Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/3c32b5-c0c8-436a-9ad6-3354adba11b1/1/qthh4gNq1SL8vSN5_lWJGt2pcwI.roa
File: qthh4gNq1SL8vSN5_lWJGt2pcwI.roa (raw, json)
Hash identifier: B+0i/tQ7fiCSFHOJ8ekqNZr6VbEaL85Z1TQ1N6rfs1I=
Subject key identifier: AA:D8:61:E2:03:6A:D5:22:FC:BD:23:79:FE:55:89:1A:DD:A9:73:02
Certificate issuer: /CN=bb7752a719b740a0e0244dd29c6532f79151646b
Certificate serial: 01995687E83BF75AA5DFE10AE8B3254D9505
Authority key identifier: BB:77:52:A7:19:B7:40:A0:E0:24:4D:D2:9C:65:32:F7:91:51:64:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u3dSpxm3QKDgJE3SnGUy95FRZGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/3c32b5-c0c8-436a-9ad6-3354adba11b1/1/qthh4gNq1SL8vSN5_lWJGt2pcwI.roa
Signing time: Wed 17 Sep 2025 07:16:11 +0000
ROA not before: Wed 17 Sep 2025 07:16:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197025
IP address blocks: 178.212.48.0/24 maxlen: 24
178.212.49.0/24 maxlen: 24
178.212.50.0/24 maxlen: 24
178.212.51.0/24 maxlen: 24
178.212.52.0/24 maxlen: 24
178.212.53.0/24 maxlen: 24
178.212.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/3c32b5-c0c8-436a-9ad6-3354adba11b1/1/u3dSpxm3QKDgJE3SnGUy95FRZGs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/3c32b5-c0c8-436a-9ad6-3354adba11b1/1/u3dSpxm3QKDgJE3SnGUy95FRZGs.mft
rsync://rpki.ripe.net/repository/DEFAULT/u3dSpxm3QKDgJE3SnGUy95FRZGs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 13:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:56:87:e8:3b:f7:5a:a5:df:e1:0a:e8:b3:25:4d:95:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb7752a719b740a0e0244dd29c6532f79151646b
Validity
Not Before: Sep 17 07:16:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aad861e2036ad522fcbd2379fe55891adda97302
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:88:e5:80:82:12:75:e4:b5:59:bb:7d:4f:cb:
83:9f:b6:e9:88:12:f0:03:c2:22:32:74:f0:12:6a:
02:aa:15:05:51:6c:82:f6:d7:68:b9:d6:29:c2:a4:
1c:a0:57:23:d6:39:09:f2:62:e7:86:1f:27:ef:e0:
19:c5:84:cc:65:3a:c7:69:86:30:91:61:24:06:60:
06:6b:71:8b:42:50:79:9f:f5:21:64:f8:51:a0:53:
76:da:68:96:bd:05:ee:c1:ec:11:82:db:66:e8:82:
08:37:ef:05:f7:a6:4a:8d:fa:b1:6c:a4:77:19:6a:
bc:b2:6b:ee:07:c2:99:c2:ba:2b:61:df:8c:6a:46:
d3:d4:a3:6a:3a:54:bb:01:a4:ae:7c:18:06:67:94:
58:05:1e:3b:76:79:3b:01:5f:94:e5:a6:0f:d2:e5:
c4:c4:6f:b1:34:75:90:e6:dd:d3:58:b8:3f:1e:a7:
e9:f4:6d:44:0a:45:fb:e9:70:e9:88:62:19:39:52:
91:28:8c:cb:af:f6:bb:8d:e1:24:39:03:aa:17:11:
5a:96:b0:64:e1:2a:9b:27:bf:4d:b2:79:ac:e1:ac:
dc:23:9f:f6:96:70:17:40:f1:8a:12:ab:58:47:17:
6b:2f:f8:1b:fa:0e:6c:1f:ca:b4:20:61:d0:a6:4a:
39:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:D8:61:E2:03:6A:D5:22:FC:BD:23:79:FE:55:89:1A:DD:A9:73:02
X509v3 Authority Key Identifier:
keyid:BB:77:52:A7:19:B7:40:A0:E0:24:4D:D2:9C:65:32:F7:91:51:64:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u3dSpxm3QKDgJE3SnGUy95FRZGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3c32b5-c0c8-436a-9ad6-3354adba11b1/1/qthh4gNq1SL8vSN5_lWJGt2pcwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3c32b5-c0c8-436a-9ad6-3354adba11b1/1/u3dSpxm3QKDgJE3SnGUy95FRZGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.212.48.0-178.212.54.255
Signature Algorithm: sha256WithRSAEncryption
c4:92:f7:67:a1:2e:0f:0d:eb:07:0c:4a:1a:9a:05:43:62:61:
b3:03:59:80:a7:a5:38:97:5e:6e:a7:53:e3:1d:80:9d:22:a9:
76:3c:b5:63:c5:e9:06:ed:f5:3e:8b:59:5e:6e:49:ca:2f:f2:
c9:95:31:61:6e:70:b3:86:e1:76:18:15:64:61:fd:39:b5:ea:
39:8b:df:96:0f:23:9f:94:b6:7b:5f:f4:5c:ce:ca:8d:c2:45:
66:ff:1e:a8:a3:98:a5:dd:64:43:91:d6:9f:ba:f3:3d:9e:45:
9d:42:83:6f:a2:4f:0e:87:e1:16:47:7f:0e:c6:37:ce:d9:ed:
d1:a4:65:81:2e:fe:3a:70:3e:15:e1:ee:c0:df:41:32:86:c5:
c6:3f:54:c4:22:e0:76:c6:90:02:0f:32:dc:a3:cc:65:f8:da:
8e:a2:c2:96:ac:da:25:e6:be:92:b2:b5:10:22:3a:bb:ca:b2:
07:21:51:6e:e8:bc:29:b3:3b:40:c8:b8:a6:a1:6c:aa:f3:20:
42:36:73:79:e1:0e:61:bb:90:a5:25:53:2e:7d:62:0f:14:cc:
78:f8:49:02:c3:3f:0e:6b:cc:4e:1a:cb:50:59:d5:3c:fa:89:
f9:b6:9a:eb:04:e3:b1:0e:c7:74:f8:a1:da:90:d8:82:03:13:
e0:a9:b5:a4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZlWh+g791ql3+EK6LMlTZUFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNzc1MmE3MTliNzQwYTBlMDI0NGRkMjljNjUzMmY3OTE1
MTY0NmIwHhcNMjUwOTE3MDcxNjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWQ4NjFlMjAzNmFkNTIyZmNiZDIzNzlmZTU1ODkxYWRkYTk3MzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIjlgIISdeS1Wbt9T8uDn7bpiBLw
A8IiMnTwEmoCqhUFUWyC9tdoudYpwqQcoFcj1jkJ8mLnhh8n7+AZxYTMZTrHaYYw
kWEkBmAGa3GLQlB5n/UhZPhRoFN22miWvQXuwewRgttm6IIIN+8F96ZKjfqxbKR3
GWq8smvuB8KZwrorYd+MakbT1KNqOlS7AaSufBgGZ5RYBR47dnk7AV+U5aYP0uXE
xG+xNHWQ5t3TWLg/Hqfp9G1ECkX76XDpiGIZOVKRKIzLr/a7jeEkOQOqFxFalrBk
4SqbJ79Nsnms4azcI5/2lnAXQPGKEqtYRxdrL/gb+g5sH8q0IGHQpko5HwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKrYYeIDatUi/L0jef5ViRrdqXMCMB8GA1UdIwQY
MBaAFLt3UqcZt0Cg4CRN0pxlMveRUWRrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTNkU3B4bTNRS0RnSkUzU25HVXk5NUZSWkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8zYzMyYjUtYzBjOC00MzZhLTlhZDYt
MzM1NGFkYmExMWIxLzEvcXRoaDRnTnExU0w4dlNONV9sV0pHdDJwY3dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8zYzMyYjUtYzBjOC00MzZhLTlhZDYtMzM1NGFkYmExMWIx
LzEvdTNkU3B4bTNRS0RnSkUzU25HVXk5NUZSWkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASy1DAD
BACy1DYwDQYJKoZIhvcNAQELBQADggEBAMSS92ehLg8N6wcMShqaBUNiYbMDWYCn
pTiXXm6nU+MdgJ0iqXY8tWPF6Qbt9T6LWV5uScov8smVMWFucLOG4XYYFWRh/Tm1
6jmL35YPI5+Utntf9FzOyo3CRWb/HqijmKXdZEOR1p+68z2eRZ1Cg2+iTw6H4RZH
fw7GN87Z7dGkZYEu/jpwPhXh7sDfQTKGxcY/VMQi4HbGkAIPMtyjzGX42o6iwpas
2iXmvpKytRAiOrvKsgchUW7ovCmzO0DIuKahbKrzIEI2c3nhDmG7kKUlUy59Yg8U
zHj4SQLDPw5rzE4ay1BZ1Tz6ifm2musE47EOx3T4odqQ2IIDE+CptaQ=
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:22:26 2025 by rpki-client