Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q2tZHxcnTfsijpne_PaEOT5dOKg.roa
File: Q2tZHxcnTfsijpne_PaEOT5dOKg.roa (raw, json)
Hash identifier: FVNO2p4hWZxlSs3+Rn7ouc28IBioq9Skdi74miEeHBs=
Subject key identifier: 43:6B:59:1F:17:27:4D:FB:22:8E:99:DE:FC:F6:84:39:3E:5D:38:A8
Certificate issuer: /CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Certificate serial: 01977E2E119546E2955C5DD7A8015C282A3E
Authority key identifier: 43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q2tZHxcnTfsijpne_PaEOT5dOKg.roa
Signing time: Tue 17 Jun 2025 13:57:17 +0000
ROA not before: Tue 17 Jun 2025 13:57:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 45.155.99.0/24 maxlen: 24
2a10:ba00:1::/48 maxlen: 48
2a10:ba00:2::/48 maxlen: 48
2a10:ba00:3::/48 maxlen: 48
2a10:ba00:4::/48 maxlen: 48
2a10:ba00:5::/48 maxlen: 48
2a10:ba00:6::/48 maxlen: 48
2a10:ba00:7::/48 maxlen: 48
2a10:ba00:8::/48 maxlen: 48
2a10:ba00:9::/48 maxlen: 48
2a10:ba00:10::/48 maxlen: 48
2a10:ba00:11::/48 maxlen: 48
2a10:ba00:12::/48 maxlen: 48
2a10:ba00:13::/48 maxlen: 48
2a10:ba00:14::/48 maxlen: 48
2a10:ba00:15::/48 maxlen: 48
2a10:ba00:16::/48 maxlen: 48
2a10:ba00:17::/48 maxlen: 48
2a10:ba00:18::/48 maxlen: 48
2a10:ba00:19::/48 maxlen: 48
2a10:ba00:20::/48 maxlen: 48
2a10:ba00:bee0::/48 maxlen: 48
2a10:ba00:bee1::/48 maxlen: 48
2a10:ba00:bee2::/48 maxlen: 48
2a10:ba00:bee3::/48 maxlen: 48
2a10:ba00:bee4::/48 maxlen: 48
2a10:ba00:bee5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 20:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7e:2e:11:95:46:e2:95:5c:5d:d7:a8:01:5c:28:2a:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Validity
Not Before: Jun 17 13:57:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=436b591f17274dfb228e99defcf684393e5d38a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:77:77:5d:08:84:b9:3a:4b:6c:25:49:5c:45:
e4:48:eb:0f:34:ea:46:1d:80:85:c5:31:6b:12:14:
1b:5a:ba:e3:32:c0:56:8c:69:cf:e0:c8:f6:18:d1:
6e:b5:4d:cd:07:4c:7d:4f:c5:8e:fb:af:6c:cf:92:
90:05:5e:a6:70:9e:ce:3b:63:c4:40:00:48:f6:d9:
0d:c6:18:d2:7c:dd:4d:7e:d7:68:c0:29:86:d5:6f:
55:e9:e1:e2:a8:15:c4:5b:d4:bd:2a:7d:f3:e5:45:
b8:a6:a5:f8:ee:30:b0:2b:8d:bf:c2:80:89:20:24:
32:1d:85:49:60:25:ca:43:12:b6:24:4a:5a:50:41:
7c:ec:cd:f9:f2:b3:08:2a:32:c9:b9:29:bf:58:bc:
32:ad:42:0d:8f:ce:d6:92:32:8b:54:d2:57:5a:c9:
c6:f6:b9:d6:fe:96:82:b2:65:9b:ee:c8:f3:e3:98:
82:9c:b2:93:e0:53:51:ca:2c:bf:85:59:cf:cd:b2:
8d:83:ee:04:9c:4f:0f:ce:b0:4c:7b:72:80:8d:90:
f3:f9:31:8c:52:25:73:e6:e3:07:89:ad:3d:bf:93:
8d:1d:01:85:02:03:9a:3a:10:db:8b:8d:e9:f7:84:
12:75:f5:eb:9e:3b:31:7e:67:8d:e5:f2:81:4c:60:
95:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:6B:59:1F:17:27:4D:FB:22:8E:99:DE:FC:F6:84:39:3E:5D:38:A8
X509v3 Authority Key Identifier:
keyid:43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q2tZHxcnTfsijpne_PaEOT5dOKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.99.0/24
