Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/Q-5-zMnyFGYebMIAXaLTu3zxbFE.roa
File: Q-5-zMnyFGYebMIAXaLTu3zxbFE.roa (raw, json)
Hash identifier: yNNb8HDP6im2nb+sDkyyuBmJ7HqHv0rQbFerY7Bfwrc=
Subject key identifier: 43:EE:7E:CC:C9:F2:14:66:1E:6C:C2:00:5D:A2:D3:BB:7C:F1:6C:51
Certificate issuer: /CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Certificate serial: 019856C9E64B163386BFD7D40E2194BEB677
Authority key identifier: B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/Q-5-zMnyFGYebMIAXaLTu3zxbFE.roa
Signing time: Tue 29 Jul 2025 15:25:28 +0000
ROA not before: Tue 29 Jul 2025 15:25:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199152
IP address blocks: 91.239.23.0/24 maxlen: 24
94.247.137.0/24 maxlen: 24
146.19.84.0/24 maxlen: 24
176.116.0.0/24 maxlen: 24
2a0a:2e82::/36 maxlen: 36
2a0a:2e83::/36 maxlen: 36
2a11:7e41::/48 maxlen: 48
2a11:7e41:1::/48 maxlen: 48
2a11:7e41:2::/48 maxlen: 48
2a11:7e41:3::/48 maxlen: 48
2a11:7e42::/36 maxlen: 36
2a11:7e43::/36 maxlen: 36
2a11:8480::/32 maxlen: 32
2a11:8482::/36 maxlen: 36
2a11:8483::/36 maxlen: 36
2a11:df42::/36 maxlen: 36
2a11:df43::/36 maxlen: 36
2a12:6703::/36 maxlen: 36
2a12:6704::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.mft
rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Jul 2025 23:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:56:c9:e6:4b:16:33:86:bf:d7:d4:0e:21:94:be:b6:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Validity
Not Before: Jul 29 15:25:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43ee7eccc9f214661e6cc2005da2d3bb7cf16c51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:98:27:07:d5:e3:36:f4:79:fa:3c:7a:16:d6:
07:90:d1:e6:ef:d0:89:8f:b0:0c:3c:a1:31:30:dd:
28:f0:a2:4b:00:19:0e:50:52:c2:a7:5f:a1:61:ed:
6e:cf:ed:ef:14:d5:e7:c2:75:18:2e:f7:41:a6:d3:
7b:bc:87:0d:5e:34:cf:89:f1:f2:6a:a0:b4:58:77:
1d:97:96:6a:e1:98:1a:74:e4:5b:ac:92:02:10:ff:
1e:04:45:21:2c:fd:6b:1a:83:6c:6e:4e:c0:0f:76:
3b:6c:6d:4b:b7:87:95:57:2f:7d:a3:13:1f:b3:f7:
f7:f8:2c:48:6a:0c:27:6c:bc:b7:75:56:18:26:91:
ff:84:9d:fd:cb:34:19:0a:2e:a8:24:14:80:9c:68:
61:68:31:bf:f4:89:5a:13:18:c3:22:47:b3:d4:e6:
77:80:16:41:65:a8:1b:71:70:c0:36:e4:2d:4e:9f:
88:69:6f:d7:47:2a:77:84:ba:78:84:65:56:d2:cd:
c9:ab:3a:b3:e5:bd:a6:ba:33:cc:cc:66:d1:22:d2:
fd:de:c1:e7:d7:8b:52:45:bd:4f:e6:f0:45:ff:73:
36:49:d0:90:20:95:c9:e4:fb:e8:4b:3f:64:56:2d:
48:ae:b5:ef:dc:3d:69:5f:7f:48:7e:09:47:3c:84:
80:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:EE:7E:CC:C9:F2:14:66:1E:6C:C2:00:5D:A2:D3:BB:7C:F1:6C:51
X509v3 Authority Key Identifier:
keyid:B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/Q-5-zMnyFGYebMIAXaLTu3zxbFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.23.0/24
94.247.137.0/24
146.19.84.0/24
