
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/qrRq8YUBkeDfEiWmVfrkBDx2VQw.roa
File: qrRq8YUBkeDfEiWmVfrkBDx2VQw.roa (raw, json)
Hash identifier: 4/rvoZWlT3NeY6ecFrIDijZ6eZVzB72aPf67njP+evU=
Subject key identifier: AA:B4:6A:F1:85:01:91:E0:DF:12:25:A6:55:FA:E4:04:3C:76:55:0C
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0197783C788C9D7AA2FDCAC98506C7EFC3E0
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/qrRq8YUBkeDfEiWmVfrkBDx2VQw.roa
Signing time: Mon 16 Jun 2025 10:15:18 +0000
ROA not before: Mon 16 Jun 2025 10:15:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214447
IP address blocks: 193.35.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:78:3c:78:8c:9d:7a:a2:fd:ca:c9:85:06:c7:ef:c3:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jun 16 10:15:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aab46af1850191e0df1225a655fae4043c76550c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:9c:02:d5:82:36:f1:58:d4:cd:1f:26:05:5a:
7b:55:82:cd:d1:49:7a:84:4a:15:50:2e:b5:93:18:
45:ae:47:f0:93:b7:00:74:f3:62:5f:66:e5:42:97:
f7:a5:b3:af:6f:08:0e:cb:d2:80:d6:90:db:76:e2:
d4:21:12:ea:cf:52:ea:c6:1a:7a:2b:ca:c4:ef:ef:
54:2c:1b:c8:95:5c:cf:0a:3a:4b:df:c3:5f:f2:2c:
be:39:43:4a:a8:dc:a7:b4:ed:20:c9:4b:b3:f8:10:
35:c4:19:ec:0e:44:94:dc:bd:ee:ff:65:9b:1d:59:
dc:63:ae:57:84:9a:38:ad:c8:c0:42:08:b6:d2:9a:
ad:26:d1:8d:4d:08:21:23:ec:2f:29:12:66:77:ad:
8d:a0:ef:b2:6a:58:20:f6:d3:1d:25:c7:3d:7c:ca:
a1:f8:bc:4d:eb:a9:7b:9d:00:52:64:f6:62:49:c9:
44:12:d2:45:c3:db:1c:40:fb:3b:58:9e:91:49:51:
41:46:ce:f2:49:5f:cb:cf:4a:90:09:20:76:51:01:
af:a7:cd:67:77:ed:ca:87:0b:48:43:6c:24:cc:20:
dd:13:53:cd:70:7d:64:ab:3e:41:a2:fc:0f:6f:8d:
24:c0:26:00:80:e9:c0:aa:3e:03:09:9f:66:a4:f8:
16:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:B4:6A:F1:85:01:91:E0:DF:12:25:A6:55:FA:E4:04:3C:76:55:0C
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/qrRq8YUBkeDfEiWmVfrkBDx2VQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.35.153.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:96:0d:2d:9f:89:99:fd:7d:6d:67:96:15:e8:0e:c4:1d:c3:
39:28:99:91:c2:bf:11:31:bf:33:2e:e1:e3:1b:cd:11:be:5c:
c0:f2:b4:74:de:20:70:8b:d7:d8:ac:07:7b:78:ca:25:99:a4:
5a:8e:37:6d:94:26:38:53:7e:f7:fc:f7:45:cb:63:14:cd:95:
07:8a:ae:dc:51:be:cf:36:9a:21:ee:dc:3f:a3:70:b6:f5:7f:
8e:aa:71:49:04:86:95:0d:be:ba:e7:69:6f:e9:0a:ff:e5:cb:
d0:14:76:01:4a:40:81:58:79:3f:43:a8:e2:ef:e5:04:3a:d2:
3c:b3:b2:8e:d9:29:0e:3a:7b:4e:eb:cc:9e:6c:7d:db:44:dc:
84:5b:78:77:d5:71:91:05:a2:47:85:4a:75:1e:93:29:67:9d:
ad:48:ad:fb:1f:6e:eb:49:ab:3a:87:af:04:e1:7d:78:61:1b:
b4:79:fc:b3:4e:f0:76:de:b6:0d:ad:03:06:e8:b4:be:8d:9d:
d9:d9:fb:09:8a:db:5e:d6:48:e6:af:57:8c:51:52:93:e8:52:
36:a4:2e:a9:72:1c:7b:10:b8:e5:90:2a:ef:18:3b:c5:d1:9c:
cc:7f:79:2d:bf:a2:c7:2e:84:d6:81:b1:94:d7:9e:b4:7b:ba:
27:16:f0:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZd4PHiMnXqi/crJhQbH78PgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwNjE2MTAxNTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWI0NmFmMTg1MDE5MWUwZGYxMjI1YTY1NWZhZTQwNDNjNzY1NTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZwC1YI28VjUzR8mBVp7VYLN0Ul6
hEoVUC61kxhFrkfwk7cAdPNiX2blQpf3pbOvbwgOy9KA1pDbduLUIRLqz1Lqxhp6
K8rE7+9ULBvIlVzPCjpL38Nf8iy+OUNKqNyntO0gyUuz+BA1xBnsDkSU3L3u/2Wb
HVncY65XhJo4rcjAQgi20pqtJtGNTQghI+wvKRJmd62NoO+yalgg9tMdJcc9fMqh
+LxN66l7nQBSZPZiSclEEtJFw9scQPs7WJ6RSVFBRs7ySV/Lz0qQCSB2UQGvp81n
d+3KhwtIQ2wkzCDdE1PNcH1kqz5BovwPb40kwCYAgOnAqj4DCZ9mpPgWVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKq0avGFAZHg3xIlplX65AQ8dlUMMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvcXJScThZVUJrZURmRWlXbVZmcmtCRHgyVlF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSOZMA0G
CSqGSIb3DQEBCwUAA4IBAQB+lg0tn4mZ/X1tZ5YV6A7EHcM5KJmRwr8RMb8zLuHj
G80RvlzA8rR03iBwi9fYrAd7eMolmaRajjdtlCY4U373/PdFy2MUzZUHiq7cUb7P
Npoh7tw/o3C29X+OqnFJBIaVDb6652lv6Qr/5cvQFHYBSkCBWHk/Q6ji7+UEOtI8
s7KO2SkOOntO68yebH3bRNyEW3h31XGRBaJHhUp1HpMpZ52tSK37H27rSas6h68E
4X14YRu0efyzTvB23rYNrQMG6LS+jZ3Z2fsJitte1kjmr1eMUVKT6FI2pC6pchx7
ELjlkCrvGDvF0ZzMf3ktv6LHLoTWgbGU1560e7onFvBv
-----END CERTIFICATE-----
Generated at Tue Jul 1 16:45:46 2025 by rpki-client