Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/21b7ce-2ec6-479e-8a4d-84f90593913c/1/SQ2_vb8pZ2pKG_CAnGQ99aAzhXc.roa
File: SQ2_vb8pZ2pKG_CAnGQ99aAzhXc.roa (raw, json)
Hash identifier: BeWy+dlaJycBkNeRNkXcy0pfdCOJIP2bN9zt/qAhbUY=
Subject key identifier: 49:0D:BF:BD:BF:29:67:6A:4A:1B:F0:80:9C:64:3D:F5:A0:33:85:77
Certificate issuer: /CN=5ad943a41ce27e7b7bcfdff69a89c3e337ea63b5
Certificate serial: 0199E8881EC918E25D55AB922198C14DF250
Authority key identifier: 5A:D9:43:A4:1C:E2:7E:7B:7B:CF:DF:F6:9A:89:C3:E3:37:EA:63:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WtlDpBzifnt7z9_2monD4zfqY7U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/21b7ce-2ec6-479e-8a4d-84f90593913c/1/SQ2_vb8pZ2pKG_CAnGQ99aAzhXc.roa
Signing time: Wed 15 Oct 2025 15:40:58 +0000
ROA not before: Wed 15 Oct 2025 15:40:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8218
IP address blocks: 194.127.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/21b7ce-2ec6-479e-8a4d-84f90593913c/1/WtlDpBzifnt7z9_2monD4zfqY7U.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/21b7ce-2ec6-479e-8a4d-84f90593913c/1/WtlDpBzifnt7z9_2monD4zfqY7U.mft
rsync://rpki.ripe.net/repository/DEFAULT/WtlDpBzifnt7z9_2monD4zfqY7U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 09:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e8:88:1e:c9:18:e2:5d:55:ab:92:21:98:c1:4d:f2:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ad943a41ce27e7b7bcfdff69a89c3e337ea63b5
Validity
Not Before: Oct 15 15:40:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=490dbfbdbf29676a4a1bf0809c643df5a0338577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:af:0e:66:b6:cb:68:6c:fd:b5:46:ca:ff:00:
62:ab:33:f4:d6:3e:48:6b:6d:1a:4c:1e:ed:0d:64:
7d:3b:44:b0:85:bc:7f:61:be:33:e9:26:e7:31:c4:
0f:15:be:b5:fb:75:a0:a7:c3:e3:26:15:7d:bc:71:
50:da:ab:a8:5e:73:42:e8:52:48:26:d7:00:2a:27:
a8:64:81:70:a1:0c:ba:31:c9:25:0d:95:8a:6c:0e:
0c:83:05:59:36:8a:39:08:34:63:30:c1:74:cf:fe:
8d:fb:ae:31:b7:cc:1d:c6:75:78:52:56:b2:06:8e:
08:f7:1a:b7:b4:be:dc:50:a2:4a:be:86:8d:c5:ca:
aa:7b:73:6c:d2:1f:9c:dd:92:2d:8c:5e:d1:64:bd:
18:d8:c0:12:08:fc:27:81:c8:b8:c3:d5:58:1a:3c:
49:e1:3c:eb:57:c1:47:14:95:d8:db:4e:9b:82:12:
c6:46:cb:6d:b5:44:32:c6:1f:8a:bb:54:3e:cb:6d:
e0:96:aa:4a:6c:97:cd:43:23:c5:0f:d0:31:26:a8:
44:f3:9a:80:b2:1f:c7:d1:80:e7:93:66:5c:c8:7b:
33:7e:7a:ab:35:c9:34:02:4a:b3:08:1f:87:11:91:
70:6e:57:22:a0:74:da:47:42:e7:65:e6:8c:6e:b1:
db:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:0D:BF:BD:BF:29:67:6A:4A:1B:F0:80:9C:64:3D:F5:A0:33:85:77
X509v3 Authority Key Identifier:
