Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/QIUxG2d20ewp6Ag4VHhOjKX3390.roa
File: QIUxG2d20ewp6Ag4VHhOjKX3390.roa (raw, json)
Hash identifier: gd3ad7uP/4lRdgZeJ5043KvMhVaae9ozbtJI6vLh94w=
Subject key identifier: 40:85:31:1B:67:76:D1:EC:29:E8:08:38:54:78:4E:8C:A5:F7:DF:DD
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019782113FA9A51FC116D130FDDE1902508F
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/QIUxG2d20ewp6Ag4VHhOjKX3390.roa
Signing time: Wed 18 Jun 2025 08:04:17 +0000
ROA not before: Wed 18 Jun 2025 08:04:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64267
IP address blocks: 88.209.203.0/24 maxlen: 24
88.209.230.0/24 maxlen: 24
88.209.245.0/24 maxlen: 24
88.209.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:82:11:3f:a9:a5:1f:c1:16:d1:30:fd:de:19:02:50:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 18 08:04:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4085311b6776d1ec29e8083854784e8ca5f7dfdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d9:6e:65:52:20:fe:39:2a:52:ec:35:01:91:
2b:68:6a:fd:80:ae:d0:8e:ed:87:45:5d:cd:e4:b5:
1e:a6:44:89:0d:a2:35:a8:19:02:cc:41:84:0f:b1:
c3:b1:2a:a7:0a:0b:f6:a7:69:d4:be:c0:be:79:b2:
ad:3f:5a:30:51:3f:80:d6:e4:49:9e:f2:e9:c9:a7:
4f:51:27:b6:27:26:b0:c6:8b:e2:e9:44:69:ef:49:
26:b1:eb:2d:3d:23:83:ea:27:0d:e8:ce:c0:6a:70:
90:e5:b7:9a:0e:73:44:23:b6:6d:5e:6a:b9:9c:f0:
8b:57:9a:6a:fb:16:63:de:6c:c5:a2:c1:4e:01:5b:
c1:e4:0e:94:7f:ca:83:c9:ce:ca:ae:dc:db:ba:f8:
0f:cc:89:3b:6d:04:8f:28:1c:3e:6b:3d:15:d3:ac:
4b:c3:eb:af:de:d4:af:2c:40:5d:ff:d9:18:19:3e:
0d:be:72:24:95:52:ad:eb:90:81:46:5f:3d:00:f5:
14:19:30:92:9d:dc:34:ac:2b:70:b1:18:35:6d:e9:
ce:88:8b:e1:ed:57:b3:cc:90:a3:60:91:25:7b:67:
34:38:a0:06:57:cb:2c:6e:8b:fc:57:a7:90:95:5a:
c8:31:ed:07:d1:a7:7f:fc:57:41:e8:dd:15:da:8f:
d2:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:85:31:1B:67:76:D1:EC:29:E8:08:38:54:78:4E:8C:A5:F7:DF:DD
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/QIUxG2d20ewp6Ag4VHhOjKX3390.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.203.0/24
88.209.230.0/24
88.209.245.0/24
88.209.255.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:7b:2b:f8:39:e2:9d:b8:13:84:38:d5:e8:b5:99:9d:7b:ac:
a2:dc:9e:ba:ff:c0:be:8a:af:a0:04:75:bc:6d:16:9c:37:d5:
21:72:10:d6:6f:02:38:d7:f0:99:0c:a6:3f:00:1d:c1:05:ec:
eb:4d:27:e0:b6:37:33:9e:b2:ea:dd:27:91:3f:45:41:fb:69:
63:59:92:c3:8a:07:ab:5b:25:ad:a5:f4:19:8b:a2:41:c1:32:
21:37:0c:39:9d:6d:ff:02:40:c9:d2:7c:53:b1:52:8c:40:ce:
34:8b:03:f0:21:ea:f8:7d:6e:7d:5f:fe:e3:5b:5b:79:26:32:
08:64:d6:e6:6b:f1:73:b1:99:7e:6c:29:bd:d4:5b:50:46:08:
42:e0:b0:60:a7:26:31:33:24:c3:73:82:fd:91:bd:8c:9a:5f:
65:67:77:98:a3:72:c7:c2:3b:c8:df:fd:8d:5f:d3:36:f1:33:
36:03:81:68:53:da:9b:d6:74:13:4e:14:a9:9c:f5:92:e0:23:
d1:5f:74:54:90:53:62:b2:bd:e8:81:20:92:e1:ab:78:c1:97:
83:63:42:c5:7c:e4:4c:ab:0d:21:8c:44:37:bf:37:b7:da:0b:
9c:aa:76:9f:3e:2a:0e:c4:fd:5e:98:b6:c6:2c:8b:97:b3:88:
53:4d:d6:85
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZeCET+ppR/BFtEw/d4ZAlCPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwNjE4MDgwNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDg1MzExYjY3NzZkMWVjMjllODA4Mzg1NDc4NGU4Y2E1ZjdkZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstluZVIg/jkqUuw1AZEraGr9gK7Q
ju2HRV3N5LUepkSJDaI1qBkCzEGED7HDsSqnCgv2p2nUvsC+ebKtP1owUT+A1uRJ
nvLpyadPUSe2Jyawxovi6URp70kmsestPSOD6icN6M7AanCQ5beaDnNEI7ZtXmq5
nPCLV5pq+xZj3mzFosFOAVvB5A6Uf8qDyc7KrtzbuvgPzIk7bQSPKBw+az0V06xL
w+uv3tSvLEBd/9kYGT4NvnIklVKt65CBRl89APUUGTCSndw0rCtwsRg1benOiIvh
7VezzJCjYJEle2c0OKAGV8ssbov8V6eQlVrIMe0H0ad//FdB6N0V2o/SXQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFECFMRtndtHsKegIOFR4Toyl99/dMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvUUlVeEcyZDIwZXdwNkFnNFZIaE9qS1gzMzkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWNHLAwQA
WNHmAwQAWNH1AwQAWNH/MA0GCSqGSIb3DQEBCwUAA4IBAQC0eyv4OeKduBOEONXo
tZmde6yi3J66/8C+iq+gBHW8bRacN9UhchDWbwI41/CZDKY/AB3BBezrTSfgtjcz
nrLq3SeRP0VB+2ljWZLDigerWyWtpfQZi6JBwTIhNww5nW3/AkDJ0nxTsVKMQM40
iwPwIer4fW59X/7jW1t5JjIIZNbma/FzsZl+bCm91FtQRghC4LBgpyYxMyTDc4L9
kb2Mml9lZ3eYo3LHwjvI3/2NX9M28TM2A4FoU9qb1nQTThSpnPWS4CPRX3RUkFNi
sr3ogSCS4at4wZeDY0LFfORMqw0hjEQ3vze32gucqnafPioOxP1emLbGLIuXs4hT
TdaF
-----END CERTIFICATE-----
Generated at Sun Jun 29 14:15:21 2025 by rpki-client