Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/ebc748-6826-4140-a8e0-843eeee0a260/1/QRtKZhH9f2q5Qs4y3jok3HnjFK0.roa
File: QRtKZhH9f2q5Qs4y3jok3HnjFK0.roa (raw, json)
Hash identifier: kTYNUIGwJLwA+YttUf3vVXejkVq8FL+41G3GFzyW8/w=
Subject key identifier: 41:1B:4A:66:11:FD:7F:6A:B9:42:CE:32:DE:3A:24:DC:79:E3:14:AD
Certificate issuer: /CN=cc215f58159ec576a2022776ea64f61c5bb00194
Certificate serial: 0199F125A0C5654F3C1F204382BA125EDD13
Authority key identifier: CC:21:5F:58:15:9E:C5:76:A2:02:27:76:EA:64:F6:1C:5B:B0:01:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zCFfWBWexXaiAid26mT2HFuwAZQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/ebc748-6826-4140-a8e0-843eeee0a260/1/QRtKZhH9f2q5Qs4y3jok3HnjFK0.roa
Signing time: Fri 17 Oct 2025 07:49:59 +0000
ROA not before: Fri 17 Oct 2025 07:49:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12564
IP address blocks: 185.181.148.0/22 maxlen: 22
185.181.148.0/24 maxlen: 24
185.181.149.0/24 maxlen: 24
185.181.150.0/24 maxlen: 24
185.181.151.0/24 maxlen: 24
212.122.160.0/19 maxlen: 19
212.122.160.0/23 maxlen: 23
212.122.160.0/24 maxlen: 24
212.122.161.0/24 maxlen: 24
212.122.162.0/23 maxlen: 23
212.122.162.0/24 maxlen: 24
212.122.163.0/24 maxlen: 24
212.122.167.0/24 maxlen: 24
212.122.168.0/24 maxlen: 24
212.122.169.0/24 maxlen: 24
212.122.170.0/24 maxlen: 24
212.122.171.0/24 maxlen: 24
212.122.172.0/24 maxlen: 24
212.122.173.0/24 maxlen: 24
212.122.174.0/24 maxlen: 24
212.122.175.0/24 maxlen: 24
212.122.176.0/24 maxlen: 24
212.122.177.0/24 maxlen: 24
212.122.178.0/24 maxlen: 24
212.122.179.0/24 maxlen: 24
212.122.180.0/24 maxlen: 24
212.122.181.0/24 maxlen: 24
212.122.182.0/24 maxlen: 24
212.122.183.0/24 maxlen: 24
212.122.184.0/24 maxlen: 24
212.122.185.0/24 maxlen: 24
212.122.186.0/24 maxlen: 24
212.122.187.0/24 maxlen: 24
212.122.188.0/24 maxlen: 24
212.122.189.0/24 maxlen: 24
212.122.190.0/24 maxlen: 24
212.122.191.0/24 maxlen: 24
2a04:43c0::/29 maxlen: 29
2a04:43c1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/ebc748-6826-4140-a8e0-843eeee0a260/1/zCFfWBWexXaiAid26mT2HFuwAZQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/ebc748-6826-4140-a8e0-843eeee0a260/1/zCFfWBWexXaiAid26mT2HFuwAZQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/zCFfWBWexXaiAid26mT2HFuwAZQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f1:25:a0:c5:65:4f:3c:1f:20:43:82:ba:12:5e:dd:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc215f58159ec576a2022776ea64f61c5bb00194
Validity
Not Before: Oct 17 07:49:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=411b4a6611fd7f6ab942ce32de3a24dc79e314ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:93:15:ab:90:77:e9:73:0d:28:2b:27:5f:b8:
b5:94:96:ca:0d:f6:b0:63:83:29:4d:0a:7c:72:4c:
23:36:b0:d4:38:b7:f3:ba:97:0d:40:49:c3:7f:14:
b7:38:00:4c:2e:6d:62:76:64:fc:b3:d8:11:04:ae:
99:f7:86:94:ec:83:40:26:b2:bb:be:92:57:d4:0b:
30:4e:84:61:70:45:66:72:d7:00:fa:3c:5f:1e:a1:
27:2d:ac:0e:fc:66:45:eb:3f:95:fa:ab:2f:33:fd:
f3:3b:23:27:94:ac:e5:7e:1a:d3:9b:b9:93:87:02:
95:4c:45:fd:a2:58:49:b4:f6:d0:a0:4b:89:91:10:
99:84:06:e0:54:cf:57:cb:a1:49:64:14:24:2f:be:
7c:ea:d0:91:c7:18:09:da:8f:9b:88:59:32:50:df:
7e:18:45:43:a9:6c:ac:bb:62:bf:d1:57:98:61:91:
72:3e:3e:ed:1b:f9:4f:ce:0c:90:2b:62:e8:77:04:
f7:2f:5f:a1:06:de:f7:f8:38:5f:2e:69:a7:18:cd:
18:4b:7c:3a:01:89:a4:8d:c8:89:a5:9f:5f:f0:85:
78:24:88:06:dd:6b:11:cc:bc:43:6d:a1:c0:5d:d0:
f8:84:45:e5:2d:ce:2d:09:eb:1b:44:44:1c:75:e4:
56:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:1B:4A:66:11:FD:7F:6A:B9:42:CE:32:DE:3A:24:DC:79:E3:14:AD
X509v3 Authority Key Identifier:
keyid:CC:21:5F:58:15:9E:C5:76:A2:02:27:76:EA:64:F6:1C:5B:B0:01:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zCFfWBWexXaiAid26mT2HFuwAZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ebc748-6826-4140-a8e0-843eeee0a260/1/QRtKZhH9f2q5Qs4y3jok3HnjFK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ebc748-6826-4140-a8e0-843eeee0a260/1/zCFfWBWexXaiAid26mT2HFuwAZQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.181.148.0/22
212.122.160.0/19
IPv6:
2a04:43c0::/29
Signature Algorithm: sha256WithRSAEncryption
75:9b:7e:b1:c8:4e:0a:cd:e6:1b:9d:bb:75:50:99:3e:f2:50:
66:b1:11:60:88:c2:e9:f1:4b:e6:34:5b:1a:6a:fc:c3:13:e9:
62:9d:3a:b7:7f:14:5f:34:71:4a:a9:41:32:57:45:d5:86:e5:
d3:c5:57:80:80:88:37:d1:59:1e:1f:a4:e8:de:76:dd:65:22:
87:c0:cc:f7:3a:07:9d:48:72:23:e4:e4:a1:00:27:cc:36:1a:
5e:e3:dd:a8:34:5b:63:f0:be:b1:f2:cf:ed:2c:95:c2:a4:7b:
0e:ba:98:c2:cd:96:a0:8b:f5:c7:58:8e:ad:ce:df:9a:8f:02:
31:1a:fa:fd:a0:63:98:53:34:16:0c:3e:11:73:86:fe:32:ad:
39:5f:47:32:72:9b:5a:1a:16:5b:f0:97:18:63:0e:0c:c4:06:
4e:5e:a8:71:31:57:1a:4b:93:c9:42:ef:a6:78:f5:3c:fd:23:
c0:76:d3:21:9e:7c:17:0a:c7:af:80:39:d6:3b:e0:28:6c:b3:
a2:44:c5:83:20:84:fb:79:24:95:26:c9:06:8b:4b:03:dc:15:
fe:68:b5:e7:a8:e0:d3:35:57:e8:af:94:80:bd:fe:12:48:e8:
68:90:1b:d6:ca:7b:b4:9a:cc:aa:80:dd:3b:88:5c:fb:26:98:
23:9a:40:6e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZnxJaDFZU88HyBDgroSXt0TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMjE1ZjU4MTU5ZWM1NzZhMjAyMjc3NmVhNjRmNjFjNWJi
MDAxOTQwHhcNMjUxMDE3MDc0OTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTFiNGE2NjExZmQ3ZjZhYjk0MmNlMzJkZTNhMjRkYzc5ZTMxNGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4pMVq5B36XMNKCsnX7i1lJbKDfaw
Y4MpTQp8ckwjNrDUOLfzupcNQEnDfxS3OABMLm1idmT8s9gRBK6Z94aU7INAJrK7
vpJX1AswToRhcEVmctcA+jxfHqEnLawO/GZF6z+V+qsvM/3zOyMnlKzlfhrTm7mT
hwKVTEX9olhJtPbQoEuJkRCZhAbgVM9Xy6FJZBQkL7586tCRxxgJ2o+biFkyUN9+
GEVDqWysu2K/0VeYYZFyPj7tG/lPzgyQK2LodwT3L1+hBt73+DhfLmmnGM0YS3w6
AYmkjciJpZ9f8IV4JIgG3WsRzLxDbaHAXdD4hEXlLc4tCesbREQcdeRWaQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEEbSmYR/X9quULOMt46JNx54xStMB8GA1UdIwQY
MBaAFMwhX1gVnsV2ogIndupk9hxbsAGUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekNGZldCV2V4WGFpQWlkMjZtVDJIRnV3QVpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9lYmM3NDgtNjgyNi00MTQwLWE4ZTAt
ODQzZWVlZTBhMjYwLzEvUVJ0S1poSDlmMnE1UXM0eTNqb2szSG5qRkswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9lYmM3NDgtNjgyNi00MTQwLWE4ZTAtODQzZWVlZTBhMjYw
LzEvekNGZldCV2V4WGFpQWlkMjZtVDJIRnV3QVpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCubWUAwQF
1HqgMA0EAgACMAcDBQMqBEPAMA0GCSqGSIb3DQEBCwUAA4IBAQB1m36xyE4KzeYb
nbt1UJk+8lBmsRFgiMLp8UvmNFsaavzDE+linTq3fxRfNHFKqUEyV0XVhuXTxVeA
gIg30VkeH6To3nbdZSKHwMz3OgedSHIj5OShACfMNhpe492oNFtj8L6x8s/tLJXC
pHsOupjCzZagi/XHWI6tzt+ajwIxGvr9oGOYUzQWDD4Rc4b+Mq05X0cycptaGhZb
8JcYYw4MxAZOXqhxMVcaS5PJQu+mePU8/SPAdtMhnnwXCsevgDnWO+AobLOiRMWD
IIT7eSSVJskGi0sD3BX+aLXnqODTNVfor5SAvf4SSOhokBvWynu0msyqgN07iFz7
JpgjmkBu
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:36:41 2025 by rpki-client