Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/Qxb3jM4ePTMV9VW697O_IrFiKO4.roa
File: Qxb3jM4ePTMV9VW697O_IrFiKO4.roa (raw, json)
Hash identifier: AbhSCurttFzNeSFXTLuJzDxZxOUBLASF3y7ZinKqm+8=
Subject key identifier: 43:16:F7:8C:CE:1E:3D:33:15:F5:55:BA:F7:B3:BF:22:B1:62:28:EE
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 019E9A44F2A5016AC3FA51F0BA6243494E5D
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/Qxb3jM4ePTMV9VW697O_IrFiKO4.roa
Signing time: Sat 06 Jun 2026 00:11:10 +0000
ROA not before: Sat 06 Jun 2026 00:11:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209847
IP address blocks: 5.181.20.0/24 maxlen: 24
5.181.21.0/24 maxlen: 24
5.181.22.0/24 maxlen: 24
45.14.244.0/24 maxlen: 24
45.14.245.0/24 maxlen: 24
45.14.246.0/24 maxlen: 24
45.14.247.0/24 maxlen: 24
45.140.146.0/24 maxlen: 24
45.140.147.0/24 maxlen: 24
45.150.65.0/24 maxlen: 24
45.150.67.0/24 maxlen: 24
91.194.11.0/24 maxlen: 24
138.124.180.0/24 maxlen: 24
138.124.183.0/24 maxlen: 24
138.124.184.0/24 maxlen: 24
146.19.106.0/24 maxlen: 24
185.74.222.0/24 maxlen: 24
185.234.247.0/24 maxlen: 24
195.16.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 00:11:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:9a:44:f2:a5:01:6a:c3:fa:51:f0:ba:62:43:49:4e:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Jun 6 00:11:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4316f78cce1e3d3315f555baf7b3bf22b16228ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e7:c5:d7:b4:cd:44:16:8f:4b:aa:23:ce:0c:
b5:4c:d9:9e:f3:f3:df:b7:47:cf:07:d1:28:d5:a3:
7d:01:6b:ba:85:de:30:38:dc:25:53:a2:6e:17:56:
1c:93:ad:e3:19:81:89:60:a9:fe:3f:77:b8:ac:ef:
34:81:8e:b3:b8:51:97:f7:6f:91:22:41:ec:8d:a3:
fd:37:5c:37:2b:15:8f:1d:64:8b:e3:7c:00:48:8d:
6e:87:ea:4a:30:48:d7:3c:44:3e:89:d7:69:64:5d:
ee:0b:4a:25:5b:a8:69:5e:46:dd:ce:c6:08:9c:eb:
1a:ac:3e:2e:cf:a8:86:93:10:53:4b:a9:d0:a0:8f:
9e:ba:87:be:95:7f:cb:1a:65:be:4d:ae:28:d2:99:
24:06:75:4c:5d:53:7d:64:03:5f:67:af:8a:7b:51:
52:b1:b4:f1:cf:cd:f8:aa:1a:0e:4e:46:4f:6b:05:
15:37:3d:4c:c8:52:e0:c4:29:be:1e:33:bc:77:33:
7e:a8:06:91:54:94:16:39:a4:12:df:ce:1c:7a:47:
fb:4d:fe:38:2f:0f:1e:a8:db:74:39:1e:01:c1:77:
8f:a9:c4:27:51:3b:dc:e0:2f:d9:ab:ff:4f:c0:a2:
08:6e:27:5d:17:25:83:97:d6:22:fb:2a:f0:c3:dd:
0c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:16:F7:8C:CE:1E:3D:33:15:F5:55:BA:F7:B3:BF:22:B1:62:28:EE
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/Qxb3jM4ePTMV9VW697O_IrFiKO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.20.0-5.181.22.255
