Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/f3804d-e8ad-4d08-990e-bd3bebcddeb3/1/qKf3kSwed1sQ8jIUt0CVeHwDYyo.roa
File: qKf3kSwed1sQ8jIUt0CVeHwDYyo.roa (raw, json)
Hash identifier: JvCwYzHwZc3gc1jfWnqqm/e28zS68AlD89E8H1B2hTo=
Subject key identifier: A8:A7:F7:91:2C:1E:77:5B:10:F2:32:14:B7:40:95:78:7C:03:63:2A
Certificate issuer: /CN=b68a994e42e60da4f4a5475b15f5e27516c7cf14
Certificate serial: 01978D5230961BDB034FC21699E15AF6997F
Authority key identifier: B6:8A:99:4E:42:E6:0D:A4:F4:A5:47:5B:15:F5:E2:75:16:C7:CF:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toqZTkLmDaT0pUdbFfXidRbHzxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/f3804d-e8ad-4d08-990e-bd3bebcddeb3/1/qKf3kSwed1sQ8jIUt0CVeHwDYyo.roa
Signing time: Fri 20 Jun 2025 12:31:03 +0000
ROA not before: Fri 20 Jun 2025 12:31:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 46616
IP address blocks: 45.149.120.0/22 maxlen: 22
45.149.120.0/24 maxlen: 24
45.149.121.0/24 maxlen: 24
45.149.122.0/23 maxlen: 23
45.149.122.0/24 maxlen: 24
45.149.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/f3804d-e8ad-4d08-990e-bd3bebcddeb3/1/toqZTkLmDaT0pUdbFfXidRbHzxQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/f3804d-e8ad-4d08-990e-bd3bebcddeb3/1/toqZTkLmDaT0pUdbFfXidRbHzxQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/toqZTkLmDaT0pUdbFfXidRbHzxQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 14:23:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8d:52:30:96:1b:db:03:4f:c2:16:99:e1:5a:f6:99:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b68a994e42e60da4f4a5475b15f5e27516c7cf14
Validity
Not Before: Jun 20 12:31:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8a7f7912c1e775b10f23214b74095787c03632a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:08:39:a7:17:e5:6b:0a:e9:1c:e3:4b:41:00:
8f:46:2a:23:a1:af:5c:96:25:ce:40:8a:f0:93:ff:
a9:76:1e:69:88:8b:a6:54:e4:a3:61:cf:b2:8a:3c:
00:cd:7b:b0:b2:da:e2:e4:4f:dd:a7:17:c4:2c:1f:
5b:18:5f:8a:bb:de:cb:01:c6:1d:d0:e6:1f:d1:ed:
8a:69:39:1c:fd:5c:83:c5:14:ba:28:d6:b0:87:1a:
22:57:9a:06:6c:d6:cc:ad:36:f2:45:91:ac:8c:9a:
56:1d:9c:6e:be:c3:72:3c:61:92:53:b8:ff:e6:0f:
08:cd:45:f4:b4:71:cd:16:4c:58:d2:d8:6d:1a:35:
54:0e:fa:fc:3f:0e:c0:e9:87:d3:19:99:12:ba:c0:
da:85:8c:36:8e:02:8b:4f:df:d3:32:32:86:a8:70:
bc:f2:8d:b6:87:11:a6:9f:fe:36:4a:d7:d8:88:95:
cd:92:d3:9f:7a:cf:bb:0d:ac:c9:8f:ae:e8:7c:19:
3f:13:f9:18:12:b2:97:53:1f:7c:f0:00:b7:67:ef:
25:34:32:8a:8d:d4:dd:62:05:f8:ae:73:fd:a5:26:
d3:a6:2c:8f:49:ce:a6:e2:74:17:41:eb:e4:e3:5f:
a8:03:93:95:b0:d1:1c:16:d0:4e:f8:f5:5e:1d:08:
51:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A7:F7:91:2C:1E:77:5B:10:F2:32:14:B7:40:95:78:7C:03:63:2A
X509v3 Authority Key Identifier:
