Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/QX_dgcVhQDsx-mpByqauoEERjFg.roa
File: QX_dgcVhQDsx-mpByqauoEERjFg.roa (raw, json)
Hash identifier: Gg8dZiyoxHAZtCtNhhPYhMk7rDGtAgiUyurMSdg1pPM=
Subject key identifier: 41:7F:DD:81:C5:61:40:3B:31:FA:6A:41:CA:A6:AE:A0:41:11:8C:58
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0197936205264CDABDD8AE3BFE7C27D4A3FC
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/QX_dgcVhQDsx-mpByqauoEERjFg.roa
Signing time: Sat 21 Jun 2025 16:46:04 +0000
ROA not before: Sat 21 Jun 2025 16:46:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57580
IP address blocks: 2.63.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 20:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:93:62:05:26:4c:da:bd:d8:ae:3b:fe:7c:27:d4:a3:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jun 21 16:46:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=417fdd81c561403b31fa6a41caa6aea041118c58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:aa:4e:a3:44:a0:11:fe:b6:60:14:b6:27:fd:
88:b8:c2:19:ae:3a:4d:77:cb:02:ad:12:f1:f5:43:
f5:48:c3:c3:58:24:24:f3:4f:6a:fb:88:85:5d:72:
86:a8:25:c1:6f:bb:17:37:f4:f0:c6:f1:23:84:ff:
db:0c:be:78:4d:ed:0e:e4:ed:d0:c6:39:ab:05:cb:
9f:2c:57:35:48:a5:8e:50:da:7f:6f:7f:73:3b:61:
c4:ec:fe:74:6b:de:c5:4f:f1:92:89:cf:9c:db:15:
37:5d:b8:ec:7c:1f:9d:77:2e:c4:5f:db:85:7f:55:
91:fe:ab:9e:67:30:0b:b4:9b:47:8f:bc:e7:e3:66:
19:44:3b:36:ca:41:e8:b5:b2:c9:71:37:1a:4b:ab:
96:17:5b:70:24:82:fb:e9:97:9d:42:07:df:81:17:
19:38:24:dc:4e:38:f7:2e:af:fe:7c:50:81:1b:56:
0d:63:4e:83:02:b6:77:8d:63:3c:01:80:33:10:e9:
b8:80:a9:a5:12:2e:5c:9f:44:5d:d2:a0:53:1d:a3:
06:22:e8:0a:52:80:28:e8:d3:45:8c:26:11:84:fd:
77:f7:47:79:18:38:63:8f:16:59:38:1c:e9:96:0d:
50:d6:bf:fa:7b:2a:8b:87:3e:21:e0:20:19:5c:5b:
c5:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:7F:DD:81:C5:61:40:3B:31:FA:6A:41:CA:A6:AE:A0:41:11:8C:58
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/QX_dgcVhQDsx-mpByqauoEERjFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.63.170.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:37:86:d9:da:c3:f2:72:78:be:94:3e:ea:62:25:59:3a:fe:
cf:b3:58:7c:fe:28:48:41:04:ad:7e:87:2f:76:c8:9b:f2:a1:
1c:ee:54:53:56:61:78:b1:da:41:2a:63:06:f2:69:a0:c6:b4:
a0:61:ea:9f:82:23:4f:dd:be:e1:cc:02:d7:14:99:15:54:b9:
47:11:22:e8:b4:ff:2d:e6:df:df:71:5d:10:14:be:27:85:c9:
77:b4:ed:05:27:c8:cb:a8:cd:60:67:61:dd:42:8f:c5:d9:d9:
3e:68:9e:08:63:13:a2:39:d5:cf:f1:17:2e:d5:30:3e:66:6f:
9a:8d:aa:69:2e:9e:92:b8:a5:53:69:f9:da:0f:c3:2d:57:e0:
75:44:b5:48:df:6a:1a:73:39:6f:5a:9b:ab:5e:1f:e9:4a:48:
6c:da:b4:0c:bb:85:79:94:90:81:bd:c4:e8:7e:f2:34:1e:6c:
b1:27:57:f6:84:c1:cb:ce:33:3f:00:a0:16:9f:e2:f6:39:c3:
83:85:db:fb:67:5a:28:56:b9:4a:1c:e1:f2:a8:6d:be:00:c1:
4f:b5:3b:cf:eb:b7:f3:3a:89:31:0e:f7:06:d3:49:71:9a:b4:
12:5b:cc:91:8c:9c:78:a9:a6:eb:c8:f1:05:81:f5:4b:a8:f3:
ce:6c:df:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZeTYgUmTNq92K47/nwn1KP8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwNjIxMTY0NjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTdmZGQ4MWM1NjE0MDNiMzFmYTZhNDFjYWE2YWVhMDQxMTE4YzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqpOo0SgEf62YBS2J/2IuMIZrjpN
d8sCrRLx9UP1SMPDWCQk809q+4iFXXKGqCXBb7sXN/TwxvEjhP/bDL54Te0O5O3Q
xjmrBcufLFc1SKWOUNp/b39zO2HE7P50a97FT/GSic+c2xU3XbjsfB+ddy7EX9uF
f1WR/queZzALtJtHj7zn42YZRDs2ykHotbLJcTcaS6uWF1twJIL76ZedQgffgRcZ
OCTcTjj3Lq/+fFCBG1YNY06DArZ3jWM8AYAzEOm4gKmlEi5cn0Rd0qBTHaMGIugK
UoAo6NNFjCYRhP1390d5GDhjjxZZOBzplg1Q1r/6eyqLhz4h4CAZXFvFiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEF/3YHFYUA7MfpqQcqmrqBBEYxYMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvUVhfZGdjVmhRRHN4LW1wQnlxYXVvRUVSakZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAj+qMA0G
CSqGSIb3DQEBCwUAA4IBAQANN4bZ2sPycni+lD7qYiVZOv7Ps1h8/ihIQQStfocv
dsib8qEc7lRTVmF4sdpBKmMG8mmgxrSgYeqfgiNP3b7hzALXFJkVVLlHESLotP8t
5t/fcV0QFL4nhcl3tO0FJ8jLqM1gZ2HdQo/F2dk+aJ4IYxOiOdXP8Rcu1TA+Zm+a
jappLp6SuKVTafnaD8MtV+B1RLVI32oaczlvWpurXh/pSkhs2rQMu4V5lJCBvcTo
fvI0HmyxJ1f2hMHLzjM/AKAWn+L2OcODhdv7Z1ooVrlKHOHyqG2+AMFPtTvP67fz
OokxDvcG00lxmrQSW8yRjJx4qabryPEFgfVLqPPObN80
-----END CERTIFICATE-----
Generated at Thu Jul 3 00:17:57 2025 by rpki-client