Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/qDeqVRkxmdQmoY2NbjKeuMvHwtQ.roa
File: qDeqVRkxmdQmoY2NbjKeuMvHwtQ.roa (raw, json)
Hash identifier: JI4522GeiiIyvm7uoDp7NTOtjzf8W/IuXd/allrDXz4=
Subject key identifier: A8:37:AA:55:19:31:99:D4:26:A1:8D:8D:6E:32:9E:B8:CB:C7:C2:D4
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 019CDE4D8FE250055A211F83F7D784C5038B
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/qDeqVRkxmdQmoY2NbjKeuMvHwtQ.roa
Signing time: Wed 11 Mar 2026 19:09:10 +0000
ROA not before: Wed 11 Mar 2026 19:09:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39494
IP address blocks: 31.177.85.0/24 maxlen: 24
31.177.86.0/23 maxlen: 24
79.174.72.0/22 maxlen: 22
89.104.64.0/19 maxlen: 19
89.104.76.0/24 maxlen: 24
89.104.78.0/23 maxlen: 23
89.111.128.0/18 maxlen: 18
89.111.128.0/20 maxlen: 20
89.111.144.0/20 maxlen: 20
89.111.160.0/20 maxlen: 24
89.111.162.0/23 maxlen: 23
89.111.164.0/22 maxlen: 22
89.111.176.0/20 maxlen: 20
89.111.176.0/22 maxlen: 22
89.111.177.0/24 maxlen: 24
91.217.21.0/24 maxlen: 24
2a01:d8::/32 maxlen: 48
2a02:2090::/32 maxlen: 48
2a02:2090:e400::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.mft
rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 16:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:de:4d:8f:e2:50:05:5a:21:1f:83:f7:d7:84:c5:03:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Mar 11 19:09:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a837aa55193199d426a18d8d6e329eb8cbc7c2d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:50:40:f8:0c:cb:81:61:6d:14:8e:64:7a:6f:
50:e8:8d:45:38:a8:89:c3:b8:c2:75:7c:df:d7:7a:
6a:24:37:0e:11:60:22:21:9f:76:b4:db:34:f6:21:
26:b6:67:0e:af:ac:37:a7:c9:a5:05:f7:96:3b:71:
e4:66:2c:ff:0a:c4:fe:23:c1:99:dd:87:33:79:e7:
4b:48:da:14:66:fb:44:73:90:fe:f0:66:ee:83:61:
05:75:0b:ca:68:98:65:97:9e:4e:72:e7:12:18:33:
2f:e3:b7:8c:2f:05:3f:04:e0:7b:f1:ae:49:e5:bc:
83:2f:01:0c:da:1a:20:fc:29:c4:9c:4a:62:65:14:
8c:cd:fa:b6:1f:1d:c2:84:71:7e:68:66:b6:3b:05:
8f:20:ae:cc:6f:1e:ab:aa:99:96:64:18:71:54:16:
1b:6a:61:78:dd:ee:94:b4:6c:0d:0c:0c:8d:b2:df:
c3:ac:ae:14:f2:7a:a7:f8:bf:e6:03:5e:62:9e:af:
30:f7:53:31:f3:6e:17:dc:7e:f7:28:06:d7:52:ce:
45:4c:4d:47:b0:4b:11:a9:b6:2a:62:05:bb:2a:00:
87:a6:6f:36:6b:42:8c:df:e4:97:31:dc:95:3c:81:
e4:2d:cf:55:ab:14:e5:21:9a:33:96:81:aa:11:b3:
c9:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:37:AA:55:19:31:99:D4:26:A1:8D:8D:6E:32:9E:B8:CB:C7:C2:D4
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/qDeqVRkxmdQmoY2NbjKeuMvHwtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.85.0-31.177.87.255
