Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/7bc3ab-d9b6-4ae4-bcd1-ce57150695a9/1/qvuGFKt-1_HJPs870oUBe_CLaIg.roa
File: qvuGFKt-1_HJPs870oUBe_CLaIg.roa (raw, json)
Hash identifier: SFdkk9jZfyDBmDVWNujyzZ/7MM9kJxQh2emgCYl8kTA=
Subject key identifier: AA:FB:86:14:AB:7E:D7:F1:C9:3E:CF:3B:D2:85:01:7B:F0:8B:68:88
Certificate issuer: /CN=ec4fb061a9426e4fb2885d822867572a1b58a4c0
Certificate serial: 01993372EB14FBC749E10B18EECC2BFFF224
Authority key identifier: EC:4F:B0:61:A9:42:6E:4F:B2:88:5D:82:28:67:57:2A:1B:58:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7E-wYalCbk-yiF2CKGdXKhtYpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/7bc3ab-d9b6-4ae4-bcd1-ce57150695a9/1/qvuGFKt-1_HJPs870oUBe_CLaIg.roa
Signing time: Wed 10 Sep 2025 11:46:33 +0000
ROA not before: Wed 10 Sep 2025 11:46:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62068
IP address blocks: 5.182.208.0/22 maxlen: 24
45.14.224.0/22 maxlen: 24
45.87.41.0/24 maxlen: 24
45.87.42.0/23 maxlen: 24
45.148.120.0/23 maxlen: 24
45.148.122.0/24 maxlen: 24
62.68.71.0/24 maxlen: 24
91.217.200.0/24 maxlen: 24
91.226.227.0/24 maxlen: 24
91.230.49.0/24 maxlen: 24
146.19.248.0/24 maxlen: 24
185.46.70.0/24 maxlen: 24
185.224.128.0/22 maxlen: 24
185.244.36.0/22 maxlen: 24
2a0d:2400::/29 maxlen: 39
2a0d:2780::/29 maxlen: 32
2a0e:16c0::/29 maxlen: 29
2a0e:1740::/29 maxlen: 29
2a0e:2000::/29 maxlen: 29
2a11:b240::/29 maxlen: 32
2a12:a8c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/7bc3ab-d9b6-4ae4-bcd1-ce57150695a9/1/7E-wYalCbk-yiF2CKGdXKhtYpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/7bc3ab-d9b6-4ae4-bcd1-ce57150695a9/1/7E-wYalCbk-yiF2CKGdXKhtYpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/7E-wYalCbk-yiF2CKGdXKhtYpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:33:72:eb:14:fb:c7:49:e1:0b:18:ee:cc:2b:ff:f2:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec4fb061a9426e4fb2885d822867572a1b58a4c0
Validity
Not Before: Sep 10 11:46:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aafb8614ab7ed7f1c93ecf3bd285017bf08b6888
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:eb:f5:59:19:15:53:a7:ed:45:17:1d:81:2d:
e3:bd:67:c7:49:a6:06:30:1b:39:ab:7f:cd:e2:b9:
56:55:7b:8c:ff:c1:36:95:ad:fd:df:6a:80:71:4b:
ba:6b:e6:46:1c:07:5c:26:6b:75:9e:d5:c4:0c:66:
e4:eb:a3:1f:f2:fb:55:e6:bb:be:97:a1:39:40:e0:
b8:50:59:c3:e6:3b:f8:be:38:1a:19:4b:f0:fb:b6:
05:7c:66:32:ab:cd:1c:62:fb:96:8c:cf:d9:16:ba:
19:b4:5b:26:dd:75:9d:e9:10:b1:95:d2:cb:9c:bd:
52:96:fd:c2:14:64:c3:93:c0:e9:41:a0:1c:3e:e4:
2e:0b:98:bc:35:3a:92:1b:9e:77:e4:35:38:1f:a9:
c7:fe:b5:ad:eb:d7:e3:a0:36:e5:cd:4a:46:1a:a8:
f5:94:d1:0b:8b:85:82:74:a9:ff:2e:29:8e:72:dc:
b0:9b:83:89:9e:44:77:7f:5f:dd:9d:eb:c3:2b:a1:
64:79:24:d5:e7:56:28:26:42:90:9a:f1:b3:5b:cf:
71:50:b4:81:99:8b:04:a0:77:a5:82:ea:a5:09:03:
43:12:8b:4d:d5:b8:e5:f1:94:4a:8b:20:ee:cb:eb:
4e:4b:57:a1:08:93:79:74:5a:af:6f:98:15:86:5b:
d7:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:FB:86:14:AB:7E:D7:F1:C9:3E:CF:3B:D2:85:01:7B:F0:8B:68:88
X509v3 Authority Key Identifier:
keyid:EC:4F:B0:61:A9:42:6E:4F:B2:88:5D:82:28:67:57:2A:1B:58:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7E-wYalCbk-yiF2CKGdXKhtYpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7bc3ab-d9b6-4ae4-bcd1-ce57150695a9/1/qvuGFKt-1_HJPs870oUBe_CLaIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7bc3ab-d9b6-4ae4-bcd1-ce57150695a9/1/7E-wYalCbk-yiF2CKGdXKhtYpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.208.0/22
