Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/1-Q-SU6M1eWokdvHWYPfiDLf862M.roa
File: 1-Q-SU6M1eWokdvHWYPfiDLf862M.roa (raw, json)
Hash identifier: C1hLhsta908XltJUmng5iUBY0gsffPf1N3xCcfgoTn0=
Subject key identifier: F9:0F:92:53:A3:35:79:6A:24:76:F1:D6:60:F7:E2:0C:B7:FC:EB:63
Certificate issuer: /CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Certificate serial: 0197443E866CF47EC37CCA917E6D4AD58622
Authority key identifier: A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/1-Q-SU6M1eWokdvHWYPfiDLf862M.roa
Signing time: Fri 06 Jun 2025 07:57:17 +0000
ROA not before: Fri 06 Jun 2025 07:57:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56899
IP address blocks: 185.126.252.0/24 maxlen: 24
194.4.68.0/24 maxlen: 24
194.4.69.0/24 maxlen: 24
194.4.70.0/23 maxlen: 23
194.4.70.0/24 maxlen: 24
212.79.112.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.mft
rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:44:3e:86:6c:f4:7e:c3:7c:ca:91:7e:6d:4a:d5:86:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Validity
Not Before: Jun 6 07:57:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f90f9253a335796a2476f1d660f7e20cb7fceb63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:dc:f4:74:0e:db:6c:d2:7e:ee:37:10:6c:41:
63:5c:54:e5:14:7d:aa:a8:9e:11:95:cd:fc:56:6e:
bc:fa:1f:fd:1b:c6:28:81:7a:af:08:50:68:48:2f:
7a:ab:f3:6b:f8:1e:86:20:96:90:36:8b:3e:cc:83:
92:8d:2f:96:50:f8:60:19:a0:15:9e:e6:9c:74:99:
5a:71:f3:e6:44:99:e5:cc:4b:c0:08:9a:db:5b:61:
22:8d:87:25:41:0a:75:7d:20:59:43:b3:36:48:56:
07:00:17:53:41:ba:a0:78:36:74:56:d0:94:20:20:
7b:1c:08:cf:64:cc:2c:db:c7:61:b0:72:67:f2:21:
41:2d:c3:8d:b1:ce:8a:28:0b:b6:64:2f:fc:f0:c6:
ff:64:5d:62:25:c5:12:da:b7:ab:56:e7:08:4c:6a:
48:eb:e1:a5:10:02:a9:bc:ee:09:fb:90:d2:f2:b3:
4e:cc:fc:2e:cf:a7:30:d7:f4:63:3b:46:8e:5a:9f:
24:fe:0f:88:ba:16:69:29:f0:02:37:e0:ad:10:f7:
0b:66:63:28:ba:67:ad:91:37:63:a9:db:21:8a:2b:
13:1e:42:be:0e:47:f5:b7:51:8b:7c:f2:f3:4f:a8:
96:b9:8d:94:38:93:85:ce:b4:eb:c6:19:75:7e:04:
01:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:0F:92:53:A3:35:79:6A:24:76:F1:D6:60:F7:E2:0C:B7:FC:EB:63
X509v3 Authority Key Identifier:
keyid:A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/1-Q-SU6M1eWokdvHWYPfiDLf862M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.252.0/24
194.4.68.0/22
212.79.112.0/22
Signature Algorithm: sha256WithRSAEncryption