IPv6:
2a10:ba00:1::-2a10:ba00:9:ffff:ffff:ffff:ffff:ffff
2a10:ba00:10::-2a10:ba00:19:ffff:ffff:ffff:ffff:ffff
2a10:ba00:20::/48
2a10:ba00:bee0::-2a10:ba00:bee5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
26:8d:81:30:44:75:45:b9:80:58:6c:65:cf:ec:2f:5e:f3:99:
0d:e0:0b:c8:13:b9:83:ac:e6:82:75:10:12:c7:8c:6c:1a:e3:
6e:f4:38:4d:6c:35:4d:8e:4a:39:37:2b:ce:6f:b7:fc:a5:3e:
06:c0:93:2c:18:0b:ec:77:bd:1a:d7:20:5b:f3:0e:9c:76:e0:
3f:1f:3c:82:db:51:c3:da:f6:d9:5a:d9:97:99:1e:37:36:11:
f9:4a:f8:61:05:59:e0:6e:61:7a:bb:39:cd:a2:7e:d4:c8:6a:
1c:2d:48:47:69:d2:8e:2f:3b:72:d2:91:6c:86:cc:89:1b:f1:
74:d5:fc:69:3e:c0:4e:c4:40:4b:44:c6:91:bc:48:0e:d8:f4:
fb:60:e7:84:fd:4b:6b:da:20:12:5c:a5:97:6b:87:76:01:7b:
62:e4:12:61:d4:2d:e3:af:3f:0e:bb:3b:0a:06:82:be:ae:17:
c9:ba:e4:28:98:19:d9:7b:78:06:8e:66:5c:2d:30:77:ed:f4:
12:aa:4f:5b:d3:11:9e:5e:d1:17:9e:b5:a5:da:38:9a:00:b5:
74:6b:83:32:51:60:c1:dc:f2:a7:4a:6f:06:de:b7:96:44:bc:
d0:2d:dc:6b:6d:b3:23:42:33:8a:d7:4d:ee:93:42:be:f0:45:
a3:4d:86:54
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZd+LhGVRuKVXF3XqAFcKCo+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZGZjMDY2Y2U3Y2QzZTM4MjU3NGE2ODY2Nzk3M2IwYjQ2
OGRmM2MwHhcNMjUwNjE3MTM1NzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzZiNTkxZjE3Mjc0ZGZiMjI4ZTk5ZGVmY2Y2ODQzOTNlNWQzOGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnd3XQiEuTpLbCVJXEXkSOsPNOpG
HYCFxTFrEhQbWrrjMsBWjGnP4Mj2GNFutU3NB0x9T8WO+69sz5KQBV6mcJ7OO2PE
QABI9tkNxhjSfN1NftdowCmG1W9V6eHiqBXEW9S9Kn3z5UW4pqX47jCwK42/woCJ
ICQyHYVJYCXKQxK2JEpaUEF87M358rMIKjLJuSm/WLwyrUINj87WkjKLVNJXWsnG
9rnW/paCsmWb7sjz45iCnLKT4FNRyiy/hVnPzbKNg+4EnE8PzrBMe3KAjZDz+TGM
UiVz5uMHia09v5ONHQGFAgOaOhDbi43p94QSdfXrnjsxfmeN5fKBTGCVIwIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFENrWR8XJ037Io6Z3vz2hDk+XTioMB8GA1UdIwQY
MBaAFEPfwGbOfNPjgldKaGZ5c7C0aN88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlfQVpzNTgwLU9DVjBwb1pubHpzTFJvM3p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xNjM2ZjgtNTAyNi00MDRlLWExYWUt
MjUwOTc0M2FkMjllLzEvUTJ0Wkh4Y25UZnNpanBuZV9QYUVPVDVkT0tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xNjM2ZjgtNTAyNi00MDRlLWExYWUtMjUwOTc0M2FkMjll
LzEvUTlfQVpzNTgwLU9DVjBwb1pubHpzTFJvM3p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzAMBAIAATAGAwQALZtjMEsE
AgACMEUwEgMHACoQugAAAQMHASoQugAACDASAwcEKhC6AAAQAwcBKhC6AAAYAwcA
KhC6AAAgMBIDBwUqELoAvuADBwEqELoAvuQwDQYJKoZIhvcNAQELBQADggEBACaN
gTBEdUW5gFhsZc/sL17zmQ3gC8gTuYOs5oJ1EBLHjGwa4270OE1sNU2OSjk3K85v
t/ylPgbAkywYC+x3vRrXIFvzDpx24D8fPILbUcPa9tla2ZeZHjc2EflK+GEFWeBu
YXq7Oc2iftTIahwtSEdp0o4vO3LSkWyGzIkb8XTV/Gk+wE7EQEtExpG8SA7Y9Ptg
54T9S2vaIBJcpZdrh3YBe2LkEmHULeOvPw67OwoGgr6uF8m65CiYGdl7eAaOZlwt
MHft9BKqT1vTEZ5e0ReetaXaOJoAtXRrgzJRYMHc8qdKbwbet5ZEvNAt3GttsyNC
M4rXTe6TQr7wRaNNhlQ=
-----END CERTIFICATE-----
Generated at Thu Jul 3 02:52:20 2025 by rpki-client