Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/qlRuFgW9QpSZ-B-QqBWtqwtHSbQ.roa
File: qlRuFgW9QpSZ-B-QqBWtqwtHSbQ.roa (raw, json)
Hash identifier: NvSiolrhWigq47yPhLr31U+7NECb9us+yowLt16g6Mw=
Subject key identifier: AA:54:6E:16:05:BD:42:94:99:F8:1F:90:A8:15:AD:AB:0B:47:49:B4
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 01999A7F60B9D5ACFCCA0771AF51F58DB04C
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/qlRuFgW9QpSZ-B-QqBWtqwtHSbQ.roa
Signing time: Tue 30 Sep 2025 12:01:02 +0000
ROA not before: Tue 30 Sep 2025 12:01:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25211
IP address blocks: 109.160.32.0/22 maxlen: 22
109.160.36.0/24 maxlen: 24
109.160.37.0/24 maxlen: 24
109.160.38.0/24 maxlen: 24
109.160.39.0/24 maxlen: 24
109.160.40.0/24 maxlen: 24
109.160.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9a:7f:60:b9:d5:ac:fc:ca:07:71:af:51:f5:8d:b0:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Sep 30 12:01:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa546e1605bd429499f81f90a815adab0b4749b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f2:12:e9:78:5c:a8:9c:b4:0c:f2:f6:8c:94:
22:72:71:e1:4d:69:93:79:ce:65:69:65:80:f9:1a:
ed:5a:26:f4:fd:50:71:da:1f:fb:99:03:f0:95:6a:
1c:69:7f:3d:a7:32:42:83:97:9c:b2:06:60:da:7a:
8c:23:9b:d5:c8:89:a2:e5:53:20:93:37:53:ba:27:
75:73:2d:24:06:eb:a4:ad:9d:2b:29:24:fd:e6:3e:
bb:d2:68:cf:db:a3:64:2b:f4:2a:f8:93:95:f6:24:
df:b5:99:6b:30:57:70:e2:4c:18:de:26:ce:7f:c0:
0a:6e:21:7b:ba:86:87:9f:bf:8b:4c:16:cb:98:aa:
f2:42:30:e5:07:40:e4:47:4d:69:fa:45:03:d4:09:
34:61:61:da:86:cb:bc:e9:e5:3f:f7:19:a6:b1:02:
37:b3:59:f6:36:75:76:8d:a9:69:c1:51:20:a1:e6:
70:68:5a:71:d9:b0:ec:76:52:c9:5d:ec:fe:92:43:
42:aa:45:27:9d:f1:ee:59:64:78:25:ac:41:51:82:
f3:7d:e1:8d:0e:88:18:73:85:af:aa:47:5e:1b:d1:
80:1f:66:11:c2:b1:c1:e6:d0:43:89:17:a8:7d:54:
bb:e6:9b:48:19:c2:49:a5:7f:e9:c0:b1:7c:dd:4f:
4d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:54:6E:16:05:BD:42:94:99:F8:1F:90:A8:15:AD:AB:0B:47:49:B4
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/qlRuFgW9QpSZ-B-QqBWtqwtHSbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.32.0-109.160.41.255
Signature Algorithm: sha256WithRSAEncryption
64:6e:7b:00:3f:b2:27:92:cd:30:9b:f1:91:4d:41:45:6a:ba:
14:51:a0:e0:ed:2b:25:d1:b6:6f:ab:a9:0a:66:a4:f4:8c:1d:
06:e8:fb:1a:94:0f:f9:be:7b:0e:03:73:ab:42:f1:7d:1d:65:
b1:1a:be:1f:08:a5:19:72:b1:e3:06:d3:f7:38:1c:44:5b:de:
cc:83:7f:16:15:e0:23:82:9f:12:e3:b7:5a:da:24:be:6a:b2:
f6:c2:b2:cf:18:e5:6d:24:62:0f:12:b6:63:59:57:b8:0c:9e:
a6:04:3d:23:51:80:b7:47:01:ba:47:58:21:64:a1:42:fa:db:
98:e4:73:a6:1c:6c:51:db:30:61:6e:a5:f3:68:e3:4e:55:d6:
59:e1:12:ff:12:48:39:8a:ec:b3:02:8e:a6:08:4b:31:ef:20:
41:43:bd:d2:56:85:c4:d2:47:0c:13:88:b1:25:be:26:6f:04:
b5:b9:14:4d:a6:41:09:58:d5:1a:e6:0a:e0:41:3e:6a:41:75:
a4:a4:4d:f3:21:dc:be:95:8a:d7:7d:27:39:5e:1a:26:93:94:
6b:55:0d:bc:5f:76:65:fd:44:77:e4:db:95:25:a9:82:bd:e1:
f3:65:71:c1:2c:7d:05:80:ba:ec:63:08:83:d1:c2:15:57:c9:
71:a0:4c:69
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZmaf2C51az8ygdxr1H1jbBMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjUwOTMwMTIwMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTU0NmUxNjA1YmQ0Mjk0OTlmODFmOTBhODE1YWRhYjBiNDc0OWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/IS6XhcqJy0DPL2jJQicnHhTWmT
ec5laWWA+RrtWib0/VBx2h/7mQPwlWocaX89pzJCg5ecsgZg2nqMI5vVyImi5VMg
kzdTuid1cy0kBuukrZ0rKST95j670mjP26NkK/Qq+JOV9iTftZlrMFdw4kwY3ibO
f8AKbiF7uoaHn7+LTBbLmKryQjDlB0DkR01p+kUD1Ak0YWHahsu86eU/9xmmsQI3
s1n2NnV2jalpwVEgoeZwaFpx2bDsdlLJXez+kkNCqkUnnfHuWWR4JaxBUYLzfeGN
DogYc4WvqkdeG9GAH2YRwrHB5tBDiReofVS75ptIGcJJpX/pwLF83U9NHwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKpUbhYFvUKUmfgfkKgVrasLR0m0MB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvcWxSdUZnVzlRcFNaLUItUXFCV3Rxd3RIU2JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAVtoCAD
BAFtoCgwDQYJKoZIhvcNAQELBQADggEBAGRuewA/sieSzTCb8ZFNQUVquhRRoODt
KyXRtm+rqQpmpPSMHQbo+xqUD/m+ew4Dc6tC8X0dZbEavh8IpRlyseMG0/c4HERb
3syDfxYV4COCnxLjt1raJL5qsvbCss8Y5W0kYg8StmNZV7gMnqYEPSNRgLdHAbpH
WCFkoUL625jkc6YcbFHbMGFupfNo405V1lnhEv8SSDmK7LMCjqYISzHvIEFDvdJW
hcTSRwwTiLElviZvBLW5FE2mQQlY1RrmCuBBPmpBdaSkTfMh3L6Vitd9JzleGiaT
lGtVDbxfdmX9RHfk25UlqYK94fNlccEsfQWAuuxjCIPRwhVXyXGgTGk=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:29 2025 by rpki-client