Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/QsA63htkLwfYnYHs-Kq4o8mj9CE.roa
File: QsA63htkLwfYnYHs-Kq4o8mj9CE.roa (raw, json)
Hash identifier: rn3uqwJBUFxLOERoWp4bxdCoGJiytcYNcQK3zAQq29M=
Subject key identifier: 42:C0:3A:DE:1B:64:2F:07:D8:9D:81:EC:F8:AA:B8:A3:C9:A3:F4:21
Certificate issuer: /CN=808e238e30dcb759759fb8a394d9e211a28b9d87
Certificate serial: 0198C75BEDAA815D3E5EF98D5C74A18ECD61
Authority key identifier: 80:8E:23:8E:30:DC:B7:59:75:9F:B8:A3:94:D9:E2:11:A2:8B:9D:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gI4jjjDct1l1n7ijlNniEaKLnYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/QsA63htkLwfYnYHs-Kq4o8mj9CE.roa
Signing time: Wed 20 Aug 2025 12:02:27 +0000
ROA not before: Wed 20 Aug 2025 12:02:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6789
IP address blocks: 45.149.244.0/22 maxlen: 22
80.245.112.0/20 maxlen: 20
80.245.112.0/24 maxlen: 24
83.222.0.0/24 maxlen: 24
83.222.1.0/24 maxlen: 24
83.222.2.0/24 maxlen: 24
83.222.3.0/24 maxlen: 24
85.91.192.0/19 maxlen: 19
91.235.13.0/24 maxlen: 24
91.235.14.0/24 maxlen: 24
91.247.96.0/19 maxlen: 19
109.200.128.0/19 maxlen: 19
185.100.103.0/24 maxlen: 24
185.104.92.0/22 maxlen: 22
185.186.232.0/22 maxlen: 22
2a00:1d80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/gI4jjjDct1l1n7ijlNniEaKLnYc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/gI4jjjDct1l1n7ijlNniEaKLnYc.mft
rsync://rpki.ripe.net/repository/DEFAULT/gI4jjjDct1l1n7ijlNniEaKLnYc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c7:5b:ed:aa:81:5d:3e:5e:f9:8d:5c:74:a1:8e:cd:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=808e238e30dcb759759fb8a394d9e211a28b9d87
Validity
Not Before: Aug 20 12:02:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42c03ade1b642f07d89d81ecf8aab8a3c9a3f421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:94:df:9d:9c:14:db:8a:75:a2:ee:de:e6:a3:
10:15:c0:11:04:63:e2:a4:8a:44:42:cf:e5:3d:1c:
fd:93:a6:18:dc:68:3c:43:3c:37:ef:b0:58:06:d4:
f0:bb:e6:8a:14:53:60:1b:2b:2c:09:6b:0f:8b:3b:
20:33:22:7c:d4:2d:82:22:52:f9:a8:17:8a:fd:64:
30:3b:a1:70:4d:a8:4a:c9:08:07:c5:0a:46:99:81:
9e:6a:a3:65:9e:06:5f:36:a5:03:8b:6b:40:81:1a:
f7:6f:f6:9b:1e:bb:ba:85:09:75:81:28:53:56:49:
0d:2f:e9:54:ec:a4:0f:8d:49:7b:85:a0:a1:cf:d7:
0c:1c:b3:f5:53:89:26:68:f7:d1:c1:07:14:4b:2e:
1d:7f:a4:7f:76:c1:36:d0:9d:c2:20:c3:dc:7c:9b:
55:e0:0b:36:07:4e:d2:34:3e:52:28:03:3e:86:43:
88:78:ce:50:fa:ad:e4:3d:06:56:1a:3c:cf:91:36:
74:98:60:54:a8:89:04:64:70:be:74:88:5a:7f:b5:
82:37:da:3c:fc:6e:cc:87:8f:87:21:0e:11:06:78:
75:04:d3:38:ea:14:56:c4:a1:59:44:c9:8b:96:6f:
d7:5e:69:2a:57:fd:7c:5e:e5:9c:14:08:e4:cd:d8:
72:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:C0:3A:DE:1B:64:2F:07:D8:9D:81:EC:F8:AA:B8:A3:C9:A3:F4:21
X509v3 Authority Key Identifier:
keyid:80:8E:23:8E:30:DC:B7:59:75:9F:B8:A3:94:D9:E2:11:A2:8B:9D:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gI4jjjDct1l1n7ijlNniEaKLnYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/QsA63htkLwfYnYHs-Kq4o8mj9CE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/gI4jjjDct1l1n7ijlNniEaKLnYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.244.0/22
