Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/Qzb63e7PrJpZnvdh_5KRROvhZ1c.roa
File: Qzb63e7PrJpZnvdh_5KRROvhZ1c.roa (raw, json)
Hash identifier: NrGLLIb4hN1ItaaNKC1Rm9N6KTQQi8aKbLrok20ftwo=
Subject key identifier: 43:36:FA:DD:EE:CF:AC:9A:59:9E:F7:61:FF:92:91:44:EB:E1:67:57
Certificate issuer: /CN=b82e7b8068c4ae9ae4ca4c3a6b2096199a741ff2
Certificate serial: 0199ED9EEA49BE22F0D3E89AA40749B9441E
Authority key identifier: B8:2E:7B:80:68:C4:AE:9A:E4:CA:4C:3A:6B:20:96:19:9A:74:1F:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uC57gGjErprkykw6ayCWGZp0H_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/Qzb63e7PrJpZnvdh_5KRROvhZ1c.roa
Signing time: Thu 16 Oct 2025 15:23:58 +0000
ROA not before: Thu 16 Oct 2025 15:23:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34661
IP address blocks: 45.130.244.0/22 maxlen: 22
45.140.44.0/22 maxlen: 22
45.147.140.0/22 maxlen: 22
178.159.108.0/22 maxlen: 22
185.71.0.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/uC57gGjErprkykw6ayCWGZp0H_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/uC57gGjErprkykw6ayCWGZp0H_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/uC57gGjErprkykw6ayCWGZp0H_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ed:9e:ea:49:be:22:f0:d3:e8:9a:a4:07:49:b9:44:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b82e7b8068c4ae9ae4ca4c3a6b2096199a741ff2
Validity
Not Before: Oct 16 15:23:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4336faddeecfac9a599ef761ff929144ebe16757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e0:52:99:83:93:0c:f5:d2:85:54:cb:fd:04:
c8:1c:85:b0:c6:ba:e9:37:ce:40:16:e1:17:69:9a:
9b:db:07:d4:18:35:e0:08:ea:2b:df:de:cd:76:2d:
1c:85:ca:e2:ce:8a:1f:6c:97:74:17:84:1a:42:88:
46:5f:cb:49:d2:b1:d6:d2:5f:e1:74:dd:d0:d8:1e:
e1:75:80:be:c0:d3:23:cc:68:62:05:62:da:64:77:
6f:60:ac:19:89:c5:78:3b:71:cc:7c:76:20:28:d9:
7e:16:b9:2e:05:cc:5d:a9:b1:74:ab:96:a0:1e:6e:
48:6b:6a:db:3a:b3:dd:d0:e0:70:74:25:47:3b:7b:
c9:04:05:65:82:3b:27:0e:67:2f:39:02:5a:14:fc:
c9:af:f2:a6:df:c0:0b:eb:3b:74:df:ea:e7:e5:a4:
83:cc:54:7b:c1:78:28:f4:7f:23:7b:f3:60:b3:d2:
68:d7:fb:2d:33:5a:7f:e5:92:1a:8b:27:db:65:d2:
84:d0:b3:af:40:34:e0:9d:86:2a:80:42:64:95:e2:
7c:3d:bd:1b:10:25:f3:6e:1f:a8:0e:fd:01:0a:2d:
1a:9a:eb:48:bc:3c:c3:2f:38:75:25:90:e2:61:da:
97:8f:33:25:78:40:22:f2:9d:bf:3a:19:ef:c1:58:
c2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:36:FA:DD:EE:CF:AC:9A:59:9E:F7:61:FF:92:91:44:EB:E1:67:57
X509v3 Authority Key Identifier:
keyid:B8:2E:7B:80:68:C4:AE:9A:E4:CA:4C:3A:6B:20:96:19:9A:74:1F:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uC57gGjErprkykw6ayCWGZp0H_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/Qzb63e7PrJpZnvdh_5KRROvhZ1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/uC57gGjErprkykw6ayCWGZp0H_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.244.0/22
