Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/QYFyLiA_3R6huFbxIua2tfyfZxw.roa
File: QYFyLiA_3R6huFbxIua2tfyfZxw.roa (raw, json)
Hash identifier: mx0YJqmSn+IbdyskP4BBrOaMK8O15GO8GpWVAXfey/k=
Subject key identifier: 41:81:72:2E:20:3F:DD:1E:A1:B8:56:F1:22:E6:B6:B5:FC:9F:67:1C
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 0197E559953FE8E86F780F4752A5A952DABC
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/QYFyLiA_3R6huFbxIua2tfyfZxw.roa
Signing time: Mon 07 Jul 2025 14:45:42 +0000
ROA not before: Mon 07 Jul 2025 14:45:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 185.68.244.0/24 maxlen: 24
185.104.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 20:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e5:59:95:3f:e8:e8:6f:78:0f:47:52:a5:a9:52:da:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jul 7 14:45:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4181722e203fdd1ea1b856f122e6b6b5fc9f671c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:cf:39:c6:c6:e4:e7:32:6d:63:9e:52:6f:22:
0f:75:71:20:d9:3f:23:b9:e2:aa:9e:e8:e1:be:67:
63:5c:44:40:82:3f:00:df:16:00:c7:db:2e:16:55:
6f:20:7c:93:f5:c6:0a:f9:87:43:2e:67:3f:bf:bc:
3c:40:0f:bd:f9:fe:08:d2:e0:5f:4d:4e:ac:ec:dc:
c3:9f:61:c0:92:40:74:41:35:23:e9:36:9f:97:3e:
ea:90:18:cf:12:08:95:65:ae:55:fd:52:68:46:ee:
a9:af:43:41:11:22:e5:3e:69:ad:7a:d3:d3:e7:c6:
a2:ea:bb:51:64:63:34:ed:57:6d:ec:74:e4:ae:83:
30:07:f7:4a:5d:3e:c4:4f:c1:cc:70:d0:d5:24:77:
eb:81:58:31:80:4c:e9:32:f8:90:16:41:74:06:07:
e0:59:cc:63:12:c8:fc:25:7a:a0:c2:73:53:9f:a0:
d4:c4:51:1c:f3:ec:a8:8d:82:45:c1:27:43:bb:47:
b1:a0:fd:3b:80:df:62:18:82:c5:2b:2f:6e:93:84:
ac:8c:34:e1:9a:52:49:92:51:3d:48:b0:4f:11:3e:
4c:23:c6:b2:99:d0:5f:5b:d1:29:7a:2a:05:e3:a3:
2c:2e:cd:5c:7a:4a:db:6f:50:25:12:39:32:43:ab:
6e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:81:72:2E:20:3F:DD:1E:A1:B8:56:F1:22:E6:B6:B5:FC:9F:67:1C
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/QYFyLiA_3R6huFbxIua2tfyfZxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.244.0/24
185.104.151.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:4a:55:9f:46:fb:a5:fc:17:ce:f9:d9:73:6c:f7:08:d3:99:
dc:21:dc:ce:bf:b3:f9:c4:f8:95:db:b0:ca:77:1d:a2:fb:7a:
5a:35:d9:4b:69:46:f0:3d:2e:b7:d3:3d:82:bb:3b:22:d2:ad:
18:16:40:ef:7c:ae:02:f5:6b:6e:00:c6:e4:3c:0a:b6:ec:f6:
28:7c:1c:a7:30:24:54:f7:6d:6a:49:6f:de:53:8e:95:6b:c5:
31:2c:e1:a7:b3:7c:ed:00:f0:1e:f7:9a:98:97:37:77:12:4e:
19:0d:fd:98:0d:a7:19:72:45:56:af:83:7b:68:c9:ab:19:dd:
fd:b0:c2:9c:4f:a9:ee:e9:ab:50:e6:48:94:80:ed:db:93:bc:
8b:d2:b5:15:8e:c5:c2:c4:e5:cb:48:40:aa:f8:f3:bb:4a:1f:
5f:03:7c:71:4e:1f:fa:25:09:c8:92:a5:a5:38:ca:80:c6:1d:
24:3e:f8:2f:f2:6b:70:86:5f:74:f8:9f:54:c5:f7:06:5b:2b:
4b:a1:0a:24:ce:1e:ec:d6:e4:49:89:ba:7d:34:a3:67:ad:ca:
97:9e:51:4e:b4:a6:96:05:8a:73:8e:42:d8:ad:b6:ec:f4:fc:
2d:e5:ee:ac:b4:5e:c3:a3:8f:fc:82:02:00:37:ef:55:80:63:
91:5b:e4:b8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZflWZU/6OhveA9HUqWpUtq8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwNzA3MTQ0NTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTgxNzIyZTIwM2ZkZDFlYTFiODU2ZjEyMmU2YjZiNWZjOWY2NzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1M85xsbk5zJtY55SbyIPdXEg2T8j
ueKqnujhvmdjXERAgj8A3xYAx9suFlVvIHyT9cYK+YdDLmc/v7w8QA+9+f4I0uBf
TU6s7NzDn2HAkkB0QTUj6Taflz7qkBjPEgiVZa5V/VJoRu6pr0NBESLlPmmtetPT
58ai6rtRZGM07Vdt7HTkroMwB/dKXT7ET8HMcNDVJHfrgVgxgEzpMviQFkF0Bgfg
WcxjEsj8JXqgwnNTn6DUxFEc8+yojYJFwSdDu0exoP07gN9iGILFKy9uk4SsjDTh
mlJJklE9SLBPET5MI8aymdBfW9EpeioF46MsLs1cekrbb1AlEjkyQ6tuyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEGBci4gP90eobhW8SLmtrX8n2ccMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvUVlGeUxpQV8zUjZodUZieEl1YTJ0ZnlmWnh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuUT0AwQA
uWiXMA0GCSqGSIb3DQEBCwUAA4IBAQCMSlWfRvul/BfO+dlzbPcI05ncIdzOv7P5
xPiV27DKdx2i+3paNdlLaUbwPS630z2Cuzsi0q0YFkDvfK4C9WtuAMbkPAq27PYo
fBynMCRU921qSW/eU46Va8UxLOGns3ztAPAe95qYlzd3Ek4ZDf2YDacZckVWr4N7
aMmrGd39sMKcT6nu6atQ5kiUgO3bk7yL0rUVjsXCxOXLSECq+PO7Sh9fA3xxTh/6
JQnIkqWlOMqAxh0kPvgv8mtwhl90+J9UxfcGWytLoQokzh7s1uRJibp9NKNnrcqX
nlFOtKaWBYpzjkLYrbbs9Pwt5e6stF7Do4/8ggIAN+9VgGORW+S4
-----END CERTIFICATE-----
Generated at Tue Jul 22 04:37:00 2025 by rpki-client