Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/QSdwbn6ALsEGe_yU6cXgEdE9fZw.roa
File: QSdwbn6ALsEGe_yU6cXgEdE9fZw.roa (raw, json)
Hash identifier: CSscM3Lnl50LpuVA3uePIZe0PqLRyMqB/N7RLZ/QCf0=
Subject key identifier: 41:27:70:6E:7E:80:2E:C1:06:7B:FC:94:E9:C5:E0:11:D1:3D:7D:9C
Certificate issuer: /CN=e215be4532e9588c40531a7f331eabfbf4770a5e
Certificate serial: 019963D5DAFBD20E157CDC4A2A96D6ED57C3
Authority key identifier: E2:15:BE:45:32:E9:58:8C:40:53:1A:7F:33:1E:AB:FB:F4:77:0A:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4hW-RTLpWIxAUxp_Mx6r-_R3Cl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/QSdwbn6ALsEGe_yU6cXgEdE9fZw.roa
Signing time: Fri 19 Sep 2025 21:16:23 +0000
ROA not before: Fri 19 Sep 2025 21:16:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48737
IP address blocks: 37.58.17.0/24 maxlen: 24
37.58.19.0/24 maxlen: 24
37.58.20.0/24 maxlen: 24
37.58.21.0/24 maxlen: 24
37.58.23.0/24 maxlen: 24
46.20.144.0/24 maxlen: 24
46.20.145.0/24 maxlen: 24
46.20.146.0/24 maxlen: 24
46.20.147.0/24 maxlen: 24
46.20.148.0/24 maxlen: 24
46.20.149.0/24 maxlen: 24
46.20.150.0/24 maxlen: 24
46.20.151.0/24 maxlen: 24
46.20.152.0/24 maxlen: 24
46.20.153.0/24 maxlen: 24
46.20.154.0/24 maxlen: 24
46.20.155.0/24 maxlen: 24
46.20.156.0/24 maxlen: 24
46.20.157.0/24 maxlen: 24
46.20.158.0/24 maxlen: 24
46.20.159.0/24 maxlen: 24
81.22.96.0/24 maxlen: 24
81.22.97.0/24 maxlen: 24
81.22.98.0/24 maxlen: 24
81.22.99.0/24 maxlen: 24
81.22.100.0/24 maxlen: 24
81.22.101.0/24 maxlen: 24
81.22.102.0/24 maxlen: 24
81.22.103.0/24 maxlen: 24
81.22.104.0/24 maxlen: 24
81.22.105.0/24 maxlen: 24
81.22.106.0/24 maxlen: 24
81.22.107.0/24 maxlen: 24
81.22.108.0/24 maxlen: 24
81.22.109.0/24 maxlen: 24
81.22.110.0/24 maxlen: 24
81.22.111.0/24 maxlen: 24
95.128.56.0/24 maxlen: 24
95.128.57.0/24 maxlen: 24
95.128.58.0/24 maxlen: 24
95.128.60.0/24 maxlen: 24
95.128.61.0/24 maxlen: 24
95.128.62.0/24 maxlen: 24
95.128.63.0/24 maxlen: 24
185.56.237.0/24 maxlen: 24
185.56.238.0/24 maxlen: 24
185.56.239.0/24 maxlen: 24
185.59.72.0/24 maxlen: 24
185.59.73.0/24 maxlen: 24
185.59.74.0/24 maxlen: 24
185.59.75.0/24 maxlen: 24
2a02:dc40::/48 maxlen: 48
2a02:dc40:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/4hW-RTLpWIxAUxp_Mx6r-_R3Cl4.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/4hW-RTLpWIxAUxp_Mx6r-_R3Cl4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4hW-RTLpWIxAUxp_Mx6r-_R3Cl4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:63:d5:da:fb:d2:0e:15:7c:dc:4a:2a:96:d6:ed:57:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e215be4532e9588c40531a7f331eabfbf4770a5e
Validity
Not Before: Sep 19 21:16:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4127706e7e802ec1067bfc94e9c5e011d13d7d9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:83:53:bc:1d:c6:50:23:1e:d2:7e:fe:44:c2:
02:c7:68:ec:c4:59:0e:34:af:78:6b:99:6c:b5:ef:
1e:85:2f:fb:2a:ad:d3:ab:0b:bf:a1:96:e8:e6:fe:
6d:9a:de:65:9a:bb:92:c7:9c:81:7d:a4:77:f8:28:
8a:f5:c0:e1:59:47:be:70:6c:22:01:0e:09:6b:87:
fc:8f:b8:52:74:8d:dd:70:1c:6a:5c:2d:fd:27:0b:
6d:02:ad:18:be:56:fd:fc:3e:d9:9e:84:b5:ca:dd:
e6:24:c8:2e:58:a1:81:6e:95:2a:41:a9:1c:08:68:
f4:fc:72:da:c5:36:0e:bc:19:ad:d9:87:18:49:d1:
b5:f2:a9:9b:dc:b4:15:2e:3a:07:07:58:2f:de:21:
0b:f2:e7:7b:75:a5:51:85:9b:3e:5b:57:9c:3e:12:
a4:f5:8d:56:e1:13:c2:ba:04:88:b2:83:b7:14:71:
f4:fe:08:58:23:73:16:5c:26:64:81:a9:47:64:26:
47:7d:47:4e:5e:c9:c4:8b:cd:0e:25:0a:ac:70:49:
fc:94:10:dc:50:3c:d4:75:2d:b7:18:c6:ac:3b:66:
24:76:c7:d5:31:3e:dd:d7:28:d8:fc:1d:ac:6d:79:
12:d6:ed:5a:89:b1:ed:bd:9b:d6:1c:dc:31:b9:bc:
84:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:27:70:6E:7E:80:2E:C1:06:7B:FC:94:E9:C5:E0:11:D1:3D:7D:9C
X509v3 Authority Key Identifier:
keyid:E2:15:BE:45:32:E9:58:8C:40:53:1A:7F:33:1E:AB:FB:F4:77:0A:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4hW-RTLpWIxAUxp_Mx6r-_R3Cl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/QSdwbn6ALsEGe_yU6cXgEdE9fZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/4hW-RTLpWIxAUxp_Mx6r-_R3Cl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.58.17.0/24
37.58.19.0-37.58.21.255
37.58.23.0/24
46.20.144.0/20
81.22.96.0/20
95.128.56.0-95.128.58.255
95.128.60.0/22
185.56.237.0-185.56.239.255
185.59.72.0/22
IPv6:
2a02:dc40::/47
Signature Algorithm: sha256WithRSAEncryption
bb:57:7c:80:a1:56:10:c3:31:0a:eb:60:aa:e1:09:42:f7:98:
7f:f4:8c:ea:60:85:b1:a4:da:c2:55:d8:b4:77:64:f1:c0:86:
4d:7d:3f:80:d3:62:2b:69:ea:33:6d:4c:1f:9b:9f:59:9c:e4:
df:43:11:51:82:1b:75:35:6e:e0:57:38:73:86:d6:f4:6f:b0:
ec:96:49:5d:25:e1:6e:35:da:ef:c8:cb:4d:00:9d:78:50:1a:
03:93:bc:39:d8:ef:b7:55:22:0b:26:ff:50:ef:e1:a3:11:3c:
1e:3b:82:5b:3f:a0:d2:39:bc:d9:01:b9:10:2b:cc:ef:88:ad:
a8:a9:fd:a4:21:5c:bf:2b:5a:1c:e4:c5:55:5e:82:c2:11:ed:
ce:37:51:7f:50:e9:45:8e:72:9a:2b:6c:73:1b:c7:29:88:38:
64:b3:ab:61:86:63:8b:37:e3:4d:35:2e:0a:89:2d:f7:f0:20:
80:ee:49:71:f2:da:d6:b4:77:bf:25:37:87:90:aa:67:87:fc:
88:90:10:0a:5b:7e:6a:cc:29:71:7c:ae:7c:c2:b9:cf:b9:2f:
c7:11:df:4e:87:bd:5f:5b:97:aa:95:0d:98:08:9d:1d:5c:c5:
3f:eb:58:b1:32:d7:62:fd:e9:bb:0d:9c:36:eb:c1:bc:f1:55:
bd:66:23:f3
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZlj1dr70g4VfNxKKpbW7VfDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMTViZTQ1MzJlOTU4OGM0MDUzMWE3ZjMzMWVhYmZiZjQ3
NzBhNWUwHhcNMjUwOTE5MjExNjIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTI3NzA2ZTdlODAyZWMxMDY3YmZjOTRlOWM1ZTAxMWQxM2Q3ZDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYNTvB3GUCMe0n7+RMICx2jsxFkO
NK94a5lste8ehS/7Kq3Tqwu/oZbo5v5tmt5lmruSx5yBfaR3+CiK9cDhWUe+cGwi
AQ4Ja4f8j7hSdI3dcBxqXC39JwttAq0Yvlb9/D7ZnoS1yt3mJMguWKGBbpUqQakc
CGj0/HLaxTYOvBmt2YcYSdG18qmb3LQVLjoHB1gv3iEL8ud7daVRhZs+W1ecPhKk
9Y1W4RPCugSIsoO3FHH0/ghYI3MWXCZkgalHZCZHfUdOXsnEi80OJQqscEn8lBDc
UDzUdS23GMasO2YkdsfVMT7d1yjY/B2sbXkS1u1aibHtvZvWHNwxubyE9wIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFEEncG5+gC7BBnv8lOnF4BHRPX2cMB8GA1UdIwQY
MBaAFOIVvkUy6ViMQFMafzMeq/v0dwpeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGhXLVJUTHBXSXhBVXhwX014NnItX1IzQ2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS80ZWU4NWUtMjJjYi00MmVkLTkwNzEt
NDY1MWZkODAyNzM3LzEvUVNkd2JuNkFMc0VHZV95VTZjWGdFZEU5Zlp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS80ZWU4NWUtMjJjYi00MmVkLTkwNzEtNDY1MWZkODAyNzM3
LzEvNGhXLVJUTHBXSXhBVXhwX014NnItX1IzQ2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBUBAIAATBOAwQAJToRMAwD
BAAlOhMDBAElOhQDBAAlOhcDBAQuFJADBARRFmAwDAMEA1+AOAMEAF+AOgMEAl+A
PDAMAwQAuTjtAwQEuTjgAwQCuTtIMA8EAgACMAkDBwEqAtxAAAAwDQYJKoZIhvcN
AQELBQADggEBALtXfIChVhDDMQrrYKrhCUL3mH/0jOpghbGk2sJV2LR3ZPHAhk19
P4DTYitp6jNtTB+bn1mc5N9DEVGCG3U1buBXOHOG1vRvsOyWSV0l4W412u/Iy00A
nXhQGgOTvDnY77dVIgsm/1Dv4aMRPB47gls/oNI5vNkBuRArzO+Iraip/aQhXL8r
WhzkxVVegsIR7c43UX9Q6UWOcporbHMbxymIOGSzq2GGY4s34001LgqJLffwIIDu
SXHy2ta0d78lN4eQqmeH/IiQEApbfmrMKXF8rnzCuc+5L8cR306HvV9bl6qVDZgI
nR1cxT/rWLEy12L96bsNnDbrwbzxVb1mI/M=
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:28:46 2025 by rpki-client