Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/QOZiNFjZydXxFYF0BlVDlg0VvWg.roa
File: QOZiNFjZydXxFYF0BlVDlg0VvWg.roa (raw, json)
Hash identifier: fGmPwcOUE/EE/WVC1GcHFKsRMwEpXo5NprwRgBAsP9Y=
Subject key identifier: 40:E6:62:34:58:D9:C9:D5:F1:15:81:74:06:55:43:96:0D:15:BD:68
Certificate issuer: /CN=544a82aa5e2eb71719b7f9f049a307b12454497e
Certificate serial: 019EFFB646D67470C6A9235F422D24C3BE32
Authority key identifier: 54:4A:82:AA:5E:2E:B7:17:19:B7:F9:F0:49:A3:07:B1:24:54:49:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VEqCql4utxcZt_nwSaMHsSRUSX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/QOZiNFjZydXxFYF0BlVDlg0VvWg.roa
Signing time: Thu 25 Jun 2026 16:56:36 +0000
ROA not before: Thu 25 Jun 2026 16:56:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211381
IP address blocks: 145.63.128.0/24 maxlen: 24
145.63.129.0/24 maxlen: 24
145.63.130.0/24 maxlen: 24
145.63.131.0/24 maxlen: 24
145.63.132.0/24 maxlen: 24
145.63.133.0/24 maxlen: 24
188.137.176.0/24 maxlen: 24
188.137.177.0/24 maxlen: 24
188.137.179.0/24 maxlen: 24
188.137.180.0/24 maxlen: 24
188.137.181.0/24 maxlen: 24
188.137.182.0/24 maxlen: 24
188.137.183.0/24 maxlen: 24
188.137.224.0/24 maxlen: 24
188.137.225.0/24 maxlen: 24
188.137.227.0/24 maxlen: 24
188.137.228.0/24 maxlen: 24
188.137.229.0/24 maxlen: 24
188.137.230.0/24 maxlen: 24
188.137.231.0/24 maxlen: 24
188.137.232.0/24 maxlen: 24
188.137.233.0/24 maxlen: 24
188.137.234.0/24 maxlen: 24
188.137.235.0/24 maxlen: 24
188.137.236.0/24 maxlen: 24
188.137.237.0/24 maxlen: 24
188.137.238.0/24 maxlen: 24
188.137.239.0/24 maxlen: 24
188.137.240.0/24 maxlen: 24
188.137.241.0/24 maxlen: 24
188.137.242.0/24 maxlen: 24
188.137.243.0/24 maxlen: 24
188.137.245.0/24 maxlen: 24
188.137.246.0/24 maxlen: 24
188.137.247.0/24 maxlen: 24
188.137.248.0/24 maxlen: 24
188.137.249.0/24 maxlen: 24
188.137.250.0/24 maxlen: 24
188.137.251.0/24 maxlen: 24
188.137.252.0/24 maxlen: 24
188.137.253.0/24 maxlen: 24
188.137.254.0/24 maxlen: 24
188.137.255.0/24 maxlen: 24
212.43.144.0/24 maxlen: 24
212.43.145.0/24 maxlen: 24
212.43.146.0/24 maxlen: 24
212.43.147.0/24 maxlen: 24
212.43.148.0/24 maxlen: 24
212.43.149.0/24 maxlen: 24
212.43.150.0/24 maxlen: 24
212.43.151.0/24 maxlen: 24
212.43.152.0/24 maxlen: 24
212.43.153.0/24 maxlen: 24
212.43.154.0/24 maxlen: 24
212.43.155.0/24 maxlen: 24
212.43.156.0/24 maxlen: 24
212.43.157.0/24 maxlen: 24
212.43.158.0/24 maxlen: 24
212.43.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/VEqCql4utxcZt_nwSaMHsSRUSX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/VEqCql4utxcZt_nwSaMHsSRUSX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/VEqCql4utxcZt_nwSaMHsSRUSX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 13:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ff:b6:46:d6:74:70:c6:a9:23:5f:42:2d:24:c3:be:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=544a82aa5e2eb71719b7f9f049a307b12454497e
Validity
Not Before: Jun 25 16:56:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=40e6623458d9c9d5f1158174065543960d15bd68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:56:9c:76:f9:9f:2f:31:e9:aa:3a:78:be:03:
c1:9e:f9:47:41:8e:61:d6:be:ac:e1:71:b8:5e:2c:
97:47:20:fd:9f:40:16:fc:bf:6b:59:56:fe:38:82:
74:f4:18:d5:9b:cd:9c:37:ea:b8:7f:ff:f2:b7:5a:
e9:fe:0e:ba:88:90:95:e7:2b:ae:bb:24:5c:f7:65:
0c:6c:85:23:47:07:34:a6:e2:d6:56:81:b8:6f:99:
2d:f5:a0:98:39:dc:3b:92:1f:5b:d7:d0:67:99:bd:
12:24:06:0b:7a:7a:28:10:e2:cd:94:c5:f1:22:6d:
d9:46:30:08:1b:a4:3a:44:f4:dd:53:a8:29:95:67:
7c:ee:ec:6d:26:50:32:1a:75:45:dd:77:c4:a7:8a:
f2:7d:3a:1e:e0:cf:e5:c0:1b:d0:4b:26:4f:f7:90:
4e:10:f2:f0:1b:4f:ea:4e:24:bc:f7:4e:a0:ab:3b:
69:cc:70:1b:38:52:bf:26:27:5e:16:22:c0:7a:b1:
a4:fe:42:e1:4e:1c:8b:af:58:b7:8a:11:28:fd:68:
5a:25:05:ac:d0:e7:c1:ed:62:87:63:de:b4:a2:20:
3b:f7:24:28:e9:ad:e6:92:21:e5:7c:61:e2:b1:c5:
12:ec:74:43:03:35:0b:12:75:f8:4c:15:37:99:4a:
85:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E6:62:34:58:D9:C9:D5:F1:15:81:74:06:55:43:96:0D:15:BD:68
X509v3 Authority Key Identifier:
keyid:54:4A:82:AA:5E:2E:B7:17:19:B7:F9:F0:49:A3:07:B1:24:54:49:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VEqCql4utxcZt_nwSaMHsSRUSX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/QOZiNFjZydXxFYF0BlVDlg0VvWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/VEqCql4utxcZt_nwSaMHsSRUSX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.63.128.0-145.63.133.255
188.137.176.0/23
188.137.179.0-188.137.183.255
188.137.224.0/23
188.137.227.0-188.137.243.255
188.137.245.0-188.137.255.255
212.43.144.0/20
Signature Algorithm: sha256WithRSAEncryption
0f:2c:26:0a:d6:d3:2c:e6:86:da:37:f7:b6:a8:82:e9:56:2e:
25:44:fb:85:a6:93:dc:bb:5b:ea:68:8d:8a:54:9c:f9:8d:c7:
34:52:f5:b6:da:d4:7b:fc:46:04:f0:ab:1b:47:d4:7f:ac:a6:
ea:06:6d:f0:53:35:e6:7a:73:2b:33:e2:ea:38:a7:4e:d7:20:
62:f3:b7:5a:52:d3:3c:4d:ff:cd:64:6f:05:3d:fc:c8:1d:88:
1b:01:00:67:85:72:62:4b:4d:17:0d:2d:d9:07:88:d2:88:11:
8d:d8:24:b3:50:a6:9f:6d:70:30:b7:63:1c:ca:44:12:61:3f:
c6:5c:df:7a:2a:94:6f:f8:0a:59:02:ba:80:2a:3f:b3:06:59:
75:56:cc:9e:fc:c4:f2:dc:91:57:a1:e4:0a:2d:a2:70:77:15:
fd:c7:2c:a7:27:cd:a1:43:e7:60:b4:99:6a:26:61:60:73:49:
20:bb:d6:67:a9:83:0a:1b:07:db:ab:91:47:1e:84:ad:ec:9d:
2b:33:24:bd:ce:28:ae:64:04:eb:43:e2:09:34:13:fe:8e:65:
61:4b:0c:7e:a2:1d:46:80:de:99:69:07:f9:b8:7f:8a:22:ea:
54:4b:18:52:9c:08:de:95:69:f2:db:e5:33:50:12:2b:f4:d1:
05:bd:e8:3d
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAZ7/tkbWdHDGqSNfQi0kw74yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NGE4MmFhNWUyZWI3MTcxOWI3ZjlmMDQ5YTMwN2IxMjQ1
NDQ5N2UwHhcNMjYwNjI1MTY1NjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGU2NjIzNDU4ZDljOWQ1ZjExNTgxNzQwNjU1NDM5NjBkMTViZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FacdvmfLzHpqjp4vgPBnvlHQY5h
1r6s4XG4XiyXRyD9n0AW/L9rWVb+OIJ09BjVm82cN+q4f//yt1rp/g66iJCV5yuu
uyRc92UMbIUjRwc0puLWVoG4b5kt9aCYOdw7kh9b19Bnmb0SJAYLenooEOLNlMXx
Im3ZRjAIG6Q6RPTdU6gplWd87uxtJlAyGnVF3XfEp4ryfToe4M/lwBvQSyZP95BO
EPLwG0/qTiS8906gqztpzHAbOFK/JideFiLAerGk/kLhThyLr1i3ihEo/WhaJQWs
0OfB7WKHY960oiA79yQo6a3mkiHlfGHiscUS7HRDAzULEnX4TBU3mUqFGwIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFEDmYjRY2cnV8RWBdAZVQ5YNFb1oMB8GA1UdIwQY
MBaAFFRKgqpeLrcXGbf58EmjB7EkVEl+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkVxQ3FsNHV0eGNadF9ud1NhTUhzU1JVU1g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9jNTAxOGMtZmRjNi00MTRiLWJlZWYt
MDJkZTAxMjQyMjhlLzEvUU9aaU5Galp5ZFh4RllGMEJsVkRsZzBWdldnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9jNTAxOGMtZmRjNi00MTRiLWJlZWYtMDJkZTAxMjQyMjhl
LzEvVkVxQ3FsNHV0eGNadF9ud1NhTUhzU1JVU1g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTBPBAIAATBJMAwDBAeRP4AD
BAGRP4QDBAG8ibAwDAMEALyJswMEA7yJsAMEAbyJ4DAMAwQAvInjAwQCvInwMAsD
BAC8ifUDAwG8iAMEBNQrkDANBgkqhkiG9w0BAQsFAAOCAQEADywmCtbTLOaG2jf3
tqiC6VYuJUT7haaT3Ltb6miNilSc+Y3HNFL1ttrUe/xGBPCrG0fUf6ym6gZt8FM1
5npzKzPi6jinTtcgYvO3WlLTPE3/zWRvBT38yB2IGwEAZ4VyYktNFw0t2QeI0ogR
jdgks1Cmn21wMLdjHMpEEmE/xlzfeiqUb/gKWQK6gCo/swZZdVbMnvzE8tyRV6Hk
Ci2icHcV/ccspyfNoUPnYLSZaiZhYHNJILvWZ6mDChsH26uRRx6EreydKzMkvc4o
rmQE60PiCTQT/o5lYUsMfqIdRoDemWkH+bh/iiLqVEsYUpwI3pVp8tvlM1ASK/TR
Bb3oPQ==
-----END CERTIFICATE-----
Generated at Tue Jun 30 21:32:34 2026 by rpki-client