Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/qnKJeyRMT8FkIzy6wwrV1UqBqxM.roa
File: qnKJeyRMT8FkIzy6wwrV1UqBqxM.roa (raw, json)
Hash identifier: UthLu5Su6uHUcTNJVA5nqg+qmDyAEH5sRHIZusQp8pY=
Subject key identifier: AA:72:89:7B:24:4C:4F:C1:64:23:3C:BA:C3:0A:D5:D5:4A:81:AB:13
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 019E412CD1901630E299397523D192604002
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/qnKJeyRMT8FkIzy6wwrV1UqBqxM.roa
Signing time: Tue 19 May 2026 16:58:36 +0000
ROA not before: Tue 19 May 2026 16:58:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29182
IP address blocks: 194.152.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 17:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:41:2c:d1:90:16:30:e2:99:39:75:23:d1:92:60:40:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: May 19 16:58:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=aa72897b244c4fc164233cbac30ad5d54a81ab13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:39:ca:d0:ad:30:e6:9f:82:42:fe:76:6d:df:
3e:54:d1:ac:3b:db:08:e3:2f:bf:e2:65:d6:93:62:
2e:df:dc:11:89:7e:83:60:ad:53:fe:af:53:05:e8:
13:8f:3c:00:05:46:20:29:e3:0f:d1:9a:1e:1c:29:
c9:0d:41:a6:3a:f4:96:cc:d4:a9:a8:4a:db:c7:fc:
e7:fe:12:66:87:0f:ad:3c:2c:39:42:6f:7b:f7:5c:
96:a9:ab:72:30:bc:a7:62:fb:45:51:7d:4a:33:8b:
f7:9a:d3:76:fd:89:c3:c7:60:a6:ad:1e:1a:4b:a1:
80:b1:53:85:47:d7:7e:1e:df:8f:a3:7e:9e:c1:fc:
69:78:6e:b3:49:28:1f:54:ea:9c:ae:d1:88:e8:2b:
c2:f6:47:00:88:c5:7c:86:b6:1e:ab:31:5c:ec:4d:
be:f6:0f:69:bd:82:ec:46:01:07:69:9f:66:00:92:
e8:94:fd:52:5e:21:1f:4d:5a:ef:88:f0:fa:23:ad:
90:fc:6d:b3:72:c8:9b:99:e2:a7:81:25:a5:cf:7c:
ef:03:4f:40:9f:11:2d:3b:11:da:2b:f4:6f:14:f3:
28:59:47:35:2f:e3:be:13:01:8c:d4:d1:52:a9:b7:
6e:42:56:94:5f:84:0f:01:28:56:f7:a6:49:5b:88:
db:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:72:89:7B:24:4C:4F:C1:64:23:3C:BA:C3:0A:D5:D5:4A:81:AB:13
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/qnKJeyRMT8FkIzy6wwrV1UqBqxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.152.139.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:77:7c:2f:17:d9:39:48:ff:c7:c3:05:24:28:79:b8:b5:40:
94:4b:3c:f8:f8:87:31:c2:41:37:e9:dc:c8:1f:39:d0:6c:8b:
20:66:79:9b:c9:d3:37:6b:d8:51:af:b4:c1:b1:6a:07:11:03:
d3:cf:da:03:61:56:1e:0f:5d:99:03:d2:2f:3d:a1:8c:ba:fa:
1c:a4:70:7e:4e:8e:b0:41:65:12:c2:04:a3:ba:80:df:4c:de:
47:b1:bd:8b:07:d0:8a:13:c9:4c:93:88:03:9d:c9:e9:26:67:
27:7d:ed:11:ea:78:f8:cf:71:e7:aa:02:f3:c2:1e:13:00:da:
10:ee:c6:b2:fd:9b:b9:7e:80:4e:27:9c:4a:b1:a0:3b:fe:4a:
60:64:f1:cd:8f:e1:3a:c4:d7:78:81:6a:e3:93:68:d2:6a:c3:
44:12:77:2e:ae:05:d6:46:f5:ae:18:91:31:9c:5e:48:cf:b4:
c5:8d:06:e9:00:a2:56:a3:f9:b9:80:c3:f1:2f:c9:4a:94:c0:
f7:cd:75:fd:fd:23:3e:fb:3d:04:98:f6:f5:4c:8e:5d:26:1d:
77:a5:45:01:d9:c6:95:ce:d0:dc:f6:ff:43:c3:52:32:c9:45:
72:22:4e:e2:a8:5f:c0:08:74:fb:55:6d:c2:b4:fb:79:2c:21:
3c:ae:a1:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ5BLNGQFjDimTl1I9GSYEACMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjYwNTE5MTY1ODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTcyODk3YjI0NGM0ZmMxNjQyMzNjYmFjMzBhZDVkNTRhODFhYjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTnK0K0w5p+CQv52bd8+VNGsO9sI
4y+/4mXWk2Iu39wRiX6DYK1T/q9TBegTjzwABUYgKeMP0ZoeHCnJDUGmOvSWzNSp
qErbx/zn/hJmhw+tPCw5Qm9791yWqatyMLynYvtFUX1KM4v3mtN2/YnDx2CmrR4a
S6GAsVOFR9d+Ht+Po36ewfxpeG6zSSgfVOqcrtGI6CvC9kcAiMV8hrYeqzFc7E2+
9g9pvYLsRgEHaZ9mAJLolP1SXiEfTVrviPD6I62Q/G2zcsibmeKngSWlz3zvA09A
nxEtOxHaK/RvFPMoWUc1L+O+EwGM1NFSqbduQlaUX4QPAShW96ZJW4jbOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKpyiXskTE/BZCM8usMK1dVKgasTMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvcW5LSmV5Uk1UOEZrSXp5Nnd3clYxVXFCcXhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpiLMA0G
CSqGSIb3DQEBCwUAA4IBAQA8d3wvF9k5SP/HwwUkKHm4tUCUSzz4+IcxwkE36dzI
HznQbIsgZnmbydM3a9hRr7TBsWoHEQPTz9oDYVYeD12ZA9IvPaGMuvocpHB+To6w
QWUSwgSjuoDfTN5Hsb2LB9CKE8lMk4gDncnpJmcnfe0R6nj4z3HnqgLzwh4TANoQ
7say/Zu5foBOJ5xKsaA7/kpgZPHNj+E6xNd4gWrjk2jSasNEEncurgXWRvWuGJEx
nF5Iz7TFjQbpAKJWo/m5gMPxL8lKlMD3zXX9/SM++z0EmPb1TI5dJh13pUUB2caV
ztDc9v9Dw1IyyUVyIk7iqF/ACHT7VW3CtPt5LCE8rqFk
-----END CERTIFICATE-----
Generated at Sat Jun 6 02:28:59 2026 by rpki-client