Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/Qg4fGTGMas38s1qTNdVgMAUcxdM.roa
File: Qg4fGTGMas38s1qTNdVgMAUcxdM.roa (raw, json)
Hash identifier: CkTzyffLp2Bzw7sdaV7/E8eifeRikoLUr+nxmsX3omY=
Subject key identifier: 42:0E:1F:19:31:8C:6A:CD:FC:B3:5A:93:35:D5:60:30:05:1C:C5:D3
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019EFB06E9D0C5CCFC65BEAB8145E2817BC5
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/Qg4fGTGMas38s1qTNdVgMAUcxdM.roa
Signing time: Wed 24 Jun 2026 19:06:34 +0000
ROA not before: Wed 24 Jun 2026 19:06:34 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198566
IP address blocks: 91.201.87.0/24 maxlen: 24
91.208.108.0/24 maxlen: 24
91.227.114.0/24 maxlen: 24
146.19.21.0/24 maxlen: 24
160.19.94.0/24 maxlen: 24
160.19.95.0/24 maxlen: 24
194.26.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Jun 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:fb:06:e9:d0:c5:cc:fc:65:be:ab:81:45:e2:81:7b:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jun 24 19:06:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=420e1f19318c6acdfcb35a9335d56030051cc5d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b6:7f:b8:85:74:61:1b:74:14:e0:50:c0:27:
db:0a:b2:e5:bf:8d:c6:10:55:d1:23:f6:ae:f5:d5:
a0:8d:09:bc:96:3e:e7:48:f3:96:0f:59:b1:97:b4:
e2:61:0f:98:9d:16:13:c6:9a:27:28:ed:e5:96:18:
14:db:6f:33:20:4f:85:3a:52:dd:b0:42:73:d4:76:
a0:78:d6:f6:22:65:9f:ee:1e:f8:c3:b8:ea:94:0d:
35:59:20:e0:39:f5:cb:57:5c:d9:18:4a:b1:43:08:
30:58:f2:f7:71:05:c1:7b:f5:43:cc:5e:e7:e4:fb:
74:f6:f8:70:77:aa:20:ce:02:91:7f:d4:1f:93:7f:
c0:61:52:42:c7:c0:ea:08:28:e9:07:28:84:e7:fe:
42:c9:0e:3f:8b:0e:cf:dd:24:49:06:dd:62:a9:a3:
42:55:63:42:ee:b5:84:db:4a:35:cd:1d:25:77:5c:
ff:5a:e4:3c:95:5d:df:c4:0b:fb:7c:aa:5a:03:ed:
1f:3f:81:5f:3f:ec:2b:29:4a:90:c0:e3:ea:d4:b0:
a5:a6:9d:fa:76:5b:50:60:6a:5a:f3:45:34:ce:1e:
26:54:0a:43:6c:8a:9c:fe:9e:dd:fd:dd:c4:4b:18:
e3:1f:75:95:c8:0b:bf:8b:0b:aa:dc:7e:a0:fc:6c:
ea:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:0E:1F:19:31:8C:6A:CD:FC:B3:5A:93:35:D5:60:30:05:1C:C5:D3
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/Qg4fGTGMas38s1qTNdVgMAUcxdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.87.0/24
91.208.108.0/24
91.227.114.0/24
146.19.21.0/24
160.19.94.0/23
194.26.215.0/24
Signature Algorithm: sha256WithRSAEncryption
25:74:ad:0d:bc:ed:75:01:28:e9:fa:53:89:3a:49:27:bb:93:
e7:d3:de:5a:6f:b4:2b:ea:a7:fa:b5:03:f8:fa:78:29:69:63:
c7:f7:7e:10:be:49:7d:22:36:3f:4f:37:ef:11:bb:83:ae:f9:
1b:c8:c3:45:1f:16:f6:b2:71:01:6e:17:af:c0:31:3f:b9:4a:
47:9b:77:0d:e2:56:12:f5:89:a1:11:46:8f:19:74:03:df:d0:
0b:3a:37:d7:66:95:1a:60:ab:08:5f:9d:92:4a:19:ab:f8:e5:
b5:44:24:1e:7b:f3:b6:45:86:e2:c1:63:c1:7d:84:ff:c5:42:
5a:0b:71:2c:ec:92:58:ed:02:d3:fa:90:78:7a:c3:f2:bb:ae:
0d:3b:c1:27:ba:94:b6:df:d7:58:94:87:42:8c:da:02:21:28:
41:68:e1:a8:00:1d:1b:fc:4c:bf:01:7e:62:b1:26:3c:45:a2:
96:2b:76:cc:ef:86:9d:42:7e:f4:ff:e2:b2:51:5e:df:23:3f:
bc:72:cf:c2:c6:5a:30:e3:ec:a0:9e:d0:0c:55:41:50:00:26:
98:ad:d8:f3:b4:ad:d4:e9:b5:7d:30:f2:84:68:6c:5e:2d:1b:
71:d9:e5:dc:5a:8b:a2:8d:8b:27:8f:b4:56:83:a6:68:cd:91:
6b:c3:0c:4e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ77BunQxcz8Zb6rgUXigXvFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjYwNjI0MTkwNjM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjBlMWYxOTMxOGM2YWNkZmNiMzVhOTMzNWQ1NjAzMDA1MWNjNWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLZ/uIV0YRt0FOBQwCfbCrLlv43G
EFXRI/au9dWgjQm8lj7nSPOWD1mxl7TiYQ+YnRYTxponKO3llhgU228zIE+FOlLd
sEJz1HageNb2ImWf7h74w7jqlA01WSDgOfXLV1zZGEqxQwgwWPL3cQXBe/VDzF7n
5Pt09vhwd6ogzgKRf9Qfk3/AYVJCx8DqCCjpByiE5/5CyQ4/iw7P3SRJBt1iqaNC
VWNC7rWE20o1zR0ld1z/WuQ8lV3fxAv7fKpaA+0fP4FfP+wrKUqQwOPq1LClpp36
dltQYGpa80U0zh4mVApDbIqc/p7d/d3ESxjjH3WVyAu/iwuq3H6g/GzqvwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEIOHxkxjGrN/LNakzXVYDAFHMXTMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvUWc0ZkdUR01hczM4czFxVE5kVmdNQVVjeGRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW8lXAwQA
W9BsAwQAW+NyAwQAkhMVAwQBoBNeAwQAwhrXMA0GCSqGSIb3DQEBCwUAA4IBAQAl
dK0NvO11ASjp+lOJOkknu5Pn095ab7Qr6qf6tQP4+ngpaWPH934Qvkl9IjY/Tzfv
EbuDrvkbyMNFHxb2snEBbhevwDE/uUpHm3cN4lYS9YmhEUaPGXQD39ALOjfXZpUa
YKsIX52SShmr+OW1RCQee/O2RYbiwWPBfYT/xUJaC3Es7JJY7QLT+pB4esPyu64N
O8EnupS239dYlIdCjNoCIShBaOGoAB0b/Ey/AX5isSY8RaKWK3bM74adQn70/+Ky
UV7fIz+8cs/Cxlow4+ygntAMVUFQACaYrdjztK3U6bV9MPKEaGxeLRtx2eXcWoui
jYsnj7RWg6ZozZFrwwxO
-----END CERTIFICATE-----
Generated at Fri Jun 26 04:24:15 2026 by rpki-client