Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/QaN4zU0tIg8vsJnbfYaE1xu5cFM.roa
File: QaN4zU0tIg8vsJnbfYaE1xu5cFM.roa (raw, json)
Hash identifier: q3GjPCS6b+BePutZrZ4n2T04dPhFe06YI9wao5GM50s=
Subject key identifier: 41:A3:78:CD:4D:2D:22:0F:2F:B0:99:DB:7D:86:84:D7:1B:B9:70:53
Certificate issuer: /CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Certificate serial: 0198D44EB378E6DC97267C0F5E1EBA0D68DC
Authority key identifier: C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/QaN4zU0tIg8vsJnbfYaE1xu5cFM.roa
Signing time: Sat 23 Aug 2025 00:23:04 +0000
ROA not before: Sat 23 Aug 2025 00:23:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12695
IP address blocks: 45.142.192.0/23 maxlen: 23
45.142.192.0/24 maxlen: 24
45.142.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/wsErUnpdH4uLzyMOthH1LxHVK78.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/wsErUnpdH4uLzyMOthH1LxHVK78.mft
rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 09:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:4e:b3:78:e6:dc:97:26:7c:0f:5e:1e:ba:0d:68:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Validity
Not Before: Aug 23 00:23:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41a378cd4d2d220f2fb099db7d8684d71bb97053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d8:66:a8:f1:60:60:07:c0:5a:2b:fa:8a:a0:
17:01:6c:2b:72:10:41:41:9d:c5:5d:4f:60:5c:61:
c6:e7:04:19:54:69:06:38:ed:f7:5c:e3:22:26:5b:
be:c1:a1:94:7b:aa:8a:96:b9:d9:46:f7:0c:c6:e1:
bf:d4:0a:87:60:44:b9:23:e7:f2:f0:81:89:ce:ac:
38:b3:b0:18:34:5a:1f:24:47:cb:82:66:56:98:00:
31:51:41:b1:67:b9:d1:be:af:46:55:7c:5c:a3:d2:
6f:47:c6:23:b1:3b:b3:da:89:94:d3:0d:a7:87:13:
6d:1d:09:7d:34:c9:24:c5:f7:8e:15:cd:84:dc:25:
77:c7:32:35:dc:6c:30:87:6e:35:d4:f2:95:4d:fc:
80:04:81:35:0a:1d:cd:86:a2:b5:bb:34:c2:4b:d9:
f4:9c:4c:99:4a:3f:d8:e8:2c:ec:89:4e:e1:88:92:
6c:17:d2:53:55:45:06:f6:14:35:ad:18:5f:ba:e1:
df:1f:a3:6f:0b:1d:06:08:81:3b:6b:99:19:72:10:
c9:c4:96:f3:b4:51:bc:a3:26:8f:e8:0c:08:d3:68:
19:3d:d8:a8:a3:9c:28:29:b8:ef:07:11:6c:a3:d9:
8c:2b:35:95:32:31:5c:48:c4:ee:88:7e:ef:49:c7:
47:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A3:78:CD:4D:2D:22:0F:2F:B0:99:DB:7D:86:84:D7:1B:B9:70:53
X509v3 Authority Key Identifier:
keyid:C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/QaN4zU0tIg8vsJnbfYaE1xu5cFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/wsErUnpdH4uLzyMOthH1LxHVK78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.192.0/23
Signature Algorithm: sha256WithRSAEncryption