79.174.72.0/22
89.104.64.0/19
89.111.128.0/18
91.217.21.0/24
IPv6:
2a01:d8::/32
2a02:2090::/32
Signature Algorithm: sha256WithRSAEncryption
41:d1:cd:c0:07:a9:46:dc:71:f6:7f:21:b1:6f:a8:cd:d5:6d:
bb:49:bb:c0:39:79:44:6d:37:08:24:8d:16:5e:46:79:0b:33:
c7:cb:5c:d8:97:9f:14:a5:2f:6c:10:19:fa:95:45:b1:56:11:
2a:97:ff:e3:bc:5d:95:b0:9f:cb:db:b8:90:6c:68:a5:06:39:
27:48:ef:a2:62:a8:58:cd:d2:9b:73:b1:d4:2b:59:f4:b8:8d:
99:53:5e:63:3e:d3:a7:51:88:8d:9e:3f:50:84:77:ec:eb:2f:
96:d9:0a:b2:fb:91:de:44:a3:25:99:6d:9e:c4:c9:f8:42:6f:
51:5a:91:ed:90:34:90:01:6e:0a:27:16:3c:f3:b3:4e:b4:c2:
86:bb:1c:c4:df:35:36:17:aa:13:54:95:a6:ed:61:38:db:26:
88:92:73:2a:fd:40:82:7c:0f:16:89:42:a1:5a:06:a8:92:0d:
eb:6a:a5:83:aa:66:f1:a2:e4:41:85:72:56:21:8e:f5:05:e1:
63:9e:09:f1:20:8d:6f:11:7a:9f:16:ed:14:10:12:af:13:d7:
18:1d:36:21:08:1c:b7:b4:8c:2c:e6:8a:f5:69:ee:a7:3c:3b:
75:77:70:7f:1d:61:d5:46:ff:66:62:23:d5:a0:82:37:e0:17:
94:a9:6e:e8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZzeTY/iUAVaIR+D99eExQOLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmFkMjNlMTFjZjBkMjRhNDc3NTk0ZWJhMDlmOTlhY2M2
ZjFmZmYwHhcNMjYwMzExMTkwOTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODM3YWE1NTE5MzE5OWQ0MjZhMThkOGQ2ZTMyOWViOGNiYzdjMmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01BA+AzLgWFtFI5kem9Q6I1FOKiJ
w7jCdXzf13pqJDcOEWAiIZ92tNs09iEmtmcOr6w3p8mlBfeWO3HkZiz/CsT+I8GZ
3YczeedLSNoUZvtEc5D+8Gbug2EFdQvKaJhll55OcucSGDMv47eMLwU/BOB78a5J
5byDLwEM2hog/CnEnEpiZRSMzfq2Hx3ChHF+aGa2OwWPIK7Mbx6rqpmWZBhxVBYb
amF43e6UtGwNDAyNst/DrK4U8nqn+L/mA15inq8w91Mx824X3H73KAbXUs5FTE1H
sEsRqbYqYgW7KgCHpm82a0KM3+SXMdyVPIHkLc9VqxTlIZozloGqEbPJrQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFKg3qlUZMZnUJqGNjW4ynrjLx8LUMB8GA1UdIwQY
MBaAFL360j4Rzw0kpHdZTroJ+ZrMbx//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEt
NGY0ZTcxZTMyMDg0LzEvcURlcVZSa3htZFFtb1kyTmJqS2V1TXZId3RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEtNGY0ZTcxZTMyMDg0
LzEvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAsBAIAATAmMAwDBAAfsVUD
BAMfsVADBAJPrkgDBAVZaEADBAZZb4ADBABb2RUwFAQCAAIwDgMFACoBANgDBQAq
AiCQMA0GCSqGSIb3DQEBCwUAA4IBAQBB0c3AB6lG3HH2fyGxb6jN1W27SbvAOXlE
bTcIJI0WXkZ5CzPHy1zYl58UpS9sEBn6lUWxVhEql//jvF2VsJ/L27iQbGilBjkn
SO+iYqhYzdKbc7HUK1n0uI2ZU15jPtOnUYiNnj9QhHfs6y+W2Qqy+5HeRKMlmW2e
xMn4Qm9RWpHtkDSQAW4KJxY887NOtMKGuxzE3zU2F6oTVJWm7WE42yaIknMq/UCC
fA8WiUKhWgaokg3raqWDqmbxouRBhXJWIY71BeFjngnxII1vEXqfFu0UEBKvE9cY
HTYhCBy3tIws5or1ae6nPDt1d3B/HWHVRv9mYiPVoII34BeUqW7o
-----END CERTIFICATE-----
Generated at Fri Mar 13 23:51:24 2026 by rpki-client