45.14.224.0/22
45.87.41.0-45.87.43.255
45.148.120.0-45.148.122.255
62.68.71.0/24
91.217.200.0/24
91.226.227.0/24
91.230.49.0/24
146.19.248.0/24
185.46.70.0/24
185.224.128.0/22
185.244.36.0/22
IPv6:
2a0d:2400::/29
2a0d:2780::/29
2a0e:16c0::/29
2a0e:1740::/29
2a0e:2000::/29
2a11:b240::/29
2a12:a8c0::/29
Signature Algorithm: sha256WithRSAEncryption
4f:d8:48:ec:db:ca:1d:a3:cd:a5:f4:71:e3:5a:b2:ae:b4:e5:
c4:77:78:f8:ad:02:59:cc:f2:84:b9:34:8a:0b:38:07:dd:b3:
d4:fd:31:8a:9d:d8:23:f4:62:4d:9b:52:f9:8a:ac:7b:24:53:
2a:5d:9b:56:53:08:b1:24:07:d3:13:01:5e:a3:2f:c3:91:a4:
af:8b:1f:19:3f:1a:68:66:5b:7c:1c:f9:08:02:14:29:c2:83:
e4:68:32:dc:a4:b7:d0:36:73:be:e6:ed:e2:d9:c8:8b:57:94:
34:39:4a:ba:73:af:90:7a:3b:fa:e4:20:96:e5:1b:4b:29:93:
4a:90:f1:63:99:8d:43:77:06:db:17:1c:6b:c7:40:77:04:da:
d0:04:0e:80:a0:39:6d:f7:eb:b5:4c:28:2d:9e:ec:e7:40:d9:
20:20:17:a3:18:ef:1c:f2:54:e1:a0:b9:c1:e3:a7:60:72:8a:
0e:98:49:e1:bd:8c:28:b2:a3:7b:46:c4:7f:f0:6f:cf:c7:ee:
20:07:bb:31:b4:cf:bd:9b:16:e5:67:50:67:71:25:dc:58:dc:
60:08:0f:2f:0d:0d:0c:cf:83:46:06:9a:bd:bd:5f:59:20:73:
31:c0:d7:02:d2:09:66:fe:9d:de:cf:e3:56:10:18:ad:66:9a:
3a:b6:a2:49
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAZkzcusU+8dJ4QsY7swr//IkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNGZiMDYxYTk0MjZlNGZiMjg4NWQ4MjI4Njc1NzJhMWI1
OGE0YzAwHhcNMjUwOTEwMTE0NjMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWZiODYxNGFiN2VkN2YxYzkzZWNmM2JkMjg1MDE3YmYwOGI2ODg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9+v1WRkVU6ftRRcdgS3jvWfHSaYG
MBs5q3/N4rlWVXuM/8E2la3932qAcUu6a+ZGHAdcJmt1ntXEDGbk66Mf8vtV5ru+
l6E5QOC4UFnD5jv4vjgaGUvw+7YFfGYyq80cYvuWjM/ZFroZtFsm3XWd6RCxldLL
nL1Slv3CFGTDk8DpQaAcPuQuC5i8NTqSG5535DU4H6nH/rWt69fjoDblzUpGGqj1
lNELi4WCdKn/LimOctywm4OJnkR3f1/dnevDK6FkeSTV51YoJkKQmvGzW89xULSB
mYsEoHelguqlCQNDEotN1bjl8ZRKiyDuy+tOS1ehCJN5dFqvb5gVhlvXcQIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFKr7hhSrftfxyT7PO9KFAXvwi2iIMB8GA1UdIwQY
MBaAFOxPsGGpQm5PsohdgihnVyobWKTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0Utd1lhbENiay15aUYyQ0tHZFhLaHRZcE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi83YmMzYWItZDliNi00YWU0LWJjZDEt
Y2U1NzE1MDY5NWE5LzEvcXZ1R0ZLdC0xX0hKUHM4NzBvVUJlX0NMYUlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi83YmMzYWItZDliNi00YWU0LWJjZDEtY2U1NzE1MDY5NWE5
LzEvN0Utd1lhbENiay15aUYyQ0tHZFhLaHRZcE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTBeBAIAATBYAwQCBbbQ
AwQCLQ7gMAwDBAAtVykDBAItVygwDAMEAy2UeAMEAC2UegMEAD5ERwMEAFvZyAME
AFvi4wMEAFvmMQMEAJIT+AMEALkuRgMEArnggAMEArn0JDA3BAIAAjAxAwUDKg0k
AAMFAyoNJ4ADBQMqDhbAAwUDKg4XQAMFAyoOIAADBQMqEbJAAwUDKhKowDANBgkq
hkiG9w0BAQsFAAOCAQEAT9hI7NvKHaPNpfRx41qyrrTlxHd4+K0CWczyhLk0igs4
B92z1P0xip3YI/RiTZtS+YqseyRTKl2bVlMIsSQH0xMBXqMvw5Gkr4sfGT8aaGZb
fBz5CAIUKcKD5Ggy3KS30DZzvubt4tnIi1eUNDlKunOvkHo7+uQgluUbSymTSpDx
Y5mNQ3cG2xcca8dAdwTa0AQOgKA5bffrtUwoLZ7s50DZICAXoxjvHPJU4aC5weOn
YHKKDphJ4b2MKLKje0bEf/Bvz8fuIAe7MbTPvZsW5WdQZ3El3FjcYAgPLw0NDM+D
Rgaavb1fWSBzMcDXAtIJZv6d3s/jVhAYrWaaOraiSQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:11:11 2025 by rpki-client