Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/0f0927-c29b-4698-859e-f9c180ba4801/1/QYI6qk9Zfa_51Q10YSN1VCMFzDo.roa
File: QYI6qk9Zfa_51Q10YSN1VCMFzDo.roa (raw, json)
Hash identifier: vLhteTYzXMoTEM2IXWi4847wtewoAK//TnkULC4i1CU=
Subject key identifier: 41:82:3A:AA:4F:59:7D:AF:F9:D5:0D:74:61:23:75:54:23:05:CC:3A
Certificate issuer: /CN=1f810cc3fd228338d9b969725d95bb33c4e65a48
Certificate serial: 0198E32C8BF45E3CAC76C32AD8F8FA218725
Authority key identifier: 1F:81:0C:C3:FD:22:83:38:D9:B9:69:72:5D:95:BB:33:C4:E6:5A:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H4EMw_0igzjZuWlyXZW7M8TmWkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/0f0927-c29b-4698-859e-f9c180ba4801/1/QYI6qk9Zfa_51Q10YSN1VCMFzDo.roa
Signing time: Mon 25 Aug 2025 21:40:04 +0000
ROA not before: Mon 25 Aug 2025 21:40:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3255
IP address blocks: 45.158.244.0/24 maxlen: 24
45.158.245.0/24 maxlen: 24
45.158.246.0/24 maxlen: 24
46.174.122.0/24 maxlen: 24
91.214.208.0/24 maxlen: 24
91.214.209.0/24 maxlen: 24
176.120.97.0/24 maxlen: 24
176.120.99.0/24 maxlen: 24
176.120.100.0/24 maxlen: 24
176.120.101.0/24 maxlen: 24
176.120.102.0/24 maxlen: 24
176.120.103.0/24 maxlen: 24
176.120.105.0/24 maxlen: 24
176.120.106.0/24 maxlen: 24
176.120.108.0/24 maxlen: 24
176.120.109.0/24 maxlen: 24
176.120.110.0/24 maxlen: 24
176.120.111.0/24 maxlen: 24
185.96.190.0/24 maxlen: 24
185.200.113.0/24 maxlen: 24
185.200.114.0/24 maxlen: 24
185.200.115.0/24 maxlen: 24
185.228.76.0/22 maxlen: 22
188.191.32.0/20 maxlen: 20
193.41.184.0/22 maxlen: 22
195.69.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/0f0927-c29b-4698-859e-f9c180ba4801/1/H4EMw_0igzjZuWlyXZW7M8TmWkg.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/0f0927-c29b-4698-859e-f9c180ba4801/1/H4EMw_0igzjZuWlyXZW7M8TmWkg.mft
rsync://rpki.ripe.net/repository/DEFAULT/H4EMw_0igzjZuWlyXZW7M8TmWkg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 19:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e3:2c:8b:f4:5e:3c:ac:76:c3:2a:d8:f8:fa:21:87:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f810cc3fd228338d9b969725d95bb33c4e65a48
Validity
Not Before: Aug 25 21:40:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41823aaa4f597daff9d50d74612375542305cc3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:61:db:37:49:d0:0d:fe:7e:fa:c1:5d:66:de:
de:6e:66:1a:d7:9d:82:90:03:c1:27:dd:fa:79:fc:
17:84:66:bd:1c:95:69:e4:af:d1:61:ba:04:ec:b5:
7b:26:5d:a4:a5:2a:1f:da:50:79:61:0f:15:5d:68:
6a:69:3e:fc:8d:5e:b6:37:a4:4c:65:0c:f7:54:bf:
8e:f1:78:cf:57:7a:9e:d0:7d:95:8f:ae:d4:00:38:
4a:1a:b6:1a:21:b8:ce:34:31:68:6c:b6:8e:79:fe:
19:d3:5e:e5:c9:00:f0:f1:43:36:10:c8:08:a8:08:
36:23:f4:db:bb:73:4c:ff:3c:3e:60:af:33:96:60:
ae:fe:60:b1:48:fb:fb:18:20:18:e9:1c:34:ab:8c:
95:1e:ec:0c:2f:53:4f:5f:1a:a3:11:41:a3:18:16:
3e:62:32:67:3a:10:27:1c:b8:c6:b0:ef:99:12:19:
9b:c2:1d:95:7b:8c:d6:1c:78:6d:d0:76:f3:94:bb:
3f:7f:a6:f1:5c:a8:d0:7a:2e:26:23:a6:7b:d7:22:
04:8b:f0:e9:b3:d0:7a:8f:e1:3e:e9:63:7d:84:1f:
75:e1:01:40:81:74:bf:f7:80:31:cd:ce:0a:44:9e:
0c:60:a0:36:e7:5f:7c:94:f7:5c:41:b5:0e:e5:ea:
58:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:82:3A:AA:4F:59:7D:AF:F9:D5:0D:74:61:23:75:54:23:05:CC:3A
X509v3 Authority Key Identifier:
