Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QALt_N-tIApnxW_jOVTgM7c3pk0.roa
File: QALt_N-tIApnxW_jOVTgM7c3pk0.roa (raw, json)
Hash identifier: LUx0dErN4JZ73Y0bCq2otvj+IG0H7R2AAxOpQZXTXko=
Subject key identifier: 40:02:ED:FC:DF:AD:20:0A:67:C5:6F:E3:39:54:E0:33:B7:37:A6:4D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01996120CDD2F463D9B27FACB768D6CBE318
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QALt_N-tIApnxW_jOVTgM7c3pk0.roa
Signing time: Fri 19 Sep 2025 08:39:23 +0000
ROA not before: Fri 19 Sep 2025 08:39:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 77.107.82.0/24 maxlen: 24
81.168.109.0/24 maxlen: 24
82.153.58.0/24 maxlen: 24
82.153.216.0/24 maxlen: 24
109.176.91.0/24 maxlen: 24
212.38.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 16:33:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:61:20:cd:d2:f4:63:d9:b2:7f:ac:b7:68:d6:cb:e3:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 19 08:39:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4002edfcdfad200a67c56fe33954e033b737a64d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ab:7f:a0:f0:58:bc:c5:9c:9f:fd:da:68:3f:
9c:0c:e2:5a:78:c4:ba:ee:8c:e8:c6:18:2e:81:23:
c5:f5:1d:f4:73:3c:75:28:eb:bd:44:fe:74:03:fc:
38:81:ad:2b:4a:ed:fb:d7:da:82:34:03:ed:99:2f:
ea:db:48:b4:2d:2e:c4:af:58:29:32:03:1c:7b:db:
26:31:4a:36:0e:49:79:0c:3a:6b:18:c3:2d:7f:01:
7d:dd:0e:3d:52:76:e9:5b:01:fb:2d:16:d0:94:bc:
29:83:c8:5e:25:88:2b:ed:5a:8f:2d:c9:17:88:d1:
fe:4b:04:9d:9b:53:a0:07:40:0e:ad:ea:24:e7:8b:
73:02:14:9b:71:e6:e9:58:d2:f8:31:ae:0e:80:7d:
6b:7c:7f:10:33:9a:9f:55:37:79:26:f9:0f:1b:f2:
01:45:d9:0c:ae:c6:b7:39:04:d4:e7:a9:93:c2:76:
f4:c0:4a:93:84:57:00:88:3d:1c:c2:54:fb:d6:84:
3d:3e:03:43:17:07:f2:79:8d:65:11:dc:0f:59:a4:
d3:d8:d5:f2:16:68:da:3d:e6:9c:d5:8a:1b:d7:b2:
2a:d6:19:aa:5a:29:61:4a:83:4d:8c:54:2f:83:59:
17:87:86:36:eb:13:17:89:0c:d6:7b:60:4b:e8:fb:
b5:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:02:ED:FC:DF:AD:20:0A:67:C5:6F:E3:39:54:E0:33:B7:37:A6:4D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QALt_N-tIApnxW_jOVTgM7c3pk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.107.82.0/24
81.168.109.0/24
82.153.58.0/24
82.153.216.0/24
109.176.91.0/24
212.38.81.0/24
Signature Algorithm: sha256WithRSAEncryption
69:5f:b0:be:fb:99:d3:4d:f1:ce:4a:85:51:c3:33:a6:4e:86:
27:68:7a:9f:7c:7d:96:fc:5e:0f:c6:0c:f4:a3:3f:59:a7:85:
0e:19:d5:e3:35:9f:05:63:57:b4:33:bd:ee:a0:87:c7:7d:f7:
09:70:18:3a:00:6d:80:55:cb:d3:ba:db:f3:3d:99:e6:d6:ea:
ce:2c:0c:01:86:f1:ba:e5:92:d1:25:51:e6:f2:89:43:99:99:
22:ec:c6:d8:8c:d5:35:49:97:3a:c8:b7:de:6a:4a:05:b3:f3:
57:11:29:09:99:fc:b9:ac:89:63:bd:95:62:49:2e:7f:a7:6c:
6c:a9:6d:9f:be:3d:f1:6c:c0:77:a5:74:f9:d1:a3:0f:fd:10:
64:3d:9d:01:c4:a2:25:cb:4b:82:f8:ec:e1:20:5e:a3:5f:9d:
bc:7a:16:7b:6d:fc:0f:36:0f:2e:ba:2d:e8:96:63:c8:2a:6d:
9a:40:82:da:c6:a0:6e:da:bd:b5:50:db:6f:21:6f:50:c9:13:
cb:f2:cb:40:6d:7d:66:a8:6f:18:ad:f3:75:b3:91:89:97:8b:
2c:0c:b9:e5:79:2e:12:72:59:32:0e:8c:c9:19:52:b9:77:f2:
d2:b3:5f:b6:b4:73:a7:cd:cd:6a:8e:a5:0f:45:e2:77:63:7d:
f9:86:c9:00
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZlhIM3S9GPZsn+st2jWy+MYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwOTE5MDgzOTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDAyZWRmY2RmYWQyMDBhNjdjNTZmZTMzOTU0ZTAzM2I3MzdhNjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKt/oPBYvMWcn/3aaD+cDOJaeMS6
7ozoxhgugSPF9R30czx1KOu9RP50A/w4ga0rSu3719qCNAPtmS/q20i0LS7Er1gp
MgMce9smMUo2Dkl5DDprGMMtfwF93Q49UnbpWwH7LRbQlLwpg8heJYgr7VqPLckX
iNH+SwSdm1OgB0AOreok54tzAhSbcebpWNL4Ma4OgH1rfH8QM5qfVTd5JvkPG/IB
RdkMrsa3OQTU56mTwnb0wEqThFcAiD0cwlT71oQ9PgNDFwfyeY1lEdwPWaTT2NXy
FmjaPeac1Yob17Iq1hmqWilhSoNNjFQvg1kXh4Y26xMXiQzWe2BL6Pu1bQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEAC7fzfrSAKZ8Vv4zlU4DO3N6ZNMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUUFMdF9OLXRJQXBueFdfak9WVGdNN2MzcGswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQATWtSAwQA
UahtAwQAUpk6AwQAUpnYAwQAbbBbAwQA1CZRMA0GCSqGSIb3DQEBCwUAA4IBAQBp
X7C++5nTTfHOSoVRwzOmToYnaHqffH2W/F4Pxgz0oz9Zp4UOGdXjNZ8FY1e0M73u
oIfHffcJcBg6AG2AVcvTutvzPZnm1urOLAwBhvG65ZLRJVHm8olDmZki7MbYjNU1
SZc6yLfeakoFs/NXESkJmfy5rIljvZViSS5/p2xsqW2fvj3xbMB3pXT50aMP/RBk
PZ0BxKIly0uC+OzhIF6jX528ehZ7bfwPNg8uui3olmPIKm2aQILaxqBu2r21UNtv
IW9QyRPL8stAbX1mqG8YrfN1s5GJl4ssDLnleS4SclkyDozJGVK5d/LSs1+2tHOn
zc1qjqUPReJ3Y335hskA
-----END CERTIFICATE-----
Generated at Thu Oct 9 01:28:02 2025 by rpki-client