Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/Qy8FTgX-yC1O4CbCQWKLq95mgp4.roa
File: Qy8FTgX-yC1O4CbCQWKLq95mgp4.roa (raw, json)
Hash identifier: 8nqh6t/tTyxk7G3+i4dwwKWP/5EMA1y/MU+wzRFmne4=
Subject key identifier: 43:2F:05:4E:05:FE:C8:2D:4E:E0:26:C2:41:62:8B:AB:DE:66:82:9E
Certificate issuer: /CN=b4425cf5501344ac5acc307abd0af013fac67073
Certificate serial: 01995D405E833B9967E4D40342E145D6F06F
Authority key identifier: B4:42:5C:F5:50:13:44:AC:5A:CC:30:7A:BD:0A:F0:13:FA:C6:70:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tEJc9VATRKxazDB6vQrwE_rGcHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/Qy8FTgX-yC1O4CbCQWKLq95mgp4.roa
Signing time: Thu 18 Sep 2025 14:35:23 +0000
ROA not before: Thu 18 Sep 2025 14:35:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202709
IP address blocks: 5.61.216.0/21 maxlen: 21
45.82.132.0/22 maxlen: 22
185.58.132.0/22 maxlen: 22
185.119.228.0/22 maxlen: 22
185.142.20.0/22 maxlen: 22
185.142.20.0/24 maxlen: 24
185.142.21.0/24 maxlen: 24
185.142.22.0/24 maxlen: 24
185.142.23.0/24 maxlen: 24
193.25.255.0/24 maxlen: 24
193.26.0.0/24 maxlen: 24
193.26.2.0/24 maxlen: 24
193.26.12.0/24 maxlen: 24
194.48.180.0/22 maxlen: 22
2a02:63e0::/32 maxlen: 32
2a0e:6b80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/tEJc9VATRKxazDB6vQrwE_rGcHM.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/tEJc9VATRKxazDB6vQrwE_rGcHM.mft
rsync://rpki.ripe.net/repository/DEFAULT/tEJc9VATRKxazDB6vQrwE_rGcHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:5d:40:5e:83:3b:99:67:e4:d4:03:42:e1:45:d6:f0:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4425cf5501344ac5acc307abd0af013fac67073
Validity
Not Before: Sep 18 14:35:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=432f054e05fec82d4ee026c241628babde66829e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b7:47:7a:cf:05:79:ca:63:25:15:07:6f:36:
63:40:46:3e:0f:65:ac:72:c4:cd:32:a7:33:84:5a:
af:1a:42:2f:be:0d:2b:37:d3:1e:42:4b:14:44:41:
6b:d2:1c:84:e8:68:22:4e:55:30:02:26:e7:eb:5f:
92:c5:be:e2:91:9a:0c:36:87:0c:42:29:49:47:67:
42:45:7b:d7:ac:74:97:76:c9:17:6d:74:a2:70:0c:
ba:e4:f3:66:a8:b4:da:dc:74:ac:48:2d:c7:65:08:
5f:7f:fb:76:a5:88:e4:ff:a3:6b:db:b0:37:b5:7b:
e0:55:0c:ec:9d:26:c2:b8:f8:5e:68:e6:d1:71:30:
0c:63:92:00:1a:a2:82:e9:1e:ae:1e:f4:0a:a5:34:
fd:05:5c:b1:e3:b8:05:d4:2c:35:94:61:46:dd:82:
b3:b2:c9:99:12:de:cf:14:e1:8a:81:ad:ac:82:bc:
cb:7a:08:40:d3:54:b8:67:06:07:5d:7d:86:8e:a1:
2e:42:4f:48:22:6f:58:3b:d6:af:06:96:93:ef:04:
67:9e:68:39:24:11:71:fd:72:85:07:bc:6f:9d:81:
fd:d5:c7:5a:ce:ed:6c:32:ff:ec:7d:11:8b:21:74:
1b:cc:b2:cd:a3:85:55:b9:3f:53:8c:f4:23:b0:aa:
e0:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:2F:05:4E:05:FE:C8:2D:4E:E0:26:C2:41:62:8B:AB:DE:66:82:9E
X509v3 Authority Key Identifier:
keyid:B4:42:5C:F5:50:13:44:AC:5A:CC:30:7A:BD:0A:F0:13:FA:C6:70:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tEJc9VATRKxazDB6vQrwE_rGcHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/Qy8FTgX-yC1O4CbCQWKLq95mgp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/tEJc9VATRKxazDB6vQrwE_rGcHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.216.0/21
