Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/QsIte4Y1bwvFT3C4tV00LKe_Ue4.roa
File: QsIte4Y1bwvFT3C4tV00LKe_Ue4.roa (raw, json)
Hash identifier: SjGLXrgLpyeJISPw6xjDr3eTHkOomU5ABHoubXTKq/s=
Subject key identifier: 42:C2:2D:7B:86:35:6F:0B:C5:4F:70:B8:B5:5D:34:2C:A7:BF:51:EE
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019CD4C95C36DE626FB36C691B0457A9D35B
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/QsIte4Y1bwvFT3C4tV00LKe_Ue4.roa
Signing time: Mon 09 Mar 2026 22:48:11 +0000
ROA not before: Mon 09 Mar 2026 22:48:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215242
IP address blocks: 2.56.111.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.88.137.0/24 maxlen: 24
45.94.169.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
45.132.183.0/24 maxlen: 24
45.138.180.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Mar 2026 06:19:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d4:c9:5c:36:de:62:6f:b3:6c:69:1b:04:57:a9:d3:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Mar 9 22:48:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=42c22d7b86356f0bc54f70b8b55d342ca7bf51ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:8e:7b:a9:af:3a:b9:bb:03:bb:27:18:a2:26:
61:83:c9:3c:ed:34:6c:72:3a:d8:48:6b:ec:fb:b5:
b3:8d:da:e0:9e:b4:e4:1b:ed:87:cf:57:f8:2f:85:
7c:44:e4:10:a4:b9:59:41:f5:43:fa:f7:a4:9f:6c:
41:67:4b:09:36:37:a2:f8:9d:91:d3:d3:72:b7:e6:
a8:2b:f9:df:85:65:af:2e:6e:9b:e4:47:bd:c7:4a:
5e:5c:39:d5:62:60:62:86:f2:4f:f9:cc:d2:8f:ef:
5e:5b:51:37:5a:ff:de:9e:8f:29:1f:b9:7e:2a:ee:
0e:7d:45:c9:5e:1b:1e:52:08:22:55:5a:a2:0f:51:
e4:04:36:cb:27:fc:47:a3:97:05:7e:9d:74:4e:2a:
8f:f7:65:c0:38:9a:bf:4d:c2:44:c8:6c:b6:dd:d5:
0c:67:77:c2:6c:39:b4:0c:51:72:49:84:4e:a7:83:
05:6e:cc:bf:f9:1b:4a:f6:ac:e0:ee:4e:db:79:d2:
07:10:00:d7:3b:9b:80:61:3f:9a:c4:f9:57:40:f8:
50:e5:ce:3a:67:3e:71:3a:95:a1:31:5c:43:e4:6c:
31:86:20:e2:aa:9c:26:5d:d5:67:a1:18:68:58:04:
41:61:0f:7f:71:58:05:4e:d9:91:51:60:4a:04:e3:
72:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:C2:2D:7B:86:35:6F:0B:C5:4F:70:B8:B5:5D:34:2C:A7:BF:51:EE
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/QsIte4Y1bwvFT3C4tV00LKe_Ue4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.111.0/24
45.88.136.0/23
45.94.169.0-45.94.170.255
45.132.183.0/24
45.138.180.0/24
45.151.3.0/24
77.83.37.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:ef:3b:59:a5:cc:e5:b7:b2:93:8b:89:2a:7c:af:25:13:72:
61:0a:5e:1c:51:f4:86:c9:97:23:bb:a0:8d:2e:1a:64:29:1d:
78:44:c9:cf:1f:f5:d0:3e:6b:b9:fc:84:6d:a2:30:31:73:df:
78:79:ef:3b:74:7b:79:7f:d8:1d:00:bb:89:36:08:78:4e:29:
0d:48:cc:bb:d2:9b:73:f2:ce:e9:b3:24:d1:81:84:58:ea:2a:
b8:54:b9:73:2d:57:6b:b2:48:f7:d7:1e:65:bb:d7:64:aa:60:
87:8a:5d:e7:16:f0:d2:03:44:24:d3:68:09:b8:0b:14:d2:84:
0f:a8:90:8a:f5:f2:a0:46:57:b0:a7:a7:5c:90:51:ea:4e:6e:
c4:3f:38:a4:09:c2:43:85:52:e8:16:4c:58:47:bd:a9:b7:01:
cc:c4:a9:47:3c:a5:d8:35:73:ff:7c:8b:88:ed:b2:02:3d:76:
86:17:17:23:b1:96:8c:6b:a2:39:00:7e:a7:b4:10:13:85:dd:
51:ea:10:6f:ac:b4:0b:64:0d:40:13:2b:01:e5:fd:f3:19:01:
b9:ba:c4:d6:c2:43:fa:b7:33:9a:1d:d4:24:88:73:59:de:b2:
92:38:e8:d3:2e:7f:3a:ba:45:a9:26:6e:2c:dc:2a:2a:48:ce:
2a:d8:10:01
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZzUyVw23mJvs2xpGwRXqdNbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjYwMzA5MjI0ODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmMyMmQ3Yjg2MzU2ZjBiYzU0ZjcwYjhiNTVkMzQyY2E3YmY1MWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzo57qa86ubsDuycYoiZhg8k87TRs
cjrYSGvs+7WzjdrgnrTkG+2Hz1f4L4V8ROQQpLlZQfVD+vekn2xBZ0sJNjei+J2R
09Nyt+aoK/nfhWWvLm6b5Ee9x0peXDnVYmBihvJP+czSj+9eW1E3Wv/eno8pH7l+
Ku4OfUXJXhseUggiVVqiD1HkBDbLJ/xHo5cFfp10TiqP92XAOJq/TcJEyGy23dUM
Z3fCbDm0DFFySYROp4MFbsy/+RtK9qzg7k7bedIHEADXO5uAYT+axPlXQPhQ5c46
Zz5xOpWhMVxD5GwxhiDiqpwmXdVnoRhoWARBYQ9/cVgFTtmRUWBKBONy3QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFELCLXuGNW8LxU9wuLVdNCynv1HuMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvUXNJdGU0WTFid3ZGVDNDNHRWMDBMS2VfVWU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAAjhvAwQB
LViIMAwDBAAtXqkDBAAtXqoDBAAthLcDBAAtirQDBAAtlwMDBABNUyUwDQYJKoZI
hvcNAQELBQADggEBAK7vO1mlzOW3spOLiSp8ryUTcmEKXhxR9IbJlyO7oI0uGmQp
HXhEyc8f9dA+a7n8hG2iMDFz33h57zt0e3l/2B0Au4k2CHhOKQ1IzLvSm3Pyzumz
JNGBhFjqKrhUuXMtV2uySPfXHmW712SqYIeKXecW8NIDRCTTaAm4CxTShA+okIr1
8qBGV7Cnp1yQUepObsQ/OKQJwkOFUugWTFhHvam3AczEqUc8pdg1c/98i4jtsgI9
doYXFyOxloxrojkAfqe0EBOF3VHqEG+stAtkDUATKwHl/fMZAbm6xNbCQ/q3M5od
1CSIc1nespI46NMufzq6RakmbizcKipIzirYEAE=
-----END CERTIFICATE-----
Generated at Tue Mar 10 09:54:00 2026 by rpki-client