80.245.112.0/20
83.222.0.0/22
85.91.192.0/19
91.235.13.0-91.235.14.255
91.247.96.0/19
109.200.128.0/19
185.100.103.0/24
185.104.92.0/22
185.186.232.0/22
IPv6:
2a00:1d80::/32
Signature Algorithm: sha256WithRSAEncryption
35:82:be:af:25:31:e1:de:3b:3c:80:dd:c5:eb:52:0c:58:b8:
32:01:5b:52:1f:47:92:ec:b1:3f:db:1b:0f:36:8c:6b:32:eb:
5a:27:21:3c:34:62:9c:93:c8:3d:e4:de:bf:a7:e0:2b:2d:32:
f2:f3:9a:4c:aa:e3:42:72:c0:5d:9d:26:97:98:08:1b:49:2d:
ca:e0:1d:8b:eb:de:7f:3d:e8:5e:4c:50:c3:a1:d4:90:fb:2a:
ca:af:d2:9c:54:9d:b2:4c:20:8b:eb:79:5c:2c:22:9c:5c:b4:
3b:e8:42:49:76:83:ba:9e:aa:c7:f7:90:00:c3:08:b4:a3:6b:
82:7e:e4:4b:db:19:46:23:61:b4:e5:90:98:b2:0e:2f:8e:20:
47:d9:49:90:35:88:f0:0a:15:4c:44:88:64:ad:5e:71:08:86:
d9:9f:5e:73:aa:90:b4:a0:51:71:48:b4:4d:01:93:1b:48:39:
f2:56:ae:32:b7:1a:9e:4b:dc:eb:be:58:b1:30:ca:af:54:e8:
6f:d4:bd:7d:9e:0b:e1:e8:49:26:c7:23:f1:e0:7c:e8:5f:fa:
42:33:bb:65:66:35:43:02:af:21:bc:91:5a:39:2d:f8:f4:61:
bd:36:24:8c:5e:41:26:78:56:1a:3b:b5:0e:39:5b:da:d5:33:
95:5c:f1:79
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZjHW+2qgV0+XvmNXHShjs1hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwOGUyMzhlMzBkY2I3NTk3NTlmYjhhMzk0ZDllMjExYTI4
YjlkODcwHhcNMjUwODIwMTIwMjI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmMwM2FkZTFiNjQyZjA3ZDg5ZDgxZWNmOGFhYjhhM2M5YTNmNDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZTfnZwU24p1ou7e5qMQFcARBGPi
pIpEQs/lPRz9k6YY3Gg8Qzw377BYBtTwu+aKFFNgGyssCWsPizsgMyJ81C2CIlL5
qBeK/WQwO6FwTahKyQgHxQpGmYGeaqNlngZfNqUDi2tAgRr3b/abHru6hQl1gShT
VkkNL+lU7KQPjUl7haChz9cMHLP1U4kmaPfRwQcUSy4df6R/dsE20J3CIMPcfJtV
4As2B07SND5SKAM+hkOIeM5Q+q3kPQZWGjzPkTZ0mGBUqIkEZHC+dIhaf7WCN9o8
/G7Mh4+HIQ4RBnh1BNM46hRWxKFZRMmLlm/XXmkqV/18XuWcFAjkzdhyhwIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFELAOt4bZC8H2J2B7PiquKPJo/QhMB8GA1UdIwQY
MBaAFICOI44w3LdZdZ+4o5TZ4hGii52HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0k0ampqRGN0MWwxbjdpamxObmlFYUtMblljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi83YjJjZDYtYjFmMy00M2ZjLTlmMDkt
Y2Q5NzQwNDI2NDlmLzEvUXNBNjNodGtMd2ZZbllIcy1LcTRvOG1qOUNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi83YjJjZDYtYjFmMy00M2ZjLTlmMDktY2Q5NzQwNDI2NDlm
LzEvZ0k0ampqRGN0MWwxbjdpamxObmlFYUtMblljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBKBAIAATBEAwQCLZX0AwQE
UPVwAwQCU94AAwQFVVvAMAwDBABb6w0DBABb6w4DBAVb92ADBAVtyIADBAC5ZGcD
BAK5aFwDBAK5uugwDQQCAAIwBwMFACoAHYAwDQYJKoZIhvcNAQELBQADggEBADWC
vq8lMeHeOzyA3cXrUgxYuDIBW1IfR5LssT/bGw82jGsy61onITw0YpyTyD3k3r+n
4CstMvLzmkyq40JywF2dJpeYCBtJLcrgHYvr3n896F5MUMOh1JD7Ksqv0pxUnbJM
IIvreVwsIpxctDvoQkl2g7qeqsf3kADDCLSja4J+5EvbGUYjYbTlkJiyDi+OIEfZ
SZA1iPAKFUxEiGStXnEIhtmfXnOqkLSgUXFItE0BkxtIOfJWrjK3Gp5L3Ou+WLEw
yq9U6G/UvX2eC+HoSSbHI/HgfOhf+kIzu2VmNUMCryG8kVo5Lfj0Yb02JIxeQSZ4
Vho7tQ45W9rVM5Vc8Xk=
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:14:29 2025 by rpki-client