Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/QJEMytJzyAWSRjBR2dxY5oMwGis.roa
File: QJEMytJzyAWSRjBR2dxY5oMwGis.roa (raw, json)
Hash identifier: 5M+REEL0tZEqMucUuofYBaLiMh3TPNgLIuPYEmYF82o=
Subject key identifier: 40:91:0C:CA:D2:73:C8:05:92:46:30:51:D9:DC:58:E6:83:30:1A:2B
Certificate issuer: /CN=e5825fbee7c43a29838eabe4fc87d794349c0c80
Certificate serial: 0199044CA6D1044849A8F3EBE9DBD8F0D6A2
Authority key identifier: E5:82:5F:BE:E7:C4:3A:29:83:8E:AB:E4:FC:87:D7:94:34:9C:0C:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5YJfvufEOimDjqvk_IfXlDScDIA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/QJEMytJzyAWSRjBR2dxY5oMwGis.roa
Signing time: Mon 01 Sep 2025 08:02:36 +0000
ROA not before: Mon 01 Sep 2025 08:02:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48045
IP address blocks: 46.46.64.0/18 maxlen: 18
94.240.128.0/22 maxlen: 22
94.240.133.0/24 maxlen: 24
94.240.134.0/23 maxlen: 23
94.240.144.0/20 maxlen: 20
2a09:65c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/5YJfvufEOimDjqvk_IfXlDScDIA.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/5YJfvufEOimDjqvk_IfXlDScDIA.mft
rsync://rpki.ripe.net/repository/DEFAULT/5YJfvufEOimDjqvk_IfXlDScDIA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:04:4c:a6:d1:04:48:49:a8:f3:eb:e9:db:d8:f0:d6:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5825fbee7c43a29838eabe4fc87d794349c0c80
Validity
Not Before: Sep 1 08:02:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40910ccad273c80592463051d9dc58e683301a2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c7:11:d1:b4:94:f7:12:97:bd:45:f7:84:ef:
c7:1c:7c:64:43:38:45:44:d3:92:35:d8:a8:99:58:
c2:d6:51:43:28:41:71:8c:82:9e:1e:7a:1e:42:cf:
73:44:f6:f2:22:b5:a6:b3:3e:55:08:a4:7b:36:d0:
ca:00:99:4d:3f:e1:1b:15:e6:3b:82:a2:06:42:45:
50:2f:47:86:67:a4:ab:54:c0:d1:ce:8c:f4:f9:89:
c4:85:df:c4:31:81:e1:17:23:d3:a2:c8:10:94:bc:
79:25:2f:a8:28:ab:33:e0:1e:bc:b9:df:4a:42:a9:
45:dc:93:54:03:93:5e:51:6b:85:fe:86:42:88:32:
73:19:de:9a:76:43:11:8a:d1:1d:53:df:f1:b4:1c:
ab:44:2d:dd:69:2a:0d:05:91:88:14:56:cd:c9:dc:
ce:38:63:a1:fc:7d:54:24:df:30:87:40:96:83:c4:
60:2b:10:ae:b1:a8:42:e9:be:a6:c1:ab:ce:23:ca:
dc:b6:da:8d:a4:93:20:32:20:5e:9b:25:5e:84:4c:
ff:95:39:12:af:e5:78:35:58:91:23:62:ec:53:a5:
40:ad:5a:53:58:0f:09:4c:b4:c9:d4:77:03:44:b3:
72:a6:cf:50:41:dc:e8:13:db:1f:d8:95:c4:37:d1:
ec:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:91:0C:CA:D2:73:C8:05:92:46:30:51:D9:DC:58:E6:83:30:1A:2B
X509v3 Authority Key Identifier:
keyid:E5:82:5F:BE:E7:C4:3A:29:83:8E:AB:E4:FC:87:D7:94:34:9C:0C:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5YJfvufEOimDjqvk_IfXlDScDIA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/QJEMytJzyAWSRjBR2dxY5oMwGis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/5YJfvufEOimDjqvk_IfXlDScDIA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.46.64.0/18
