Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/Q1epDLLNnUzfsf-xFW4a-Y2XkJQ.roa
File: Q1epDLLNnUzfsf-xFW4a-Y2XkJQ.roa (raw, json)
Hash identifier: w84BOAfcBqYsqabALnnfg1Wuoyv3VSmyIx6zia+PYNA=
Subject key identifier: 43:57:A9:0C:B2:CD:9D:4C:DF:B1:FF:B1:15:6E:1A:F9:8D:97:90:94
Certificate issuer: /CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Certificate serial: 0197AADFCAC8399C3E6343E8B2E1EB3BCF01
Authority key identifier: A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/Q1epDLLNnUzfsf-xFW4a-Y2XkJQ.roa
Signing time: Thu 26 Jun 2025 06:14:42 +0000
ROA not before: Thu 26 Jun 2025 06:14:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51191
IP address blocks: 91.232.96.0/23 maxlen: 23
130.185.104.0/21 maxlen: 21
185.24.68.0/22 maxlen: 22
185.108.216.0/22 maxlen: 22
195.138.240.0/21 maxlen: 21
195.138.241.0/24 maxlen: 24
195.138.244.0/24 maxlen: 24
2a01:4a0:2000::/48 maxlen: 48
2a01:4a0:2001::/48 maxlen: 48
2a01:4a0:2002::/48 maxlen: 48
2a06:4b00::/29 maxlen: 29
2a06:4b01:3300::/40 maxlen: 48
2a06:4b01:3400::/40 maxlen: 48
2a06:4b01:3500::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:aa:df:ca:c8:39:9c:3e:63:43:e8:b2:e1:eb:3b:cf:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Validity
Not Before: Jun 26 06:14:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4357a90cb2cd9d4cdfb1ffb1156e1af98d979094
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:12:67:df:e9:40:7b:6b:38:68:90:39:a8:1d:
d9:95:28:9c:c7:bc:09:73:f0:61:98:14:9e:35:da:
b2:b9:8a:e5:aa:69:83:93:96:e7:44:be:58:eb:d9:
f9:48:fb:7e:70:5e:44:d0:ab:30:c7:ef:49:4a:14:
50:65:32:b2:f3:97:50:9d:a7:4e:99:0c:4c:64:a8:
56:a0:51:fe:74:b1:d9:f8:e7:24:66:e5:c2:dc:5a:
57:7f:a8:3d:fa:75:41:e7:bf:55:ff:57:ff:7f:96:
98:9d:ae:da:76:15:0a:82:52:2a:a8:cb:58:5f:8e:
c2:fd:a7:23:7a:9e:be:cc:68:4d:41:ba:c8:48:3f:
0e:e1:34:48:e1:05:da:bf:db:59:bf:65:db:2f:41:
01:03:de:54:5f:c3:05:df:32:f1:ed:08:26:59:2b:
c8:7b:9f:75:79:3c:b5:05:6f:62:f4:13:a2:bd:52:
0d:e8:1f:37:12:ad:08:29:29:f6:ef:18:c7:a0:19:
63:46:ff:92:52:c7:02:11:60:cd:14:5f:4e:f8:68:
b4:b2:35:30:23:0f:dc:c3:f0:90:68:7f:df:37:b0:
ca:19:8a:07:8b:8d:19:c8:f1:25:0d:6f:e0:cf:7b:
92:2e:77:a2:ad:06:1d:40:b3:b7:0d:c7:13:c1:49:
f3:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:57:A9:0C:B2:CD:9D:4C:DF:B1:FF:B1:15:6E:1A:F9:8D:97:90:94
X509v3 Authority Key Identifier:
keyid:A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/Q1epDLLNnUzfsf-xFW4a-Y2XkJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.96.0/23
130.185.104.0/21
185.24.68.0/22
185.108.216.0/22