45.82.132.0/22
185.58.132.0/22
185.119.228.0/22
185.142.20.0/22
193.25.255.0-193.26.0.255
193.26.2.0/24
193.26.12.0/24
194.48.180.0/22
IPv6:
2a02:63e0::/32
2a0e:6b80::/29
Signature Algorithm: sha256WithRSAEncryption
83:17:02:5e:0b:05:2a:4a:b3:ff:53:5d:f2:12:0e:92:b5:9b:
31:9f:f9:41:f4:f2:cd:44:db:e9:36:f0:3e:49:46:08:99:9d:
27:cb:d8:5c:35:54:b5:2a:20:59:b4:23:c8:0d:59:43:da:68:
8b:7e:23:0b:dd:99:f8:d7:5d:75:ff:a0:e4:1f:28:2b:f2:0b:
76:57:49:a7:3d:be:11:9c:14:41:69:9c:5e:4e:52:6f:65:f7:
15:b3:64:13:31:47:6a:c3:21:ca:ad:53:11:53:44:c5:24:ca:
06:4a:61:15:e8:47:31:69:c0:b0:82:98:6b:eb:72:48:81:10:
09:51:de:ce:df:2c:59:f5:b3:fe:dd:8c:b6:99:99:4f:8a:56:
80:5f:9e:b3:de:33:5e:af:96:99:8b:59:33:20:d6:6c:54:8a:
31:b4:b2:30:85:11:7b:d6:f5:5a:c5:f5:19:b6:44:5b:14:63:
f2:05:f2:07:ee:cd:b4:eb:1d:50:bd:7e:8f:33:8a:86:de:54:
2c:63:6b:d1:86:03:48:f9:63:44:60:30:e6:2a:bb:cd:a5:91:
d2:c5:42:d5:b0:61:e0:38:18:13:12:8b:e2:7a:70:9a:d8:3f:
a5:25:c1:6f:60:04:de:3d:04:8e:a3:77:93:d7:05:60:11:50:
2c:9d:64:14
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZldQF6DO5ln5NQDQuFF1vBvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NDI1Y2Y1NTAxMzQ0YWM1YWNjMzA3YWJkMGFmMDEzZmFj
NjcwNzMwHhcNMjUwOTE4MTQzNTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzJmMDU0ZTA1ZmVjODJkNGVlMDI2YzI0MTYyOGJhYmRlNjY4MjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrdHes8FecpjJRUHbzZjQEY+D2Ws
csTNMqczhFqvGkIvvg0rN9MeQksUREFr0hyE6GgiTlUwAibn61+Sxb7ikZoMNocM
QilJR2dCRXvXrHSXdskXbXSicAy65PNmqLTa3HSsSC3HZQhff/t2pYjk/6Nr27A3
tXvgVQzsnSbCuPheaObRcTAMY5IAGqKC6R6uHvQKpTT9BVyx47gF1Cw1lGFG3YKz
ssmZEt7PFOGKga2sgrzLeghA01S4ZwYHXX2GjqEuQk9IIm9YO9avBpaT7wRnnmg5
JBFx/XKFB7xvnYH91cdazu1sMv/sfRGLIXQbzLLNo4VVuT9TjPQjsKrgTwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFEMvBU4F/sgtTuAmwkFii6veZoKeMB8GA1UdIwQY
MBaAFLRCXPVQE0SsWswwer0K8BP6xnBzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEVKYzlWQVRSS3hhekRCNnZRcndFX3JHY0hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82YWMwYTItNWM2Yy00MzU3LTk3ZTQt
Y2ViOGFiNmQxMTJlLzEvUXk4RlRnWC15QzFPNENiQ1FXS0xxOTVtZ3A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82YWMwYTItNWM2Yy00MzU3LTk3ZTQtY2ViOGFiNmQxMTJl
LzEvdEVKYzlWQVRSS3hhekRCNnZRcndFX3JHY0hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBEBAIAATA+AwQDBT3YAwQC
LVKEAwQCuTqEAwQCuXfkAwQCuY4UMAwDBADBGf8DBADBGgADBADBGgIDBADBGgwD
BALCMLQwFAQCAAIwDgMFACoCY+ADBQMqDmuAMA0GCSqGSIb3DQEBCwUAA4IBAQCD
FwJeCwUqSrP/U13yEg6StZsxn/lB9PLNRNvpNvA+SUYImZ0ny9hcNVS1KiBZtCPI
DVlD2miLfiML3Zn41111/6DkHygr8gt2V0mnPb4RnBRBaZxeTlJvZfcVs2QTMUdq
wyHKrVMRU0TFJMoGSmEV6EcxacCwgphr63JIgRAJUd7O3yxZ9bP+3Yy2mZlPilaA
X56z3jNer5aZi1kzINZsVIoxtLIwhRF71vVaxfUZtkRbFGPyBfIH7s206x1QvX6P
M4qG3lQsY2vRhgNI+WNEYDDmKrvNpZHSxULVsGHgOBgTEovienCa2D+lJcFvYATe
PQSOo3eT1wVgEVAsnWQU
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:24:13 2025 by rpki-client