Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/qOS44k4K1WSKtUKGLEhRxJxPEas.roa
File: qOS44k4K1WSKtUKGLEhRxJxPEas.roa (raw, json)
Hash identifier: FW03t2tk2X1t0JN65p0CDI9DvEztasvMAKi+nwmwwnw=
Subject key identifier: A8:E4:B8:E2:4E:0A:D5:64:8A:B5:42:86:2C:48:51:C4:9C:4F:11:AB
Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial: 019D7785A3CA09AD0BF45AAED4E95608438A
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/qOS44k4K1WSKtUKGLEhRxJxPEas.roa
Signing time: Fri 10 Apr 2026 13:12:20 +0000
ROA not before: Fri 10 Apr 2026 13:12:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 2.59.180.0/24 maxlen: 24
45.156.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 Apr 2026 13:01:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:77:85:a3:ca:09:ad:0b:f4:5a:ae:d4:e9:56:08:43:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Validity
Not Before: Apr 10 13:12:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a8e4b8e24e0ad5648ab542862c4851c49c4f11ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:90:fb:b4:9f:92:61:a6:e7:d3:14:f3:41:2b:
cb:8e:33:0f:1b:de:02:4c:e9:ef:63:bb:14:5b:cd:
12:9b:95:36:04:d6:0a:8a:ac:93:34:00:0c:64:44:
e4:e2:58:41:0b:91:d9:e9:79:c0:2d:3d:9c:c4:ad:
59:e1:c4:a7:29:2f:24:62:2f:bc:a5:60:a2:b5:41:
46:1e:80:c8:06:c3:3f:d1:9c:30:b8:58:7d:da:ca:
43:ee:96:4b:48:74:e4:80:f9:02:49:33:45:d9:3e:
ad:0c:73:48:26:b3:ea:24:fd:84:d3:be:cc:93:14:
cb:e1:5a:7b:90:df:4a:49:e2:6c:50:02:98:2d:07:
ac:ee:09:40:da:d2:53:dd:af:ac:8f:de:f6:01:8a:
c0:85:cb:af:c0:ab:41:5e:02:21:ec:e0:37:1c:1f:
a2:bb:98:9f:e7:26:7e:9b:40:34:85:0d:a0:e0:4a:
f9:43:07:da:ca:94:f3:ca:03:cc:82:e4:50:af:6b:
ef:86:81:dc:6c:92:ae:71:3d:74:af:e5:42:08:3c:
cb:5f:2e:22:71:e8:cb:dc:ed:fc:ab:cc:1f:b1:48:
49:0b:fb:b2:3e:6b:d8:ed:03:9c:26:9d:09:ec:e2:
e3:89:74:84:81:91:f9:d9:37:f8:ff:4a:00:64:9a:
dc:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E4:B8:E2:4E:0A:D5:64:8A:B5:42:86:2C:48:51:C4:9C:4F:11:AB
X509v3 Authority Key Identifier:
keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/qOS44k4K1WSKtUKGLEhRxJxPEas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.180.0/24
45.156.144.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:d8:6e:59:f9:36:e8:a1:13:29:73:98:27:19:c5:83:68:9d:
14:6b:e3:98:cc:d2:78:9f:fa:3d:ea:1d:6c:f3:2e:ce:a5:e8:
2c:a3:e1:04:7a:28:de:62:c5:43:66:8b:ce:2b:b4:ba:73:5e:
dc:08:d5:cf:d1:31:98:5f:22:b4:b5:79:6a:5a:85:08:ce:23:
e3:84:51:5f:97:27:5a:34:d8:92:8d:62:32:2c:5a:73:15:db:
af:81:0e:8e:91:6c:74:99:fa:ef:f1:e2:7d:49:d9:b1:99:74:
8b:8f:09:09:3c:9a:bf:a5:bf:be:25:e6:ba:c1:6e:85:f6:5c:
39:8a:32:a6:bd:d7:6c:f4:8f:b0:de:3e:36:02:05:7a:c4:86:
33:d2:27:46:7c:17:66:e3:b2:d6:c1:be:00:bc:71:64:f2:a4:
ee:84:ef:d1:e9:13:e0:d6:3e:d2:bc:1d:dd:01:2e:12:79:ce:
a0:59:71:a5:3a:ea:63:33:60:7f:7f:8c:45:13:1c:7e:5f:70:
04:1f:e9:f5:f4:6c:75:cf:90:45:04:4e:ff:0a:11:68:66:f5:
7c:3b:5f:79:8f:21:94:a8:b3:82:f6:6c:aa:28:8f:a7:00:f8:
90:55:90:ae:4a:59:c3:2c:d4:61:37:4f:cd:4f:e7:1a:7c:74:
d8:57:b4:54
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ13haPKCa0L9Fqu1OlWCEOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2
OTczY2YwHhcNMjYwNDEwMTMxMjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGU0YjhlMjRlMGFkNTY0OGFiNTQyODYyYzQ4NTFjNDljNGYxMWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspD7tJ+SYabn0xTzQSvLjjMPG94C
TOnvY7sUW80Sm5U2BNYKiqyTNAAMZETk4lhBC5HZ6XnALT2cxK1Z4cSnKS8kYi+8
pWCitUFGHoDIBsM/0ZwwuFh92spD7pZLSHTkgPkCSTNF2T6tDHNIJrPqJP2E077M
kxTL4Vp7kN9KSeJsUAKYLQes7glA2tJT3a+sj972AYrAhcuvwKtBXgIh7OA3HB+i
u5if5yZ+m0A0hQ2g4Er5QwfaypTzygPMguRQr2vvhoHcbJKucT10r+VCCDzLXy4i
cejL3O38q8wfsUhJC/uyPmvY7QOcJp0J7OLjiXSEgZH52Tf4/0oAZJrcCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKjkuOJOCtVkirVChixIUcScTxGrMB8GA1UdIwQY
MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It
MzQwZDYyNWM2ZGJhLzEvcU9TNDRrNEsxV1NLdFVLR0xFaFJ4SnhQRWFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh
LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAju0AwQA
LZyQMA0GCSqGSIb3DQEBCwUAA4IBAQAP2G5Z+TbooRMpc5gnGcWDaJ0Ua+OYzNJ4
n/o96h1s8y7Opegso+EEeijeYsVDZovOK7S6c17cCNXP0TGYXyK0tXlqWoUIziPj
hFFflydaNNiSjWIyLFpzFduvgQ6OkWx0mfrv8eJ9SdmxmXSLjwkJPJq/pb++Jea6
wW6F9lw5ijKmvdds9I+w3j42AgV6xIYz0idGfBdm47LWwb4AvHFk8qTuhO/R6RPg
1j7SvB3dAS4Sec6gWXGlOupjM2B/f4xFExx+X3AEH+n19Gx1z5BFBE7/ChFoZvV8
O195jyGUqLOC9myqKI+nAPiQVZCuSlnDLNRhN0/NT+cafHTYV7RU
-----END CERTIFICATE-----
Generated at Mon Apr 13 14:50:42 2026 by rpki-client