Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9d3de4-76a5-4941-b626-e954e16ab27d/1/QGurDva1s4alg8iGu6qVYxbvUlE.roa
File: QGurDva1s4alg8iGu6qVYxbvUlE.roa (raw, json)
Hash identifier: eFsT2lU76i8V7l6B+0U5YuaE3bHnUDv4afzG2LbiiJM=
Subject key identifier: 40:6B:AB:0E:F6:B5:B3:86:A5:83:C8:86:BB:AA:95:63:16:EF:52:51
Certificate issuer: /CN=0d6bb59e97bf3b1efc3569df956c45e472849861
Certificate serial: 0198ADA88C47106E0342FD4AB9EF0453E8A7
Authority key identifier: 0D:6B:B5:9E:97:BF:3B:1E:FC:35:69:DF:95:6C:45:E4:72:84:98:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DWu1npe_Ox78NWnflWxF5HKEmGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9d3de4-76a5-4941-b626-e954e16ab27d/1/QGurDva1s4alg8iGu6qVYxbvUlE.roa
Signing time: Fri 15 Aug 2025 12:16:00 +0000
ROA not before: Fri 15 Aug 2025 12:16:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40999
IP address blocks: 178.16.48.0/22 maxlen: 22
2a04:2100::/32 maxlen: 32
2a04:2101::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/9d3de4-76a5-4941-b626-e954e16ab27d/1/DWu1npe_Ox78NWnflWxF5HKEmGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/9d3de4-76a5-4941-b626-e954e16ab27d/1/DWu1npe_Ox78NWnflWxF5HKEmGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/DWu1npe_Ox78NWnflWxF5HKEmGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ad:a8:8c:47:10:6e:03:42:fd:4a:b9:ef:04:53:e8:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d6bb59e97bf3b1efc3569df956c45e472849861
Validity
Not Before: Aug 15 12:16:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=406bab0ef6b5b386a583c886bbaa956316ef5251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:af:6a:dc:4d:1e:55:ac:45:d8:4c:54:d9:64:
91:f7:3f:2b:b7:ef:93:ea:fd:03:11:21:e9:eb:ae:
4a:b8:0b:15:7f:92:b8:a2:b6:bd:67:0c:54:0f:53:
df:89:5b:6d:a6:16:3f:dd:ec:b6:9b:a0:ef:bd:03:
93:d7:3f:5c:25:cc:c3:89:6c:da:45:fa:6e:db:d7:
6c:fe:c2:a8:dc:3e:9b:44:e0:ec:71:8e:36:a3:9a:
0d:8f:0c:4d:1a:ca:e6:48:ca:8f:5e:5c:95:61:de:
07:33:ee:5d:16:2b:b1:f9:0c:d7:69:d6:94:28:e1:
bf:f5:10:01:2d:ad:56:53:a5:59:97:4a:65:f2:6a:
2b:30:2a:30:f4:2f:76:24:d3:b4:88:f9:dd:48:14:
aa:e0:dd:8f:f2:34:16:1e:ad:65:4e:95:37:d4:e1:
ab:ed:26:66:6c:8f:45:18:8b:47:2b:7c:45:af:3f:
3c:15:c7:2f:79:57:18:0f:e0:46:25:7a:76:57:7a:
ee:26:af:ce:11:2c:0b:9d:f8:9c:a7:3c:ba:ac:11:
15:43:d9:f9:67:b7:f1:dd:86:28:0d:e7:7f:dd:38:
07:cd:8b:05:38:d4:ef:1e:01:e0:25:bf:66:fb:8e:
b1:f0:8f:57:33:ab:1e:4b:fb:59:64:04:4f:2f:b0:
74:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:6B:AB:0E:F6:B5:B3:86:A5:83:C8:86:BB:AA:95:63:16:EF:52:51
X509v3 Authority Key Identifier:
keyid:0D:6B:B5:9E:97:BF:3B:1E:FC:35:69:DF:95:6C:45:E4:72:84:98:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DWu1npe_Ox78NWnflWxF5HKEmGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9d3de4-76a5-4941-b626-e954e16ab27d/1/QGurDva1s4alg8iGu6qVYxbvUlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9d3de4-76a5-4941-b626-e954e16ab27d/1/DWu1npe_Ox78NWnflWxF5HKEmGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.16.48.0/22