keyid:5A:D9:43:A4:1C:E2:7E:7B:7B:CF:DF:F6:9A:89:C3:E3:37:EA:63:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WtlDpBzifnt7z9_2monD4zfqY7U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/21b7ce-2ec6-479e-8a4d-84f90593913c/1/SQ2_vb8pZ2pKG_CAnGQ99aAzhXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/21b7ce-2ec6-479e-8a4d-84f90593913c/1/WtlDpBzifnt7z9_2monD4zfqY7U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.127.245.0/24
Signature Algorithm: sha256WithRSAEncryption
83:db:1b:ea:ca:1b:eb:82:34:7c:58:4d:3c:b0:5d:72:94:62:
f0:14:ad:d6:bb:8b:1d:27:9f:0b:c0:6c:62:e1:3a:55:39:13:
93:0d:87:6a:3f:ae:06:9f:c0:eb:27:33:19:ff:01:53:6d:e3:
07:90:ad:56:e2:35:c0:1b:26:f5:c0:ae:d7:f7:d4:b5:14:c5:
ef:f1:d5:ea:80:7a:a0:7c:f9:64:fe:b1:4f:a4:d2:4f:0c:41:
60:ab:b4:ad:de:6c:19:40:e3:0c:74:27:c8:8f:07:5a:37:21:
b1:c7:56:0e:16:38:38:11:84:e4:c3:40:9d:85:45:be:71:54:
c5:29:83:fb:e6:07:4a:1a:ec:8c:1d:39:f8:10:85:48:c0:f1:
3c:1f:16:3c:32:d8:be:8f:de:5c:e8:04:1b:82:22:34:3d:3c:
3a:bf:d7:e6:a9:1a:c4:78:79:e8:e2:71:c3:44:3a:2c:59:83:
17:39:c3:89:2d:b4:37:e0:4d:f6:7a:cb:19:f9:a7:c3:3c:40:
b6:cd:1d:51:a5:32:ef:6a:29:fd:15:76:7b:55:bd:cc:65:cf:
5d:25:22:d4:b7:31:99:42:7e:f7:5c:f3:ef:79:7a:90:50:18:
3b:31:cc:95:1f:7c:b2:75:63:f6:90:e3:10:69:01:bb:98:24:
7a:5b:b8:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZnoiB7JGOJdVauSIZjBTfJQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZDk0M2E0MWNlMjdlN2I3YmNmZGZmNjlhODljM2UzMzdl
YTYzYjUwHhcNMjUxMDE1MTU0MDU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTBkYmZiZGJmMjk2NzZhNGExYmYwODA5YzY0M2RmNWEwMzM4NTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoa8OZrbLaGz9tUbK/wBiqzP01j5I
a20aTB7tDWR9O0Swhbx/Yb4z6SbnMcQPFb61+3Wgp8PjJhV9vHFQ2quoXnNC6FJI
JtcAKieoZIFwoQy6McklDZWKbA4MgwVZNoo5CDRjMMF0z/6N+64xt8wdxnV4Ulay
Bo4I9xq3tL7cUKJKvoaNxcqqe3Ns0h+c3ZItjF7RZL0Y2MASCPwngci4w9VYGjxJ
4TzrV8FHFJXY206bghLGRstttUQyxh+Ku1Q+y23glqpKbJfNQyPFD9AxJqhE85qA
sh/H0YDnk2ZcyHszfnqrNck0AkqzCB+HEZFwblcioHTaR0LnZeaMbrHbzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEkNv72/KWdqShvwgJxkPfWgM4V3MB8GA1UdIwQY
MBaAFFrZQ6Qc4n57e8/f9pqJw+M36mO1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3RsRHBCemlmbnQ3ejlfMm1vbkQ0emZxWTdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8yMWI3Y2UtMmVjNi00NzllLThhNGQt
ODRmOTA1OTM5MTNjLzEvU1EyX3ZiOHBaMnBLR19DQW5HUTk5YUF6aFhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8yMWI3Y2UtMmVjNi00NzllLThhNGQtODRmOTA1OTM5MTNj
LzEvV3RsRHBCemlmbnQ3ejlfMm1vbkQ0emZxWTdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwn/1MA0G
CSqGSIb3DQEBCwUAA4IBAQCD2xvqyhvrgjR8WE08sF1ylGLwFK3Wu4sdJ58LwGxi
4TpVOROTDYdqP64Gn8DrJzMZ/wFTbeMHkK1W4jXAGyb1wK7X99S1FMXv8dXqgHqg
fPlk/rFPpNJPDEFgq7St3mwZQOMMdCfIjwdaNyGxx1YOFjg4EYTkw0CdhUW+cVTF
KYP75gdKGuyMHTn4EIVIwPE8HxY8Mti+j95c6AQbgiI0PTw6v9fmqRrEeHno4nHD
RDosWYMXOcOJLbQ34E32essZ+afDPEC2zR1RpTLvain9FXZ7Vb3MZc9dJSLUtzGZ
Qn73XPPveXqQUBg7McyVH3yydWP2kOMQaQG7mCR6W7hQ
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:09:31 2025 by rpki-client