keyid:1F:81:0C:C3:FD:22:83:38:D9:B9:69:72:5D:95:BB:33:C4:E6:5A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H4EMw_0igzjZuWlyXZW7M8TmWkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/0f0927-c29b-4698-859e-f9c180ba4801/1/QYI6qk9Zfa_51Q10YSN1VCMFzDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/0f0927-c29b-4698-859e-f9c180ba4801/1/H4EMw_0igzjZuWlyXZW7M8TmWkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.244.0-45.158.246.255
46.174.122.0/24
91.214.208.0/23
176.120.97.0/24
176.120.99.0-176.120.103.255
176.120.105.0-176.120.106.255
176.120.108.0/22
185.96.190.0/24
185.200.113.0-185.200.115.255
185.228.76.0/22
188.191.32.0/20
193.41.184.0/22
195.69.246.0/24
Signature Algorithm: sha256WithRSAEncryption
89:a8:75:2c:ea:8b:15:57:fd:d0:29:fb:1f:67:47:c5:e7:97:
c5:8e:bc:43:3b:c4:ab:43:c6:6a:65:e2:70:32:8f:91:85:ef:
4f:97:ee:1a:05:44:92:42:a3:90:a5:d8:89:00:4d:bc:e4:47:
ce:be:13:97:67:73:e9:ac:2d:6f:0b:b6:41:3e:f6:65:59:0a:
6c:67:87:85:fb:76:06:45:75:4b:17:ed:08:50:d7:98:a7:db:
47:b6:e6:bd:52:fb:91:f8:52:1e:b5:5d:d3:8d:63:cf:6d:ed:
f0:1f:35:85:d3:ce:fc:62:d9:56:a2:48:4a:bb:0a:53:ac:82:
74:83:61:bd:a0:c9:14:88:f6:6f:37:93:de:a6:b9:19:ef:b0:
01:f4:24:e8:ab:8a:55:c9:2f:c2:27:56:a4:31:a5:77:38:b4:
91:82:35:32:eb:73:44:80:82:8b:68:19:c8:db:72:d9:6b:8b:
38:66:5e:df:a7:29:72:0a:e7:08:6a:47:de:ab:12:86:5b:76:
fb:fd:87:20:bb:d5:ed:d2:87:4f:74:fe:fa:99:ee:6e:2c:65:
de:b6:b7:e9:61:9a:a6:1a:da:cd:51:cd:96:3f:12:65:38:a4:
91:7b:0e:cb:84:49:6b:32:0c:a0:10:f2:21:d1:fb:1a:f2:76:
5c:d1:16:ea
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZjjLIv0XjysdsMq2Pj6IYclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmODEwY2MzZmQyMjgzMzhkOWI5Njk3MjVkOTViYjMzYzRl
NjVhNDgwHhcNMjUwODI1MjE0MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTgyM2FhYTRmNTk3ZGFmZjlkNTBkNzQ2MTIzNzU1NDIzMDVjYzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGHbN0nQDf5++sFdZt7ebmYa152C
kAPBJ936efwXhGa9HJVp5K/RYboE7LV7Jl2kpSof2lB5YQ8VXWhqaT78jV62N6RM
ZQz3VL+O8XjPV3qe0H2Vj67UADhKGrYaIbjONDFobLaOef4Z017lyQDw8UM2EMgI
qAg2I/Tbu3NM/zw+YK8zlmCu/mCxSPv7GCAY6Rw0q4yVHuwML1NPXxqjEUGjGBY+
YjJnOhAnHLjGsO+ZEhmbwh2Ve4zWHHht0HbzlLs/f6bxXKjQei4mI6Z71yIEi/Dp
s9B6j+E+6WN9hB914QFAgXS/94Axzc4KRJ4MYKA25198lPdcQbUO5epYHQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFEGCOqpPWX2v+dUNdGEjdVQjBcw6MB8GA1UdIwQY
MBaAFB+BDMP9IoM42blpcl2VuzPE5lpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDRFTXdfMGlnempadVdseVhaVzdNOFRtV2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8wZjA5MjctYzI5Yi00Njk4LTg1OWUt
ZjljMTgwYmE0ODAxLzEvUVlJNnFrOVpmYV81MVExMFlTTjFWQ01GekRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8wZjA5MjctYzI5Yi00Njk4LTg1OWUtZjljMTgwYmE0ODAx
LzEvSDRFTXdfMGlnempadVdseVhaVzdNOFRtV2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbjAMAwQCLZ70
AwQALZ72AwQALq56AwQBW9bQAwQAsHhhMAwDBACweGMDBAOweGAwDAMEALB4aQME
ALB4agMEArB4bAMEALlgvjAMAwQAuchxAwQCuchwAwQCueRMAwQEvL8gAwQCwSm4
AwQAw0X2MA0GCSqGSIb3DQEBCwUAA4IBAQCJqHUs6osVV/3QKfsfZ0fF55fFjrxD
O8SrQ8ZqZeJwMo+Rhe9Pl+4aBUSSQqOQpdiJAE285EfOvhOXZ3PprC1vC7ZBPvZl
WQpsZ4eF+3YGRXVLF+0IUNeYp9tHtua9UvuR+FIetV3TjWPPbe3wHzWF0878YtlW
okhKuwpTrIJ0g2G9oMkUiPZvN5PeprkZ77AB9CToq4pVyS/CJ1akMaV3OLSRgjUy
63NEgIKLaBnI23LZa4s4Zl7fpylyCucIakfeqxKGW3b7/Ycgu9Xt0odPdP76me5u
LGXetrfpYZqmGtrNUc2WPxJlOKSRew7LhElrMgygEPIh0fsa8nZc0Rbq
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:40:26 2025 by rpki-client