Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/sqhUxFl6CcGyU6cWBXsdx2sYfd4.roa
File: sqhUxFl6CcGyU6cWBXsdx2sYfd4.roa (raw, json)
Hash identifier: z1bLM/XjYo3lfS/p4JsuBkvAngm8wCUro59bQLMM7mw=
Subject key identifier: B2:A8:54:C4:59:7A:09:C1:B2:53:A7:16:05:7B:1D:C7:6B:18:7D:DE
Certificate issuer: /CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Certificate serial: 0199BD8C718135E88908FC25DC6EFA4516D1
Authority key identifier: C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/sqhUxFl6CcGyU6cWBXsdx2sYfd4.roa
Signing time: Tue 07 Oct 2025 07:22:01 +0000
ROA not before: Tue 07 Oct 2025 07:22:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58074
IP address blocks: 91.197.247.0/24 maxlen: 24
193.105.239.0/24 maxlen: 24
194.6.201.0/24 maxlen: 24
194.107.112.0/24 maxlen: 24
195.88.38.0/23 maxlen: 24
195.245.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/wE23YjJB1-Znj8JXUfpOC2ZlGGs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/wE23YjJB1-Znj8JXUfpOC2ZlGGs.mft
rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:bd:8c:71:81:35:e8:89:08:fc:25:dc:6e:fa:45:16:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Validity
Not Before: Oct 7 07:22:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2a854c4597a09c1b253a716057b1dc76b187dde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a1:73:f5:04:f3:f1:16:24:f9:8f:a1:c9:55:
ab:0d:44:36:41:ca:87:9d:e9:94:20:2f:4e:7d:65:
56:ea:aa:89:3f:1b:47:56:5f:3b:b4:90:27:01:38:
8b:b6:e4:70:d0:fe:dc:34:af:b5:a5:42:cd:81:97:
9f:f3:98:fe:f5:2b:89:ef:3a:cd:00:50:a2:97:d9:
5d:24:e0:f1:42:19:e6:7b:6e:e2:87:aa:69:71:fd:
49:a6:b2:7c:1d:ce:b0:25:99:0a:25:4e:e9:ec:06:
52:3b:a1:bf:15:f3:4e:fb:4e:42:32:3e:0f:73:a4:
19:58:f6:f6:33:2b:94:96:5b:bb:fc:e8:22:82:ff:
1c:3b:4c:3d:b3:7a:0a:b6:4a:7e:a9:fb:cc:cf:7c:
4b:c9:35:eb:00:44:2c:64:be:c5:d1:d3:26:d2:4b:
2f:ac:86:04:51:7e:32:14:d3:75:da:68:18:2a:20:
25:fd:a2:7d:fb:a9:ac:b8:04:85:1a:7d:e6:ff:bd:
3c:e4:fe:f2:74:e3:ae:1c:cc:04:73:49:82:f6:6a:
4c:91:c5:73:32:88:eb:93:87:83:b0:08:3f:61:b6:
3a:af:27:4c:90:4d:5a:a2:5a:89:05:59:11:5a:ad:
cb:e8:a5:a8:e2:9a:47:23:ff:aa:75:39:f8:47:f9:
dd:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:A8:54:C4:59:7A:09:C1:B2:53:A7:16:05:7B:1D:C7:6B:18:7D:DE
X509v3 Authority Key Identifier:
keyid:C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/sqhUxFl6CcGyU6cWBXsdx2sYfd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/wE23YjJB1-Znj8JXUfpOC2ZlGGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.247.0/24