IPv6:
2a04:2100::/31
Signature Algorithm: sha256WithRSAEncryption
13:92:eb:dc:3a:6b:cd:95:94:a7:b9:8c:0f:7c:01:fb:4d:db:
27:8c:1b:56:70:0b:5c:b0:27:5d:62:2f:0f:6d:ca:e1:4d:58:
92:09:39:31:d4:02:bd:91:d9:01:ff:cf:e9:05:eb:66:df:c9:
dc:01:dd:fc:df:2b:36:c9:bb:5b:05:05:9f:57:92:8b:be:6f:
c6:a1:df:66:07:3b:19:5a:2c:39:50:a9:0b:60:7f:f7:19:10:
cc:f4:34:8f:99:2a:11:15:d0:60:bc:f8:d1:84:3a:50:8a:ea:
4a:f1:b5:f2:92:5e:dd:54:d2:3f:2a:67:49:a0:8f:34:b6:d4:
c5:4a:32:26:7e:a1:ca:ba:ed:aa:d4:96:fb:31:85:0f:c8:94:
e9:37:67:b2:f1:10:38:5d:0b:8c:bf:93:9c:03:28:61:39:b9:
cb:7e:92:b2:8b:38:05:d0:d3:0f:3f:3f:76:46:aa:9a:2e:11:
06:37:de:c3:f1:2d:2a:e7:11:15:3c:fd:a5:37:01:ba:c6:91:
fa:c3:55:e8:80:15:e2:cd:ad:84:19:ef:b5:20:28:87:56:5a:
d1:ce:ef:e9:1f:ca:b0:61:8b:3a:0e:fa:f7:77:00:57:7a:0a:
80:32:5f:11:98:ee:38:5d:b8:b9:7e:76:e7:83:12:f7:87:a6:
b6:71:b2:23
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZitqIxHEG4DQv1Kue8EU+inMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNmJiNTllOTdiZjNiMWVmYzM1NjlkZjk1NmM0NWU0NzI4
NDk4NjEwHhcNMjUwODE1MTIxNjAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDZiYWIwZWY2YjViMzg2YTU4M2M4ODZiYmFhOTU2MzE2ZWY1MjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs69q3E0eVaxF2ExU2WSR9z8rt++T
6v0DESHp665KuAsVf5K4ora9ZwxUD1PfiVttphY/3ey2m6DvvQOT1z9cJczDiWza
Rfpu29ds/sKo3D6bRODscY42o5oNjwxNGsrmSMqPXlyVYd4HM+5dFiux+QzXadaU
KOG/9RABLa1WU6VZl0pl8morMCow9C92JNO0iPndSBSq4N2P8jQWHq1lTpU31OGr
7SZmbI9FGItHK3xFrz88FccveVcYD+BGJXp2V3ruJq/OESwLnficpzy6rBEVQ9n5
Z7fx3YYoDed/3TgHzYsFONTvHgHgJb9m+46x8I9XM6seS/tZZARPL7B0hQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEBrqw72tbOGpYPIhruqlWMW71JRMB8GA1UdIwQY
MBaAFA1rtZ6Xvzse/DVp35VsReRyhJhhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFd1MW5wZV9PeDc4TlduZmxXeEY1SEtFbUdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZDNkZTQtNzZhNS00OTQxLWI2MjYt
ZTk1NGUxNmFiMjdkLzEvUUd1ckR2YTFzNGFsZzhpR3U2cVZZeGJ2VWxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZDNkZTQtNzZhNS00OTQxLWI2MjYtZTk1NGUxNmFiMjdk
LzEvRFd1MW5wZV9PeDc4TlduZmxXeEY1SEtFbUdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCshAwMA0E
AgACMAcDBQEqBCEAMA0GCSqGSIb3DQEBCwUAA4IBAQATkuvcOmvNlZSnuYwPfAH7
TdsnjBtWcAtcsCddYi8PbcrhTViSCTkx1AK9kdkB/8/pBetm38ncAd383ys2ybtb
BQWfV5KLvm/God9mBzsZWiw5UKkLYH/3GRDM9DSPmSoRFdBgvPjRhDpQiupK8bXy
kl7dVNI/KmdJoI80ttTFSjImfqHKuu2q1Jb7MYUPyJTpN2ey8RA4XQuMv5OcAyhh
ObnLfpKyizgF0NMPPz92RqqaLhEGN97D8S0q5xEVPP2lNwG6xpH6w1XogBXiza2E
Ge+1ICiHVlrRzu/pH8qwYYs6Dvr3dwBXegqAMl8RmO44Xbi5fnbngxL3h6a2cbIj
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:02:42 2025 by rpki-client