Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/QpckzCGCQYLYhpr74LAr4qnTXpU.roa
File: QpckzCGCQYLYhpr74LAr4qnTXpU.roa (raw, json)
Hash identifier: KyNF1FltPbO/mXuIELm3YgjGIsFSe1HCrIqcFEBwYhc=
Subject key identifier: 42:97:24:CC:21:82:41:82:D8:86:9A:FB:E0:B0:2B:E2:A9:D3:5E:95
Certificate issuer: /CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Certificate serial: 019CAD70F5A3B151193CE1C897B1E5978A95
Authority key identifier: E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/QpckzCGCQYLYhpr74LAr4qnTXpU.roa
Signing time: Mon 02 Mar 2026 07:26:26 +0000
ROA not before: Mon 02 Mar 2026 07:26:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396982
IP address blocks: 212.38.240.0/24 maxlen: 24
212.38.241.0/24 maxlen: 24
212.38.242.0/24 maxlen: 24
212.38.243.0/24 maxlen: 24
212.38.244.0/24 maxlen: 24
2001:671:fc00::/40 maxlen: 40
2001:671:fd00::/40 maxlen: 40
2001:671:fe00::/40 maxlen: 40
2001:671:ff00::/40 maxlen: 40
2001:998:a0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.mft
rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 19:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:70:f5:a3:b1:51:19:3c:e1:c8:97:b1:e5:97:8a:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Validity
Not Before: Mar 2 07:26:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=429724cc21824182d8869afbe0b02be2a9d35e95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:95:22:8a:9e:71:7a:88:79:63:a2:a0:49:61:
d5:8d:3d:62:45:fc:8d:90:2f:17:3d:5f:32:04:ec:
88:51:fb:b2:a0:f1:70:d2:2b:a7:5c:15:77:07:00:
3d:32:6b:f6:53:65:07:8d:28:88:51:b4:ee:66:5b:
ab:b5:61:99:da:0b:7a:c4:5f:60:fd:19:d0:25:83:
8d:e2:4e:6f:d0:fe:95:48:6c:bd:ac:2f:0a:5b:1f:
ea:35:89:d2:cc:9a:f2:0a:14:24:e2:f6:5d:91:e1:
23:84:40:97:ba:29:20:62:fe:63:78:28:1a:c3:b0:
93:17:32:03:5f:cb:41:20:c5:a0:a9:12:b9:50:9a:
14:68:4e:b9:d4:78:fa:77:0a:6a:8e:45:00:95:17:
15:27:16:3f:25:f9:6a:e0:18:31:7f:b5:10:e3:c5:
a0:06:72:32:8f:1e:69:a6:33:66:3d:b4:3a:82:35:
d8:90:88:80:ef:f4:c2:d5:27:5f:1e:90:d6:e3:01:
33:af:ff:c8:1a:3f:a7:71:7a:35:9a:ca:65:11:b6:
3a:d2:05:e1:ae:95:18:f6:32:97:74:80:16:11:ef:
d1:d6:72:ba:19:b4:25:2e:57:3c:fb:be:08:10:d9:
28:a5:52:14:fe:5b:e6:9b:d0:cd:a9:20:48:59:aa:
60:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:97:24:CC:21:82:41:82:D8:86:9A:FB:E0:B0:2B:E2:A9:D3:5E:95
X509v3 Authority Key Identifier:
keyid:E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/QpckzCGCQYLYhpr74LAr4qnTXpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.38.240.0-212.38.244.255
