Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e804e4-7f30-4049-948b-97923297cda7/1/q-MJPgpoCVNAGtgvIouNXgLENzk.roa
File: q-MJPgpoCVNAGtgvIouNXgLENzk.roa (raw, json)
Hash identifier: BsC2KZYLnHn1uQcqBwkrRXQi/zA43li7q/QWJIEDjzs=
Subject key identifier: AB:E3:09:3E:0A:68:09:53:40:1A:D8:2F:22:8B:8D:5E:02:C4:37:39
Certificate issuer: /CN=d39493a17997d31e8d5aa6ccc9a6bd757f15c030
Certificate serial: 0198C751821EA6D9753C75600FBEB1A0F446
Authority key identifier: D3:94:93:A1:79:97:D3:1E:8D:5A:A6:CC:C9:A6:BD:75:7F:15:C0:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/05SToXmX0x6NWqbMyaa9dX8VwDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e804e4-7f30-4049-948b-97923297cda7/1/q-MJPgpoCVNAGtgvIouNXgLENzk.roa
Signing time: Wed 20 Aug 2025 11:51:04 +0000
ROA not before: Wed 20 Aug 2025 11:51:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47447
IP address blocks: 62.113.192.0/18 maxlen: 24
95.214.236.0/22 maxlen: 24
185.13.68.0/22 maxlen: 24
185.252.32.0/22 maxlen: 22
212.83.32.0/19 maxlen: 24
2a00:f48::/32 maxlen: 32
2a0c:2040::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/e804e4-7f30-4049-948b-97923297cda7/1/05SToXmX0x6NWqbMyaa9dX8VwDA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/e804e4-7f30-4049-948b-97923297cda7/1/05SToXmX0x6NWqbMyaa9dX8VwDA.mft
rsync://rpki.ripe.net/repository/DEFAULT/05SToXmX0x6NWqbMyaa9dX8VwDA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 17:19:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c7:51:82:1e:a6:d9:75:3c:75:60:0f:be:b1:a0:f4:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d39493a17997d31e8d5aa6ccc9a6bd757f15c030
Validity
Not Before: Aug 20 11:51:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=abe3093e0a680953401ad82f228b8d5e02c43739
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:68:b2:8d:cb:48:64:57:da:4e:a8:b9:88:b0:
87:e7:53:f3:e8:48:c1:4e:2b:3f:5b:34:15:ed:4a:
1b:cd:4f:5a:bc:55:92:04:ce:3a:06:54:dc:ad:de:
7b:06:18:51:8b:ad:fd:61:d3:1d:34:9e:93:9e:af:
f3:85:5a:1b:b8:a8:07:be:29:d1:af:95:54:df:87:
82:6b:3d:a2:29:87:21:fa:c5:e2:6b:9e:19:77:73:
6f:ec:20:a1:a3:db:6b:aa:71:1c:31:93:44:24:e2:
f0:d0:6a:90:68:1c:c6:51:eb:bf:49:f3:aa:25:cf:
e7:2a:b7:36:86:53:f3:59:6c:d1:73:72:61:b2:7a:
1c:c4:49:92:c8:b5:a9:4b:27:c5:b3:f3:2f:81:21:
af:ec:6f:27:a4:bf:8b:c7:10:ba:08:f6:f8:09:92:
c3:01:d2:66:6e:5c:52:71:6f:a7:9c:0f:f3:a4:c5:
13:1e:cb:ee:b4:55:7d:33:71:93:d4:0d:02:f5:99:
f5:65:ad:e9:48:59:80:5e:b5:2e:13:55:92:2d:cb:
4f:e0:68:ad:89:7f:70:87:89:34:17:8c:79:cb:25:
ee:2f:91:1c:f2:bd:3d:08:c1:f3:8f:3b:50:0b:77:
ca:bf:0f:eb:ec:58:69:1b:d2:e0:e8:db:53:3b:f1:
4a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:E3:09:3E:0A:68:09:53:40:1A:D8:2F:22:8B:8D:5E:02:C4:37:39
X509v3 Authority Key Identifier:
keyid:D3:94:93:A1:79:97:D3:1E:8D:5A:A6:CC:C9:A6:BD:75:7F:15:C0:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/05SToXmX0x6NWqbMyaa9dX8VwDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e804e4-7f30-4049-948b-97923297cda7/1/q-MJPgpoCVNAGtgvIouNXgLENzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e804e4-7f30-4049-948b-97923297cda7/1/05SToXmX0x6NWqbMyaa9dX8VwDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.113.192.0/18
95.214.236.0/22
185.13.68.0/22
185.252.32.0/22
212.83.32.0/19
IPv6:
2a00:f48::/32
2a0c:2040::/29
Signature Algorithm: sha256WithRSAEncryption
54:24:37:57:6d:30:0d:22:e3:31:af:34:00:c8:39:44:28:84:
88:95:43:0a:69:ef:52:3a:9d:6e:3e:f3:67:5d:32:4c:5b:b1:
4b:15:0f:7c:be:42:bf:36:1d:d6:49:bc:61:61:f4:56:43:20:
10:24:56:28:35:b9:29:54:85:c1:ea:bf:bd:f3:cf:f7:81:5f:
d3:39:49:b5:57:54:2b:1e:50:49:66:96:b8:b4:02:63:eb:08:
8c:f1:cc:c3:55:8e:d1:bb:eb:c1:3e:4a:90:e9:88:32:60:80:
e6:66:23:58:84:94:5f:85:57:79:4e:29:68:5b:78:65:17:23:
33:fc:07:db:d4:01:6a:20:a6:a5:43:2c:43:8b:a9:08:43:01:
03:6a:4a:d8:e6:d8:98:52:df:50:7c:e0:74:c4:39:d2:92:c5:
d8:65:c1:b3:b6:6f:ca:e5:f6:50:e7:b9:63:92:9a:b6:63:21:
ff:eb:55:c4:7b:bf:c0:63:53:18:c6:39:67:8e:b1:7e:48:56:
fd:6a:9e:f1:ee:1c:46:95:02:50:23:9a:85:32:45:67:bd:78:
de:47:c5:0f:42:7f:1a:49:f9:60:45:6c:45:36:b5:e4:eb:70:
8d:c9:4a:55:58:9f:14:5c:12:5c:53:7d:8f:d5:5f:31:96:c6:
db:3e:25:20
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZjHUYIeptl1PHVgD76xoPRGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzOTQ5M2ExNzk5N2QzMWU4ZDVhYTZjY2M5YTZiZDc1N2Yx
NWMwMzAwHhcNMjUwODIwMTE1MTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmUzMDkzZTBhNjgwOTUzNDAxYWQ4MmYyMjhiOGQ1ZTAyYzQzNzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGiyjctIZFfaTqi5iLCH51Pz6EjB
Tis/WzQV7UobzU9avFWSBM46BlTcrd57BhhRi639YdMdNJ6Tnq/zhVobuKgHvinR
r5VU34eCaz2iKYch+sXia54Zd3Nv7CCho9trqnEcMZNEJOLw0GqQaBzGUeu/SfOq
Jc/nKrc2hlPzWWzRc3JhsnocxEmSyLWpSyfFs/MvgSGv7G8npL+LxxC6CPb4CZLD
AdJmblxScW+nnA/zpMUTHsvutFV9M3GT1A0C9Zn1Za3pSFmAXrUuE1WSLctP4Git
iX9wh4k0F4x5yyXuL5Ec8r09CMHzjztQC3fKvw/r7FhpG9Lg6NtTO/FKfQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFKvjCT4KaAlTQBrYLyKLjV4CxDc5MB8GA1UdIwQY
MBaAFNOUk6F5l9MejVqmzMmmvXV/FcAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDVTVG9YbVgweDZOV3FiTXlhYTlkWDhWd0RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lODA0ZTQtN2YzMC00MDQ5LTk0OGIt
OTc5MjMyOTdjZGE3LzEvcS1NSlBncG9DVk5BR3RndklvdU5YZ0xFTnprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lODA0ZTQtN2YzMC00MDQ5LTk0OGItOTc5MjMyOTdjZGE3
LzEvMDVTVG9YbVgweDZOV3FiTXlhYTlkWDhWd0RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQGPnHAAwQC
X9bsAwQCuQ1EAwQCufwgAwQF1FMgMBQEAgACMA4DBQAqAA9IAwUDKgwgQDANBgkq
hkiG9w0BAQsFAAOCAQEAVCQ3V20wDSLjMa80AMg5RCiEiJVDCmnvUjqdbj7zZ10y
TFuxSxUPfL5CvzYd1km8YWH0VkMgECRWKDW5KVSFweq/vfPP94Ff0zlJtVdUKx5Q
SWaWuLQCY+sIjPHMw1WO0bvrwT5KkOmIMmCA5mYjWISUX4VXeU4paFt4ZRcjM/wH
29QBaiCmpUMsQ4upCEMBA2pK2ObYmFLfUHzgdMQ50pLF2GXBs7ZvyuX2UOe5Y5Ka
tmMh/+tVxHu/wGNTGMY5Z46xfkhW/Wqe8e4cRpUCUCOahTJFZ7143kfFD0J/Gkn5
YEVsRTa15OtwjclKVVifFFwSXFN9j9VfMZbG2z4lIA==
-----END CERTIFICATE-----
Generated at Sun Aug 24 03:09:36 2025 by rpki-client