Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/QNXPiSdWHYjTjvPYs0qNfPufCIg.roa
File: QNXPiSdWHYjTjvPYs0qNfPufCIg.roa (raw, json)
Hash identifier: ZZSzAVzEP8o0MRdJ1IOvG0eVu4PO46I9bk9S2RbX8uY=
Subject key identifier: 40:D5:CF:89:27:56:1D:88:D3:8E:F3:D8:B3:4A:8D:7C:FB:9F:08:88
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019E2B462237F7D25415E3D42424FCEC91F3
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/QNXPiSdWHYjTjvPYs0qNfPufCIg.roa
Signing time: Fri 15 May 2026 10:54:37 +0000
ROA not before: Fri 15 May 2026 10:54:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 89.34.106.0/24 maxlen: 24
89.125.126.0/24 maxlen: 24
89.125.185.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
103.245.228.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
206.245.144.0/21 maxlen: 21
206.245.152.0/22 maxlen: 22
206.245.156.0/24 maxlen: 24
206.245.158.0/24 maxlen: 24
212.192.7.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:2b:46:22:37:f7:d2:54:15:e3:d4:24:24:fc:ec:91:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: May 15 10:54:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=40d5cf8927561d88d38ef3d8b34a8d7cfb9f0888
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:6d:9a:e2:4b:b8:a7:c9:8d:a8:85:e4:12:85:
79:38:5a:a2:c9:73:3b:8f:47:46:48:c0:43:fa:d0:
37:ee:d8:d1:db:99:33:bd:c2:8e:5a:d5:f6:4a:6e:
16:ad:d0:78:1f:bc:32:a4:ed:e3:c8:34:19:80:d6:
ee:38:99:a2:05:b1:c2:57:5c:3c:b5:b3:f0:7e:0a:
df:a2:fc:3b:70:de:2f:95:b8:97:8e:e7:4b:25:a6:
cf:24:29:1f:48:aa:aa:ba:03:0c:e8:cb:b7:10:09:
ed:1e:01:5d:1e:0e:f7:b5:c6:d7:1d:7c:2e:8b:84:
fb:70:25:be:16:bb:1f:39:01:35:2c:57:05:d9:d4:
92:84:0f:74:ee:4f:1d:3f:4d:17:92:96:28:a3:29:
87:3f:56:5a:c9:29:76:4b:06:f9:5b:d5:21:93:e4:
fa:3c:4b:23:38:3a:49:9f:19:1e:4f:bf:e2:e7:30:
22:4b:93:e7:6e:b1:f0:3a:d6:3a:df:7f:6e:bd:68:
db:1c:3e:82:8a:52:08:25:be:f5:42:4e:71:bc:14:
aa:20:9a:e8:5b:30:b2:44:22:c8:80:02:53:ea:b9:
4f:e4:01:6e:c0:9e:29:c2:17:ff:a2:1a:99:18:4b:
c6:4d:2f:bd:78:0e:c5:08:55:cd:45:74:b9:7c:56:
ea:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D5:CF:89:27:56:1D:88:D3:8E:F3:D8:B3:4A:8D:7C:FB:9F:08:88
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/QNXPiSdWHYjTjvPYs0qNfPufCIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.106.0/24
89.125.126.0/24
89.125.185.0/24
93.114.183.0/24
103.245.228.0/24
194.58.47.0/24
206.245.144.0-206.245.156.255