45.140.44.0/22
45.147.140.0/22
178.159.108.0/22
185.71.0.0/22
Signature Algorithm: sha256WithRSAEncryption
53:7b:ac:69:02:3e:d9:cd:9d:ff:6e:f6:c5:28:03:b7:1b:5d:
65:0c:ae:79:7e:b9:84:f8:58:e5:f8:20:f0:b6:9b:98:c6:f9:
ec:58:ab:a5:7f:49:f9:2b:20:64:57:d5:99:0a:c1:b4:85:b7:
f2:6d:d5:30:32:9e:cd:59:a4:60:29:31:38:c1:f1:b1:5e:61:
45:2e:74:c9:e8:ac:ea:f3:3b:5a:92:d0:2d:15:e1:93:5c:9c:
e1:0d:4a:31:ea:2f:3b:bc:f2:81:72:97:5e:a8:3d:c8:ea:3e:
1f:88:da:92:c0:37:05:57:ab:c4:99:3f:8a:fd:9c:c7:0a:f4:
77:96:51:5b:06:82:79:66:84:40:97:fb:ea:e2:d1:20:ff:05:
dd:88:54:b7:32:6d:cf:2b:b7:0e:3e:60:ea:d4:62:d9:d0:1b:
2d:b7:8d:22:d9:a8:92:c2:ae:a0:7f:b2:a9:19:62:bf:0e:4f:
73:99:28:5e:b5:59:a8:a9:e6:3d:f6:e2:87:93:c6:e2:b0:38:
2a:a8:4e:e8:c3:7d:c7:c8:40:d5:23:45:95:47:48:39:46:ef:
f9:4a:77:0b:93:22:27:33:fd:a9:c9:9b:9b:12:47:e3:49:08:
f7:9e:03:78:38:9e:b6:29:34:6f:51:23:53:61:d3:7f:22:1f:
7f:36:26:ec
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZntnupJviLw0+iapAdJuUQeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MmU3YjgwNjhjNGFlOWFlNGNhNGMzYTZiMjA5NjE5OWE3
NDFmZjIwHhcNMjUxMDE2MTUyMzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzM2ZmFkZGVlY2ZhYzlhNTk5ZWY3NjFmZjkyOTE0NGViZTE2NzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+BSmYOTDPXShVTL/QTIHIWwxrrp
N85AFuEXaZqb2wfUGDXgCOor397Ndi0chcrizoofbJd0F4QaQohGX8tJ0rHW0l/h
dN3Q2B7hdYC+wNMjzGhiBWLaZHdvYKwZicV4O3HMfHYgKNl+FrkuBcxdqbF0q5ag
Hm5Ia2rbOrPd0OBwdCVHO3vJBAVlgjsnDmcvOQJaFPzJr/Km38AL6zt03+rn5aSD
zFR7wXgo9H8je/Ngs9Jo1/stM1p/5ZIaiyfbZdKE0LOvQDTgnYYqgEJkleJ8Pb0b
ECXzbh+oDv0BCi0amutIvDzDLzh1JZDiYdqXjzMleEAi8p2/OhnvwVjCBwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEM2+t3uz6yaWZ73Yf+SkUTr4WdXMB8GA1UdIwQY
MBaAFLgue4BoxK6a5MpMOmsglhmadB/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUM1N2dHakVycHJreWt3NmF5Q1dHWnAwSF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8yOWM5MTUtMmNiYy00NzY4LTg0MGMt
YWFkZmE5YzA2NzQyLzEvUXpiNjNlN1BySnBabnZkaF81S1JST3ZoWjFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8yOWM5MTUtMmNiYy00NzY4LTg0MGMtYWFkZmE5YzA2NzQy
LzEvdUM1N2dHakVycHJreWt3NmF5Q1dHWnAwSF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLYL0AwQC
LYwsAwQCLZOMAwQCsp9sAwQCuUcAMA0GCSqGSIb3DQEBCwUAA4IBAQBTe6xpAj7Z
zZ3/bvbFKAO3G11lDK55frmE+Fjl+CDwtpuYxvnsWKulf0n5KyBkV9WZCsG0hbfy
bdUwMp7NWaRgKTE4wfGxXmFFLnTJ6Kzq8ztaktAtFeGTXJzhDUox6i87vPKBcpde
qD3I6j4fiNqSwDcFV6vEmT+K/ZzHCvR3llFbBoJ5ZoRAl/vq4tEg/wXdiFS3Mm3P
K7cOPmDq1GLZ0Bstt40i2aiSwq6gf7KpGWK/Dk9zmShetVmoqeY99uKHk8bisDgq
qE7ow33HyEDVI0WVR0g5Ru/5SncLkyInM/2pyZubEkfjSQj3ngN4OJ62KTRvUSNT
YdN/Ih9/Nibs
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:09:13 2025 by rpki-client