176.116.0.0/24
IPv6:
2a0a:2e82::/36
2a0a:2e83::/36
2a11:7e41::/46
2a11:7e42::/36
2a11:7e43::/36
2a11:8480::/32
2a11:8482::/36
2a11:8483::/36
2a11:df42::/36
2a11:df43::/36
2a12:6703::/36
2a12:6704::/36
Signature Algorithm: sha256WithRSAEncryption
86:60:63:59:b6:f4:84:26:c9:f0:93:88:32:c2:cf:58:99:04:
bd:ac:dc:36:4a:58:a9:2f:a1:f9:82:8e:af:9f:88:0c:07:6b:
91:27:2f:ef:0b:e0:fe:f9:bb:02:de:f0:6b:37:e3:7e:03:eb:
9c:da:7c:2f:44:af:cb:71:1b:5e:9c:a1:d2:3e:4c:58:43:41:
59:9e:5c:e6:df:df:dd:ac:af:65:40:81:9d:c8:d4:0f:90:69:
52:2c:28:b9:46:f0:d0:91:76:e3:cf:c5:b4:d2:f5:31:16:62:
32:25:80:e0:a5:b5:fa:74:c0:63:f6:cf:5f:64:70:61:a7:2e:
2b:c7:e6:c4:61:ca:89:64:6d:90:de:74:78:d0:f9:aa:d8:37:
b3:44:09:d9:b7:ff:fd:c0:6c:c5:71:47:e8:30:d0:5b:c3:5b:
69:bf:c0:0c:0f:b1:0d:a5:14:23:0d:bc:bc:99:b7:8e:35:2a:
05:91:53:d3:9f:29:3a:bc:3a:cf:3f:18:db:fc:92:74:f2:90:
3b:84:b5:66:89:38:19:15:f2:e0:3f:82:c6:ce:24:c3:96:e0:
5f:c0:ef:3f:5b:29:05:b2:96:f6:cd:cd:51:0e:ff:ae:c1:ba:
7b:87:ae:1a:33:af:bd:96:c8:5e:d9:15:6e:82:73:2d:30:70:
cf:23:ff:60
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAZhWyeZLFjOGv9fUDiGUvrZ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTAwMmJhMDg4ZDViZDA5YzE1NTNkY2VkNWIwYmYzOTA3
ZmY3MzYwHhcNMjUwNzI5MTUyNTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2VlN2VjY2M5ZjIxNDY2MWU2Y2MyMDA1ZGEyZDNiYjdjZjE2YzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA35gnB9XjNvR5+jx6FtYHkNHm79CJ
j7AMPKExMN0o8KJLABkOUFLCp1+hYe1uz+3vFNXnwnUYLvdBptN7vIcNXjTPifHy
aqC0WHcdl5Zq4ZgadORbrJICEP8eBEUhLP1rGoNsbk7AD3Y7bG1Lt4eVVy99oxMf
s/f3+CxIagwnbLy3dVYYJpH/hJ39yzQZCi6oJBSAnGhhaDG/9IlaExjDIkez1OZ3
gBZBZagbcXDANuQtTp+IaW/XRyp3hLp4hGVW0s3Jqzqz5b2mujPMzGbRItL93sHn
14tSRb1P5vBF/3M2SdCQIJXJ5PvoSz9kVi1IrrXv3D1pX39IfglHPISA9wIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFEPufszJ8hRmHmzCAF2i07t88WxRMB8GA1UdIwQY
MBaAFLNQAroIjVvQnBVT3O1bC/OQf/c2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2Ut
YWYxZWYxZDdhZmI4LzEvUS01LXpNbnlGR1llYk1JQVhhTFR1M3p4YkZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2UtYWYxZWYxZDdhZmI4
LzEvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDAeBAIAATAYAwQAW+8X
AwQAXveJAwQAkhNUAwQAsHQAMGYEAgACMGADBgQqCi6CAAMGBCoKLoMAAwcCKhF+
QQAAAwYEKhF+QgADBgQqEX5DAAMFACoRhIADBgQqEYSCAAMGBCoRhIMAAwYEKhHf
QgADBgQqEd9DAAMGBCoSZwMAAwYEKhJnBAAwDQYJKoZIhvcNAQELBQADggEBAIZg
Y1m29IQmyfCTiDLCz1iZBL2s3DZKWKkvofmCjq+fiAwHa5EnL+8L4P75uwLe8Gs3
434D65zafC9Er8txG16codI+TFhDQVmeXObf392sr2VAgZ3I1A+QaVIsKLlG8NCR
duPPxbTS9TEWYjIlgOCltfp0wGP2z19kcGGnLivH5sRhyolkbZDedHjQ+arYN7NE
Cdm3//3AbMVxR+gw0FvDW2m/wAwPsQ2lFCMNvLyZt441KgWRU9OfKTq8Os8/GNv8
knTykDuEtWaJOBkV8uA/gsbOJMOW4F/A7z9bKQWylvbNzVEO/67BunuHrhozr72W
yF7ZFW6Ccy0wcM8j/2A=
-----END CERTIFICATE-----
Generated at Wed Jul 30 08:00:00 2025 by rpki-client