Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/CQHinzbv6o94wyhsd8omqmTillg.roa
File: CQHinzbv6o94wyhsd8omqmTillg.roa (raw, json)
Hash identifier: YzWIhoEeIcHtjYrxUYU4G48aFXp4bwAmAKzACW84/QY=
Subject key identifier: 09:01:E2:9F:36:EF:EA:8F:78:C3:28:6C:77:CA:26:AA:64:E2:96:58
Certificate issuer: /CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Certificate serial: 019E79ED2D139F147F299C191B7657721865
Authority key identifier: 97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/CQHinzbv6o94wyhsd8omqmTillg.roa
Signing time: Sat 30 May 2026 17:27:27 +0000
ROA not before: Sat 30 May 2026 17:27:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215446
IP address blocks: 188.93.192.0/22 maxlen: 24
188.93.192.0/24 maxlen: 24
188.93.193.0/24 maxlen: 24
188.93.194.0/24 maxlen: 24
188.93.195.0/24 maxlen: 24
2a0e:5f07::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.mft
rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 17:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:79:ed:2d:13:9f:14:7f:29:9c:19:1b:76:57:72:18:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Validity
Not Before: May 30 17:27:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0901e29f36efea8f78c3286c77ca26aa64e29658
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:95:b1:5c:e5:2e:32:38:d9:0c:79:17:dd:03:
27:fc:1b:2f:ca:c1:90:ef:71:48:7c:08:b0:8c:80:
69:81:a5:fe:5e:6f:6f:1c:a6:60:a4:f8:3c:7a:e7:
fb:4e:12:f4:c7:c7:b2:6d:b4:54:7e:ac:39:93:bf:
b1:5b:18:f9:0f:04:49:5a:cf:80:f5:12:9f:22:bb:
2f:87:15:65:84:e5:ef:d5:24:7e:26:d8:d2:96:80:
af:97:a7:dc:31:04:91:2a:51:f6:95:ef:8f:96:31:
77:c6:4b:5e:f7:ec:1d:2a:a0:c9:ff:46:d3:38:91:
bc:6d:0e:cd:60:96:cd:27:cd:9f:ce:62:2f:90:f6:
7c:76:76:ef:e8:d7:d4:43:3c:68:07:8c:c5:34:d8:
75:d5:64:08:e7:a2:d2:38:0b:56:23:a5:dc:88:b2:
4f:ed:d8:44:78:d3:66:55:6c:c2:c8:1d:a6:a8:f9:
ec:32:2c:1f:90:ef:b7:0c:2f:34:25:09:7e:45:25:
d1:9a:30:a7:91:56:83:22:ee:cf:33:34:6a:7a:f1:
9b:f4:77:16:26:aa:c0:ff:4c:a4:6c:bd:d8:00:fc:
c0:48:d3:4b:c0:12:85:38:dd:cd:e2:59:81:44:de:
63:25:99:1b:e5:19:ce:fd:eb:25:b5:1c:68:26:eb:
00:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:01:E2:9F:36:EF:EA:8F:78:C3:28:6C:77:CA:26:AA:64:E2:96:58
X509v3 Authority Key Identifier:
keyid:97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/CQHinzbv6o94wyhsd8omqmTillg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.93.192.0/22
IPv6:
2a0e:5f07::/32
Signature Algorithm: sha256WithRSAEncryption
91:6d:dc:4d:24:62:fa:81:f1:f2:c6:8d:8b:49:8b:28:7d:d7:
88:0d:74:23:13:98:d2:28:9d:dc:a4:4d:8f:7f:0a:ac:cf:f2:
48:fa:73:b2:0d:ef:5c:f4:c7:7a:24:83:b3:26:4f:8e:25:8f:
be:70:bc:9e:44:78:44:2e:ed:8b:c3:5e:91:bb:3a:3b:e9:17:
82:7c:aa:71:08:7f:00:3e:aa:1f:a8:be:9e:b2:86:ef:68:02:
8b:4d:60:4a:1e:d4:f1:19:55:76:58:24:e1:31:ce:bf:c2:2a:
c8:83:75:55:1c:63:9a:33:67:96:25:72:b4:bf:45:7b:a1:39:
2f:73:20:bf:1f:38:e3:e9:9d:51:54:d3:52:50:81:a5:98:3f:
b3:5f:29:26:fa:56:d8:49:3d:7c:35:7d:21:62:f0:50:b4:c5:
18:ce:17:04:55:94:48:6f:ff:12:dc:8e:0e:3e:8e:ce:e6:26:
8c:da:f7:58:e1:9e:76:9d:c1:6e:72:c3:ac:28:15:a3:37:87:
aa:ec:92:7d:9e:1b:51:be:8a:78:b7:41:7f:90:8d:85:a3:b1:
1e:8b:ce:1e:b0:fd:95:44:c7:73:fd:54:d4:1b:3c:0f:40:2e:
9c:de:f2:c5:76:1a:09:97:0f:14:6f:c1:22:b7:1d:ff:26:e1:
6e:ac:71:1c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ557S0TnxR/KZwZG3ZXchhlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OWY1Y2E4YzMzZjEzNGMzYzE1N2Q0OGI5YzJhZTRlOTFi
NjMwYmYwHhcNMjYwNTMwMTcyNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTAxZTI5ZjM2ZWZlYThmNzhjMzI4NmM3N2NhMjZhYTY0ZTI5NjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5WxXOUuMjjZDHkX3QMn/BsvysGQ
73FIfAiwjIBpgaX+Xm9vHKZgpPg8euf7ThL0x8eybbRUfqw5k7+xWxj5DwRJWs+A
9RKfIrsvhxVlhOXv1SR+JtjSloCvl6fcMQSRKlH2le+PljF3xkte9+wdKqDJ/0bT
OJG8bQ7NYJbNJ82fzmIvkPZ8dnbv6NfUQzxoB4zFNNh11WQI56LSOAtWI6XciLJP
7dhEeNNmVWzCyB2mqPnsMiwfkO+3DC80JQl+RSXRmjCnkVaDIu7PMzRqevGb9HcW
JqrA/0ykbL3YAPzASNNLwBKFON3N4lmBRN5jJZkb5RnO/esltRxoJusASwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAkB4p827+qPeMMobHfKJqpk4pZYMB8GA1UdIwQY
MBaAFJefXKjDPxNMPBV9SLnCrk6RtjC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgt
MTQ3MGFjMzY0ZGQyLzEvQ1FIaW56YnY2bzk0d3loc2Q4b21xbVRpbGxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgtMTQ3MGFjMzY0ZGQy
LzEvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCvF3AMA0E
AgACMAcDBQAqDl8HMA0GCSqGSIb3DQEBCwUAA4IBAQCRbdxNJGL6gfHyxo2LSYso
fdeIDXQjE5jSKJ3cpE2Pfwqsz/JI+nOyDe9c9Md6JIOzJk+OJY++cLyeRHhELu2L
w16Ruzo76ReCfKpxCH8APqofqL6esobvaAKLTWBKHtTxGVV2WCThMc6/wirIg3VV
HGOaM2eWJXK0v0V7oTkvcyC/Hzjj6Z1RVNNSUIGlmD+zXykm+lbYST18NX0hYvBQ
tMUYzhcEVZRIb/8S3I4OPo7O5iaM2vdY4Z52ncFucsOsKBWjN4eq7JJ9nhtRvop4
t0F/kI2Fo7Eei84esP2VRMdz/VTUGzwPQC6c3vLFdhoJlw8Ub8Eitx3/JuFurHEc
-----END CERTIFICATE-----
Generated at Fri Jun 12 02:41:08 2026 by rpki-client