Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/1-QWGNqP9Nm8Sp6UU9znUhoUiQx4.roa
File: 1-QWGNqP9Nm8Sp6UU9znUhoUiQx4.roa (raw, json)
Hash identifier: SdtTLr91IMw8lBpvdwjjZ+xR69qYxkaI4C7s/X3yyoA=
Subject key identifier: F9:05:86:36:A3:FD:36:6F:12:A7:A5:14:F7:39:D4:86:85:22:43:1E
Certificate issuer: /CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Certificate serial: 0198C3F22A70C7BC6454C08954469C93CA81
Authority key identifier: 7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/1-QWGNqP9Nm8Sp6UU9znUhoUiQx4.roa
Signing time: Tue 19 Aug 2025 20:08:04 +0000
ROA not before: Tue 19 Aug 2025 20:08:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205866
IP address blocks: 2a09:8b83::/32 maxlen: 32
2a0e:6745::/32 maxlen: 32
2a0e:c442::/32 maxlen: 32
2a12:3cc4::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.mft
rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c3:f2:2a:70:c7:bc:64:54:c0:89:54:46:9c:93:ca:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Validity
Not Before: Aug 19 20:08:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9058636a3fd366f12a7a514f739d4868522431e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7c:2f:fb:69:35:31:34:d8:b7:8f:08:a6:ae:
a0:ce:c3:2c:3a:40:39:74:45:14:d5:09:39:27:f6:
a4:46:5d:0e:f3:02:16:33:18:2a:57:a5:b7:a6:1a:
e9:19:8e:e8:db:a7:d0:92:db:ac:4c:c4:2c:62:f5:
a0:d4:d0:2d:01:2e:3e:64:3e:43:d0:94:a4:89:ab:
1e:56:78:b8:22:ce:3b:8f:73:73:d1:88:94:75:d8:
ab:22:43:d9:c1:ec:f2:95:6f:b7:34:18:48:21:50:
0c:99:5f:87:57:ac:77:d9:81:f6:f0:d4:06:74:18:
74:74:f5:70:5a:78:9e:78:34:07:e3:00:92:1b:0a:
1f:d0:9e:7d:44:c7:48:ce:e3:f6:1e:7a:8d:1c:ba:
66:ac:e7:72:76:a2:09:f0:d3:33:4b:52:6e:58:f7:
e5:51:76:42:b1:d4:c5:6a:dd:de:95:ba:85:15:b2:
41:ce:ca:18:0a:08:f2:3c:29:d3:06:4f:8e:df:7a:
ea:b0:8a:51:4f:a4:7c:ba:df:3a:4d:29:d8:7d:65:
e5:ce:36:63:b7:ac:8d:0b:de:a0:25:e7:74:63:50:
e9:f8:55:f7:31:9f:b3:72:79:df:b0:e3:39:85:8c:
29:b8:b4:eb:b2:07:87:07:63:91:a4:a8:57:5e:c9:
dd:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:05:86:36:A3:FD:36:6F:12:A7:A5:14:F7:39:D4:86:85:22:43:1E
X509v3 Authority Key Identifier:
keyid:7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/1-QWGNqP9Nm8Sp6UU9znUhoUiQx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:8b83::/32
2a0e:6745::/32
2a0e:c442::/32
2a12:3cc4::/32
Signature Algorithm: sha256WithRSAEncryption
66:eb:84:0c:b8:91:c8:80:7c:43:32:a4:b5:6a:75:84:0b:6a:
19:45:bb:0f:ae:23:32:67:63:98:29:71:38:e8:e9:b0:81:e0:
88:38:a6:36:90:93:80:5a:08:27:0c:53:ef:7b:38:cd:33:02:
d1:e0:d9:22:30:4c:1e:ba:9e:66:03:b8:8c:96:ed:5a:0c:e2:
1f:0c:f4:cb:e2:63:3e:62:e4:16:4d:71:64:f0:e8:c3:08:ae:
f1:56:82:64:f2:69:78:6b:26:42:f9:89:01:b0:28:2d:c7:ed:
39:33:b4:3d:0d:e6:ff:8a:b0:e8:dd:25:c1:74:85:fe:78:db:
e3:d4:64:05:f0:52:39:07:9f:db:c0:a5:15:1f:75:6d:1d:13:
06:45:87:0e:3b:34:da:19:d1:db:c5:b0:d5:2e:56:f1:55:95:
d8:7d:14:81:ca:0a:bd:ea:31:2b:ba:a2:cd:88:aa:0c:93:35:
cd:17:c7:de:36:92:75:9b:8c:07:d1:60:4f:bb:c9:55:20:a5:
b3:ba:09:e8:20:be:a9:6b:5e:b0:11:a9:39:50:40:e4:88:73:
e9:34:eb:15:c9:66:b3:38:b4:41:62:f8:4d:dd:be:ee:a1:c1:
8a:4d:31:45:58:bc:d3:6d:2f:41:a3:a8:be:99:f4:f0:0e:50:
56:be:ab:bf
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZjD8ipwx7xkVMCJVEack8qBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiOTQ0N2ZlOWE0YWNjN2Q2ZmY3MmQ2Yzc5OGQ0M2Q2NmNk
NTBjM2YwHhcNMjUwODE5MjAwODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTA1ODYzNmEzZmQzNjZmMTJhN2E1MTRmNzM5ZDQ4Njg1MjI0MzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynwv+2k1MTTYt48Ipq6gzsMsOkA5
dEUU1Qk5J/akRl0O8wIWMxgqV6W3phrpGY7o26fQktusTMQsYvWg1NAtAS4+ZD5D
0JSkiaseVni4Is47j3Nz0YiUddirIkPZwezylW+3NBhIIVAMmV+HV6x32YH28NQG
dBh0dPVwWnieeDQH4wCSGwof0J59RMdIzuP2HnqNHLpmrOdydqIJ8NMzS1JuWPfl
UXZCsdTFat3elbqFFbJBzsoYCgjyPCnTBk+O33rqsIpRT6R8ut86TSnYfWXlzjZj
t6yNC96gJed0Y1Dp+FX3MZ+zcnnfsOM5hYwpuLTrsgeHB2ORpKhXXsndCwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPkFhjaj/TZvEqelFPc51IaFIkMeMB8GA1UdIwQY
MBaAFHuUR/6aSsx9b/ctbHmNQ9Zs1Qw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUt
OWZjZWI0NWQ2ZmRiLzEvMS1RV0dOcVA5Tm04U3A2VVU5em5VaG9VaVF4NC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTMvYWMyNGRmLTA5ZDYtNDQ1Ny05ZDJlLTlmY2ViNDVkNmZk
Yi8xL2U1UkhfcHBLekgxdjl5MXNlWTFEMW16VkREOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA1BggrBgEFBQcBBwEB/wQmMCQwIgQCAAIwHAMFACoJi4MD
BQAqDmdFAwUAKg7EQgMFACoSPMQwDQYJKoZIhvcNAQELBQADggEBAGbrhAy4kciA
fEMypLVqdYQLahlFuw+uIzJnY5gpcTjo6bCB4Ig4pjaQk4BaCCcMU+97OM0zAtHg
2SIwTB66nmYDuIyW7VoM4h8M9MviYz5i5BZNcWTw6MMIrvFWgmTyaXhrJkL5iQGw
KC3H7TkztD0N5v+KsOjdJcF0hf542+PUZAXwUjkHn9vApRUfdW0dEwZFhw47NNoZ
0dvFsNUuVvFVldh9FIHKCr3qMSu6os2IqgyTNc0Xx942knWbjAfRYE+7yVUgpbO6
CeggvqlrXrARqTlQQOSIc+k06xXJZrM4tEFi+E3dvu6hwYpNMUVYvNNtL0GjqL6Z
9PAOUFa+q78=
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:08:45 2025 by rpki-client