35:ba:27:b2:8d:7b:ff:60:00:bd:43:33:01:19:c5:90:e3:c9:
a9:15:09:30:50:b9:94:68:9c:cf:73:6e:de:f5:e3:85:8f:1d:
5c:43:b1:d1:52:08:82:3b:12:06:cd:50:80:49:3c:51:e0:07:
1d:dd:58:79:99:d3:e6:ab:d7:65:54:e7:6c:c1:ea:ed:22:9f:
2a:b4:3b:91:0b:4e:ae:1b:ef:1b:ba:fe:14:79:a1:96:c0:28:
57:a7:77:92:b7:e8:18:d2:b7:43:53:5f:3e:5f:c8:5a:ee:50:
00:69:cb:95:84:c3:79:78:05:58:76:91:16:26:85:45:43:01:
66:6b:c5:6e:f7:18:73:af:ac:68:62:d3:4e:6d:9f:f8:8a:66:
f1:2f:24:85:f4:dc:eb:a2:a4:fc:1b:81:e0:24:d5:2c:eb:5e:
0e:6b:b8:17:bd:1e:cc:b2:c3:07:08:64:c6:ca:f1:0b:3e:df:
c5:b9:7d:d8:19:a1:5c:8f:6b:2f:f1:4b:b4:77:57:06:b5:d6:
49:a8:1f:a4:92:22:0c:19:cd:0b:96:7e:2b:86:f8:40:bf:6b:
cf:ba:e3:f9:5d:cc:fe:ca:b2:a9:71:c8:f2:05:ed:55:c7:24:
2f:b6:c4:ae:01:ff:6f:a8:fd:7d:61:ab:73:dd:02:02:cd:a2:
61:60:78:a2
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZdEPoZs9H7DfMqRfm1K1YYiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjViYWUyNTc3OGJlZWQ4ODgwYzA4ZGYyZDNmMzdmYzM3
YWJjMWUwHhcNMjUwNjA2MDc1NzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTBmOTI1M2EzMzU3OTZhMjQ3NmYxZDY2MGY3ZTIwY2I3ZmNlYjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotz0dA7bbNJ+7jcQbEFjXFTlFH2q
qJ4Rlc38Vm68+h/9G8YogXqvCFBoSC96q/Nr+B6GIJaQNos+zIOSjS+WUPhgGaAV
nuacdJlacfPmRJnlzEvACJrbW2EijYclQQp1fSBZQ7M2SFYHABdTQbqgeDZ0VtCU
ICB7HAjPZMws28dhsHJn8iFBLcONsc6KKAu2ZC/88Mb/ZF1iJcUS2rerVucITGpI
6+GlEAKpvO4J+5DS8rNOzPwuz6cw1/RjO0aOWp8k/g+IuhZpKfACN+CtEPcLZmMo
umetkTdjqdshiisTHkK+Dkf1t1GLfPLzT6iWuY2UOJOFzrTrxhl1fgQB9wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPkPklOjNXlqJHbx1mD34gy3/OtjMB8GA1UdIwQY
MBaAFKhluuJXeL7tiIDAjfLT83/DerweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTkt
MWI2Zjc1MGNmOWEyLzEvMS1RLVNVNk0xZVdva2R2SFdZUGZpRExmODYyTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGIvNjQ0NGQxLTVmMDAtNGU1MC04MDE5LTFiNmY3NTBjZjlh
Mi8xL3FHVzY0bGQ0dnUySWdNQ044dFB6ZjhONnZCNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEALl+/AME
AsIERAMEAtRPcDANBgkqhkiG9w0BAQsFAAOCAQEANbonso17/2AAvUMzARnFkOPJ
qRUJMFC5lGicz3Nu3vXjhY8dXEOx0VIIgjsSBs1QgEk8UeAHHd1YeZnT5qvXZVTn
bMHq7SKfKrQ7kQtOrhvvG7r+FHmhlsAoV6d3krfoGNK3Q1NfPl/IWu5QAGnLlYTD
eXgFWHaRFiaFRUMBZmvFbvcYc6+saGLTTm2f+Ipm8S8khfTc66Kk/BuB4CTVLOte
Dmu4F70ezLLDBwhkxsrxCz7fxbl92BmhXI9rL/FLtHdXBrXWSagfpJIiDBnNC5Z+
K4b4QL9rz7rj+V3M/sqyqXHI8gXtVcckL7bErgH/b6j9fWGrc90CAs2iYWB4og==
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:16:02 2025 by rpki-client