Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/qGecERglbMsiHMQJoiUSFGALt-E.roa
File: qGecERglbMsiHMQJoiUSFGALt-E.roa (raw, json)
Hash identifier: yLMKR6LctC/w2fvLTclquZCs4hF15ArbhdOh5oCoDz8=
Subject key identifier: A8:67:9C:11:18:25:6C:CB:22:1C:C4:09:A2:25:12:14:60:0B:B7:E1
Certificate issuer: /CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Certificate serial: 01976AB246771B15E0884645FC72692E842F
Authority key identifier: FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/qGecERglbMsiHMQJoiUSFGALt-E.roa
Signing time: Fri 13 Jun 2025 19:09:17 +0000
ROA not before: Fri 13 Jun 2025 19:09:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211309
IP address blocks: 46.227.152.0/21 maxlen: 21
81.88.64.0/21 maxlen: 21
81.95.80.0/20 maxlen: 20
82.148.168.0/21 maxlen: 21
82.148.176.0/20 maxlen: 20
84.48.64.0/18 maxlen: 24
89.207.136.0/21 maxlen: 21
109.169.112.0/21 maxlen: 21
178.174.112.0/20 maxlen: 20
185.176.244.0/23 maxlen: 23
185.176.244.0/24 maxlen: 24
185.176.245.0/24 maxlen: 24
185.178.4.0/22 maxlen: 22
185.190.36.0/24 maxlen: 24
193.168.156.0/22 maxlen: 22
212.89.96.0/19 maxlen: 19
2a0a:2780::/31 maxlen: 31
2a0a:2780::/32 maxlen: 32
2a0a:2781::/32 maxlen: 32
2a10:d640::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/_4IIsSnFPofD8NDtG8qFcwFA85A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/_4IIsSnFPofD8NDtG8qFcwFA85A.mft
rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 14:23:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6a:b2:46:77:1b:15:e0:88:46:45:fc:72:69:2e:84:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Validity
Not Before: Jun 13 19:09:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8679c1118256ccb221cc409a2251214600bb7e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:61:9d:35:af:64:c7:2a:ac:bc:6f:50:bf:e8:
9f:65:74:33:6d:cd:56:d0:c7:56:de:1d:6a:9b:50:
09:59:15:d2:df:05:19:41:e5:f7:1b:f2:79:28:12:
00:79:34:75:c2:86:ee:62:2c:13:09:e9:cf:b6:5c:
a9:d8:2f:f5:cd:f0:ba:c0:e4:d0:33:df:83:56:a7:
d2:19:46:d0:e9:da:10:3e:cf:ae:ff:1d:32:4f:66:
28:eb:8c:35:72:93:19:ee:3a:05:db:54:78:86:e1:
f5:d3:cf:e8:df:bf:d3:1f:c7:bc:84:a4:39:d2:15:
a2:12:42:59:94:53:d5:2a:c8:11:1c:7d:72:4f:bd:
04:3e:8b:97:d8:88:01:13:57:c6:16:a8:14:e6:67:
26:5a:f4:b1:46:c6:65:5d:42:22:4b:35:2b:4f:8f:
ca:4a:fb:da:4e:eb:2b:ae:78:c0:ac:5e:a5:f0:95:
2b:0d:a8:44:a7:d2:be:4b:01:e0:2a:61:71:9c:37:
ab:83:cf:9e:de:5f:73:1b:0c:0e:0d:0d:cf:40:07:
e5:73:c9:fb:cc:b0:b9:21:62:bf:69:e8:e7:cb:a9:
d9:e1:74:98:e0:c4:d1:db:79:3a:d0:23:df:c9:6a:
25:73:8b:99:a1:9a:36:c3:1f:22:ee:f2:74:f9:6e:
01:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:67:9C:11:18:25:6C:CB:22:1C:C4:09:A2:25:12:14:60:0B:B7:E1
X509v3 Authority Key Identifier:
keyid:FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/qGecERglbMsiHMQJoiUSFGALt-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/_4IIsSnFPofD8NDtG8qFcwFA85A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.152.0/21
