Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/as_bqkHdzlKnKgViat5nY4-XmXU.roa
File: as_bqkHdzlKnKgViat5nY4-XmXU.roa (raw, json)
Hash identifier: bTMQZ6vHkar3n5PTapEeF9/yT68QazyKwpGnSLoWvoA=
Subject key identifier: 6A:CF:DB:AA:41:DD:CE:52:A7:2A:05:62:6A:DE:67:63:8F:97:99:75
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0199C7255BA75481B78D1EC56F354C8C166D
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/as_bqkHdzlKnKgViat5nY4-XmXU.roa
Signing time: Thu 09 Oct 2025 04:05:38 +0000
ROA not before: Thu 09 Oct 2025 04:05:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47585
IP address blocks: 5.175.136.0/24 maxlen: 24
89.144.10.0/24 maxlen: 24
89.144.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c7:25:5b:a7:54:81:b7:8d:1e:c5:6f:35:4c:8c:16:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Oct 9 04:05:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6acfdbaa41ddce52a72a05626ade67638f979975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0d:6f:e6:63:7e:88:b8:13:dc:7a:87:e4:60:
43:3e:3a:55:89:d4:c8:9e:bd:04:37:ea:87:5e:25:
21:17:51:dc:96:65:28:de:34:40:4a:81:af:04:d2:
a8:e7:8d:06:51:96:71:66:77:83:30:d7:6d:03:ad:
86:37:ac:af:58:17:0d:32:75:26:bf:e6:54:54:ca:
7d:a8:e5:3b:92:c5:f6:d9:70:eb:8c:74:44:9f:a8:
7b:9b:83:d1:e7:6f:9a:7b:b4:8b:73:33:bd:ef:5f:
90:70:52:94:a9:b6:e2:97:3e:9f:61:75:8b:ca:d5:
b0:a2:7f:95:01:28:91:ae:b5:80:09:43:44:bd:1d:
19:ff:5c:ea:c7:75:45:58:ac:50:95:38:93:1e:9d:
1d:a8:94:6a:7e:46:cd:de:fb:fd:08:da:cf:13:c1:
e4:fe:ec:34:a6:db:d0:35:9f:7e:92:a2:97:d7:f4:
a8:68:77:7e:c4:26:05:a6:25:74:17:96:6c:3e:14:
a1:67:39:9f:e1:1e:e1:95:6a:f3:54:cd:d5:a0:c8:
7c:68:68:46:9a:1b:f0:08:0d:94:ba:e8:f8:c4:1c:
a9:41:f1:4c:3f:db:84:6f:37:1d:12:c5:2e:f9:44:
08:96:9e:f6:90:85:05:5e:62:a9:f0:2b:68:cd:2e:
0a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:CF:DB:AA:41:DD:CE:52:A7:2A:05:62:6A:DE:67:63:8F:97:99:75
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/as_bqkHdzlKnKgViat5nY4-XmXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.136.0/24
89.144.10.0/24
89.144.20.0/24
Signature Algorithm: sha256WithRSAEncryption
e2:68:30:3b:30:ef:29:83:db:f5:fd:0a:ed:05:0b:99:2a:ef:
3e:73:3a:d4:e0:fa:3c:d9:dd:1f:3b:66:18:cf:a0:4b:46:50:
57:82:4c:c8:80:46:29:f7:75:b0:be:a5:a4:9c:cd:81:42:ac:
c7:7b:a6:a9:f4:88:91:01:a3:a6:ce:6f:0a:e2:54:75:10:f1:
40:71:26:8a:ae:7f:9f:25:11:2b:2f:e7:b4:89:6a:49:96:9b:
3d:18:72:26:89:99:68:33:78:4a:df:f5:52:4c:f7:28:4b:cb:
6c:33:21:01:3d:74:71:2f:c0:8b:8c:9d:68:02:c3:52:f7:d8:
a3:e2:9f:5b:5e:db:53:0b:c0:72:f4:4d:57:18:4f:8b:f3:93:
22:19:fa:2c:4d:dd:3f:24:f7:d6:3b:16:88:97:a5:8b:cf:5e:
fe:cc:94:1e:f0:25:0c:64:d0:71:9b:74:b6:17:fe:17:94:e5:
97:b9:c8:fa:b7:59:e7:05:ec:c7:8e:63:33:81:bd:32:98:04:
de:e4:00:44:e0:93:53:31:61:86:8a:b7:3b:d6:81:19:c5:a2:
e1:f5:a5:b3:e1:e8:8c:d3:d3:f1:41:e0:d5:7d:28:35:69:4f:
b7:ed:00:d6:63:fe:22:9e:2c:c0:14:bf:b6:9d:09:b0:86:5b:
67:57:7f:e2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZnHJVunVIG3jR7FbzVMjBZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUxMDA5MDQwNTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWNmZGJhYTQxZGRjZTUyYTcyYTA1NjI2YWRlNjc2MzhmOTc5OTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtA1v5mN+iLgT3HqH5GBDPjpVidTI
nr0EN+qHXiUhF1HclmUo3jRASoGvBNKo540GUZZxZneDMNdtA62GN6yvWBcNMnUm
v+ZUVMp9qOU7ksX22XDrjHREn6h7m4PR52+ae7SLczO971+QcFKUqbbilz6fYXWL
ytWwon+VASiRrrWACUNEvR0Z/1zqx3VFWKxQlTiTHp0dqJRqfkbN3vv9CNrPE8Hk
/uw0ptvQNZ9+kqKX1/SoaHd+xCYFpiV0F5ZsPhShZzmf4R7hlWrzVM3VoMh8aGhG
mhvwCA2Uuuj4xBypQfFMP9uEbzcdEsUu+UQIlp72kIUFXmKp8CtozS4KIwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGrP26pB3c5SpyoFYmreZ2OPl5l1MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvYXNfYnFrSGR6bEtuS2dWaWF0NW5ZNC1YbVhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABa+IAwQA
WZAKAwQAWZAUMA0GCSqGSIb3DQEBCwUAA4IBAQDiaDA7MO8pg9v1/QrtBQuZKu8+
czrU4Po82d0fO2YYz6BLRlBXgkzIgEYp93WwvqWknM2BQqzHe6ap9IiRAaOmzm8K
4lR1EPFAcSaKrn+fJRErL+e0iWpJlps9GHImiZloM3hK3/VSTPcoS8tsMyEBPXRx
L8CLjJ1oAsNS99ij4p9bXttTC8By9E1XGE+L85MiGfosTd0/JPfWOxaIl6WLz17+
zJQe8CUMZNBxm3S2F/4XlOWXucj6t1nnBezHjmMzgb0ymATe5ABE4JNTMWGGirc7
1oEZxaLh9aWz4eiM09PxQeDVfSg1aU+37QDWY/4inizAFL+2nQmwhltnV3/i
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:50:33 2025 by rpki-client