45.14.244.0/22
45.140.146.0/23
45.150.65.0/24
45.150.67.0/24
91.194.11.0/24
138.124.180.0/24
138.124.183.0-138.124.184.255
146.19.106.0/24
185.74.222.0/24
185.234.247.0/24
195.16.74.0/24
Signature Algorithm: sha256WithRSAEncryption
97:2b:a1:25:c1:53:e5:30:52:ed:37:94:17:18:c3:3f:c9:3c:
18:b1:c3:de:53:44:e1:b8:6f:a2:d1:7b:b4:fe:10:93:ef:a3:
31:ba:8f:22:d3:c0:48:cc:dc:2c:c4:07:2a:df:66:34:db:39:
cf:92:7e:9a:d2:be:06:b6:02:8e:12:f8:ea:2d:26:a7:83:71:
cc:41:3b:34:7c:90:bd:2a:42:8b:e1:53:10:4a:60:bd:a3:4b:
cb:b4:54:b1:1d:5b:6e:82:80:8c:c9:a3:b3:0e:e1:57:8c:8c:
4b:92:bb:b3:43:50:55:5b:ea:56:79:a2:4e:8c:0c:0e:d0:32:
f6:cd:9c:4a:67:81:e1:f0:ae:32:30:25:72:c8:d3:5f:8e:8f:
b5:c9:53:4e:6e:a1:24:34:91:a9:e6:45:b6:9f:c4:59:05:0d:
81:14:d0:9d:59:c9:24:61:d3:13:86:72:33:0e:a3:13:f1:2f:
76:a0:7a:76:2f:27:7a:b7:c4:10:6c:18:15:eb:26:67:be:2d:
e4:34:2b:b4:0d:83:1b:1e:8a:48:9b:3f:df:63:1e:cf:2d:cc:
38:b8:24:43:ce:e6:7b:77:cd:61:11:aa:9f:7d:3c:5f:93:cc:
c9:ed:bc:c6:d2:64:6e:20:30:7b:cc:4f:65:3e:ee:3f:5b:e0:
c5:8d:d1:03
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZ6aRPKlAWrD+lHwumJDSU5dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjYwNjA2MDAxMTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzE2Zjc4Y2NlMWUzZDMzMTVmNTU1YmFmN2IzYmYyMmIxNjIyOGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlefF17TNRBaPS6ojzgy1TNme8/Pf
t0fPB9Eo1aN9AWu6hd4wONwlU6JuF1Yck63jGYGJYKn+P3e4rO80gY6zuFGX92+R
IkHsjaP9N1w3KxWPHWSL43wASI1uh+pKMEjXPEQ+iddpZF3uC0olW6hpXkbdzsYI
nOsarD4uz6iGkxBTS6nQoI+euoe+lX/LGmW+Ta4o0pkkBnVMXVN9ZANfZ6+Ke1FS
sbTxz834qhoOTkZPawUVNz1MyFLgxCm+HjO8dzN+qAaRVJQWOaQS384cekf7Tf44
Lw8eqNt0OR4BwXePqcQnUTvc4C/Zq/9PwKIIbiddFyWDl9Yi+yrww90MlwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFEMW94zOHj0zFfVVuvezvyKxYijuMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvUXhiM2pNNGVQVE1WOVZXNjk3T19JckZpS080LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYMAwDBAIFtRQD
BAAFtRYDBAItDvQDBAEtjJIDBAAtlkEDBAAtlkMDBABbwgsDBACKfLQwDAMEAIp8
twMEAIp8uAMEAJITagMEALlK3gMEALnq9wMEAMMQSjANBgkqhkiG9w0BAQsFAAOC
AQEAlyuhJcFT5TBS7TeUFxjDP8k8GLHD3lNE4bhvotF7tP4Qk++jMbqPItPASMzc
LMQHKt9mNNs5z5J+mtK+BrYCjhL46i0mp4NxzEE7NHyQvSpCi+FTEEpgvaNLy7RU
sR1bboKAjMmjsw7hV4yMS5K7s0NQVVvqVnmiTowMDtAy9s2cSmeB4fCuMjAlcsjT
X46PtclTTm6hJDSRqeZFtp/EWQUNgRTQnVnJJGHTE4ZyMw6jE/EvdqB6di8nerfE
EGwYFesmZ74t5DQrtA2DGx6KSJs/32Mezy3MOLgkQ87me3fNYRGqn308X5PMye28
xtJkbiAwe8xPZT7uP1vgxY3RAw==
-----END CERTIFICATE-----
Generated at Sat Jun 6 08:21:34 2026 by rpki-client