Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qsnAliJoPRk_YnpHwWdzwEvD5C0.roa
File: qsnAliJoPRk_YnpHwWdzwEvD5C0.roa (raw, json)
Hash identifier: fdfZG3/SZJ0xgO6oA9yvo20K65Ah5fIgu9iXjpm3rlQ=
Subject key identifier: AA:C9:C0:96:22:68:3D:19:3F:62:7A:47:C1:67:73:C0:4B:C3:E4:2D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019D3DE5B871FF583825FF6B935E296C0BC5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qsnAliJoPRk_YnpHwWdzwEvD5C0.roa
Signing time: Mon 30 Mar 2026 08:39:18 +0000
ROA not before: Mon 30 Mar 2026 08:39:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 174
IP address blocks: 80.240.95.0/24 maxlen: 24
82.152.218.0/24 maxlen: 24
82.152.235.0/24 maxlen: 24
82.152.239.0/24 maxlen: 24
109.176.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Apr 2026 20:11:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3d:e5:b8:71:ff:58:38:25:ff:6b:93:5e:29:6c:0b:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 30 08:39:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=aac9c09622683d193f627a47c16773c04bc3e42d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:84:94:38:37:13:4c:6c:51:c5:19:87:7b:83:
5b:9b:9f:5d:a0:f4:4c:a2:31:b8:c7:4d:4d:f5:dc:
90:08:59:7c:b6:f5:16:4d:ff:7b:0e:a6:cd:06:1c:
ab:0f:68:de:59:b5:21:53:0c:1a:79:25:e4:af:2f:
12:41:1b:45:46:9a:67:be:4c:c0:d4:fd:43:42:57:
e7:5b:15:e0:c1:98:08:02:0c:34:6e:20:7e:9e:59:
11:35:b1:da:bc:56:72:c7:ee:1b:46:24:35:68:8d:
af:25:01:16:84:a3:1a:ce:c4:9e:87:4b:a9:57:bd:
63:0b:71:df:fd:24:94:a4:70:c5:d6:b5:e1:77:be:
0b:d6:42:bf:ea:fc:ef:99:ac:80:50:32:f4:59:29:
8d:6e:26:6d:74:a5:49:c4:1f:01:f6:0a:a7:4c:c4:
8f:73:8b:5e:0c:b4:50:5d:b3:6f:07:66:9a:06:48:
9d:45:5d:3b:9b:62:6d:cf:29:08:38:ca:93:73:a0:
79:1a:5d:30:6c:25:10:e6:bd:cc:c4:1c:e3:ae:26:
9c:ac:a0:44:49:64:59:7e:a3:a1:8c:c4:42:d2:2c:
35:34:fa:3d:17:a0:87:66:8b:98:35:33:b5:3a:eb:
41:f6:12:fa:45:57:aa:f6:09:4d:55:c9:ca:ee:a8:
3a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:C9:C0:96:22:68:3D:19:3F:62:7A:47:C1:67:73:C0:4B:C3:E4:2D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qsnAliJoPRk_YnpHwWdzwEvD5C0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.95.0/24
82.152.218.0/24
82.152.235.0/24
82.152.239.0/24
109.176.20.0/24
Signature Algorithm: sha256WithRSAEncryption
85:cc:42:4d:89:05:2a:57:c0:63:6d:9b:fc:42:55:60:ee:ff:
4c:74:57:6a:2d:fb:cb:de:11:76:d5:b3:61:b5:d9:b3:5b:cb:
d2:66:af:66:3e:4f:f5:cc:bb:ea:30:80:cb:6e:f9:05:45:ab:
70:df:a2:d1:2c:34:05:8d:f9:90:ee:26:64:6d:aa:0e:f2:63:
60:54:48:b4:07:2c:9b:65:d3:dd:7f:f5:2f:14:e4:cb:35:98:
e5:35:b5:6e:4a:f9:51:2a:26:8c:0c:af:79:65:74:2d:62:cb:
93:c1:1f:93:7f:78:90:05:c3:bf:89:67:55:12:e4:26:77:8f:
55:c9:a5:db:a0:6d:3b:01:fd:3a:6c:40:07:9d:fe:5f:a3:0f:
d9:22:96:94:8e:c9:16:9f:4e:8c:8b:67:5d:2e:53:36:c3:c2:
81:ad:e7:39:ef:12:38:51:5a:41:76:f6:fb:6d:d6:48:32:99:
67:0e:12:98:71:03:e9:d3:da:84:aa:bf:ec:21:81:5d:71:b9:
76:7b:fb:84:e1:24:9e:40:ed:42:03:a1:9a:bb:64:32:4b:96:
f1:7e:08:4a:e2:f0:4a:de:50:fb:54:af:ed:01:a5:d5:fa:a6:
ba:9d:12:91:9f:16:06:7b:fe:39:52:05:a5:9d:85:f3:0e:20:
22:13:87:c4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ095bhx/1g4Jf9rk14pbAvFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwMzMwMDgzOTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWM5YzA5NjIyNjgzZDE5M2Y2MjdhNDdjMTY3NzNjMDRiYzNlNDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ISUODcTTGxRxRmHe4Nbm59doPRM
ojG4x01N9dyQCFl8tvUWTf97DqbNBhyrD2jeWbUhUwwaeSXkry8SQRtFRppnvkzA
1P1DQlfnWxXgwZgIAgw0biB+nlkRNbHavFZyx+4bRiQ1aI2vJQEWhKMazsSeh0up
V71jC3Hf/SSUpHDF1rXhd74L1kK/6vzvmayAUDL0WSmNbiZtdKVJxB8B9gqnTMSP
c4teDLRQXbNvB2aaBkidRV07m2JtzykIOMqTc6B5Gl0wbCUQ5r3MxBzjriacrKBE
SWRZfqOhjMRC0iw1NPo9F6CHZouYNTO1OutB9hL6RVeq9glNVcnK7qg6GwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKrJwJYiaD0ZP2J6R8Fnc8BLw+QtMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcXNuQWxpSm9QUmtfWW5wSHdXZHp3RXZENUMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUPBfAwQA
UpjaAwQAUpjrAwQAUpjvAwQAbbAUMA0GCSqGSIb3DQEBCwUAA4IBAQCFzEJNiQUq
V8BjbZv8QlVg7v9MdFdqLfvL3hF21bNhtdmzW8vSZq9mPk/1zLvqMIDLbvkFRatw
36LRLDQFjfmQ7iZkbaoO8mNgVEi0ByybZdPdf/UvFOTLNZjlNbVuSvlRKiaMDK95
ZXQtYsuTwR+Tf3iQBcO/iWdVEuQmd49VyaXboG07Af06bEAHnf5fow/ZIpaUjskW
n06Mi2ddLlM2w8KBrec57xI4UVpBdvb7bdZIMplnDhKYcQPp09qEqr/sIYFdcbl2
e/uE4SSeQO1CA6Gau2QyS5bxfghK4vBK3lD7VK/tAaXV+qa6nRKRnxYGe/45UgWl
nYXzDiAiE4fE
-----END CERTIFICATE-----
Generated at Thu Apr 9 05:18:52 2026 by rpki-client