Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/qBT7a5CpMfyvurJ2SX8QUT0oraU.roa
File: qBT7a5CpMfyvurJ2SX8QUT0oraU.roa (raw, json)
Hash identifier: hc2fg3T7W+eYu2lwU1oNlfPn3yPiUOsKzcmNvDQBw90=
Subject key identifier: A8:14:FB:6B:90:A9:31:FC:AF:BA:B2:76:49:7F:10:51:3D:28:AD:A5
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 0199DFFAC78F678E0478505A80209D3A0B33
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/qBT7a5CpMfyvurJ2SX8QUT0oraU.roa
Signing time: Mon 13 Oct 2025 23:49:38 +0000
ROA not before: Mon 13 Oct 2025 23:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 9.142.0.0/16 maxlen: 16
9.142.64.0/20 maxlen: 20
9.142.128.0/19 maxlen: 19
9.142.160.0/19 maxlen: 19
9.142.224.0/20 maxlen: 20
138.226.32.0/20 maxlen: 20
138.226.80.0/21 maxlen: 21
138.226.120.0/21 maxlen: 21
138.226.128.0/18 maxlen: 18
158.120.49.0/24 maxlen: 24
158.120.51.0/24 maxlen: 24
158.120.53.0/24 maxlen: 24
158.120.55.0/24 maxlen: 24
158.120.57.0/24 maxlen: 24
158.120.59.0/24 maxlen: 24
158.120.61.0/24 maxlen: 24
158.120.63.0/24 maxlen: 24
192.46.184.0/21 maxlen: 21
192.46.184.0/22 maxlen: 22
192.46.188.0/24 maxlen: 24
192.46.200.0/22 maxlen: 22
192.53.64.0/22 maxlen: 22
192.53.68.0/22 maxlen: 22
192.53.136.0/22 maxlen: 22
192.53.140.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.mft
rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:df:fa:c7:8f:67:8e:04:78:50:5a:80:20:9d:3a:0b:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Oct 13 23:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a814fb6b90a931fcafbab276497f10513d28ada5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:76:c8:cf:b7:fa:36:ac:19:18:e5:d1:06:74:
f2:df:37:33:50:6f:d7:e5:9c:de:53:c7:a0:84:c5:
9b:d9:a5:c8:7b:c3:c1:c5:97:24:8b:dc:58:a6:1c:
b9:87:7b:2a:be:16:48:8f:6b:ba:94:e5:fd:74:fb:
a6:c1:2e:de:5e:ac:62:db:f6:17:ec:fc:6d:fe:c7:
a4:be:12:7a:05:d5:88:19:ed:0f:cc:69:db:0c:67:
6d:bf:df:0d:0e:e5:b2:36:9e:3b:81:b5:cf:0b:b0:
73:d4:14:89:d8:c0:fc:88:ad:df:1a:1b:8c:a4:5b:
af:75:bd:69:2e:5e:51:ad:62:82:c1:f0:78:1b:7d:
a7:e6:4d:90:6c:be:b7:a5:df:2f:c0:71:d1:b9:0f:
7d:d8:a8:c7:b1:57:a5:3b:c3:4b:b7:33:18:44:f7:
3a:08:c5:41:da:f1:77:ae:8f:fc:7c:30:49:03:ab:
bd:97:7a:76:b0:89:b2:c8:b1:46:b6:d7:51:b1:1e:
86:e1:3d:68:bf:b5:6a:99:85:67:57:5e:b2:a7:df:
1b:d8:5d:18:30:23:04:7b:56:c2:d6:76:6c:9e:c8:
d4:6c:5c:19:88:39:e9:09:08:0d:5a:07:bd:ef:49:
45:af:b8:8a:73:a6:f0:24:f6:3c:7f:16:9a:01:9f:
8d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:14:FB:6B:90:A9:31:FC:AF:BA:B2:76:49:7F:10:51:3D:28:AD:A5
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/qBT7a5CpMfyvurJ2SX8QUT0oraU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
