8zjkd-iezgLz4.roa (raw, json)
Hash identifier: 1Yhk6OnIeIea3uiPYWd+rgtl98a+2OVsjXwz+GeFDuw=
Subject key identifier: 76:AB:18:6D:B8:C2:C6:70:29:B6:BF:33:8E:47:7E:89:EC:E0:2F:3E
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 019D0B780B0EE8765B9B0C265A0FC7422DC1
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/dqsYbbjCxnAptr8zjkd-iezgLz4.roa
Signing time: Fri 20 Mar 2026 13:38:29 +0000
ROA not before: Fri 20 Mar 2026 13:38:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49392
IP address blocks: 79.171.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0b:78:0b:0e:e8:76:5b:9b:0c:26:5a:0f:c7:42:2d:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Mar 20 13:38:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=76ab186db8c2c67029b6bf338e477e89ece02f3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:74:b7:96:f0:c8:e8:c6:d1:3f:34:40:2c:69:
2c:3f:95:c5:49:01:88:99:a1:cf:b1:1c:12:eb:20:
c1:db:f3:a6:c3:08:63:0c:7d:e8:d9:ab:b4:64:b3:
20:83:41:56:1b:43:57:72:32:05:30:ae:d2:56:c1:
82:f0:aa:29:3b:ab:b1:80:5a:7c:d5:6b:e4:41:b4:
dc:16:b4:1c:e7:d9:7a:2c:68:55:a1:1f:b2:a9:37:
d0:79:2f:0f:38:8d:1e:d5:51:a2:30:2c:5c:a8:09:
b2:91:ed:0c:94:93:8c:06:65:9c:b0:24:52:fc:17:
5c:fd:ff:31:e0:0c:23:2a:0b:09:a1:ec:bc:87:9a:
e1:6a:f2:e4:b7:8a:8d:1a:27:43:79:ce:c2:11:ad:
a2:a5:03:4f:ef:f2:7e:21:73:69:a6:08:eb:b3:03:
c4:f1:39:4d:46:6d:68:f3:2b:7b:a2:c6:42:52:23:
cd:95:e9:2d:72:85:55:91:fc:9c:a2:ea:3b:bd:12:
19:27:c5:db:c7:9a:8b:be:74:46:e8:18:46:40:f8:
aa:c1:1d:b9:07:f8:c1:f2:05:8b:7c:00:df:a5:9d:
a9:ae:72:3b:a1:b6:fb:fd:2e:49:cf:10:a2:d5:89:
41:58:c6:ec:c5:eb:3d:bb:e7:3f:67:52:c2:f4:8e:
ef:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:AB:18:6D:B8:C2:C6:70:29:B6:BF:33:8E:47:7E:89:EC:E0:2F:3E
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/dqsYbbjCxnAptr8zjkd-iezgLz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.152.0/24
Signature Algorithm: sha256WithRSAEncryption
af:31:0f:b2:64:d7:81:f6:99:f0:f0:0b:17:46:28:d1:d6:7e:
60:e1:ba:25:1e:28:21:e8:6e:50:e9:6a:e2:4c:97:7d:7c:50:
be:0a:70:e7:9c:48:67:4e:62:f7:93:64:e5:af:cd:dc:c2:55:
6a:cf:d2:c2:2f:92:53:2b:76:db:83:1b:24:ae:37:e7:a7:f6:
54:ca:da:2c:40:2a:26:8e:33:c0:c9:bc:d0:f5:cb:91:e9:0a:
1c:cb:8a:0d:41:cd:3d:43:79:20:77:88:2c:5a:06:42:23:26:
80:5d:28:f8:77:3c:36:5c:36:fd:4e:a8:ac:36:c6:fc:e6:b9:
6c:24:b1:58:91:48:e6:d1:f4:4a:14:b9:a7:66:b3:bb:49:72:
cf:61:9d:83:81:e8:e5:07:98:ec:89:59:aa:39:1c:1e:07:90:
76:eb:98:5f:6b:fd:27:65:c1:05:f7:6c:1a:d5:9d:c1:fb:29:
ab:9d:17:22:46:4d:08:d5:eb:bf:1a:12:e9:3d:80:d7:39:a8:
17:57:9c:95:60:af:82:05:e7:9a:2f:0a:2d:4f:31:af:94:59:
dc:0e:a1:2d:28:80:d5:01:2e:0d:f0:7b:9b:e2:5d:45:74:38:
cc:c8:8c:0f:48:9d:16:9a:13:65:57:8e:9b:15:46:f4:10:5f:
93:57:cf:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ0LeAsO6HZbmwwmWg/HQi3BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjYwMzIwMTMzODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmFiMTg2ZGI4YzJjNjcwMjliNmJmMzM4ZTQ3N2U4OWVjZTAyZjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6HS3lvDI6MbRPzRALGksP5XFSQGI
maHPsRwS6yDB2/OmwwhjDH3o2au0ZLMgg0FWG0NXcjIFMK7SVsGC8KopO6uxgFp8
1WvkQbTcFrQc59l6LGhVoR+yqTfQeS8POI0e1VGiMCxcqAmyke0MlJOMBmWcsCRS
/Bdc/f8x4AwjKgsJoey8h5rhavLkt4qNGidDec7CEa2ipQNP7/J+IXNppgjrswPE
8TlNRm1o8yt7osZCUiPNlektcoVVkfycouo7vRIZJ8Xbx5qLvnRG6BhGQPiqwR25
B/jB8gWLfADfpZ2prnI7obb7/S5JzxCi1YlBWMbsxes9u+c/Z1LC9I7v5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHarGG24wsZwKba/M45Hfons4C8+MB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvZHFzWWJiakN4bkFwdHI4emprZC1pZXpnTHo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAT6uYMA0G
CSqGSIb3DQEBCwUAA4IBAQCvMQ+yZNeB9pnw8AsXRijR1n5g4bolHigh6G5Q6Wri
TJd9fFC+CnDnnEhnTmL3k2Tlr83cwlVqz9LCL5JTK3bbgxskrjfnp/ZUytosQCom
jjPAybzQ9cuR6Qocy4oNQc09Q3kgd4gsWgZCIyaAXSj4dzw2XDb9TqisNsb85rls
JLFYkUjm0fRKFLmnZrO7SXLPYZ2DgejlB5jsiVmqORweB5B265hfa/0nZcEF92wa
1Z3B+ymrnRciRk0I1eu/GhLpPYDXOagXV5yVYK+CBeeaLwotTzGvlFncDqEtKIDV
AS4N8Hub4l1FdDjMyIwPSJ0WmhNlV46bFUb0EF+TV8/R
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:10:14 2026 by rpki-client