94.240.128.0/22
94.240.133.0-94.240.135.255
94.240.144.0/20
IPv6:
2a09:65c0::/32
Signature Algorithm: sha256WithRSAEncryption
3d:fa:00:52:a4:bd:6b:1c:b6:4a:a6:b0:c7:35:6b:7c:29:4a:
11:f2:a3:87:6c:b4:9f:88:40:99:6c:fb:07:24:71:64:e3:ab:
20:a1:31:e4:5a:f5:46:1e:07:ae:39:21:48:07:e7:a8:8c:1b:
66:db:9e:07:d8:8a:68:e0:45:d6:cf:c5:3b:5c:6e:83:5d:d8:
e7:ac:fd:86:ff:4b:8b:15:3e:0e:f6:dd:ef:c3:4b:46:c7:9b:
74:11:88:f8:86:25:51:8d:d1:e7:5b:5a:e8:4f:cb:b9:4e:c3:
07:28:8e:b2:bf:c6:5c:81:2d:79:46:ef:a7:68:64:23:b0:a0:
1b:6e:af:ae:a9:20:e0:ca:3c:f9:76:2c:d3:63:50:cb:a8:16:
4b:97:67:a7:7b:81:51:35:13:32:68:e2:fa:de:70:4d:c4:d7:
ea:07:15:4e:e3:f7:9b:56:fa:69:4f:5f:a0:ea:1e:db:9a:07:
38:48:81:e7:b5:db:dc:fe:4b:da:34:23:94:e3:59:0f:21:4c:
27:62:ef:00:83:0a:86:c6:f2:12:43:41:01:7e:99:12:21:5f:
2b:f1:b2:18:87:1f:ca:0a:9d:88:db:40:88:e8:6e:a6:fe:72:
38:29:78:27:28:12:7b:de:2a:27:d2:d2:2c:98:10:4b:3f:a3:
9f:c0:d5:19
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZkETKbRBEhJqPPr6dvY8NaiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ODI1ZmJlZTdjNDNhMjk4MzhlYWJlNGZjODdkNzk0MzQ5
YzBjODAwHhcNMjUwOTAxMDgwMjM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDkxMGNjYWQyNzNjODA1OTI0NjMwNTFkOWRjNThlNjgzMzAxYTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8cR0bSU9xKXvUX3hO/HHHxkQzhF
RNOSNdiomVjC1lFDKEFxjIKeHnoeQs9zRPbyIrWmsz5VCKR7NtDKAJlNP+EbFeY7
gqIGQkVQL0eGZ6SrVMDRzoz0+YnEhd/EMYHhFyPTosgQlLx5JS+oKKsz4B68ud9K
QqlF3JNUA5NeUWuF/oZCiDJzGd6adkMRitEdU9/xtByrRC3daSoNBZGIFFbNydzO
OGOh/H1UJN8wh0CWg8RgKxCusahC6b6mwavOI8rcttqNpJMgMiBemyVehEz/lTkS
r+V4NViRI2LsU6VArVpTWA8JTLTJ1HcDRLNyps9QQdzoE9sf2JXEN9HsUQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFECRDMrSc8gFkkYwUdncWOaDMBorMB8GA1UdIwQY
MBaAFOWCX77nxDopg46r5PyH15Q0nAyAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVlKZnZ1ZkVPaW1EanF2a19JZlhsRFNjRElBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS83NThjOTYtNjExZC00MTY3LTgwY2Qt
MDQxYWIzMDJjMmY5LzEvUUpFTXl0Snp5QVdTUmpCUjJkeFk1b013R2lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS83NThjOTYtNjExZC00MTY3LTgwY2QtMDQxYWIzMDJjMmY5
LzEvNVlKZnZ1ZkVPaW1EanF2a19JZlhsRFNjRElBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQGLi5AAwQC
XvCAMAwDBABe8IUDBANe8IADBARe8JAwDQQCAAIwBwMFACoJZcAwDQYJKoZIhvcN
AQELBQADggEBAD36AFKkvWsctkqmsMc1a3wpShHyo4dstJ+IQJls+wckcWTjqyCh
MeRa9UYeB645IUgH56iMG2bbngfYimjgRdbPxTtcboNd2Oes/Yb/S4sVPg723e/D
S0bHm3QRiPiGJVGN0edbWuhPy7lOwwcojrK/xlyBLXlG76doZCOwoBtur66pIODK
PPl2LNNjUMuoFkuXZ6d7gVE1EzJo4vrecE3E1+oHFU7j95tW+mlPX6DqHtuaBzhI
gee129z+S9o0I5TjWQ8hTCdi7wCDCobG8hJDQQF+mRIhXyvxshiHH8oKnYjbQIjo
bqb+cjgpeCcoEnveKifS0iyYEEs/o5/A1Rk=
-----END CERTIFICATE-----
Generated at Mon Sep 8 08:38:28 2025 by rpki-client