Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/q5jXlLRnj1O9XNEsXWJiZvFix4Q.roa
File: q5jXlLRnj1O9XNEsXWJiZvFix4Q.roa (raw, json)
Hash identifier: fY9qxhHv3XqDW4QnA8I34U/oM+UJ7gy//X5if4F4mCk=
Subject key identifier: AB:98:D7:94:B4:67:8F:53:BD:5C:D1:2C:5D:62:62:66:F1:62:C7:84
Certificate issuer: /CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Certificate serial: 019832D08ED3270A104788077A308A4BF642
Authority key identifier: 6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/q5jXlLRnj1O9XNEsXWJiZvFix4Q.roa
Signing time: Tue 22 Jul 2025 15:46:25 +0000
ROA not before: Tue 22 Jul 2025 15:46:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211522
IP address blocks: 77.91.70.0/24 maxlen: 24
77.91.76.0/24 maxlen: 24
77.91.77.0/24 maxlen: 24
77.91.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.mft
rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 07:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:32:d0:8e:d3:27:0a:10:47:88:07:7a:30:8a:4b:f6:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Validity
Not Before: Jul 22 15:46:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab98d794b4678f53bd5cd12c5d626266f162c784
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:f2:72:58:97:fe:59:f9:69:25:5e:c6:b3:d1:
3c:91:e7:39:9a:02:d8:ea:46:6e:6b:c8:da:5a:07:
5a:64:b2:9f:60:14:0d:b9:c0:3e:a6:78:6d:b0:16:
45:96:e5:67:84:5c:1b:6b:d9:6c:23:28:f1:14:92:
83:5c:0a:40:e9:00:b0:c6:0e:af:92:98:85:a6:85:
89:74:c2:c0:96:b0:0a:81:9e:2f:74:3e:2e:5d:03:
a1:a7:68:03:af:45:9d:f3:92:8a:bd:0c:04:5a:0f:
e1:09:d8:86:7c:a3:0d:57:c5:8a:4b:39:5a:46:4f:
43:9f:e1:b3:50:69:40:53:ff:cb:8d:8e:55:41:a8:
bb:41:5e:aa:e9:5e:74:65:85:91:88:e4:be:da:e5:
f3:88:2b:4e:4b:ec:81:1e:dc:57:a4:e9:ce:90:19:
1e:88:e9:9b:90:98:12:5e:07:ed:22:be:6e:0c:be:
ba:d9:35:19:f4:7a:10:df:68:de:ad:72:45:cb:6a:
19:13:29:09:6b:36:c4:85:83:5b:47:7d:10:de:b9:
17:a1:2b:7c:b5:a8:8c:00:2f:18:b5:45:a0:e5:29:
6a:62:b6:dd:c1:9c:52:d9:b0:80:1d:67:60:f5:7a:
b9:fe:60:6c:37:9c:95:f7:94:26:a9:fd:4d:92:6c:
be:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:98:D7:94:B4:67:8F:53:BD:5C:D1:2C:5D:62:62:66:F1:62:C7:84
X509v3 Authority Key Identifier:
keyid:6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/q5jXlLRnj1O9XNEsXWJiZvFix4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.70.0/24
77.91.76.0-77.91.78.255
Signature Algorithm: sha256WithRSAEncryption
05:51:e1:dc:16:1c:75:a5:dc:75:00:ad:35:2d:12:73:73:27:
96:89:ec:85:1d:2a:56:fd:87:4a:b4:e6:6a:09:52:4c:de:9c:
ef:b0:36:83:3d:59:0c:fc:75:d9:4e:ed:3f:5e:c1:75:c6:d1:
99:1b:4b:c1:99:8d:f0:b7:9d:59:3c:10:64:12:98:06:42:29:
cc:7d:03:1a:58:ea:0a:bd:b0:0f:94:4a:51:98:8f:44:2c:22:
7d:1d:06:fd:12:4e:83:2f:62:2f:63:8b:34:71:5e:e4:8b:ef:
a6:83:30:a1:d3:46:d1:ce:e0:0f:86:75:b9:be:cc:74:a9:2c:
aa:0d:db:20:13:bb:d8:d5:4a:e6:19:84:f7:eb:71:d7:a4:64:
8a:3b:e7:58:7c:3a:31:b7:9c:16:c6:fe:76:cb:c2:fd:bb:41:
f3:dc:3b:0f:51:18:58:df:7c:92:e4:91:76:7f:5e:f2:c9:1c:
56:65:b8:55:d6:89:1e:77:80:83:be:0b:72:31:b0:1d:1f:a9:
0a:57:54:c7:f6:b8:a9:8e:4d:04:23:ec:32:3c:c6:a8:a8:d6:
11:5f:98:21:37:1f:93:e0:53:54:5b:c1:a0:f0:d7:bc:df:f6:
c8:8e:ff:75:6b:af:c1:39:ff:e1:34:c6:ae:df:6e:fd:64:53:
fa:de:00:ce
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZgy0I7TJwoQR4gHejCKS/ZCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDg4Y2VmMjhlMDJhZjdkMDBmMjk3ODE2YzU1ZjhlM2M0
M2Q1MzUwHhcNMjUwNzIyMTU0NjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjk4ZDc5NGI0Njc4ZjUzYmQ1Y2QxMmM1ZDYyNjI2NmYxNjJjNzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4fJyWJf+WflpJV7Gs9E8kec5mgLY
6kZua8jaWgdaZLKfYBQNucA+pnhtsBZFluVnhFwba9lsIyjxFJKDXApA6QCwxg6v
kpiFpoWJdMLAlrAKgZ4vdD4uXQOhp2gDr0Wd85KKvQwEWg/hCdiGfKMNV8WKSzla
Rk9Dn+GzUGlAU//LjY5VQai7QV6q6V50ZYWRiOS+2uXziCtOS+yBHtxXpOnOkBke
iOmbkJgSXgftIr5uDL662TUZ9HoQ32jerXJFy2oZEykJazbEhYNbR30Q3rkXoSt8
taiMAC8YtUWg5SlqYrbdwZxS2bCAHWdg9Xq5/mBsN5yV95Qmqf1Nkmy+NQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKuY15S0Z49TvVzRLF1iYmbxYseEMB8GA1UdIwQY
MBaAFG0IjO8o4Cr30A8peBbFX448Q9U1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYt
ZmVlOGVhZjczYjBkLzEvcTVqWGxMUm5qMU85WE5Fc1hXSmladkZpeDRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYtZmVlOGVhZjczYjBk
LzEvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQATVtGMAwD
BAJNW0wDBABNW04wDQYJKoZIhvcNAQELBQADggEBAAVR4dwWHHWl3HUArTUtEnNz
J5aJ7IUdKlb9h0q05moJUkzenO+wNoM9WQz8ddlO7T9ewXXG0ZkbS8GZjfC3nVk8
EGQSmAZCKcx9AxpY6gq9sA+USlGYj0QsIn0dBv0SToMvYi9jizRxXuSL76aDMKHT
RtHO4A+Gdbm+zHSpLKoN2yATu9jVSuYZhPfrcdekZIo751h8OjG3nBbG/nbLwv27
QfPcOw9RGFjffJLkkXZ/XvLJHFZluFXWiR53gIO+C3IxsB0fqQpXVMf2uKmOTQQj
7DI8xqio1hFfmCE3H5PgU1RbwaDw17zf9siO/3Vrr8E5/+E0xq7fbv1kU/reAM4=
-----END CERTIFICATE-----
Generated at Wed Jul 23 11:58:34 2025 by rpki-client