206.245.158.0/24
212.192.7.0-212.192.8.255
212.192.10.0/24
212.192.30.0/24
212.192.208.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:63:b3:bf:2b:fa:32:b7:5b:bd:da:fc:4e:5a:a8:d9:b6:2f:
67:bd:cf:6b:8b:7b:ae:b3:9f:36:80:ab:2d:a6:e4:e4:fa:fa:
0c:07:9b:e9:3f:09:0e:fc:94:a2:ed:04:b2:1c:c6:7c:0a:91:
ee:c3:eb:d0:60:12:39:c1:06:12:e2:6b:4e:c8:3b:20:43:c2:
c2:83:b5:d0:92:69:14:3f:9d:65:65:47:b0:9b:35:e8:70:a2:
89:c7:d7:e0:2e:48:49:b8:da:0d:22:ea:b4:f5:10:73:1b:12:
5b:39:85:12:cc:d8:c4:00:ef:b8:2a:5e:06:9f:88:b8:f8:19:
25:18:f3:2b:5e:f4:ab:cb:95:66:9a:53:5d:50:c3:cc:0c:c6:
8d:fc:8d:5a:67:50:22:b0:20:e6:77:c4:6e:7c:72:0a:f1:f4:
19:3d:70:84:16:99:5a:1b:31:e1:24:0d:9a:6c:e8:87:74:1f:
b0:b7:1a:7d:05:4e:64:b8:53:b8:e5:3d:28:51:e1:c5:83:43:
b8:3d:e4:58:b1:2b:e2:75:24:41:eb:d4:2d:b0:2b:2c:09:5a:
41:95:22:29:75:b7:28:b6:67:04:d8:c1:6b:3f:e6:7c:17:c7:
42:5b:3f:fa:5c:43:eb:26:71:ec:00:fb:14:d0:35:5e:07:7c:
c6:b1:87:0a
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZ4rRiI399JUFePUJCT87JHzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwNTE1MTA1NDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGQ1Y2Y4OTI3NTYxZDg4ZDM4ZWYzZDhiMzRhOGQ3Y2ZiOWYwODg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2W2a4ku4p8mNqIXkEoV5OFqiyXM7
j0dGSMBD+tA37tjR25kzvcKOWtX2Sm4WrdB4H7wypO3jyDQZgNbuOJmiBbHCV1w8
tbPwfgrfovw7cN4vlbiXjudLJabPJCkfSKqqugMM6Mu3EAntHgFdHg73tcbXHXwu
i4T7cCW+FrsfOQE1LFcF2dSShA907k8dP00XkpYooymHP1ZaySl2Swb5W9Uhk+T6
PEsjODpJnxkeT7/i5zAiS5PnbrHwOtY6339uvWjbHD6CilIIJb71Qk5xvBSqIJro
WzCyRCLIgAJT6rlP5AFuwJ4pwhf/ohqZGEvGTS+9eA7FCFXNRXS5fFbquQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFEDVz4knVh2I047z2LNKjXz7nwiIMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvUU5YUGlTZFdIWWpUanZQWXMwcU5mUHVmQ0lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQAWSJqAwQA
WX1+AwQAWX25AwQAXXK3AwQAZ/XkAwQAwjovMAwDBATO9ZADBADO9ZwDBADO9Z4w
DAMEANTABwMEANTACAMEANTACgMEANTAHgMEANTA0DANBgkqhkiG9w0BAQsFAAOC
AQEAb2Ozvyv6Mrdbvdr8Tlqo2bYvZ73Pa4t7rrOfNoCrLabk5Pr6DAeb6T8JDvyU
ou0EshzGfAqR7sPr0GASOcEGEuJrTsg7IEPCwoO10JJpFD+dZWVHsJs16HCiicfX
4C5ISbjaDSLqtPUQcxsSWzmFEszYxADvuCpeBp+IuPgZJRjzK170q8uVZppTXVDD
zAzGjfyNWmdQIrAg5nfEbnxyCvH0GT1whBaZWhsx4SQNmmzoh3QfsLcafQVOZLhT
uOU9KFHhxYNDuD3kWLEr4nUkQevULbArLAlaQZUiKXW3KLZnBNjBaz/mfBfHQls/
+lxD6yZx7AD7FNA1Xgd8xrGHCg==
-----END CERTIFICATE-----
Generated at Sat May 23 03:03:23 2026 by rpki-client