Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/VQTV0_RlwQ_rnvs5M0ILO-OBFFY.roa
File: VQTV0_RlwQ_rnvs5M0ILO-OBFFY.roa (raw, json)
Hash identifier: o1evIinnR1a5gB//ZNODrOF+ANfv3owTQtvinO1m9o0=
Subject key identifier: 55:04:D5:D3:F4:65:C1:0F:EB:9E:FB:39:33:42:0B:3B:E3:81:14:56
Certificate issuer: /CN=02a962c1fe8e2e12a35576fd62987a0cbba463d4
Certificate serial: 0199011C003F054A45D21245524421711F27
Authority key identifier: 02:A9:62:C1:FE:8E:2E:12:A3:55:76:FD:62:98:7A:0C:BB:A4:63:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Aqliwf6OLhKjVXb9Yph6DLukY9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/VQTV0_RlwQ_rnvs5M0ILO-OBFFY.roa
Signing time: Sun 31 Aug 2025 17:10:36 +0000
ROA not before: Sun 31 Aug 2025 17:10:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207184
IP address blocks: 150.40.114.0/24 maxlen: 24
150.40.115.0/24 maxlen: 24
150.40.116.0/24 maxlen: 24
150.40.118.0/24 maxlen: 24
150.40.119.0/24 maxlen: 24
150.40.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/Aqliwf6OLhKjVXb9Yph6DLukY9Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/Aqliwf6OLhKjVXb9Yph6DLukY9Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/Aqliwf6OLhKjVXb9Yph6DLukY9Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 08:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:01:1c:00:3f:05:4a:45:d2:12:45:52:44:21:71:1f:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02a962c1fe8e2e12a35576fd62987a0cbba463d4
Validity
Not Before: Aug 31 17:10:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5504d5d3f465c10feb9efb3933420b3be3811456
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2a:da:c4:22:b7:fd:25:95:7b:31:7b:4f:65:
87:95:dc:68:d7:9c:9e:97:0e:ad:c8:3d:8d:eb:1e:
32:32:ec:55:5d:cc:56:13:7d:f1:f2:81:6e:fa:60:
4b:a3:a3:27:a2:ec:ac:35:16:62:af:44:1b:d1:60:
49:91:e0:10:d8:52:88:f9:d2:50:e7:bc:5b:45:a7:
19:78:69:47:86:ec:14:72:66:36:0f:dc:37:75:c2:
29:c4:fb:56:49:d5:b5:38:cb:73:a5:4c:32:02:3e:
4b:98:1f:83:88:35:e6:d1:ca:b1:66:88:52:ee:fd:
a0:cd:45:93:cf:41:a0:40:c0:b4:1e:a1:b3:19:43:
8f:74:55:a9:90:d0:48:52:cf:22:27:b4:cf:0e:c0:
96:41:de:ad:66:ea:c8:77:6a:30:c7:75:9b:9a:9d:
8c:9b:de:0e:61:9b:1c:d7:68:91:2a:7a:ea:fa:53:
27:10:98:16:6e:c6:ad:06:44:8c:d5:56:f8:81:34:
99:5b:ce:83:4c:d1:90:71:69:b0:25:8e:d1:d7:44:
b7:96:9d:1c:31:90:b3:06:f0:d9:9f:7e:c8:cf:79:
b9:87:db:8c:c9:fc:01:c2:bd:ef:d7:13:22:c0:fd:
7d:8f:89:d0:c0:82:a4:02:d3:08:01:de:a7:4d:39:
b1:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:04:D5:D3:F4:65:C1:0F:EB:9E:FB:39:33:42:0B:3B:E3:81:14:56
X509v3 Authority Key Identifier:
keyid:02:A9:62:C1:FE:8E:2E:12:A3:55:76:FD:62:98:7A:0C:BB:A4:63:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Aqliwf6OLhKjVXb9Yph6DLukY9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/VQTV0_RlwQ_rnvs5M0ILO-OBFFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/Aqliwf6OLhKjVXb9Yph6DLukY9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.40.114.0-150.40.116.255