193.105.239.0/24
194.6.201.0/24
194.107.112.0/24
195.88.38.0/23
195.245.82.0/24
Signature Algorithm: sha256WithRSAEncryption
16:04:bd:3f:c0:3e:10:37:6e:a8:10:c3:c7:46:98:0c:16:fd:
79:dc:56:75:ea:19:53:fe:51:84:d4:5c:e4:7d:36:56:ec:f9:
ad:c0:7d:74:a0:79:03:03:f4:d1:cd:0e:82:ff:7d:e8:80:4d:
f6:f3:8f:c6:af:37:ec:b9:ba:79:49:75:0e:81:e1:eb:db:9a:
01:17:06:6c:b5:91:64:83:3f:2c:7c:82:83:4c:d9:d9:7a:60:
b6:d2:c3:66:15:a1:b4:07:78:e4:63:4c:57:a6:02:f9:2a:34:
65:1c:02:9a:ab:e0:d2:95:66:1c:2e:d7:d7:74:66:4b:df:33:
53:45:16:28:ab:c6:f3:c8:bb:fb:2f:b9:3d:23:50:18:14:89:
49:97:1e:21:74:e3:07:35:84:0d:b2:e3:92:a5:f4:36:ef:01:
2d:c4:61:b2:66:04:0a:a5:98:df:10:a1:b0:8b:6b:1e:2e:c9:
ee:93:d0:79:e4:0b:5b:5e:32:a1:9f:77:3e:7d:db:6a:ec:a3:
03:cd:34:2f:cd:db:9e:ce:27:3a:d6:7e:85:01:61:b5:f3:51:
7d:ca:4a:15:4f:78:c1:99:ad:4d:e4:b1:d5:e3:a5:d8:3d:e6:
23:c6:37:22:a4:08:ef:97:e6:a2:7a:a2:9e:07:fb:a9:c0:21:
75:87:eb:65
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZm9jHGBNeiJCPwl3G76RRbRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNGRiNzYyMzI0MWQ3ZTY2NzhmYzI1NzUxZmE0ZTBiNjY2
NTE4NmIwHhcNMjUxMDA3MDcyMjAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmE4NTRjNDU5N2EwOWMxYjI1M2E3MTYwNTdiMWRjNzZiMTg3ZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6Fz9QTz8RYk+Y+hyVWrDUQ2QcqH
nemUIC9OfWVW6qqJPxtHVl87tJAnATiLtuRw0P7cNK+1pULNgZef85j+9SuJ7zrN
AFCil9ldJODxQhnme27ih6ppcf1JprJ8Hc6wJZkKJU7p7AZSO6G/FfNO+05CMj4P
c6QZWPb2MyuUllu7/Ogigv8cO0w9s3oKtkp+qfvMz3xLyTXrAEQsZL7F0dMm0ksv
rIYEUX4yFNN12mgYKiAl/aJ9+6msuASFGn3m/7085P7ydOOuHMwEc0mC9mpMkcVz
Mojrk4eDsAg/YbY6rydMkE1aolqJBVkRWq3L6KWo4ppHI/+qdTn4R/ndXwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLKoVMRZegnBslOnFgV7HcdrGH3eMB8GA1UdIwQY
MBaAFMBNt2IyQdfmZ4/CV1H6TgtmZRhrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMt
MDQyM2YyNjNmMmNiLzEvc3FoVXhGbDZDY0d5VTZjV0JYc2R4MnNZZmQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMtMDQyM2YyNjNmMmNi
LzEvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW8X3AwQA
wWnvAwQAwgbJAwQAwmtwAwQBw1gmAwQAw/VSMA0GCSqGSIb3DQEBCwUAA4IBAQAW
BL0/wD4QN26oEMPHRpgMFv153FZ16hlT/lGE1FzkfTZW7PmtwH10oHkDA/TRzQ6C
/33ogE3284/Grzfsubp5SXUOgeHr25oBFwZstZFkgz8sfIKDTNnZemC20sNmFaG0
B3jkY0xXpgL5KjRlHAKaq+DSlWYcLtfXdGZL3zNTRRYoq8bzyLv7L7k9I1AYFIlJ
lx4hdOMHNYQNsuOSpfQ27wEtxGGyZgQKpZjfEKGwi2seLsnuk9B55AtbXjKhn3c+
fdtq7KMDzTQvzduezic61n6FAWG181F9ykoVT3jBma1N5LHV46XYPeYjxjcipAjv
l+aieqKeB/upwCF1h+tl
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:10:46 2025 by rpki-client