keyid:B6:8A:99:4E:42:E6:0D:A4:F4:A5:47:5B:15:F5:E2:75:16:C7:CF:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toqZTkLmDaT0pUdbFfXidRbHzxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f3804d-e8ad-4d08-990e-bd3bebcddeb3/1/qKf3kSwed1sQ8jIUt0CVeHwDYyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f3804d-e8ad-4d08-990e-bd3bebcddeb3/1/toqZTkLmDaT0pUdbFfXidRbHzxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.120.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:5b:c1:16:8f:15:83:3d:6e:01:1f:87:3a:46:e6:ef:37:80:
c2:03:29:a7:5b:a9:bd:e8:4f:9f:fb:fa:c2:33:23:17:b2:7f:
03:22:33:ac:69:90:ad:70:72:23:88:24:6b:67:15:e3:10:a8:
a2:88:1b:2e:7d:c1:69:94:a2:7b:8d:96:9d:2d:7c:4f:84:06:
d1:94:12:04:18:2c:7d:a9:c6:e9:5e:0f:33:07:7e:41:64:2b:
ae:45:cb:74:50:2a:f1:d7:c8:42:9e:fd:6b:04:c9:f0:50:60:
24:9b:86:0f:a1:57:1d:e3:dc:37:49:62:ba:9a:1d:66:d1:a6:
78:34:39:e5:80:2e:2e:6f:9b:e0:3e:ea:33:53:6e:f1:83:93:
ff:6e:91:2a:f5:fc:89:eb:58:59:c7:f6:c3:d3:f8:9a:a4:35:
e3:75:14:6d:59:23:3c:99:d5:3a:43:b4:99:b0:c1:39:d9:5f:
77:a8:d2:67:c6:5b:5a:9a:cb:11:f7:96:92:98:43:a1:31:53:
a4:ea:50:a7:f1:2e:15:20:89:18:6d:44:c4:97:36:1b:93:3d:
34:50:22:9d:2d:31:b3:93:df:63:5d:6f:65:ac:c2:1b:97:18:
54:4e:a6:8d:94:c7:f7:3c:9a:05:a3:6d:df:53:d7:18:6b:c7:
aa:c4:8c:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZeNUjCWG9sDT8IWmeFa9pl/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2OGE5OTRlNDJlNjBkYTRmNGE1NDc1YjE1ZjVlMjc1MTZj
N2NmMTQwHhcNMjUwNjIwMTIzMTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGE3Zjc5MTJjMWU3NzViMTBmMjMyMTRiNzQwOTU3ODdjMDM2MzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQg5pxflawrpHONLQQCPRiojoa9c
liXOQIrwk/+pdh5piIumVOSjYc+yijwAzXuwstri5E/dpxfELB9bGF+Ku97LAcYd
0OYf0e2KaTkc/VyDxRS6KNawhxoiV5oGbNbMrTbyRZGsjJpWHZxuvsNyPGGSU7j/
5g8IzUX0tHHNFkxY0thtGjVUDvr8Pw7A6YfTGZkSusDahYw2jgKLT9/TMjKGqHC8
8o22hxGmn/42StfYiJXNktOfes+7DazJj67ofBk/E/kYErKXUx988AC3Z+8lNDKK
jdTdYgX4rnP9pSbTpiyPSc6m4nQXQevk41+oA5OVsNEcFtBO+PVeHQhRFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKin95EsHndbEPIyFLdAlXh8A2MqMB8GA1UdIwQY
MBaAFLaKmU5C5g2k9KVHWxX14nUWx88UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG9xWlRrTG1EYVQwcFVkYkZmWGlkUmJIenhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9mMzgwNGQtZThhZC00ZDA4LTk5MGUt
YmQzYmViY2RkZWIzLzEvcUtmM2tTd2VkMXNROGpJVXQwQ1ZlSHdEWXlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9mMzgwNGQtZThhZC00ZDA4LTk5MGUtYmQzYmViY2RkZWIz
LzEvdG9xWlRrTG1EYVQwcFVkYkZmWGlkUmJIenhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZV4MA0G
CSqGSIb3DQEBCwUAA4IBAQAKW8EWjxWDPW4BH4c6RubvN4DCAymnW6m96E+f+/rC
MyMXsn8DIjOsaZCtcHIjiCRrZxXjEKiiiBsufcFplKJ7jZadLXxPhAbRlBIEGCx9
qcbpXg8zB35BZCuuRct0UCrx18hCnv1rBMnwUGAkm4YPoVcd49w3SWK6mh1m0aZ4
NDnlgC4ub5vgPuozU27xg5P/bpEq9fyJ61hZx/bD0/iapDXjdRRtWSM8mdU6Q7SZ
sME52V93qNJnxltamssR95aSmEOhMVOk6lCn8S4VIIkYbUTElzYbkz00UCKdLTGz
k99jXW9lrMIblxhUTqaNlMf3PJoFo23fU9cYa8eqxIyC
-----END CERTIFICATE-----
Generated at Mon Jun 30 16:47:47 2025 by rpki-client