150.40.118.0/23
150.40.121.0/24
Signature Algorithm: sha256WithRSAEncryption
42:f0:ad:63:89:51:29:c9:f4:64:d0:02:ac:77:b0:2a:e2:50:
5a:93:5a:b5:7a:f6:8f:c5:cb:35:30:38:54:4e:2c:9e:4c:5e:
f6:3b:2c:4b:c2:f9:05:8f:87:2b:78:46:62:2e:0f:6d:b4:4c:
3a:01:9d:39:7f:24:e7:8a:49:57:a8:b2:92:71:2e:56:0a:00:
7a:3c:bd:8b:15:84:d9:cf:11:1c:ee:fb:fd:ab:4f:a5:5b:46:
d1:5f:19:af:b2:06:6c:47:ed:a4:08:f0:fc:82:38:76:21:39:
f5:9a:0f:66:af:b6:5b:4e:cb:a4:2a:26:3a:b8:42:e1:32:72:
9d:dc:e8:d4:8b:c5:8a:71:05:96:54:eb:51:53:04:78:13:84:
29:b6:b8:b6:d3:bf:0f:2a:22:b7:e8:89:fd:22:67:2d:82:8e:
9f:b1:af:96:d7:3f:f0:69:a8:11:5a:e9:2d:e3:cf:52:e7:03:
21:3a:9f:58:13:9d:2c:a4:ae:1e:c9:42:eb:53:b2:f9:6e:2c:
7b:41:1f:4c:a3:12:82:f1:da:89:b4:2b:f7:93:a9:fa:24:0f:
ba:9b:03:7e:84:71:ac:8f:b6:12:ae:9b:99:5a:ee:30:4a:56:
42:83:10:90:e8:b5:c6:c8:d6:50:90:01:67:b9:7d:22:da:a9:
92:a6:0a:2e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZkBHAA/BUpF0hJFUkQhcR8nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYTk2MmMxZmU4ZTJlMTJhMzU1NzZmZDYyOTg3YTBjYmJh
NDYzZDQwHhcNMjUwODMxMTcxMDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTA0ZDVkM2Y0NjVjMTBmZWI5ZWZiMzkzMzQyMGIzYmUzODExNDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyraxCK3/SWVezF7T2WHldxo15ye
lw6tyD2N6x4yMuxVXcxWE33x8oFu+mBLo6MnouysNRZir0Qb0WBJkeAQ2FKI+dJQ
57xbRacZeGlHhuwUcmY2D9w3dcIpxPtWSdW1OMtzpUwyAj5LmB+DiDXm0cqxZohS
7v2gzUWTz0GgQMC0HqGzGUOPdFWpkNBIUs8iJ7TPDsCWQd6tZurId2owx3Wbmp2M
m94OYZsc12iRKnrq+lMnEJgWbsatBkSM1Vb4gTSZW86DTNGQcWmwJY7R10S3lp0c
MZCzBvDZn37Iz3m5h9uMyfwBwr3v1xMiwP19j4nQwIKkAtMIAd6nTTmxHQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFUE1dP0ZcEP6577OTNCCzvjgRRWMB8GA1UdIwQY
MBaAFAKpYsH+ji4So1V2/WKYegy7pGPUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXFsaXdmNk9MaEtqVlhiOVlwaDZETHVrWTlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jNjE3OWEtMTYwZC00MGUyLWFlODYt
N2QxMzQ5ODBjNWJlLzEvVlFUVjBfUmx3UV9ybnZzNU0wSUxPLU9CRkZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jNjE3OWEtMTYwZC00MGUyLWFlODYtN2QxMzQ5ODBjNWJl
LzEvQXFsaXdmNk9MaEtqVlhiOVlwaDZETHVrWTlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAGWKHID
BACWKHQDBAGWKHYDBACWKHkwDQYJKoZIhvcNAQELBQADggEBAELwrWOJUSnJ9GTQ
Aqx3sCriUFqTWrV69o/FyzUwOFROLJ5MXvY7LEvC+QWPhyt4RmIuD220TDoBnTl/
JOeKSVeospJxLlYKAHo8vYsVhNnPERzu+/2rT6VbRtFfGa+yBmxH7aQI8PyCOHYh
OfWaD2avtltOy6QqJjq4QuEycp3c6NSLxYpxBZZU61FTBHgThCm2uLbTvw8qIrfo
if0iZy2Cjp+xr5bXP/BpqBFa6S3jz1LnAyE6n1gTnSykrh7JQutTsvluLHtBH0yj
EoLx2om0K/eTqfokD7qbA36EcayPthKum5la7jBKVkKDEJDotcbI1lCQAWe5fSLa
qZKmCi4=
-----END CERTIFICATE-----
Generated at Tue Sep 9 17:38:44 2025 by rpki-client