Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qQKBZlX2qNvezDH4aA8_TT5fXa0.roa
File: qQKBZlX2qNvezDH4aA8_TT5fXa0.roa (raw, json)
Hash identifier: Y4Yq2ci3ZE3OE+2QpQnuom8Wmg3KanwRCwzY2LSP6io=
Subject key identifier: A9:02:81:66:55:F6:A8:DB:DE:CC:31:F8:68:0F:3F:4D:3E:5F:5D:AD
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0199F16DF5A695694A36480C8AE5FBC726C4
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qQKBZlX2qNvezDH4aA8_TT5fXa0.roa
Signing time: Fri 17 Oct 2025 09:08:59 +0000
ROA not before: Fri 17 Oct 2025 09:08:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 37.202.222.0/24 maxlen: 24
151.240.79.0/24 maxlen: 24
151.240.82.0/24 maxlen: 24
151.241.13.0/24 maxlen: 24
151.241.219.0/24 maxlen: 24
151.242.87.0/24 maxlen: 24
151.242.148.0/24 maxlen: 24
151.242.174.0/23 maxlen: 23
151.242.192.0/23 maxlen: 23
151.243.99.0/24 maxlen: 24
151.243.101.0/24 maxlen: 24
151.244.76.0/24 maxlen: 24
151.244.110.0/24 maxlen: 24
151.244.188.0/24 maxlen: 24
151.245.4.0/24 maxlen: 24
151.245.230.0/24 maxlen: 24
151.247.173.0/24 maxlen: 24
151.247.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f1:6d:f5:a6:95:69:4a:36:48:0c:8a:e5:fb:c7:26:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Oct 17 09:08:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a902816655f6a8dbdecc31f8680f3f4d3e5f5dad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0e:68:69:da:5e:29:60:60:ff:44:0a:0b:6c:
17:0b:a2:c1:17:8e:0d:42:ca:39:c4:6b:29:a5:f5:
2e:b2:b1:05:40:22:b7:bb:2b:33:9b:11:62:4b:c5:
15:d6:45:8f:47:63:59:46:b9:49:94:53:8c:41:71:
e7:73:b3:72:c0:65:4a:3b:16:40:ea:03:10:4d:8d:
c4:b1:a6:25:fc:6e:1a:29:0f:38:e2:91:51:61:0b:
f8:99:ed:20:03:fc:c2:47:6d:a7:da:3d:48:d4:73:
92:28:16:70:52:1d:ec:c8:9b:85:f1:9e:64:b4:71:
0a:42:f6:68:79:ed:df:64:67:15:bf:7f:da:b5:83:
6c:19:3e:7e:e5:02:bb:81:25:e1:4e:9a:5f:e3:50:
ef:60:58:5c:81:b7:cd:c3:0a:7b:6c:5a:57:db:20:
02:0f:41:a4:e7:b1:d6:29:4c:1a:ec:6a:24:ed:d2:
06:e8:cb:23:b4:df:a8:13:26:67:dc:d1:6f:ca:cf:
31:8b:37:4f:b4:56:d8:67:3e:7c:94:da:47:6e:7c:
79:71:55:19:01:2c:85:f2:af:55:7b:7b:b7:dc:dc:
4b:3f:33:aa:5a:78:70:16:17:55:52:5e:d5:7f:26:
7e:be:51:d7:53:db:23:e3:2c:fe:de:b8:b8:ac:c7:
14:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:02:81:66:55:F6:A8:DB:DE:CC:31:F8:68:0F:3F:4D:3E:5F:5D:AD
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qQKBZlX2qNvezDH4aA8_TT5fXa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.222.0/24
151.240.79.0/24
151.240.82.0/24
151.241.13.0/24
151.241.219.0/24
151.242.87.0/24
