Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/0qrz0bnYN-sMm7is1ZSrmqGKKTE.roa
File: 0qrz0bnYN-sMm7is1ZSrmqGKKTE.roa (raw, json)
Hash identifier: /koA01UFhZQj3Fuw/dRd6tpn0XE8GZCcE1Ar7yd9EIM=
Subject key identifier: D2:AA:F3:D1:B9:D8:37:EB:0C:9B:B8:AC:D5:94:AB:9A:A1:8A:29:31
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019E831F008B7E8813A93EDD2CCEF05F64EC
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/0qrz0bnYN-sMm7is1ZSrmqGKKTE.roa
Signing time: Mon 01 Jun 2026 12:18:27 +0000
ROA not before: Mon 01 Jun 2026 12:18:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 400529
IP address blocks: 45.155.64.0/24 maxlen: 24
80.244.12.0/24 maxlen: 24
80.244.15.0/24 maxlen: 24
94.103.187.0/24 maxlen: 24
94.231.215.0/24 maxlen: 24
176.118.33.0/24 maxlen: 24
185.244.106.0/24 maxlen: 24
194.69.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jun 2026 12:19:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:83:1f:00:8b:7e:88:13:a9:3e:dd:2c:ce:f0:5f:64:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jun 1 12:18:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d2aaf3d1b9d837eb0c9bb8acd594ab9aa18a2931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7a:08:47:4b:dd:dd:bf:bf:dd:06:95:9b:fb:
db:23:e4:41:07:b6:f8:bb:fb:6b:9e:36:25:eb:0f:
c8:f9:c5:c5:a9:27:d4:37:0a:0f:a4:11:eb:16:7d:
d4:8d:57:a8:ae:c0:9b:cd:84:6a:15:e6:76:1d:1a:
8e:fd:4e:f8:db:84:c5:11:97:d6:96:70:1b:05:6c:
ba:4a:5e:8b:84:a8:57:67:87:97:40:1b:0f:4a:d1:
82:f1:7d:bb:c4:12:1f:7f:95:2c:4c:31:f7:e2:ae:
29:db:19:9f:dc:09:e6:bf:e1:34:01:71:56:ac:a9:
8d:12:2b:10:87:b5:7b:87:89:3e:89:1b:bf:58:c5:
f2:e3:1b:28:0c:78:43:3d:51:87:c7:de:9b:b2:fc:
21:27:a3:ef:18:7c:fd:51:21:c5:e7:87:85:ca:58:
4b:f4:71:23:5f:a9:26:61:ff:b1:89:ea:9d:ff:e2:
c3:ec:80:3b:e3:a9:55:d2:03:98:62:1c:38:03:0a:
15:77:ce:d1:7b:4d:c4:e1:ca:e5:58:57:e8:83:ee:
fb:02:9d:3c:0a:9d:4f:87:41:39:17:53:58:d8:ea:
88:ce:b2:01:9b:cb:46:a3:78:50:1a:75:e7:2d:e5:
c8:d4:f7:54:0d:3a:e2:37:a1:08:87:4f:ae:13:2e:
fa:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:AA:F3:D1:B9:D8:37:EB:0C:9B:B8:AC:D5:94:AB:9A:A1:8A:29:31
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/0qrz0bnYN-sMm7is1ZSrmqGKKTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.64.0/24
80.244.12.0/24
80.244.15.0/24
94.103.187.0/24
94.231.215.0/24
176.118.33.0/24
185.244.106.0/24
194.69.160.0/24
Signature Algorithm: sha256WithRSAEncryption
64:1a:44:1e:f2:05:dd:2f:75:0a:53:3e:3d:e0:95:d8:c2:31:
e8:d2:16:95:0d:76:42:ab:29:f3:7d:1a:a5:ca:8f:4a:84:ad:
2c:25:10:b0:27:36:11:96:98:0d:93:ef:bf:3a:e1:6d:54:0e:
0c:51:4b:ea:70:b1:bd:92:aa:2f:34:0e:94:3e:4f:75:e3:d6:
5a:cf:6b:80:f9:8a:1e:40:20:e4:fe:de:26:44:cf:82:6d:fb:
f5:99:5f:e1:cd:57:89:d7:18:dc:a6:a2:8e:84:2e:c5:32:7f:
b5:94:1c:e5:09:06:69:2a:4f:53:20:d0:67:85:af:e3:84:92:
2c:da:ad:4a:8e:34:d1:85:af:10:87:77:8d:ee:ea:82:47:05:
b0:71:d9:5b:cb:8f:6f:3d:02:40:68:8c:47:a9:2b:c0:c9:33:
74:e7:b2:37:ef:8e:4d:d7:e7:18:73:47:d0:92:a8:76:6b:1b:
66:2c:0e:d8:a8:b2:fd:42:ac:81:e8:e7:81:f4:7a:79:df:08:
2b:3d:6a:be:f5:f7:75:be:f2:28:db:e7:9a:18:53:24:a2:25:
7f:4b:cf:b0:5d:0a:70:d2:9c:7e:79:20:e8:39:64:22:64:6e:
78:fa:86:75:a0:0a:3b:51:c6:7d:cf:2b:0f:66:6c:a9:ea:97:
65:6a:be:61
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZ6DHwCLfogTqT7dLM7wX2TsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjYwNjAxMTIxODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmFhZjNkMWI5ZDgzN2ViMGM5YmI4YWNkNTk0YWI5YWExOGEyOTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnoIR0vd3b+/3QaVm/vbI+RBB7b4
u/trnjYl6w/I+cXFqSfUNwoPpBHrFn3UjVeorsCbzYRqFeZ2HRqO/U7424TFEZfW
lnAbBWy6Sl6LhKhXZ4eXQBsPStGC8X27xBIff5UsTDH34q4p2xmf3Anmv+E0AXFW
rKmNEisQh7V7h4k+iRu/WMXy4xsoDHhDPVGHx96bsvwhJ6PvGHz9USHF54eFylhL
9HEjX6kmYf+xieqd/+LD7IA746lV0gOYYhw4AwoVd87Re03E4crlWFfog+77Ap08
Cp1Ph0E5F1NY2OqIzrIBm8tGo3hQGnXnLeXI1PdUDTriN6EIh0+uEy76sQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNKq89G52DfrDJu4rNWUq5qhiikxMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvMHFyejBibllOLXNNbTdpczFaU3JtcUdLS1RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALZtAAwQA
UPQMAwQAUPQPAwQAXme7AwQAXufXAwQAsHYhAwQAufRqAwQAwkWgMA0GCSqGSIb3
DQEBCwUAA4IBAQBkGkQe8gXdL3UKUz494JXYwjHo0haVDXZCqynzfRqlyo9KhK0s
JRCwJzYRlpgNk++/OuFtVA4MUUvqcLG9kqovNA6UPk9149Zaz2uA+YoeQCDk/t4m
RM+Cbfv1mV/hzVeJ1xjcpqKOhC7FMn+1lBzlCQZpKk9TINBnha/jhJIs2q1KjjTR
ha8Qh3eN7uqCRwWwcdlby49vPQJAaIxHqSvAyTN057I3745N1+cYc0fQkqh2axtm
LA7YqLL9QqyB6OeB9Hp53wgrPWq+9fd1vvIo2+eaGFMkoiV/S8+wXQpw0px+eSDo
OWQiZG54+oZ1oAo7UcZ9zysPZmyp6pdlar5h
-----END CERTIFICATE-----
Generated at Mon Jun 1 17:15:20 2026 by rpki-client