Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/QaWBfRtWPY-n0iuowjwjctkx8AM.roa
File: QaWBfRtWPY-n0iuowjwjctkx8AM.roa (raw, json)
Hash identifier: 78ubAB57S313JEmndsQPiMOZlw7cdrI8ODevrhwwX9o=
Subject key identifier: 41:A5:81:7D:1B:56:3D:8F:A7:D2:2B:A8:C2:3C:23:72:D9:31:F0:03
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 01989DC70EBBF48AA5972A531DB5D992C253
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/QaWBfRtWPY-n0iuowjwjctkx8AM.roa
Signing time: Tue 12 Aug 2025 10:15:25 +0000
ROA not before: Tue 12 Aug 2025 10:15:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35125
IP address blocks: 85.174.140.0/23 maxlen: 23
95.158.192.0/18 maxlen: 18
212.3.128.0/19 maxlen: 19
212.3.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:9d:c7:0e:bb:f4:8a:a5:97:2a:53:1d:b5:d9:92:c2:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Aug 12 10:15:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41a5817d1b563d8fa7d22ba8c23c2372d931f003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9d:a9:40:f9:5e:e2:e6:23:da:35:2c:44:24:
a0:5c:6d:cd:1b:de:b5:06:5a:73:bc:c1:cf:35:99:
64:3a:fb:12:17:55:8d:f0:e1:1a:25:96:d8:2e:d5:
bb:4a:c6:ea:68:43:90:0a:3b:cb:4c:ec:ee:4e:19:
95:29:a6:2e:e4:0f:49:e3:e8:23:88:b3:cf:e4:01:
17:05:59:04:62:f9:b5:c6:a6:c4:e3:dc:a8:b4:31:
e2:23:55:cd:7a:ed:7d:cd:e2:ba:fa:fd:7f:95:c7:
08:6e:d7:0e:23:de:1c:1a:87:09:9c:14:9d:23:84:
36:02:3a:86:57:1a:55:48:33:59:ba:78:36:7f:7f:
5d:3b:ad:0f:d3:5c:dc:7c:ba:0b:cf:fb:62:70:8d:
17:cd:ad:2d:11:77:0c:f7:70:d1:34:11:8d:6e:f0:
39:d0:10:e5:da:84:aa:47:01:85:ea:6c:a0:96:24:
93:e8:88:52:fd:a5:6f:c1:39:f7:91:8d:09:50:bf:
1c:98:cf:14:41:9e:80:ef:f6:dd:67:34:33:92:11:
44:58:e4:b9:fe:bb:80:e2:1d:fc:6a:8e:2d:71:58:
6e:90:6a:46:c8:c1:d5:2a:ab:19:cc:b8:99:16:68:
9d:cf:59:2a:78:9c:59:d2:93:d3:fb:34:35:eb:2b:
aa:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A5:81:7D:1B:56:3D:8F:A7:D2:2B:A8:C2:3C:23:72:D9:31:F0:03
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/QaWBfRtWPY-n0iuowjwjctkx8AM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.174.140.0/23
95.158.192.0/18
212.3.128.0/19
Signature Algorithm: sha256WithRSAEncryption
55:e3:74:1e:16:19:e5:e6:0d:e9:89:fe:d1:b5:8f:cf:cb:e1:
19:54:09:35:ba:8b:a2:85:5f:e8:34:a2:b9:4e:56:b9:4b:7c:
ad:c9:6e:3f:ff:51:7f:5f:4d:b2:55:77:e2:87:12:44:e3:3f:
50:42:b9:39:d6:a2:fe:a8:65:69:9f:88:5d:d6:aa:7a:9d:a9:
30:b9:d3:7a:47:40:19:a6:5b:fe:f8:52:20:e4:52:4d:fa:fb:
54:09:fb:46:ab:3d:63:d3:e5:5f:cb:dc:a5:80:25:0e:40:43:
bf:02:69:67:26:65:f6:74:a4:10:aa:4d:48:73:a2:30:04:26:
f9:d5:db:36:fc:95:c6:c0:ba:6f:1c:b2:67:22:b9:d1:49:87:
ff:02:ee:73:c2:36:bf:6b:aa:c0:a6:90:d0:27:b2:41:26:f7:
1d:4b:17:3e:25:56:f2:06:f2:14:3e:34:6c:93:1d:29:0c:7e:
a8:f2:6d:47:49:e5:28:56:ee:b7:f8:cd:cb:20:05:a6:00:1f:
a6:cf:73:6f:84:d8:c7:85:e7:2e:72:a7:12:ee:a4:1c:cd:67:
87:34:f3:f5:27:3f:3d:ab:82:7a:7d:28:3f:de:75:f6:34:f6:
61:a4:9f:4b:de:fa:77:4a:ec:8b:b3:a0:6f:0e:33:21:5b:af:
2c:94:56:d4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZidxw679IqllypTHbXZksJTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwODEyMTAxNTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWE1ODE3ZDFiNTYzZDhmYTdkMjJiYThjMjNjMjM3MmQ5MzFmMDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtp2pQPle4uYj2jUsRCSgXG3NG961
BlpzvMHPNZlkOvsSF1WN8OEaJZbYLtW7SsbqaEOQCjvLTOzuThmVKaYu5A9J4+gj
iLPP5AEXBVkEYvm1xqbE49yotDHiI1XNeu19zeK6+v1/lccIbtcOI94cGocJnBSd
I4Q2AjqGVxpVSDNZung2f39dO60P01zcfLoLz/ticI0Xza0tEXcM93DRNBGNbvA5
0BDl2oSqRwGF6mygliST6IhS/aVvwTn3kY0JUL8cmM8UQZ6A7/bdZzQzkhFEWOS5
/ruA4h38ao4tcVhukGpGyMHVKqsZzLiZFmidz1kqeJxZ0pPT+zQ16yuqFQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEGlgX0bVj2Pp9IrqMI8I3LZMfADMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvUWFXQmZSdFdQWS1uMGl1b3dqd2pjdGt4OEFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVa6MAwQG
X57AAwQF1AOAMA0GCSqGSIb3DQEBCwUAA4IBAQBV43QeFhnl5g3pif7RtY/Py+EZ
VAk1uouihV/oNKK5Tla5S3ytyW4//1F/X02yVXfihxJE4z9QQrk51qL+qGVpn4hd
1qp6nakwudN6R0AZplv++FIg5FJN+vtUCftGqz1j0+Vfy9ylgCUOQEO/AmlnJmX2
dKQQqk1Ic6IwBCb51ds2/JXGwLpvHLJnIrnRSYf/Au5zwja/a6rAppDQJ7JBJvcd
Sxc+JVbyBvIUPjRskx0pDH6o8m1HSeUoVu63+M3LIAWmAB+mz3NvhNjHhecucqcS
7qQczWeHNPP1Jz89q4J6fSg/3nX2NPZhpJ9L3vp3SuyLs6BvDjMhW68slFbU
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:26:33 2025 by rpki-client