Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/bqStmnN-BsFxBnxWnw8DPk_tprQ.roa
File: bqStmnN-BsFxBnxWnw8DPk_tprQ.roa (raw, json)
Hash identifier: 9JsY/tBUW9ixZEccAJNHXeWoCpoj+Vt1ikqfZyuFPzE=
Subject key identifier: 6E:A4:AD:9A:73:7E:06:C1:71:06:7C:56:9F:0F:03:3E:4F:ED:A6:B4
Certificate issuer: /CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Certificate serial: 0197A978E82A4432A67BD1B7A4707F677ADC
Authority key identifier: 9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/bqStmnN-BsFxBnxWnw8DPk_tprQ.roa
Signing time: Wed 25 Jun 2025 23:42:42 +0000
ROA not before: Wed 25 Jun 2025 23:42:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25198
IP address blocks: 46.229.243.0/24 maxlen: 24
46.229.251.0/24 maxlen: 24
46.229.253.0/24 maxlen: 24
76.164.200.0/24 maxlen: 24
76.164.201.0/24 maxlen: 24
76.164.202.0/24 maxlen: 24
76.164.203.0/24 maxlen: 24
77.74.123.0/24 maxlen: 24
83.229.61.0/24 maxlen: 24
85.204.107.0/24 maxlen: 24
92.42.100.0/24 maxlen: 24
103.112.171.0/24 maxlen: 24
103.121.48.0/24 maxlen: 24
103.121.49.0/24 maxlen: 24
103.126.50.0/24 maxlen: 24
103.126.51.0/24 maxlen: 24
103.244.144.0/24 maxlen: 24
103.244.145.0/24 maxlen: 24
103.246.248.0/24 maxlen: 24
185.104.63.0/24 maxlen: 24
195.74.93.0/24 maxlen: 24
203.14.32.0/24 maxlen: 24
203.25.108.0/24 maxlen: 24
205.237.109.0/24 maxlen: 24
2a12:3200::/36 maxlen: 36
2a12:3200:1000::/36 maxlen: 36
2a12:3200:2000::/36 maxlen: 36
2a12:3200:3000::/36 maxlen: 36
2a12:3200:4000::/36 maxlen: 36
2a12:3200:5000::/36 maxlen: 36
2a12:3200:6000::/36 maxlen: 36
2a12:3200:7000::/36 maxlen: 36
2a12:3200:8000::/36 maxlen: 36
2a12:3200:9000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a9:78:e8:2a:44:32:a6:7b:d1:b7:a4:70:7f:67:7a:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Validity
Not Before: Jun 25 23:42:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ea4ad9a737e06c171067c569f0f033e4feda6b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8d:f9:07:6f:3a:0b:34:19:3b:5d:5c:cb:14:
e8:1c:a5:6a:11:2c:d6:2c:5f:dc:38:3a:aa:6b:7f:
9c:56:06:dc:39:b6:0f:83:89:6c:26:10:89:63:07:
29:fb:e8:95:27:a6:96:84:a1:c4:34:f5:cd:5c:27:
06:43:f3:31:b9:39:28:32:40:0d:0e:44:b9:e1:e7:
1f:d2:bd:32:fe:90:fb:65:4b:08:e7:98:8e:fe:a5:
29:71:aa:18:df:36:01:a4:0e:25:cf:3a:b8:f2:4a:
dc:0b:38:d9:96:19:ff:ff:f5:33:23:49:9c:8b:94:
bd:d0:f3:ca:c2:07:ec:e7:b0:9d:90:44:a8:7a:65:
ca:23:73:f1:14:c9:6f:95:c1:ce:f7:7f:2e:82:a2:
68:13:5c:f9:00:ca:ed:c0:d1:79:8d:1a:5c:d1:48:
76:89:a3:19:bc:b5:5e:11:e7:a6:5b:a1:0b:c8:6e:
dc:c7:fe:58:b4:62:72:ac:30:c7:ff:be:5b:19:0f:
45:31:29:e0:66:b2:c3:8d:de:95:57:72:0d:36:be:
b0:f7:55:95:63:3f:54:e6:62:ef:f1:2d:40:8b:96:
08:18:39:fb:cc:f1:95:49:5b:ce:ff:b7:fc:ba:53:
ce:bb:3b:f2:24:3e:8b:a4:b9:42:c5:89:8a:bb:0d:
fa:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:A4:AD:9A:73:7E:06:C1:71:06:7C:56:9F:0F:03:3E:4F:ED:A6:B4
X509v3 Authority Key Identifier:
keyid:9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/bqStmnN-BsFxBnxWnw8DPk_tprQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.243.0/24
46.229.251.0/24
46.229.253.0/24
76.164.200.0/22
77.74.123.0/24
83.229.61.0/24
85.204.107.0/24
92.42.100.0/24
103.112.171.0/24
103.121.48.0/23
103.126.50.0/23
103.244.144.0/23
103.246.248.0/24
185.104.63.0/24
195.74.93.0/24
203.14.32.0/24
203.25.108.0/24
205.237.109.0/24
IPv6:
2a12:3200::-2a12:3200:9000:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4f:ab:ae:fc:08:a8:3c:4d:72:5c:d4:79:34:a0:5a:77:f9:7a:
84:4a:92:ec:0f:d5:18:02:37:66:cc:40:66:74:fd:13:d6:79:
0d:78:40:40:e4:2b:b2:a4:68:0d:3d:d3:56:e6:9a:a8:e8:ce:
0b:3d:93:de:2b:a0:4c:25:27:4e:cb:c9:d0:13:9c:c0:51:50:
c6:f9:b4:4f:63:77:50:3b:c0:67:c4:a8:1d:2f:ad:30:06:2e:
94:a5:db:9b:ca:27:3e:7f:a7:4f:b6:2c:1b:3f:dd:8b:6a:fd:
21:90:aa:d9:ec:f4:06:02:46:d1:1d:be:bc:f6:6a:10:dd:7d:
76:14:55:e1:ef:50:59:07:57:cc:8b:e0:09:33:eb:cd:0f:c1:
a7:6f:82:13:e5:d0:96:1c:5f:e0:77:c8:c0:da:e7:c0:5e:18:
a4:e1:59:8f:ab:d4:28:2a:cb:9a:7a:53:e3:eb:a2:c6:74:cd:
b1:f4:89:0a:32:49:ff:ae:4b:d0:c1:9b:7c:3e:98:fa:cc:bb:
2b:07:6a:5b:7f:80:5d:0d:ce:28:67:37:b0:90:ec:58:8c:fa:
46:ed:f2:9b:9d:66:1e:51:e3:80:d2:fa:2f:ae:22:41:a2:0e:
c6:8a:bf:77:4b:65:a5:1d:8e:35:d4:b8:ec:3f:72:76:7a:6f:
3e:94:63:52
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAZepeOgqRDKme9G3pHB/Z3rcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYjUwZTUzODZjODA5YTBmYWU2NTMwYWE1ZThkOTgyNTI1
MWRlZDAwHhcNMjUwNjI1MjM0MjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWE0YWQ5YTczN2UwNmMxNzEwNjdjNTY5ZjBmMDMzZTRmZWRhNmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk435B286CzQZO11cyxToHKVqESzW
LF/cODqqa3+cVgbcObYPg4lsJhCJYwcp++iVJ6aWhKHENPXNXCcGQ/MxuTkoMkAN
DkS54ecf0r0y/pD7ZUsI55iO/qUpcaoY3zYBpA4lzzq48krcCzjZlhn///UzI0mc
i5S90PPKwgfs57CdkESoemXKI3PxFMlvlcHO938ugqJoE1z5AMrtwNF5jRpc0Uh2
iaMZvLVeEeemW6ELyG7cx/5YtGJyrDDH/75bGQ9FMSngZrLDjd6VV3INNr6w91WV
Yz9U5mLv8S1Ai5YIGDn7zPGVSVvO/7f8ulPOuzvyJD6LpLlCxYmKuw36nQIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFG6krZpzfgbBcQZ8Vp8PAz5P7aa0MB8GA1UdIwQY
MBaAFJ61DlOGyAmg+uZTCqXo2YJSUd7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUt
MWNhZGE2ZThiMWE5LzEvYnFTdG1uTi1Cc0Z4Qm54V253OERQa190cHJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUtMWNhZGE2ZThiMWE5
LzEvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTByBAIAATBsAwQALuXz
AwQALuX7AwQALuX9AwQCTKTIAwQATUp7AwQAU+U9AwQAVcxrAwQAXCpkAwQAZ3Cr
AwQBZ3kwAwQBZ34yAwQBZ/SQAwQAZ/b4AwQAuWg/AwQAw0pdAwQAyw4gAwQAyxls
AwQAze1tMBcEAgACMBEwDwMEASoSMgMHACoSMgCQADANBgkqhkiG9w0BAQsFAAOC
AQEAT6uu/AioPE1yXNR5NKBad/l6hEqS7A/VGAI3ZsxAZnT9E9Z5DXhAQOQrsqRo
DT3TVuaaqOjOCz2T3iugTCUnTsvJ0BOcwFFQxvm0T2N3UDvAZ8SoHS+tMAYulKXb
m8onPn+nT7YsGz/di2r9IZCq2ez0BgJG0R2+vPZqEN19dhRV4e9QWQdXzIvgCTPr
zQ/Bp2+CE+XQlhxf4HfIwNrnwF4YpOFZj6vUKCrLmnpT4+uixnTNsfSJCjJJ/65L
0MGbfD6Y+sy7KwdqW3+AXQ3OKGc3sJDsWIz6Ru3ym51mHlHjgNL6L64iQaIOxoq/
d0tlpR2ONdS47D9ydnpvPpRjUg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 06:11:59 2025 by rpki-client