Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QOTe4L6BNPT32eSS6dl_p09AQ2I.roa
File: QOTe4L6BNPT32eSS6dl_p09AQ2I.roa (raw, json)
Hash identifier: Ol3GTQeqyEES/pyaDw4sMZ45auvwrRt2l56BmdaXuyQ=
Subject key identifier: 40:E4:DE:E0:BE:81:34:F4:F7:D9:E4:92:E9:D9:7F:A7:4F:40:43:62
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0197CA2B9518A9B3A8DD00FE3E9864420E37
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QOTe4L6BNPT32eSS6dl_p09AQ2I.roa
Signing time: Wed 02 Jul 2025 08:05:43 +0000
ROA not before: Wed 02 Jul 2025 08:05:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216475
IP address blocks: 94.156.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Jul 2025 16:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ca:2b:95:18:a9:b3:a8:dd:00:fe:3e:98:64:42:0e:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 2 08:05:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40e4dee0be8134f4f7d9e492e9d97fa74f404362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:23:02:3e:c2:c6:59:ca:3d:e5:71:e8:4c:bf:
7d:74:16:cf:62:23:80:23:ce:51:9f:75:25:38:97:
79:0b:ce:c0:95:55:98:dc:b8:bf:18:f9:8b:f9:a1:
79:f8:0e:ba:e9:31:f2:93:61:f7:59:bb:fb:1d:54:
76:ff:85:93:a1:64:3b:65:81:d2:4c:8a:d8:96:1c:
38:64:03:00:88:c9:d7:ba:2b:60:6e:e2:a5:2e:a3:
40:e0:19:16:3c:a3:17:5c:69:c5:13:96:d8:e6:9e:
ac:34:95:c5:85:0d:c8:78:bf:72:2d:76:7d:5f:8c:
2b:1c:a5:d7:12:ef:05:3c:9a:1c:86:5b:c9:55:49:
b1:7b:4c:b0:6f:cd:1a:bc:a3:72:9a:73:14:37:9c:
3f:0a:3a:8f:61:29:c3:61:4f:ac:38:91:1a:3a:ac:
1d:38:44:ad:c0:41:56:14:22:ec:37:c2:24:e8:10:
44:db:fc:eb:e8:65:94:f6:b8:17:b6:e5:b8:14:a5:
db:9c:14:0e:82:b4:fd:77:ca:87:8f:b6:9b:6a:51:
a0:45:75:e1:1e:c1:d0:93:3e:b1:57:89:7d:ac:4a:
8b:c4:4a:6f:81:9f:ce:eb:d5:db:0e:e5:c0:8a:ce:
37:18:6a:76:ff:33:ba:f5:c6:60:07:b6:4f:6e:02:
5a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E4:DE:E0:BE:81:34:F4:F7:D9:E4:92:E9:D9:7F:A7:4F:40:43:62
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QOTe4L6BNPT32eSS6dl_p09AQ2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.2.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:e3:c4:1c:cc:6b:53:e6:dc:60:a5:0d:cd:08:86:6a:3b:34:
50:6d:8e:27:81:fd:37:fa:54:b3:3b:6e:fe:38:13:58:d8:ec:
51:60:2e:1c:0d:39:be:0c:ea:a9:c4:79:db:4a:ca:82:e2:8f:
d7:ce:61:b5:ab:9b:bb:26:94:e6:10:a6:66:f3:65:a8:ac:1f:
99:be:f5:2d:c7:86:ff:a4:8e:c3:e5:b2:15:5b:53:7f:4a:f9:
76:76:f2:01:80:9e:45:08:fb:21:29:1d:2e:9a:d2:32:3e:13:
8d:bd:2e:ab:96:a7:fc:a5:69:0c:04:7e:6f:60:2a:a4:59:d4:
6f:c4:95:c3:6b:4b:79:2d:1b:23:1e:43:0d:c6:05:85:52:ea:
57:7c:63:b4:9c:51:4a:8b:41:9b:11:36:e2:00:f3:5d:0d:0a:
22:5c:59:a3:a9:b8:6f:be:36:14:92:8e:e8:83:34:31:e8:a4:
c1:86:27:48:cf:85:fc:7b:a2:4b:ca:3c:e7:d1:23:ad:9f:a0:
6e:83:f1:f3:28:64:de:6f:6b:80:26:fb:9d:77:63:d9:7c:86:
e1:ad:d5:d6:b1:67:78:c6:5c:f7:fd:b9:7c:12:d6:fa:51:bd:
21:2b:3d:d3:33:15:b6:dc:5a:6b:b5:d8:f5:10:80:59:71:94:
bc:4a:4a:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfKK5UYqbOo3QD+PphkQg43MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNzAyMDgwNTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGU0ZGVlMGJlODEzNGY0ZjdkOWU0OTJlOWQ5N2ZhNzRmNDA0MzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyMCPsLGWco95XHoTL99dBbPYiOA
I85Rn3UlOJd5C87AlVWY3Li/GPmL+aF5+A666THyk2H3Wbv7HVR2/4WToWQ7ZYHS
TIrYlhw4ZAMAiMnXuitgbuKlLqNA4BkWPKMXXGnFE5bY5p6sNJXFhQ3IeL9yLXZ9
X4wrHKXXEu8FPJochlvJVUmxe0ywb80avKNymnMUN5w/CjqPYSnDYU+sOJEaOqwd
OEStwEFWFCLsN8Ik6BBE2/zr6GWU9rgXtuW4FKXbnBQOgrT9d8qHj7abalGgRXXh
HsHQkz6xV4l9rEqLxEpvgZ/O69XbDuXAis43GGp2/zO69cZgB7ZPbgJatwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEDk3uC+gTT099nkkunZf6dPQENiMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUU9UZTRMNkJOUFQzMmVTUzZkbF9wMDlBUTJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXpwCMA0G
CSqGSIb3DQEBCwUAA4IBAQB848QczGtT5txgpQ3NCIZqOzRQbY4ngf03+lSzO27+
OBNY2OxRYC4cDTm+DOqpxHnbSsqC4o/XzmG1q5u7JpTmEKZm82WorB+ZvvUtx4b/
pI7D5bIVW1N/Svl2dvIBgJ5FCPshKR0umtIyPhONvS6rlqf8pWkMBH5vYCqkWdRv
xJXDa0t5LRsjHkMNxgWFUupXfGO0nFFKi0GbETbiAPNdDQoiXFmjqbhvvjYUko7o
gzQx6KTBhidIz4X8e6JLyjzn0SOtn6Bug/HzKGTeb2uAJvudd2PZfIbhrdXWsWd4
xlz3/bl8Etb6Ub0hKz3TMxW23Fprtdj1EIBZcZS8SkpT
-----END CERTIFICATE-----
Generated at Sat Jul 5 23:24:44 2025 by rpki-client