
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/qHmSmEGjdAI53hj937cc8ERiz9A.roa
File: qHmSmEGjdAI53hj937cc8ERiz9A.roa (raw, json)
Hash identifier: 8oTWgrmmhlssVMObTrpxEtft9zZ2VRpNzHqP8d9w3ls=
Subject key identifier: A8:79:92:98:41:A3:74:02:39:DE:18:FD:DF:B7:1C:F0:44:62:CF:D0
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019F18FCDF0AAD74A910947678822A572FE2
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/qHmSmEGjdAI53hj937cc8ERiz9A.roa
Signing time: Tue 30 Jun 2026 14:44:12 +0000
ROA not before: Tue 30 Jun 2026 14:44:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203273
IP address blocks: 45.9.117.0/24 maxlen: 24
45.86.245.0/24 maxlen: 24
45.94.37.0/24 maxlen: 24
45.94.39.0/24 maxlen: 24
45.129.124.0/24 maxlen: 24
45.129.126.0/24 maxlen: 24
45.131.215.0/24 maxlen: 24
45.133.209.0/24 maxlen: 24
45.133.210.0/24 maxlen: 24
45.137.42.0/24 maxlen: 24
45.137.43.0/24 maxlen: 24
185.99.98.0/24 maxlen: 24
185.126.64.0/24 maxlen: 24
194.62.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 20:30:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:18:fc:df:0a:ad:74:a9:10:94:76:78:82:2a:57:2f:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 30 14:44:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a879929841a3740239de18fddfb71cf04462cfd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:27:ae:9f:2c:9d:1a:9f:ff:98:94:15:fd:64:
83:2f:aa:2f:da:a3:19:1b:d7:0b:62:b7:db:79:ef:
65:f3:ca:ed:72:0a:3d:71:1c:33:04:0e:81:5e:43:
2d:51:58:20:2b:f6:72:e1:79:66:86:8e:36:81:ce:
6c:4d:ca:49:84:a1:16:ba:d3:5f:32:55:33:cc:1d:
e7:6a:57:7b:39:66:0f:a3:a0:74:2e:5c:78:3a:06:
8b:e6:5d:d9:99:a7:5f:ab:f8:55:a8:f0:7c:b8:4e:
b8:29:01:5d:da:ca:19:bd:8b:7f:65:cb:cc:e3:ff:
3e:58:9e:9e:e2:39:31:d1:b3:68:c8:03:b5:a0:6b:
71:97:a2:45:47:1b:b2:11:39:88:5a:56:38:90:bf:
3b:f3:ff:54:12:cd:86:4d:14:ef:93:8c:d7:46:0a:
e0:6a:13:f4:5b:d7:fd:1a:f2:d8:7d:57:0d:5d:be:
fe:87:0e:67:b8:0d:e8:69:58:2b:51:45:c6:3b:c7:
a3:a3:d3:f8:e9:59:28:13:74:f2:14:82:17:90:ba:
dc:a9:7d:b3:69:a1:15:a2:09:b7:fe:93:9d:a3:35:
3e:3e:04:1a:70:67:49:32:8e:34:4a:55:f9:41:8e:
d4:45:62:25:fe:e5:20:16:a9:78:ad:23:a1:12:f4:
b1:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:79:92:98:41:A3:74:02:39:DE:18:FD:DF:B7:1C:F0:44:62:CF:D0
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/qHmSmEGjdAI53hj937cc8ERiz9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.117.0/24
45.86.245.0/24
45.94.37.0/24