81.88.64.0/21
81.95.80.0/20
82.148.168.0-82.148.191.255
84.48.64.0/18
89.207.136.0/21
109.169.112.0/21
178.174.112.0/20
185.176.244.0/23
185.178.4.0/22
185.190.36.0/24
193.168.156.0/22
212.89.96.0/19
IPv6:
2a0a:2780::/31
2a10:d640::/29
Signature Algorithm: sha256WithRSAEncryption
01:98:59:3d:09:c9:75:08:e8:4d:79:ec:ca:6a:c5:51:2c:0e:
63:bc:3f:0e:da:41:05:6e:f0:ee:ae:46:c8:4b:3b:7f:02:33:
a5:68:86:7f:6d:6b:29:18:91:9e:4b:b1:45:32:a3:10:0e:13:
94:97:dd:d3:c3:2d:52:03:99:ae:42:61:c1:f5:e5:30:70:43:
18:a5:87:b9:82:0d:3b:50:20:86:a5:43:b9:a3:92:68:2e:ed:
b3:35:67:a2:66:99:35:fa:c7:54:73:a0:05:49:51:3d:a6:c9:
1b:aa:04:65:32:69:17:9d:2a:e5:20:04:66:68:98:4f:be:0f:
d3:2b:43:a1:ff:03:54:f2:4e:58:bd:1b:8f:dc:7e:d6:3c:bf:
10:a8:e1:e5:9b:d1:b7:5c:39:ec:7e:15:9a:e1:25:50:3c:5d:
8a:af:0f:16:d4:c1:15:50:54:e8:c0:e5:d9:fa:0e:e0:6d:87:
dd:13:c8:b4:1b:36:97:b4:be:e5:8a:6d:db:a7:4b:14:f8:59:
00:12:b2:be:ad:53:58:e4:25:e6:ec:99:fa:d6:36:57:f9:a5:
19:a7:63:c6:4d:47:e5:b3:14:0b:27:63:c9:ca:7b:12:4a:01:
9b:76:2e:43:ae:a0:8f:76:af:c0:b5:de:c8:01:d8:28:14:fa:
48:85:56:dd
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZdqskZ3GxXgiEZF/HJpLoQvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIwOGIxMjljNTNlODdjM2YwZDBlZDFiY2E4NTczMDE0
MGYzOTAwHhcNMjUwNjEzMTkwOTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODY3OWMxMTE4MjU2Y2NiMjIxY2M0MDlhMjI1MTIxNDYwMGJiN2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGGdNa9kxyqsvG9Qv+ifZXQzbc1W
0MdW3h1qm1AJWRXS3wUZQeX3G/J5KBIAeTR1wobuYiwTCenPtlyp2C/1zfC6wOTQ
M9+DVqfSGUbQ6doQPs+u/x0yT2Yo64w1cpMZ7joF21R4huH108/o37/TH8e8hKQ5
0hWiEkJZlFPVKsgRHH1yT70EPouX2IgBE1fGFqgU5mcmWvSxRsZlXUIiSzUrT4/K
SvvaTusrrnjArF6l8JUrDahEp9K+SwHgKmFxnDerg8+e3l9zGwwODQ3PQAflc8n7
zLC5IWK/aejny6nZ4XSY4MTR23k60CPfyWolc4uZoZo2wx8i7vJ0+W4BKwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFKhnnBEYJWzLIhzECaIlEhRgC7fhMB8GA1UdIwQY
MBaAFP+CCLEpxT6Hw/DQ7RvKhXMBQPOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMt
NDAxNTNjNWQwYTQ3LzEvcUdlY0VSZ2xiTXNpSE1RSm9pVVNGR0FMdC1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMtNDAxNTNjNWQwYTQ3
LzEvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwXAQCAAEwVgMEAy7jmAME
A1FYQAMEBFFfUDAMAwQDUpSoAwQGUpSAAwQGVDBAAwQDWc+IAwQDbalwAwQEsq5w
AwQBubD0AwQCubIEAwQAub4kAwQCwaicAwQF1FlgMBQEAgACMA4DBQEqCieAAwUD
KhDWQDANBgkqhkiG9w0BAQsFAAOCAQEAAZhZPQnJdQjoTXnsymrFUSwOY7w/DtpB
BW7w7q5GyEs7fwIzpWiGf21rKRiRnkuxRTKjEA4TlJfd08MtUgOZrkJhwfXlMHBD
GKWHuYINO1AghqVDuaOSaC7tszVnomaZNfrHVHOgBUlRPabJG6oEZTJpF50q5SAE
ZmiYT74P0ytDof8DVPJOWL0bj9x+1jy/EKjh5ZvRt1w57H4VmuElUDxdiq8PFtTB
FVBU6MDl2foO4G2H3RPItBs2l7S+5Ypt26dLFPhZABKyvq1TWOQl5uyZ+tY2V/ml
Gadjxk1H5bMUCydjycp7EkoBm3YuQ66gj3avwLXeyAHYKBT6SIVW3Q==
-----END CERTIFICATE-----
Generated at Mon Jun 30 19:49:27 2025 by rpki-client