Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/QxewxtbZLg4aRsqELidIYU4yOyM.roa
File: QxewxtbZLg4aRsqELidIYU4yOyM.roa (raw, json)
Hash identifier: Uj2B1rVNdfmnJ9Y8kdlFiQqgWYDAp199Y8qPOBn7Mx0=
Subject key identifier: 43:17:B0:C6:D6:D9:2E:0E:1A:46:CA:84:2E:27:48:61:4E:32:3B:23
Certificate issuer: /CN=5fe53c0bfc3c8fb56b81191317144443e0e29d25
Certificate serial: 019DE57391185A972B9B98D280C5F96C8F93
Authority key identifier: 5F:E5:3C:0B:FC:3C:8F:B5:6B:81:19:13:17:14:44:43:E0:E2:9D:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X-U8C_w8j7VrgRkTFxREQ-DinSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/QxewxtbZLg4aRsqELidIYU4yOyM.roa
Signing time: Fri 01 May 2026 21:30:49 +0000
ROA not before: Fri 01 May 2026 21:30:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16509
IP address blocks: 87.232.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/X-U8C_w8j7VrgRkTFxREQ-DinSU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/X-U8C_w8j7VrgRkTFxREQ-DinSU.mft
rsync://rpki.ripe.net/repository/DEFAULT/X-U8C_w8j7VrgRkTFxREQ-DinSU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 05:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e5:73:91:18:5a:97:2b:9b:98:d2:80:c5:f9:6c:8f:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fe53c0bfc3c8fb56b81191317144443e0e29d25
Validity
Not Before: May 1 21:30:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4317b0c6d6d92e0e1a46ca842e2748614e323b23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:d7:42:b2:05:b4:d7:3e:0e:22:9c:a7:c7:f3:
a8:c6:a2:0e:80:6c:84:45:a2:6e:29:2e:22:a8:d7:
7f:a5:a0:c4:45:10:35:ed:06:53:64:3d:05:5b:c4:
4b:e4:0c:5d:bb:f4:b1:15:3b:b0:0b:97:c6:56:01:
30:e8:75:a4:63:2f:39:44:89:6f:c1:e3:c0:2c:cf:
67:2f:fa:70:64:75:68:c3:d4:43:ac:ef:68:b3:55:
f4:f0:bc:35:ac:bf:77:19:9e:5a:9b:ab:f3:19:2b:
5f:fd:64:11:5a:f8:61:6e:79:a1:ef:3e:0d:9f:14:
d1:e5:cc:6f:73:aa:4f:28:4f:a6:39:9f:1d:0d:7f:
b9:0d:10:a0:d2:4e:0e:32:ef:b8:aa:14:a6:89:46:
97:2b:8a:4a:d0:40:ad:3d:eb:89:51:05:75:e7:10:
f1:e6:22:cb:22:96:00:7f:c8:d7:88:e0:fe:89:15:
24:ec:a9:72:5f:16:ee:80:4e:33:d3:6d:b7:1a:95:
24:e9:9f:d3:8e:13:12:64:4e:cc:e3:6f:a3:6f:3b:
15:68:7f:28:ff:03:dc:19:8c:7c:34:f6:e0:9c:39:
77:4c:a7:62:df:6f:d9:10:70:71:24:ad:d2:29:14:
64:69:f4:12:33:a6:fc:be:9b:21:c4:8c:f4:db:78:
ab:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:17:B0:C6:D6:D9:2E:0E:1A:46:CA:84:2E:27:48:61:4E:32:3B:23
X509v3 Authority Key Identifier:
keyid:5F:E5:3C:0B:FC:3C:8F:B5:6B:81:19:13:17:14:44:43:E0:E2:9D:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X-U8C_w8j7VrgRkTFxREQ-DinSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/QxewxtbZLg4aRsqELidIYU4yOyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/X-U8C_w8j7VrgRkTFxREQ-DinSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.232.82.0/24