45.94.39.0/24
45.129.124.0/24
45.129.126.0/24
45.131.215.0/24
45.133.209.0-45.133.210.255
45.137.42.0/23
185.99.98.0/24
185.126.64.0/24
194.62.66.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:e1:35:4b:77:c3:2b:9f:f9:47:b7:38:76:b7:1c:b0:9b:e5:
26:c1:f9:d8:28:d3:78:83:04:a7:d0:d8:e5:43:12:9a:b9:2b:
b9:97:38:ac:ee:ae:50:6b:04:ea:38:b5:98:21:57:c6:28:e6:
c1:b8:d6:5e:8c:8a:f3:df:20:0b:57:6a:b4:97:fa:f8:e0:93:
d3:13:6e:65:0f:86:7c:92:ae:7c:cd:47:56:48:c9:67:7a:f2:
06:e6:c6:ec:bd:87:d2:dd:ac:38:c4:b1:bb:31:10:7d:58:00:
89:40:c4:95:fe:85:f0:9f:0c:82:e2:9f:0e:84:2c:63:7d:d1:
51:35:46:47:2d:63:be:17:f2:52:f5:79:1c:c0:25:51:9b:5e:
bd:5a:f3:c7:ce:65:b9:f1:d4:d9:d2:14:fe:54:4d:52:59:53:
a2:b5:7a:a5:78:80:eb:56:aa:10:b1:14:d4:95:c2:af:c0:ac:
75:b2:5f:fc:96:5d:60:78:e4:16:b4:02:34:04:6a:7a:58:67:
a3:06:a7:3d:24:d8:a6:c6:e6:35:48:e0:92:db:25:c9:cd:16:
d3:bd:f3:63:0a:16:8f:ae:a5:0c:35:1c:ca:e2:fa:b8:6f:5e:
e8:0c:19:ee:2b:cd:84:84:a7:02:f7:8d:a6:7e:9d:17:98:db:
3d:7a:b1:a8
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZ8Y/N8KrXSpEJR2eIIqVy/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwNjMwMTQ0NDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODc5OTI5ODQxYTM3NDAyMzlkZTE4ZmRkZmI3MWNmMDQ0NjJjZmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5yeunyydGp//mJQV/WSDL6ov2qMZ
G9cLYrfbee9l88rtcgo9cRwzBA6BXkMtUVggK/Zy4Xlmho42gc5sTcpJhKEWutNf
MlUzzB3nald7OWYPo6B0Llx4OgaL5l3Zmadfq/hVqPB8uE64KQFd2soZvYt/ZcvM
4/8+WJ6e4jkx0bNoyAO1oGtxl6JFRxuyETmIWlY4kL878/9UEs2GTRTvk4zXRgrg
ahP0W9f9GvLYfVcNXb7+hw5nuA3oaVgrUUXGO8ejo9P46VkoE3TyFIIXkLrcqX2z
aaEVogm3/pOdozU+PgQacGdJMo40SlX5QY7URWIl/uUgFql4rSOhEvSxXwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFKh5kphBo3QCOd4Y/d+3HPBEYs/QMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvcUhtU21FR2pkQUk1M2hqOTM3Y2M4RVJpejlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQALQl1AwQA
LVb1AwQALV4lAwQALV4nAwQALYF8AwQALYF+AwQALYPXMAwDBAAthdEDBAAthdID
BAEtiSoDBAC5Y2IDBAC5fkADBADCPkIwDQYJKoZIhvcNAQELBQADggEBALnhNUt3
wyuf+Ue3OHa3HLCb5SbB+dgo03iDBKfQ2OVDEpq5K7mXOKzurlBrBOo4tZghV8Yo
5sG41l6MivPfIAtXarSX+vjgk9MTbmUPhnySrnzNR1ZIyWd68gbmxuy9h9LdrDjE
sbsxEH1YAIlAxJX+hfCfDILinw6ELGN90VE1RkctY74X8lL1eRzAJVGbXr1a88fO
Zbnx1NnSFP5UTVJZU6K1eqV4gOtWqhCxFNSVwq/ArHWyX/yWXWB45Ba0AjQEanpY
Z6MGpz0k2KbG5jVI4JLbJcnNFtO982MKFo+upQw1HMri+rhvXugMGe4rzYSEpwL3
jaZ+nReY2z16sag=
-----END CERTIFICATE-----
Generated at Wed Jul 1 02:33:59 2026 by rpki-client