Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/40ea14-dc50-4aa0-aa85-28d010603529/1/QXMTv56aBNAUruAXJC7IVsSmMG8.roa
File: QXMTv56aBNAUruAXJC7IVsSmMG8.roa (raw, json)
Hash identifier: jId8pBbIUwFi+HQiN7AbLv5/eBeeSyed+4bqRVzluB0=
Subject key identifier: 41:73:13:BF:9E:9A:04:D0:14:AE:E0:17:24:2E:C8:56:C4:A6:30:6F
Certificate issuer: /CN=b4bdc376a159d05e2af97176a3eba8360e60d176
Certificate serial: 019EDB3A401C56386865154B1379F3CE7311
Authority key identifier: B4:BD:C3:76:A1:59:D0:5E:2A:F9:71:76:A3:EB:A8:36:0E:60:D1:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tL3DdqFZ0F4q-XF2o-uoNg5g0XY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/40ea14-dc50-4aa0-aa85-28d010603529/1/QXMTv56aBNAUruAXJC7IVsSmMG8.roa
Signing time: Thu 18 Jun 2026 14:54:48 +0000
ROA not before: Thu 18 Jun 2026 14:54:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50247
IP address blocks: 45.85.184.0/23 maxlen: 24
45.85.184.0/24 maxlen: 24
45.85.185.0/24 maxlen: 24
45.131.33.0/24 maxlen: 24
45.131.34.0/24 maxlen: 24
91.218.240.0/24 maxlen: 24
91.224.142.0/23 maxlen: 24
91.224.142.0/24 maxlen: 24
91.224.143.0/24 maxlen: 24
109.95.88.0/21 maxlen: 21
109.196.80.0/20 maxlen: 20
109.197.36.0/23 maxlen: 23
109.207.103.0/24 maxlen: 24
185.178.236.0/22 maxlen: 22
185.191.144.0/23 maxlen: 32
2a0a:7080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/40ea14-dc50-4aa0-aa85-28d010603529/1/tL3DdqFZ0F4q-XF2o-uoNg5g0XY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/40ea14-dc50-4aa0-aa85-28d010603529/1/tL3DdqFZ0F4q-XF2o-uoNg5g0XY.mft
rsync://rpki.ripe.net/repository/DEFAULT/tL3DdqFZ0F4q-XF2o-uoNg5g0XY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 14:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:db:3a:40:1c:56:38:68:65:15:4b:13:79:f3:ce:73:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4bdc376a159d05e2af97176a3eba8360e60d176
Validity
Not Before: Jun 18 14:54:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=417313bf9e9a04d014aee017242ec856c4a6306f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:3e:f6:5e:b2:10:89:f4:2d:44:00:10:08:b3:
02:16:fd:e0:89:96:7c:e2:50:b6:11:83:14:87:1f:
78:43:10:d1:65:82:11:5a:3a:28:84:35:48:20:5c:
6e:81:89:c0:3a:55:35:f9:74:9c:93:23:04:ef:b3:
3b:75:21:35:c4:9f:d2:51:cc:65:98:39:36:c2:ca:
03:2d:56:07:ae:71:64:5b:8d:8c:77:b7:59:f7:08:
99:1a:1c:75:f6:91:4e:b9:79:66:57:f2:19:56:9e:
22:15:f0:36:19:71:5e:ef:d5:53:db:43:ab:3d:91:
71:ae:42:a2:f3:1d:42:a9:67:7f:95:c5:42:21:84:
fe:14:13:39:e3:e8:52:bc:76:91:da:f5:74:eb:2d:
55:bb:ba:8c:b5:a5:16:ff:e1:fd:b9:38:81:24:1e:
cf:60:69:45:e2:d5:a7:f7:dd:c7:f5:9e:e8:da:1e:
42:a5:ba:ab:ae:77:88:c2:df:e9:6c:9a:4d:77:a6:
77:b2:30:1f:23:78:32:d7:3a:eb:d2:bf:20:95:80:
08:10:f3:02:66:ac:33:d0:ac:f2:58:e3:99:2b:cc:
2e:09:d9:82:52:a8:ec:62:d1:e7:23:cd:44:70:f7:
fc:aa:dd:7f:28:34:62:21:4a:5b:1e:56:64:34:bf:
3e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:73:13:BF:9E:9A:04:D0:14:AE:E0:17:24:2E:C8:56:C4:A6:30:6F
X509v3 Authority Key Identifier:
keyid:B4:BD:C3:76:A1:59:D0:5E:2A:F9:71:76:A3:EB:A8:36:0E:60:D1:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tL3DdqFZ0F4q-XF2o-uoNg5g0XY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/40ea14-dc50-4aa0-aa85-28d010603529/1/QXMTv56aBNAUruAXJC7IVsSmMG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/40ea14-dc50-4aa0-aa85-28d010603529/1/tL3DdqFZ0F4q-XF2o-uoNg5g0XY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.184.0/23
45.131.33.0-45.131.34.255
91.218.240.0/24
91.224.142.0/23
109.95.88.0/21
109.196.80.0/20
109.197.36.0/23
109.207.103.0/24
185.178.236.0/22
185.191.144.0/23
IPv6:
2a0a:7080::/29
Signature Algorithm: sha256WithRSAEncryption
0c:d1:75:6a:43:69:4f:18:81:db:d5:1a:37:14:c5:20:ad:aa:
b1:de:ce:3f:34:41:06:30:90:b0:b7:19:de:3e:e3:f4:59:d2:
fa:7d:c1:00:d8:f1:72:96:0c:e2:a7:16:22:6d:33:dc:ae:56:
cb:54:51:4a:15:c8:a5:64:8b:43:50:19:34:d5:7e:8a:c6:cb:
a9:20:b9:bc:37:25:00:66:db:87:b3:0a:98:59:a5:f2:3c:a5:
8c:5d:c7:38:31:dd:df:f8:92:bb:29:f0:cd:1e:f6:ca:f2:f5:
af:44:f1:11:f0:10:36:00:ba:2e:de:a8:9d:44:5a:c7:4f:6a:
02:cc:03:6a:8c:60:08:ee:7f:8c:d8:9a:47:ef:44:bf:90:62:
42:3a:22:a9:25:d9:74:18:29:3f:4a:65:23:c6:24:5c:0b:70:
e1:7c:4a:9c:26:b5:3c:9e:7c:67:e3:05:00:af:77:57:26:a1:
45:62:4e:60:bb:b3:8b:ae:b3:dc:bf:cd:36:1c:2a:8b:99:f8:
20:b7:50:47:6d:98:a4:75:97:7f:01:77:d0:7e:ad:8b:f2:20:
42:eb:4e:5a:8b:29:f3:1d:df:39:ff:78:0d:f2:c8:c4:4c:b3:
82:cc:54:d3:0f:cf:16:7e:01:4b:99:15:35:42:b3:51:3d:47:
bf:ba:85:91
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZ7bOkAcVjhoZRVLE3nzznMRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YmRjMzc2YTE1OWQwNWUyYWY5NzE3NmEzZWJhODM2MGU2
MGQxNzYwHhcNMjYwNjE4MTQ1NDQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTczMTNiZjllOWEwNGQwMTRhZWUwMTcyNDJlYzg1NmM0YTYzMDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmz72XrIQifQtRAAQCLMCFv3giZZ8
4lC2EYMUhx94QxDRZYIRWjoohDVIIFxugYnAOlU1+XSckyME77M7dSE1xJ/SUcxl
mDk2wsoDLVYHrnFkW42Md7dZ9wiZGhx19pFOuXlmV/IZVp4iFfA2GXFe79VT20Or
PZFxrkKi8x1CqWd/lcVCIYT+FBM54+hSvHaR2vV06y1Vu7qMtaUW/+H9uTiBJB7P
YGlF4tWn993H9Z7o2h5CpbqrrneIwt/pbJpNd6Z3sjAfI3gy1zrr0r8glYAIEPMC
Zqwz0KzyWOOZK8wuCdmCUqjsYtHnI81EcPf8qt1/KDRiIUpbHlZkNL8+6wIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFEFzE7+emgTQFK7gFyQuyFbEpjBvMB8GA1UdIwQY
MBaAFLS9w3ahWdBeKvlxdqPrqDYOYNF2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEwzRGRxRlowRjRxLVhGMm8tdW9OZzVnMFhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy80MGVhMTQtZGM1MC00YWEwLWFhODUt
MjhkMDEwNjAzNTI5LzEvUVhNVHY1NmFCTkFVcnVBWEpDN0lWc1NtTUc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy80MGVhMTQtZGM1MC00YWEwLWFhODUtMjhkMDEwNjAzNTI5
LzEvdEwzRGRxRlowRjRxLVhGMm8tdW9OZzVnMFhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBKBAIAATBEAwQBLVW4MAwD
BAAtgyEDBAAtgyIDBABb2vADBAFb4I4DBANtX1gDBARtxFADBAFtxSQDBABtz2cD
BAK5suwDBAG5v5AwDQQCAAIwBwMFAyoKcIAwDQYJKoZIhvcNAQELBQADggEBAAzR
dWpDaU8YgdvVGjcUxSCtqrHezj80QQYwkLC3Gd4+4/RZ0vp9wQDY8XKWDOKnFiJt
M9yuVstUUUoVyKVki0NQGTTVforGy6kgubw3JQBm24ezCphZpfI8pYxdxzgx3d/4
krsp8M0e9sry9a9E8RHwEDYAui7eqJ1EWsdPagLMA2qMYAjuf4zYmkfvRL+QYkI6
Iqkl2XQYKT9KZSPGJFwLcOF8SpwmtTyefGfjBQCvd1cmoUViTmC7s4uus9y/zTYc
KouZ+CC3UEdtmKR1l38Bd9B+rYvyIELrTlqLKfMd3zn/eA3yyMRMs4LMVNMPzxZ+
AUuZFTVCs1E9R7+6hZE=
-----END CERTIFICATE-----
Generated at Tue Jun 30 21:32:36 2026 by rpki-client