04:53:45:17:52:37:39:03:5d:37:dc:85:aa:c5:a2:d6:a8:18:
80:58:7f:c7:d9:10:e5:f0:18:eb:90:d3:b5:49:1d:e6:99:08:
ac:e2:42:5b:ad:d9:d4:62:75:f6:65:5d:ea:73:51:d0:21:3f:
17:6c:f5:14:9c:92:6f:ff:99:95:bb:18:33:3a:a0:54:a0:68:
d4:42:58:4c:cf:4e:d8:0e:61:33:c5:5d:56:23:21:c8:62:bf:
f2:85:df:10:48:a5:fb:3b:ee:05:f1:37:04:df:97:f8:75:48:
fc:44:bf:56:be:bf:0d:6a:0d:fc:9c:e1:f8:51:be:25:1b:0d:
d5:12:c1:e7:53:6e:88:bf:5d:38:c3:00:13:8e:c2:ab:de:bb:
90:cf:f9:d0:75:a9:7d:7f:4f:3c:1a:b8:86:19:a3:e7:90:a1:
96:54:9a:66:66:f1:ba:95:55:da:71:0e:55:33:65:86:ff:36:
ad:a6:87:6c:8d:86:14:89:82:21:b9:4b:72:02:6a:14:29:48:
53:d3:25:86:1a:94:9f:38:bc:e5:31:46:37:b4:08:9f:36:72:
00:96:1b:61:4f:77:b7:31:95:d0:9e:f8:af:77:76:fe:be:8a:
08:0f:32:33:77:60:e7:42:8f:c5:93:51:9b:59:1e:34:ff:b2:
4e:2f:8e:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZjUTrN45tyXJnwPXh66DWjcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYzEyYjUyN2E1ZDFmOGI4YmNmMjMwZWI2MTFmNTJmMTFk
NTJiYmYwHhcNMjUwODIzMDAyMzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWEzNzhjZDRkMmQyMjBmMmZiMDk5ZGI3ZDg2ODRkNzFiYjk3MDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9hmqPFgYAfAWiv6iqAXAWwrchBB
QZ3FXU9gXGHG5wQZVGkGOO33XOMiJlu+waGUe6qKlrnZRvcMxuG/1AqHYES5I+fy
8IGJzqw4s7AYNFofJEfLgmZWmAAxUUGxZ7nRvq9GVXxco9JvR8YjsTuz2omU0w2n
hxNtHQl9NMkkxfeOFc2E3CV3xzI13Gwwh2411PKVTfyABIE1Ch3NhqK1uzTCS9n0
nEyZSj/Y6CzsiU7hiJJsF9JTVUUG9hQ1rRhfuuHfH6NvCx0GCIE7a5kZchDJxJbz
tFG8oyaP6AwI02gZPdioo5woKbjvBxFso9mMKzWVMjFcSMTuiH7vScdHIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEGjeM1NLSIPL7CZ232GhNcbuXBTMB8GA1UdIwQY
MBaAFMLBK1J6XR+Li88jDrYR9S8R1Su/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3NFclVucGRINHVMenlNT3RoSDFMeEhWSzc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zZWJiNDYtYjlkZC00Njk1LTgxNWMt
NDZlZTU3OGEwYmZlLzEvUWFONHpVMHRJZzh2c0puYmZZYUUxeHU1Y0ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zZWJiNDYtYjlkZC00Njk1LTgxNWMtNDZlZTU3OGEwYmZl
LzEvd3NFclVucGRINHVMenlNT3RoSDFMeEhWSzc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLY7AMA0G
CSqGSIb3DQEBCwUAA4IBAQAEU0UXUjc5A1033IWqxaLWqBiAWH/H2RDl8BjrkNO1
SR3mmQis4kJbrdnUYnX2ZV3qc1HQIT8XbPUUnJJv/5mVuxgzOqBUoGjUQlhMz07Y
DmEzxV1WIyHIYr/yhd8QSKX7O+4F8TcE35f4dUj8RL9Wvr8Nag38nOH4Ub4lGw3V
EsHnU26Iv104wwATjsKr3ruQz/nQdal9f088GriGGaPnkKGWVJpmZvG6lVXacQ5V
M2WG/zatpodsjYYUiYIhuUtyAmoUKUhT0yWGGpSfOLzlMUY3tAifNnIAlhthT3e3
MZXQnvivd3b+vooIDzIzd2DnQo/Fk1GbWR40/7JOL47/
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:02:21 2025 by rpki-client