Signature Algorithm: sha256WithRSAEncryption
65:c8:5b:7e:b3:94:95:d1:d3:bd:b8:b8:81:8e:f7:f1:ab:7b:
86:6d:cd:70:02:a7:9a:21:5b:4c:ec:44:b6:00:a3:82:79:87:
e7:c3:33:92:af:7a:5b:5f:97:9b:70:a5:90:0e:f5:63:06:2f:
a3:13:95:50:ee:97:a2:22:da:5d:fc:cf:4c:99:37:3b:5e:c6:
0a:14:34:95:2c:dd:f9:51:54:35:1e:42:ff:b5:dc:62:fc:9b:
fb:b3:c4:4d:d4:46:1d:68:7b:67:6b:cb:2a:73:bf:8c:16:88:
ba:ce:53:7c:57:82:1b:28:6a:36:91:7a:67:03:c3:ca:cc:6e:
0a:b9:d0:1e:a4:f3:22:d7:53:e9:c5:20:71:64:0f:85:ec:8e:
8d:d3:8c:99:96:7b:dc:22:89:d2:a5:3f:3d:b2:a7:33:20:0d:
a8:fb:b1:22:d8:6f:5b:18:21:d9:7b:b6:71:bf:54:c6:ad:8e:
a0:38:ef:ca:a0:91:74:6d:4d:05:55:80:cc:da:a3:b8:9c:98:
c7:43:ce:4a:62:91:64:53:04:63:5a:a5:b7:36:56:b9:9d:f6:
af:42:1e:39:00:20:0f:31:ad:5f:c5:ff:30:a4:fd:4e:e5:88:
c3:1c:25:de:f4:09:93:06:08:32:fc:1e:a1:47:97:3c:cf:68:
56:4b:89:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ3lc5EYWpcrm5jSgMX5bI+TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmZTUzYzBiZmMzYzhmYjU2YjgxMTkxMzE3MTQ0NDQzZTBl
MjlkMjUwHhcNMjYwNTAxMjEzMDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzE3YjBjNmQ2ZDkyZTBlMWE0NmNhODQyZTI3NDg2MTRlMzIzYjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4tdCsgW01z4OIpynx/OoxqIOgGyE
RaJuKS4iqNd/paDERRA17QZTZD0FW8RL5Axdu/SxFTuwC5fGVgEw6HWkYy85RIlv
wePALM9nL/pwZHVow9RDrO9os1X08Lw1rL93GZ5am6vzGStf/WQRWvhhbnmh7z4N
nxTR5cxvc6pPKE+mOZ8dDX+5DRCg0k4OMu+4qhSmiUaXK4pK0ECtPeuJUQV15xDx
5iLLIpYAf8jXiOD+iRUk7KlyXxbugE4z0223GpUk6Z/TjhMSZE7M42+jbzsVaH8o
/wPcGYx8NPbgnDl3TKdi32/ZEHBxJK3SKRRkafQSM6b8vpshxIz023irRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEMXsMbW2S4OGkbKhC4nSGFOMjsjMB8GA1UdIwQY
MBaAFF/lPAv8PI+1a4EZExcUREPg4p0lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWC1VOENfdzhqN1ZyZ1JrVEZ4UkVRLURpblNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9iYzYwODktM2Q5MC00NTI5LWJiNDct
NWNmNTZlZTQzNWIzLzEvUXhld3h0YlpMZzRhUnNxRUxpZElZVTR5T3lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9iYzYwODktM2Q5MC00NTI5LWJiNDctNWNmNTZlZTQzNWIz
LzEvWC1VOENfdzhqN1ZyZ1JrVEZ4UkVRLURpblNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+hSMA0G
CSqGSIb3DQEBCwUAA4IBAQBlyFt+s5SV0dO9uLiBjvfxq3uGbc1wAqeaIVtM7ES2
AKOCeYfnwzOSr3pbX5ebcKWQDvVjBi+jE5VQ7peiItpd/M9MmTc7XsYKFDSVLN35
UVQ1HkL/tdxi/Jv7s8RN1EYdaHtna8sqc7+MFoi6zlN8V4IbKGo2kXpnA8PKzG4K
udAepPMi11PpxSBxZA+F7I6N04yZlnvcIonSpT89sqczIA2o+7Ei2G9bGCHZe7Zx
v1TGrY6gOO/KoJF0bU0FVYDM2qO4nJjHQ85KYpFkUwRjWqW3Nla5nfavQh45ACAP
Ma1fxf8wpP1O5YjDHCXe9AmTBggy/B6hR5c8z2hWS4mW
-----END CERTIFICATE-----
Generated at Sun May 3 14:47:52 2026 by rpki-client