Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/q3vGEe-aN08KeIHEPeCqAv3_NOc.roa
File: q3vGEe-aN08KeIHEPeCqAv3_NOc.roa (raw, json)
Hash identifier: XWOsWLSIYuyIz1dfDtWvXiReURmFgCZQV7CCcdjO2Qk=
Subject key identifier: AB:7B:C6:11:EF:9A:37:4F:0A:78:81:C4:3D:E0:AA:02:FD:FF:34:E7
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 019809B36BC7DDA9C13B5EA209F88E75DF4A
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/q3vGEe-aN08KeIHEPeCqAv3_NOc.roa
Signing time: Mon 14 Jul 2025 16:10:10 +0000
ROA not before: Mon 14 Jul 2025 16:10:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57380
IP address blocks: 185.103.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 21:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:b3:6b:c7:dd:a9:c1:3b:5e:a2:09:f8:8e:75:df:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Jul 14 16:10:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab7bc611ef9a374f0a7881c43de0aa02fdff34e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3d:68:55:60:a4:c2:3b:57:bd:f0:69:cb:0d:
0d:d4:98:83:f3:75:cc:8a:f6:9e:6f:44:62:b0:6e:
fa:1f:d4:13:08:a4:eb:87:47:e0:a3:74:14:06:c2:
50:a7:8b:9e:a6:f9:8c:c7:81:26:a4:1a:1a:cd:a3:
e0:b1:04:01:c1:aa:07:d6:67:54:53:f4:2f:cc:37:
74:cb:f8:62:c9:5a:69:8f:f7:f0:08:e0:46:7c:75:
cb:2e:8b:66:d4:b3:e1:f7:69:0b:f0:80:b3:90:d3:
3b:a2:b3:0b:9b:e9:2d:84:87:17:dd:96:5c:8a:a5:
b8:a2:e5:07:da:99:20:b8:99:16:32:bd:57:94:05:
db:6f:64:91:d8:76:85:ec:00:3c:86:f7:ba:55:13:
92:f3:db:8d:05:00:35:ef:db:49:b4:a2:7e:17:a6:
f6:39:67:bd:65:fe:89:0f:cc:46:ca:e8:31:54:50:
28:4c:1c:60:ab:66:0e:b0:a7:cc:bf:47:80:ef:f7:
62:ee:86:6e:7c:77:84:6e:fa:7e:d0:a5:f7:ec:d0:
73:5d:6a:78:12:72:99:2e:34:88:90:f3:04:6f:ef:
f9:bb:02:62:5b:be:73:ca:2d:1d:8e:81:55:0f:56:
c7:33:12:c3:ec:73:79:10:98:37:ad:ba:5c:12:e4:
f5:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:7B:C6:11:EF:9A:37:4F:0A:78:81:C4:3D:E0:AA:02:FD:FF:34:E7
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/q3vGEe-aN08KeIHEPeCqAv3_NOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.108.0/24
Signature Algorithm: sha256WithRSAEncryption
27:ef:e4:63:95:0c:a6:b7:13:bd:8c:8c:8e:88:48:62:bb:2d:
26:79:c2:e0:43:de:ba:8f:e4:ab:2a:95:fa:23:b5:d1:77:1a:
3c:f8:8c:0a:0f:8d:76:b2:67:c4:e5:ac:5c:f9:23:8d:48:37:
36:18:3c:f3:d2:1d:63:c5:f5:ec:e0:c4:cc:80:34:a2:2c:50:
fc:29:6a:f3:75:0e:7c:f5:26:2a:61:0a:a1:04:5a:8e:e1:a2:
e8:70:9d:dc:51:58:ba:76:4c:c0:d1:1d:20:67:29:81:2d:07:
b9:96:5b:44:3b:50:ed:7a:83:65:76:c9:12:fa:a3:c0:c1:12:
8e:6a:f3:3c:0e:3a:02:34:73:cc:0d:fb:2a:6a:bb:0e:1d:3a:
7f:06:02:14:02:ce:40:ae:90:1c:03:97:a7:3c:21:fc:09:69:
09:27:02:6e:00:6c:22:14:a9:8b:9d:5a:91:86:cb:b7:a5:95:
50:90:65:54:6c:e9:fc:b3:34:84:c9:f1:fa:99:51:c5:8d:39:
5a:36:5f:8d:64:57:c6:ff:69:e4:1e:f3:30:30:bf:f1:87:5d:
86:16:75:33:44:af:df:98:d1:4f:c2:cf:02:bb:2d:16:25:75:
21:76:00:57:c5:00:dd:24:52:72:ff:5f:ff:47:ce:e3:ab:57:
29:f8:d0:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZgJs2vH3anBO16iCfiOdd9KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjUwNzE0MTYxMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjdiYzYxMWVmOWEzNzRmMGE3ODgxYzQzZGUwYWEwMmZkZmYzNGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuT1oVWCkwjtXvfBpyw0N1JiD83XM
ivaeb0RisG76H9QTCKTrh0fgo3QUBsJQp4uepvmMx4EmpBoazaPgsQQBwaoH1mdU
U/QvzDd0y/hiyVppj/fwCOBGfHXLLotm1LPh92kL8ICzkNM7orMLm+kthIcX3ZZc
iqW4ouUH2pkguJkWMr1XlAXbb2SR2HaF7AA8hve6VROS89uNBQA179tJtKJ+F6b2
OWe9Zf6JD8xGyugxVFAoTBxgq2YOsKfMv0eA7/di7oZufHeEbvp+0KX37NBzXWp4
EnKZLjSIkPMEb+/5uwJiW75zyi0djoFVD1bHMxLD7HN5EJg3rbpcEuT1FwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKt7xhHvmjdPCniBxD3gqgL9/zTnMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvcTN2R0VlLWFOMDhLZUlIRVBlQ3FBdjNfTk9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWdsMA0G
CSqGSIb3DQEBCwUAA4IBAQAn7+RjlQymtxO9jIyOiEhiuy0mecLgQ966j+SrKpX6
I7XRdxo8+IwKD412smfE5axc+SONSDc2GDzz0h1jxfXs4MTMgDSiLFD8KWrzdQ58
9SYqYQqhBFqO4aLocJ3cUVi6dkzA0R0gZymBLQe5lltEO1DteoNldskS+qPAwRKO
avM8DjoCNHPMDfsqarsOHTp/BgIUAs5ArpAcA5enPCH8CWkJJwJuAGwiFKmLnVqR
hsu3pZVQkGVUbOn8szSEyfH6mVHFjTlaNl+NZFfG/2nkHvMwML/xh12GFnUzRK/f
mNFPws8Cuy0WJXUhdgBXxQDdJFJy/1//R87jq1cp+NC3
-----END CERTIFICATE-----
Generated at Mon Jul 21 02:06:42 2025 by rpki-client