Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/qcBKp4PgK5r_QkDRLA9zCMMocxg.roa
File: qcBKp4PgK5r_QkDRLA9zCMMocxg.roa (raw, json)
Hash identifier: 2JhylG5sj+mKEMl1lxtjnSp50rjDRIpwzSkaQUMk7L8=
Subject key identifier: A9:C0:4A:A7:83:E0:2B:9A:FF:42:40:D1:2C:0F:73:08:C3:28:73:18
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 0198D2C6DC55F8159683202C5EFDE9CA58EB
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/qcBKp4PgK5r_QkDRLA9zCMMocxg.roa
Signing time: Fri 22 Aug 2025 17:15:04 +0000
ROA not before: Fri 22 Aug 2025 17:15:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50556
IP address blocks: 170.168.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 11:02:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d2:c6:dc:55:f8:15:96:83:20:2c:5e:fd:e9:ca:58:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Aug 22 17:15:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9c04aa783e02b9aff4240d12c0f7308c3287318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ae:04:9d:c9:d9:24:64:a1:6f:5f:a2:31:25:
f7:3f:ba:8a:1a:7a:17:2b:79:ce:a7:6d:5a:35:66:
56:18:b6:ad:34:de:41:6f:3d:b0:e4:7f:fa:dc:bc:
7f:a1:c4:4a:4a:c2:f8:e7:e7:7c:84:3d:93:77:04:
49:66:7e:6e:3f:88:3f:ab:5a:c4:b8:22:2c:a7:62:
15:36:88:d2:81:36:82:dc:e6:65:f1:bf:6c:1d:ee:
7d:a4:6e:13:55:37:3a:ca:f7:4b:e6:e5:3e:22:c0:
d2:dd:fd:2e:a6:ad:c2:79:06:b4:fd:fc:bd:61:34:
2d:c6:1a:99:2a:9a:f6:ef:84:ba:6a:a4:9c:f1:e7:
1e:44:23:fd:9d:8a:47:1e:8d:c1:b7:5e:2f:2a:94:
33:e7:c2:0a:93:41:02:b1:27:10:c6:40:ac:50:16:
e4:73:82:eb:96:c8:e4:29:15:55:cf:6d:51:b8:41:
d4:29:d1:53:f1:35:aa:fe:7a:c6:9f:8a:78:6f:d9:
ee:e3:c5:c6:de:76:00:dc:53:19:23:d5:cd:31:dc:
34:26:3c:95:87:42:81:a1:69:fe:d9:99:de:ba:1d:
d2:d3:db:5f:16:77:44:5d:f2:43:05:f6:e2:e8:57:
8f:ac:6f:09:54:6d:72:ba:fa:86:9a:70:24:85:8e:
90:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:C0:4A:A7:83:E0:2B:9A:FF:42:40:D1:2C:0F:73:08:C3:28:73:18
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/qcBKp4PgK5r_QkDRLA9zCMMocxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.168.46.0/24
Signature Algorithm: sha256WithRSAEncryption
04:59:11:78:21:47:f2:ac:27:90:4e:06:aa:19:0f:4e:4a:9d:
49:15:40:0f:c7:1c:e9:db:06:fb:82:f8:0d:f0:9d:8a:69:ed:
f6:6f:aa:4b:03:80:cb:5b:fd:9a:b2:10:16:34:e9:72:95:b8:
a5:25:c5:d0:52:e0:a7:73:54:09:d7:27:f2:32:28:36:8b:0f:
cd:3e:23:82:2c:38:cc:ef:e7:69:b9:9d:47:41:f8:c1:c5:8f:
5d:9c:bf:31:35:4b:bd:c5:4d:a7:bc:38:33:63:97:a0:44:96:
00:5b:95:6f:bf:34:1b:35:8f:5a:71:5c:29:31:9a:9c:76:55:
80:8f:8c:fa:e9:6b:12:3b:69:2c:4a:d0:5a:bd:2e:cf:37:6e:
a2:1a:3a:de:40:4a:86:82:92:0c:db:c6:7c:57:b7:aa:38:b2:
b8:ae:e6:2d:a3:75:eb:ba:b3:bd:33:94:eb:51:c6:f8:64:da:
8d:1e:ad:df:8c:c7:61:2d:53:bd:60:f2:8d:e5:9d:7f:27:61:
29:33:e8:68:0b:d1:1f:d2:c3:d1:ea:c8:3e:c7:59:6b:03:41:
2e:a3:b4:0b:1b:3d:32:b7:61:53:15:47:4a:30:45:f9:f9:a9:
60:7f:b6:81:4d:c5:af:34:4a:d1:98:3a:cd:fa:01:4e:b0:e4:
b8:28:bf:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZjSxtxV+BWWgyAsXv3pyljrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjUwODIyMTcxNTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWMwNGFhNzgzZTAyYjlhZmY0MjQwZDEyYzBmNzMwOGMzMjg3MzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkq4EncnZJGShb1+iMSX3P7qKGnoX
K3nOp21aNWZWGLatNN5Bbz2w5H/63Lx/ocRKSsL45+d8hD2TdwRJZn5uP4g/q1rE
uCIsp2IVNojSgTaC3OZl8b9sHe59pG4TVTc6yvdL5uU+IsDS3f0upq3CeQa0/fy9
YTQtxhqZKpr274S6aqSc8eceRCP9nYpHHo3Bt14vKpQz58IKk0ECsScQxkCsUBbk
c4LrlsjkKRVVz21RuEHUKdFT8TWq/nrGn4p4b9nu48XG3nYA3FMZI9XNMdw0JjyV
h0KBoWn+2Zneuh3S09tfFndEXfJDBfbi6FePrG8JVG1yuvqGmnAkhY6QWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKnASqeD4Cua/0JA0SwPcwjDKHMYMB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvcWNCS3A0UGdLNXJfUWtEUkxBOXpDTU1vY3hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqqguMA0G
CSqGSIb3DQEBCwUAA4IBAQAEWRF4IUfyrCeQTgaqGQ9OSp1JFUAPxxzp2wb7gvgN
8J2Kae32b6pLA4DLW/2ashAWNOlylbilJcXQUuCnc1QJ1yfyMig2iw/NPiOCLDjM
7+dpuZ1HQfjBxY9dnL8xNUu9xU2nvDgzY5egRJYAW5VvvzQbNY9acVwpMZqcdlWA
j4z66WsSO2ksStBavS7PN26iGjreQEqGgpIM28Z8V7eqOLK4ruYto3XrurO9M5Tr
Ucb4ZNqNHq3fjMdhLVO9YPKN5Z1/J2EpM+hoC9Ef0sPR6sg+x1lrA0Euo7QLGz0y
t2FTFUdKMEX5+algf7aBTcWvNErRmDrN+gFOsOS4KL/N
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:01:19 2025 by rpki-client