Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/29a3d8-fb46-40c5-8f36-371b16e51790/1/QhmGkcRygSZ5ihQLsVW91SIUW9s.roa
File: QhmGkcRygSZ5ihQLsVW91SIUW9s.roa (raw, json)
Hash identifier: YN0HNJUwhKmoGvr9Z1SSlKCl4sVnuUTF191h7YfoZmg=
Subject key identifier: 42:19:86:91:C4:72:81:26:79:8A:14:0B:B1:55:BD:D5:22:14:5B:DB
Certificate issuer: /CN=31389ef4ca8ce681d6b83e0be4c886a3a7456028
Certificate serial: 019986225B8CACB1A2CA511B11214139A32E
Authority key identifier: 31:38:9E:F4:CA:8C:E6:81:D6:B8:3E:0B:E4:C8:86:A3:A7:45:60:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTie9MqM5oHWuD4L5MiGo6dFYCg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/29a3d8-fb46-40c5-8f36-371b16e51790/1/QhmGkcRygSZ5ihQLsVW91SIUW9s.roa
Signing time: Fri 26 Sep 2025 13:07:02 +0000
ROA not before: Fri 26 Sep 2025 13:07:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5089
IP address blocks: 185.111.128.0/22 maxlen: 22
185.193.232.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/29a3d8-fb46-40c5-8f36-371b16e51790/1/MTie9MqM5oHWuD4L5MiGo6dFYCg.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/29a3d8-fb46-40c5-8f36-371b16e51790/1/MTie9MqM5oHWuD4L5MiGo6dFYCg.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTie9MqM5oHWuD4L5MiGo6dFYCg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 10:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:86:22:5b:8c:ac:b1:a2:ca:51:1b:11:21:41:39:a3:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31389ef4ca8ce681d6b83e0be4c886a3a7456028
Validity
Not Before: Sep 26 13:07:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42198691c4728126798a140bb155bdd522145bdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9a:23:0e:5a:00:b6:5c:eb:22:9c:a3:d7:ac:
03:44:df:61:3a:fc:78:e7:c5:3d:7e:e0:db:79:e6:
8f:cf:40:43:6f:df:fa:7e:85:f7:f2:83:b7:ac:73:
d8:36:e4:b7:13:8b:be:2b:42:12:61:97:c5:a2:47:
8e:34:bc:a3:87:c2:6f:0d:ae:73:05:c4:ba:eb:35:
95:4a:fe:41:83:bf:e3:33:0e:be:7e:88:a2:9d:4e:
e7:54:94:27:eb:27:a7:4c:3d:d6:d1:6d:d1:a3:3e:
0f:d4:bc:07:37:61:24:db:14:4a:f1:bd:84:e7:14:
e7:86:c8:7c:a4:15:cf:94:1b:02:f4:d9:d2:56:ec:
76:1c:1a:74:e5:a7:4c:74:cf:2c:53:1a:b7:8c:35:
d0:e7:13:c6:ac:13:f0:23:3d:f3:f0:12:37:55:f4:
0d:16:0b:7b:6a:6f:c4:e7:4c:aa:89:46:a7:c0:61:
dc:8c:ee:56:4c:b8:6c:bf:64:8e:4d:e9:e7:8f:7f:
66:1f:2f:c0:18:53:22:13:9c:ba:d3:c2:d9:12:db:
18:0b:2c:3e:f3:61:18:86:ce:4b:89:fa:16:43:2e:
cb:e9:b4:2a:5b:63:1e:43:5f:1e:95:d4:6d:f9:78:
93:8d:20:c4:78:fe:82:61:99:6e:a6:bf:03:00:74:
95:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:19:86:91:C4:72:81:26:79:8A:14:0B:B1:55:BD:D5:22:14:5B:DB
X509v3 Authority Key Identifier:
keyid:31:38:9E:F4:CA:8C:E6:81:D6:B8:3E:0B:E4:C8:86:A3:A7:45:60:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTie9MqM5oHWuD4L5MiGo6dFYCg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/29a3d8-fb46-40c5-8f36-371b16e51790/1/QhmGkcRygSZ5ihQLsVW91SIUW9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/29a3d8-fb46-40c5-8f36-371b16e51790/1/MTie9MqM5oHWuD4L5MiGo6dFYCg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.128.0/22
185.193.232.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:bc:ba:61:b8:c2:3f:b1:4a:d0:2b:73:f1:15:51:a7:04:8e:
a8:b7:14:73:7c:08:4c:3a:0e:5d:af:78:41:65:04:e6:87:da:
d8:7d:34:6d:9b:ee:f0:d1:20:f2:98:8e:c4:17:56:0f:5f:33:
8d:5c:6e:fb:2e:93:c0:94:d2:b0:92:20:0f:92:e1:ee:b3:f9:
a1:d1:d1:6a:5e:c0:b7:56:b6:93:05:55:75:88:a5:d2:3e:83:
4d:66:f4:a3:38:fe:74:76:5c:4b:15:17:44:26:8b:5e:47:3d:
8b:c8:fa:7a:b3:f3:65:db:86:e9:06:58:12:5c:27:23:f5:fa:
9d:ba:5a:d2:8c:16:2b:ff:5c:f9:8b:00:b2:e0:3c:e4:0e:d5:
94:6b:7f:ef:b5:3d:9e:f1:45:02:c7:5f:eb:98:fd:8f:a2:94:
ee:bd:10:2c:1f:73:69:bd:cc:66:1f:e2:a2:e0:7a:f2:5d:24:
80:1f:3e:5a:ea:6a:dd:09:af:e8:9f:ae:4a:5e:f7:95:00:4c:
f2:b0:08:a2:57:60:6e:ab:1d:8a:e3:63:b1:e2:69:a9:51:6b:
9d:ab:40:6c:70:65:e8:9a:e6:5c:1f:b4:45:e1:0c:44:66:71:
7f:35:41:2b:ca:c1:df:f5:ca:9f:c7:4c:96:bd:07:79:79:1a:
2d:1a:f7:56
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZmGIluMrLGiylEbESFBOaMuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMzg5ZWY0Y2E4Y2U2ODFkNmI4M2UwYmU0Yzg4NmEzYTc0
NTYwMjgwHhcNMjUwOTI2MTMwNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjE5ODY5MWM0NzI4MTI2Nzk4YTE0MGJiMTU1YmRkNTIyMTQ1YmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpojDloAtlzrIpyj16wDRN9hOvx4
58U9fuDbeeaPz0BDb9/6foX38oO3rHPYNuS3E4u+K0ISYZfFokeONLyjh8JvDa5z
BcS66zWVSv5Bg7/jMw6+foiinU7nVJQn6yenTD3W0W3Roz4P1LwHN2Ek2xRK8b2E
5xTnhsh8pBXPlBsC9NnSVux2HBp05adMdM8sUxq3jDXQ5xPGrBPwIz3z8BI3VfQN
Fgt7am/E50yqiUanwGHcjO5WTLhsv2SOTennj39mHy/AGFMiE5y608LZEtsYCyw+
82EYhs5LifoWQy7L6bQqW2MeQ18eldRt+XiTjSDEeP6CYZlupr8DAHSVZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEIZhpHEcoEmeYoUC7FVvdUiFFvbMB8GA1UdIwQY
MBaAFDE4nvTKjOaB1rg+C+TIhqOnRWAoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVRpZTlNcU01b0hXdUQ0TDVNaUdvNmRGWUNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yOWEzZDgtZmI0Ni00MGM1LThmMzYt
MzcxYjE2ZTUxNzkwLzEvUWhtR2tjUnlnU1o1aWhRTHNWVzkxU0lVVzlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yOWEzZDgtZmI0Ni00MGM1LThmMzYtMzcxYjE2ZTUxNzkw
LzEvTVRpZTlNcU01b0hXdUQ0TDVNaUdvNmRGWUNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuW+AAwQC
ucHoMA0GCSqGSIb3DQEBCwUAA4IBAQAdvLphuMI/sUrQK3PxFVGnBI6otxRzfAhM
Og5dr3hBZQTmh9rYfTRtm+7w0SDymI7EF1YPXzONXG77LpPAlNKwkiAPkuHus/mh
0dFqXsC3VraTBVV1iKXSPoNNZvSjOP50dlxLFRdEJoteRz2LyPp6s/Nl24bpBlgS
XCcj9fqdulrSjBYr/1z5iwCy4DzkDtWUa3/vtT2e8UUCx1/rmP2PopTuvRAsH3Np
vcxmH+Ki4HryXSSAHz5a6mrdCa/on65KXveVAEzysAiiV2Buqx2K42Ox4mmpUWud
q0BscGXomuZcH7RF4QxEZnF/NUErysHf9cqfx0yWvQd5eRotGvdW
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:13:09 2025 by rpki-client