Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/5e61f7-8363-4acc-b8a4-fe103fd3857c/1/qgdTTthzOjRLa7QV75nMnKkp5w4.roa
File: qgdTTthzOjRLa7QV75nMnKkp5w4.roa (raw, json)
Hash identifier: F0+rz8Lam1NmL6Yk8x5fjqey+/+WuThLB5gD8xHNDd0=
Subject key identifier: AA:07:53:4E:D8:73:3A:34:4B:6B:B4:15:EF:99:CC:9C:A9:29:E7:0E
Certificate issuer: /CN=6f930698733bad33c081719c7b68bd19723a5a77
Certificate serial: 0197F381A31DD42A9B6BDED45D1B76A43110
Authority key identifier: 6F:93:06:98:73:3B:AD:33:C0:81:71:9C:7B:68:BD:19:72:3A:5A:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b5MGmHM7rTPAgXGce2i9GXI6Wnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/5e61f7-8363-4acc-b8a4-fe103fd3857c/1/qgdTTthzOjRLa7QV75nMnKkp5w4.roa
Signing time: Thu 10 Jul 2025 08:44:08 +0000
ROA not before: Thu 10 Jul 2025 08:44:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 194.153.76.0/24 maxlen: 24
194.153.77.0/24 maxlen: 24
194.153.102.0/24 maxlen: 24
194.153.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/5e61f7-8363-4acc-b8a4-fe103fd3857c/1/b5MGmHM7rTPAgXGce2i9GXI6Wnc.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/5e61f7-8363-4acc-b8a4-fe103fd3857c/1/b5MGmHM7rTPAgXGce2i9GXI6Wnc.mft
rsync://rpki.ripe.net/repository/DEFAULT/b5MGmHM7rTPAgXGce2i9GXI6Wnc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 02:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f3:81:a3:1d:d4:2a:9b:6b:de:d4:5d:1b:76:a4:31:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f930698733bad33c081719c7b68bd19723a5a77
Validity
Not Before: Jul 10 08:44:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa07534ed8733a344b6bb415ef99cc9ca929e70e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9e:14:64:b6:c4:79:c7:a7:9a:70:32:0e:24:
dc:9d:21:fc:bb:8a:7a:56:53:71:15:42:30:7e:34:
fa:8b:42:31:b2:e2:fd:a5:a4:52:e5:9c:fb:51:9a:
cc:c3:88:86:d7:59:6c:c9:03:25:c3:01:59:b2:59:
6f:5e:2d:4a:48:ee:3c:3a:96:89:06:18:1e:24:84:
a8:f7:aa:f0:f1:76:6d:da:f1:f9:66:68:a0:9e:c5:
92:b0:a3:7a:38:47:33:19:df:b5:60:1d:7c:c4:86:
4f:f7:88:4d:8a:62:cf:ee:bf:f2:ca:80:c0:d0:b7:
cc:7e:29:6c:15:4c:26:fa:b6:e9:86:d9:e3:2c:57:
78:3d:4f:a4:4c:77:a3:6f:2f:cb:7d:af:3c:2d:d4:
ba:eb:53:18:2f:b3:cd:0c:99:3c:59:1c:e1:16:13:
5b:28:f6:e6:83:76:80:c2:e1:86:94:a3:0d:a2:2d:
8e:6d:ae:ca:d7:95:0c:01:d9:4e:6d:81:b4:e9:b1:
62:b5:05:14:71:3d:1f:da:92:bd:7f:f3:00:06:f1:
f0:7d:22:4a:08:9d:b9:72:e3:24:c0:ce:4b:4e:1f:
c8:f9:67:5d:d5:32:9d:f7:b3:7e:d3:48:6b:af:7f:
f2:09:21:17:32:36:67:37:90:e1:59:97:7e:86:c2:
71:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:07:53:4E:D8:73:3A:34:4B:6B:B4:15:EF:99:CC:9C:A9:29:E7:0E
X509v3 Authority Key Identifier:
keyid:6F:93:06:98:73:3B:AD:33:C0:81:71:9C:7B:68:BD:19:72:3A:5A:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5MGmHM7rTPAgXGce2i9GXI6Wnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/5e61f7-8363-4acc-b8a4-fe103fd3857c/1/qgdTTthzOjRLa7QV75nMnKkp5w4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/5e61f7-8363-4acc-b8a4-fe103fd3857c/1/b5MGmHM7rTPAgXGce2i9GXI6Wnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.76.0/23
194.153.102.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:9e:f1:51:f3:1d:cc:bd:41:cd:87:ec:fd:2e:82:2a:be:f3:
f5:8a:07:13:bb:6a:a0:92:a6:c6:59:39:39:f8:2d:07:be:e7:
1e:a7:64:7f:19:c3:7e:41:4e:f0:19:d6:f9:6e:66:1b:86:38:
8e:07:fc:07:fd:1f:5b:98:c8:a4:5f:f4:51:32:fd:1c:7f:64:
ef:75:59:da:ff:1d:05:62:62:01:cf:e6:15:d8:7b:ad:da:d2:
c9:6b:a9:01:5e:92:22:66:9b:37:d2:61:89:d9:1f:23:d1:4a:
07:85:cb:ef:37:fe:92:6e:3c:3c:aa:0e:20:bf:33:f8:14:a8:
9b:d1:08:11:74:d7:71:6c:62:94:5c:01:4b:c5:0c:c8:36:40:
a5:63:19:83:2d:0c:0c:45:4d:16:0a:c3:49:f0:10:e4:7f:cf:
e5:49:b9:b7:27:2d:72:32:9f:f9:d0:7d:65:71:94:fa:c0:be:
61:d3:a8:e8:e6:82:48:f6:e6:2c:79:4c:87:c5:d8:90:70:c5:
ea:39:f8:9a:bf:16:a0:65:79:70:29:30:61:57:c7:20:6f:eb:
dd:fa:f6:60:9e:26:8e:f3:fa:c1:0e:2e:75:ff:86:03:c0:35:
a9:67:5e:59:c2:ee:cd:43:73:2a:49:8d:c7:ff:7a:b7:dc:a1:
24:85:2c:94
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZfzgaMd1Cqba97UXRt2pDEQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmOTMwNjk4NzMzYmFkMzNjMDgxNzE5YzdiNjhiZDE5NzIz
YTVhNzcwHhcNMjUwNzEwMDg0NDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTA3NTM0ZWQ4NzMzYTM0NGI2YmI0MTVlZjk5Y2M5Y2E5MjllNzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwp4UZLbEecenmnAyDiTcnSH8u4p6
VlNxFUIwfjT6i0IxsuL9paRS5Zz7UZrMw4iG11lsyQMlwwFZsllvXi1KSO48OpaJ
BhgeJISo96rw8XZt2vH5ZmignsWSsKN6OEczGd+1YB18xIZP94hNimLP7r/yyoDA
0LfMfilsFUwm+rbphtnjLFd4PU+kTHejby/Lfa88LdS661MYL7PNDJk8WRzhFhNb
KPbmg3aAwuGGlKMNoi2Oba7K15UMAdlObYG06bFitQUUcT0f2pK9f/MABvHwfSJK
CJ25cuMkwM5LTh/I+Wdd1TKd97N+00hrr3/yCSEXMjZnN5DhWZd+hsJxpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKoHU07Yczo0S2u0Fe+ZzJypKecOMB8GA1UdIwQY
MBaAFG+TBphzO60zwIFxnHtovRlyOlp3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjVNR21ITTdyVFBBZ1hHY2UyaTlHWEk2V25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS81ZTYxZjctODM2My00YWNjLWI4YTQt
ZmUxMDNmZDM4NTdjLzEvcWdkVFR0aHpPalJMYTdRVjc1bk1uS2twNXc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS81ZTYxZjctODM2My00YWNjLWI4YTQtZmUxMDNmZDM4NTdj
LzEvYjVNR21ITTdyVFBBZ1hHY2UyaTlHWEk2V25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwplMAwQB
wplmMA0GCSqGSIb3DQEBCwUAA4IBAQALnvFR8x3MvUHNh+z9LoIqvvP1igcTu2qg
kqbGWTk5+C0Hvucep2R/GcN+QU7wGdb5bmYbhjiOB/wH/R9bmMikX/RRMv0cf2Tv
dVna/x0FYmIBz+YV2Hut2tLJa6kBXpIiZps30mGJ2R8j0UoHhcvvN/6Sbjw8qg4g
vzP4FKib0QgRdNdxbGKUXAFLxQzINkClYxmDLQwMRU0WCsNJ8BDkf8/lSbm3Jy1y
Mp/50H1lcZT6wL5h06jo5oJI9uYseUyHxdiQcMXqOfiavxagZXlwKTBhV8cgb+vd
+vZgniaO8/rBDi51/4YDwDWpZ15Zwu7NQ3MqSY3H/3q33KEkhSyU
-----END CERTIFICATE-----
Generated at Sun Jul 20 09:34:51 2025 by rpki-client