151.242.148.0/24
151.242.174.0/23
151.242.192.0/23
151.243.99.0/24
151.243.101.0/24
151.244.76.0/24
151.244.110.0/24
151.244.188.0/24
151.245.4.0/24
151.245.230.0/24
151.247.173.0/24
151.247.245.0/24
Signature Algorithm: sha256WithRSAEncryption
45:83:a1:2f:58:3f:97:e1:20:4f:ba:47:d0:44:f7:96:49:9c:
c0:34:55:31:96:48:02:66:7f:b1:b0:63:d4:9c:04:96:0b:7c:
b9:38:87:ea:aa:12:42:aa:94:fa:b5:b0:75:2a:22:12:a0:93:
bf:da:29:2f:fc:23:ed:35:12:2e:53:30:c0:f7:2c:10:fb:91:
4f:7e:2b:ad:ca:d6:4f:f3:6a:f3:37:06:60:c8:e3:68:4b:5a:
02:fa:0e:55:09:ee:30:78:f3:f8:19:97:de:81:d4:99:23:e2:
c4:0a:51:2b:e0:d0:58:ec:4a:c1:a3:55:b8:c2:b3:50:47:77:
3a:7d:fb:70:ea:9d:e5:5a:5d:3f:c7:5b:b4:43:26:dd:40:4f:
91:ac:77:f6:95:69:f1:74:ab:95:b7:40:f5:b3:df:4c:e6:71:
d5:ef:d8:a5:e3:96:fb:4b:63:a1:be:eb:3c:16:1b:a0:fe:1f:
d5:c3:ca:b6:8d:f9:22:3b:2c:9d:9c:43:0f:13:5e:0a:1c:f7:
24:a4:b8:ae:8f:33:50:4b:f4:2d:b0:f1:b2:9d:87:f7:8d:1c:
a0:f9:ad:63:22:02:d7:04:01:0c:d2:4b:99:99:f9:dc:0c:53:
53:78:02:3e:7a:f4:d7:94:e6:40:0e:1c:be:2c:5b:57:88:df:
6e:78:b7:9b
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZnxbfWmlWlKNkgMiuX7xybEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUxMDE3MDkwODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTAyODE2NjU1ZjZhOGRiZGVjYzMxZjg2ODBmM2Y0ZDNlNWY1ZGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuw5oadpeKWBg/0QKC2wXC6LBF44N
Qso5xGsppfUusrEFQCK3uyszmxFiS8UV1kWPR2NZRrlJlFOMQXHnc7NywGVKOxZA
6gMQTY3EsaYl/G4aKQ844pFRYQv4me0gA/zCR22n2j1I1HOSKBZwUh3syJuF8Z5k
tHEKQvZoee3fZGcVv3/atYNsGT5+5QK7gSXhTppf41DvYFhcgbfNwwp7bFpX2yAC
D0Gk57HWKUwa7Gok7dIG6MsjtN+oEyZn3NFvys8xizdPtFbYZz58lNpHbnx5cVUZ
ASyF8q9Ve3u33NxLPzOqWnhwFhdVUl7VfyZ+vlHXU9sj4yz+3ri4rMcU5QIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFKkCgWZV9qjb3swx+GgPP00+X12tMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvcVFLQlpsWDJxTnZlekRINGFBOF9UVDVmWGEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEACXK3gME
AJfwTwMEAJfwUgMEAJfxDQMEAJfx2wMEAJfyVwMEAJfylAMEAZfyrgMEAZfywAME
AJfzYwMEAJfzZQMEAJf0TAMEAJf0bgMEAJf0vAMEAJf1BAMEAJf15gMEAJf3rQME
AJf39TANBgkqhkiG9w0BAQsFAAOCAQEARYOhL1g/l+EgT7pH0ET3lkmcwDRVMZZI
AmZ/sbBj1JwElgt8uTiH6qoSQqqU+rWwdSoiEqCTv9opL/wj7TUSLlMwwPcsEPuR
T34rrcrWT/Nq8zcGYMjjaEtaAvoOVQnuMHjz+BmX3oHUmSPixApRK+DQWOxKwaNV
uMKzUEd3On37cOqd5VpdP8dbtEMm3UBPkax39pVp8XSrlbdA9bPfTOZx1e/YpeOW
+0tjob7rPBYboP4f1cPKto35IjssnZxDDxNeChz3JKS4ro8zUEv0LbDxsp2H940c
oPmtYyIC1wQBDNJLmZn53AxTU3gCPnr015TmQA4cvixbV4jfbni3mw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:26 2025 by rpki-client