9.142.0.0/16
138.226.32.0/20
138.226.80.0/21
138.226.120.0-138.226.191.255
158.120.49.0/24
158.120.51.0/24
158.120.53.0/24
158.120.55.0/24
158.120.57.0/24
158.120.59.0/24
158.120.61.0/24
158.120.63.0/24
192.46.184.0/21
192.46.200.0/22
192.53.64.0/21
192.53.136.0/21
Signature Algorithm: sha256WithRSAEncryption
90:d0:d9:07:be:f2:97:23:0f:11:29:1c:d9:9f:70:75:6b:6a:
6d:2e:65:c3:d8:b1:e0:82:c5:af:64:58:71:18:5c:80:47:1b:
ca:62:cc:0e:c1:f5:61:96:39:23:19:cd:a0:52:3d:e6:3a:9f:
e5:53:92:b0:f2:c4:dc:15:ac:f7:c6:02:0c:94:3a:74:ee:13:
c1:ca:b4:f9:f9:c9:39:a5:53:9b:bc:fc:28:d0:fa:e0:1c:d6:
b8:1c:e0:34:a8:22:95:62:cc:45:77:94:62:e2:84:e2:27:59:
83:58:fe:78:e4:ca:b7:76:ea:00:6f:1e:58:6d:57:83:4f:b5:
a6:0d:d2:b7:4b:ad:be:a4:e0:d8:84:6b:2f:00:af:22:e8:91:
84:bd:64:eb:d1:0f:6b:e8:f5:d1:ce:24:ae:c5:63:91:0c:96:
e9:72:1c:ed:94:0d:72:fb:87:67:c9:0f:b5:6f:8a:ee:a4:1b:
99:6b:1f:db:d5:b6:d6:fb:c4:c8:04:f3:75:31:85:3e:9d:65:
1d:ae:b7:18:ea:e8:dc:a7:fe:5b:7c:d6:27:9b:28:71:7c:72:
d8:e7:77:ea:72:83:70:6d:33:34:68:f7:ed:d6:f0:0d:6d:ba:
c9:a1:37:c3:95:c6:f6:87:0d:22:e6:6d:15:d9:cf:d9:79:1d:
6b:90:af:0d
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAZnf+sePZ44EeFBagCCdOgszMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjUxMDEzMjM0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODE0ZmI2YjkwYTkzMWZjYWZiYWIyNzY0OTdmMTA1MTNkMjhhZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3bIz7f6NqwZGOXRBnTy3zczUG/X
5ZzeU8eghMWb2aXIe8PBxZcki9xYphy5h3sqvhZIj2u6lOX9dPumwS7eXqxi2/YX
7Pxt/sekvhJ6BdWIGe0PzGnbDGdtv98NDuWyNp47gbXPC7Bz1BSJ2MD8iK3fGhuM
pFuvdb1pLl5RrWKCwfB4G32n5k2QbL63pd8vwHHRuQ992KjHsVelO8NLtzMYRPc6
CMVB2vF3ro/8fDBJA6u9l3p2sImyyLFGttdRsR6G4T1ov7VqmYVnV16yp98b2F0Y
MCMEe1bC1nZsnsjUbFwZiDnpCQgNWge970lFr7iKc6bwJPY8fxaaAZ+NDwIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFKgU+2uQqTH8r7qydkl/EFE9KK2lMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvcUJUN2E1Q3BNZnl2dXJKMlNYOFFVVDBvcmFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wbQQCAAEwZwMDAAmOAwQE
iuIgAwQDiuJQMAwDBAOK4ngDBAaK4oADBACeeDEDBACeeDMDBACeeDUDBACeeDcD
BACeeDkDBACeeDsDBACeeD0DBACeeD8DBAPALrgDBALALsgDBAPANUADBAPANYgw
DQYJKoZIhvcNAQELBQADggEBAJDQ2Qe+8pcjDxEpHNmfcHVram0uZcPYseCCxa9k
WHEYXIBHG8pizA7B9WGWOSMZzaBSPeY6n+VTkrDyxNwVrPfGAgyUOnTuE8HKtPn5
yTmlU5u8/CjQ+uAc1rgc4DSoIpVizEV3lGLihOInWYNY/njkyrd26gBvHlhtV4NP
taYN0rdLrb6k4NiEay8AryLokYS9ZOvRD2vo9dHOJK7FY5EMlulyHO2UDXL7h2fJ
D7Vviu6kG5lrH9vVttb7xMgE83UxhT6dZR2utxjq6Nyn/lt81iebKHF8ctjnd+py
g3BtMzRo9+3W8A1tusmhN8OVxvaHDSLmbRXZz9l5HWuQrw0=
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:04:59 2025 by rpki-client