195.138.240.0/21
IPv6:
2a01:4a0:2000::-2a01:4a0:2002:ffff:ffff:ffff:ffff:ffff
2a06:4b00::/29
Signature Algorithm: sha256WithRSAEncryption
a0:c1:f7:16:4d:5d:96:20:49:65:c1:fb:76:02:18:b2:a8:93:
d4:92:12:9f:6c:23:fb:2a:6c:62:62:f7:b8:bf:5f:f3:98:a4:
24:1f:cf:50:db:bb:ed:2d:a0:13:de:8a:64:44:a8:69:66:27:
c0:f7:a1:67:a4:8a:32:29:96:2e:fe:a8:a2:ad:66:5e:2b:bd:
aa:ee:48:ce:8f:03:ec:17:af:43:8a:55:3d:81:ac:48:cd:5e:
d7:d3:47:83:79:58:1d:77:62:69:25:ed:d5:ef:52:37:aa:d9:
6a:68:d5:01:c9:71:d1:a4:e4:0b:e4:29:98:c5:26:ad:89:06:
89:e7:22:d7:0e:36:f8:83:fc:18:29:49:71:d0:46:f7:65:48:
41:9c:d3:9e:27:1f:93:77:13:6c:0a:30:d1:07:56:cb:c5:3d:
34:fd:a1:6c:a2:7f:d0:18:63:57:d6:9d:76:7b:47:57:e3:04:
21:f4:2e:71:da:9d:60:fc:d2:f6:9c:aa:20:22:4d:a2:62:ab:
4a:b7:f7:43:c3:88:4e:06:3c:a5:bd:ae:6f:76:d1:aa:57:88:
2f:b1:c5:31:46:d8:53:88:ca:3a:59:31:fc:99:06:c6:30:85:
1b:58:46:1d:2f:34:34:73:94:41:fd:85:83:d0:42:9d:d1:4b:
d2:c7:4d:cd
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZeq38rIOZw+Y0PosuHrO88BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5Yjc1YjY0ZDVkYTE3ZDcwYmJhYmQ4MTFhMzlhNjAyZGRh
Zjk2M2EwHhcNMjUwNjI2MDYxNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzU3YTkwY2IyY2Q5ZDRjZGZiMWZmYjExNTZlMWFmOThkOTc5MDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBJn3+lAe2s4aJA5qB3ZlSicx7wJ
c/BhmBSeNdqyuYrlqmmDk5bnRL5Y69n5SPt+cF5E0Kswx+9JShRQZTKy85dQnadO
mQxMZKhWoFH+dLHZ+OckZuXC3FpXf6g9+nVB579V/1f/f5aYna7adhUKglIqqMtY
X47C/acjep6+zGhNQbrISD8O4TRI4QXav9tZv2XbL0EBA95UX8MF3zLx7QgmWSvI
e591eTy1BW9i9BOivVIN6B83Eq0IKSn27xjHoBljRv+SUscCEWDNFF9O+Gi0sjUw
Iw/cw/CQaH/fN7DKGYoHi40ZyPElDW/gz3uSLneirQYdQLO3DccTwUnzjQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFENXqQyyzZ1M37H/sRVuGvmNl5CUMB8GA1UdIwQY
MBaAFKm3W2TV2hfXC7q9gRo5pgLdr5Y6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUt
OWIxMTgwNGVjZDM5LzEvUTFlcERMTE5uVXpmc2YteEZXNGEtWTJYa0pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUtOWIxMTgwNGVjZDM5
LzEvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAkBAIAATAeAwQBW+hgAwQD
grloAwQCuRhEAwQCuWzYAwQDw4rwMCAEAgACMBowEQMGBSoBBKAgAwcAKgEEoCAC
AwUDKgZLADANBgkqhkiG9w0BAQsFAAOCAQEAoMH3Fk1dliBJZcH7dgIYsqiT1JIS
n2wj+ypsYmL3uL9f85ikJB/PUNu77S2gE96KZESoaWYnwPehZ6SKMimWLv6ooq1m
Xiu9qu5Izo8D7BevQ4pVPYGsSM1e19NHg3lYHXdiaSXt1e9SN6rZamjVAclx0aTk
C+QpmMUmrYkGieci1w42+IP8GClJcdBG92VIQZzTnicfk3cTbAow0QdWy8U9NP2h
bKJ/0BhjV9addntHV+MEIfQucdqdYPzS9pyqICJNomKrSrf3Q8OITgY8pb2ub3bR
qleIL7HFMUbYU4jKOlkx/JkGxjCFG1hGHS80NHOUQf2Fg9BCndFL0sdNzQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 09:04:38 2025 by rpki-client