IPv6:
2001:671:fc00::/38
2001:998:a0::/44
Signature Algorithm: sha256WithRSAEncryption
38:57:b9:bd:5a:0b:7e:93:2e:2c:f8:b2:73:c1:36:ba:ae:50:
0f:ed:b4:19:f2:fb:8d:a4:ad:d4:a4:30:34:c7:59:aa:3f:9a:
f6:b5:0b:f1:d2:eb:30:7f:6a:bd:22:51:a9:22:cf:86:1f:79:
01:f4:f1:a3:c0:14:19:6c:d3:8a:1b:c7:48:55:2b:17:59:6d:
f9:d4:62:f3:d6:0e:68:e5:f2:b1:d9:b3:62:09:eb:28:b2:11:
39:57:52:14:a7:57:a3:bd:01:ce:10:35:d1:85:2d:d3:33:54:
f4:e4:7b:8e:00:f6:ba:a3:66:5a:07:1d:a7:63:7a:48:3d:5d:
58:ba:15:3d:6a:0b:b8:1e:2a:94:6f:80:14:f3:70:22:4e:6b:
5e:2c:94:0d:b3:88:17:cd:40:04:75:00:c5:26:3a:26:0a:ef:
38:ac:6b:29:9e:de:42:f2:68:55:ad:48:41:90:25:db:dc:1b:
61:1d:97:81:94:80:2c:bd:84:38:ea:82:63:c1:d2:14:cd:c8:
a3:ed:fc:d7:78:39:4b:68:5d:8d:d3:ed:14:c4:2f:05:35:ff:
c4:6d:16:f3:34:9e:4d:a1:b4:e4:4a:66:cf:94:a5:4f:8a:69:
84:42:e9:89:5e:0f:41:85:dd:07:b3:41:c7:05:d0:c0:4a:00:
46:54:bf:e7
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZytcPWjsVEZPOHIl7Hll4qVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZGVlMWIwNmJhMjRhNjc2MjEzZjk3NmE0YjUwYzEyOWRj
YjJiNzMwHhcNMjYwMzAyMDcyNjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mjk3MjRjYzIxODI0MTgyZDg4NjlhZmJlMGIwMmJlMmE5ZDM1ZTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZUiip5xeoh5Y6KgSWHVjT1iRfyN
kC8XPV8yBOyIUfuyoPFw0iunXBV3BwA9Mmv2U2UHjSiIUbTuZlurtWGZ2gt6xF9g
/RnQJYON4k5v0P6VSGy9rC8KWx/qNYnSzJryChQk4vZdkeEjhECXuikgYv5jeCga
w7CTFzIDX8tBIMWgqRK5UJoUaE651Hj6dwpqjkUAlRcVJxY/Jflq4Bgxf7UQ48Wg
BnIyjx5ppjNmPbQ6gjXYkIiA7/TC1SdfHpDW4wEzr//IGj+ncXo1msplEbY60gXh
rpUY9jKXdIAWEe/R1nK6GbQlLlc8+74IENkopVIU/lvmm9DNqSBIWapgKQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEKXJMwhgkGC2Iaa++CwK+Kp016VMB8GA1UdIwQY
MBaAFODe4bBrokpnYhP5dqS1DBKdyytzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMt
MTVlOTBiZjg3ZmFiLzEvUXBja3pDR0NRWUxZaHByNzRMQXI0cW5UWHBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMtMTVlOTBiZjg3ZmFi
LzEvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAUBAIAATAOMAwDBATUJvAD
BADUJvQwFwQCAAIwEQMGAiABBnH8AwcEIAEJmACgMA0GCSqGSIb3DQEBCwUAA4IB
AQA4V7m9Wgt+ky4s+LJzwTa6rlAP7bQZ8vuNpK3UpDA0x1mqP5r2tQvx0uswf2q9
IlGpIs+GH3kB9PGjwBQZbNOKG8dIVSsXWW351GLz1g5o5fKx2bNiCesoshE5V1IU
p1ejvQHOEDXRhS3TM1T05HuOAPa6o2ZaBx2nY3pIPV1YuhU9agu4HiqUb4AU83Ai
TmteLJQNs4gXzUAEdQDFJjomCu84rGspnt5C8mhVrUhBkCXb3BthHZeBlIAsvYQ4
6oJjwdIUzcij7fzXeDlLaF2N0+0UxC8FNf/EbRbzNJ5NobTkSmbPlKVPimmEQumJ
Xg9Bhd0Hs0HHBdDASgBGVL/n
-----END CERTIFICATE-----
Generated at Fri Mar 13 02:43:11 2026 by rpki-client