Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/Q9p0QJN6H9jyFPICDwUTafEcjBM.roa
File: Q9p0QJN6H9jyFPICDwUTafEcjBM.roa (raw, json)
Hash identifier: mJxb/ajhHCWZn7xRwovfYsrIjO7tS7X5e7MECXO/7kE=
Subject key identifier: 43:DA:74:40:93:7A:1F:D8:F2:14:F2:02:0F:05:13:69:F1:1C:8C:13
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 0197E997CB8C5F49D8D05B401C71F4C2DEA8
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/Q9p0QJN6H9jyFPICDwUTafEcjBM.roa
Signing time: Tue 08 Jul 2025 10:32:08 +0000
ROA not before: Tue 08 Jul 2025 10:32:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203020
IP address blocks: 45.142.24.0/24 maxlen: 24
103.111.0.0/22 maxlen: 32
185.153.124.0/22 maxlen: 32
185.233.124.0/22 maxlen: 32
194.113.94.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.mft
rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 06:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e9:97:cb:8c:5f:49:d8:d0:5b:40:1c:71:f4:c2:de:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Jul 8 10:32:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43da7440937a1fd8f214f2020f051369f11c8c13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:7b:a2:ab:0a:32:17:21:8e:78:c0:8f:08:a7:
44:2c:c3:dd:95:f1:58:a0:bb:d7:a0:70:43:f2:38:
01:2c:c2:34:cc:3f:c8:fe:89:ff:34:fb:e4:95:6f:
3e:ff:81:d3:b7:34:d4:4c:9f:01:77:ca:ad:76:d7:
69:a9:b6:cb:e6:91:e2:da:06:ac:54:7a:88:62:e6:
3f:d7:a7:0f:01:f6:5a:96:a5:8c:f7:18:ff:ef:50:
67:69:b5:e6:bd:6c:74:45:1b:e6:b9:80:f0:aa:74:
3d:85:d4:bc:1a:7d:99:3b:7a:6e:f7:e1:43:82:06:
f5:47:2e:0e:df:94:cc:15:9f:e4:90:c5:b6:5d:87:
6d:39:ca:f8:83:6c:b8:52:4d:03:de:17:a2:73:20:
cc:a4:b2:35:48:d4:f1:3a:05:90:f5:bb:1e:bb:13:
10:f0:39:57:58:6e:34:b3:c8:05:e0:15:92:8f:f1:
12:d1:74:d2:e5:4f:f8:e0:0d:2e:d2:20:17:87:1d:
1e:87:13:74:7d:6a:80:f5:2c:cb:9c:59:62:76:a8:
61:09:18:2a:48:82:ad:af:9e:6f:c5:33:9f:3a:7e:
63:67:f9:31:c7:83:06:52:9d:0f:90:d7:22:63:bb:
b9:f1:23:f7:ad:2a:42:20:ba:00:b0:84:ba:8b:82:
68:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:DA:74:40:93:7A:1F:D8:F2:14:F2:02:0F:05:13:69:F1:1C:8C:13
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/Q9p0QJN6H9jyFPICDwUTafEcjBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.24.0/24
103.111.0.0/22
185.153.124.0/22
185.233.124.0/22
194.113.94.0/23
Signature Algorithm: sha256WithRSAEncryption
96:c6:59:cf:27:63:ca:f3:c3:7e:7e:1d:dd:e9:95:f6:ee:a9:
04:1e:4a:49:43:fa:cf:03:81:bf:13:0b:3b:39:20:00:be:76:
ea:7d:2f:78:80:02:2e:fa:11:a2:f4:04:f8:78:d0:e5:14:c7:
17:a9:c1:29:88:02:b1:21:f4:51:4e:4a:e2:d1:b1:e1:47:d6:
5a:62:d6:75:93:05:38:ff:33:24:0e:50:ef:a9:07:bf:44:78:
89:4b:90:45:e9:83:51:44:ae:ff:d1:36:23:3e:d8:20:1f:92:
2c:da:8e:bc:67:69:9e:86:60:89:54:d3:3b:1f:7f:2a:04:3d:
81:a2:96:91:e2:72:7d:53:08:1f:8a:d9:88:f1:1a:23:2a:2f:
ca:21:fe:a4:6e:ee:5c:d2:42:ff:34:78:8c:50:a1:ed:af:76:
8e:36:8b:b6:a0:e1:29:14:d5:a4:2b:31:54:bb:38:08:64:06:
0b:58:d6:e2:6f:5c:0f:0d:5e:82:53:00:37:a3:b7:12:3a:6f:
ad:de:05:fd:48:01:58:3f:b5:05:03:27:3a:01:03:a4:5b:bb:
69:44:3c:84:24:97:33:6f:8e:45:2d:1e:2d:cf:26:5a:4a:71:
f5:ea:e7:9c:0b:e1:d2:9b:c6:32:cd:47:02:13:32:0a:73:9d:
6a:15:2c:9c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZfpl8uMX0nY0FtAHHH0wt6oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh
ZmU0NGUwHhcNMjUwNzA4MTAzMjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2RhNzQ0MDkzN2ExZmQ4ZjIxNGYyMDIwZjA1MTM2OWYxMWM4YzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA03uiqwoyFyGOeMCPCKdELMPdlfFY
oLvXoHBD8jgBLMI0zD/I/on/NPvklW8+/4HTtzTUTJ8Bd8qtdtdpqbbL5pHi2gas
VHqIYuY/16cPAfZalqWM9xj/71BnabXmvWx0RRvmuYDwqnQ9hdS8Gn2ZO3pu9+FD
ggb1Ry4O35TMFZ/kkMW2XYdtOcr4g2y4Uk0D3heicyDMpLI1SNTxOgWQ9bseuxMQ
8DlXWG40s8gF4BWSj/ES0XTS5U/44A0u0iAXhx0ehxN0fWqA9SzLnFlidqhhCRgq
SIKtr55vxTOfOn5jZ/kxx4MGUp0PkNciY7u58SP3rSpCILoAsIS6i4JoFQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEPadECTeh/Y8hTyAg8FE2nxHIwTMB8GA1UdIwQY
MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct
ZmI1OTQ5ODA4ZGRjLzEvUTlwMFFKTjZIOWp5RlBJQ0R3VVRhZkVjakJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj
LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALY4YAwQC
Z28AAwQCuZl8AwQCuel8AwQBwnFeMA0GCSqGSIb3DQEBCwUAA4IBAQCWxlnPJ2PK
88N+fh3d6ZX27qkEHkpJQ/rPA4G/Ews7OSAAvnbqfS94gAIu+hGi9AT4eNDlFMcX
qcEpiAKxIfRRTkri0bHhR9ZaYtZ1kwU4/zMkDlDvqQe/RHiJS5BF6YNRRK7/0TYj
PtggH5Is2o68Z2mehmCJVNM7H38qBD2BopaR4nJ9UwgfitmI8RojKi/KIf6kbu5c
0kL/NHiMUKHtr3aONou2oOEpFNWkKzFUuzgIZAYLWNbib1wPDV6CUwA3o7cSOm+t
3gX9SAFYP7UFAyc6AQOkW7tpRDyEJJczb45FLR4tzyZaSnH16uecC+HSm8YyzUcC
EzIKc51qFSyc
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:38:29 2025 by rpki-client