Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/QWLPaj62U4CAYLuNbQSuF8yo9Rg.roa
File: QWLPaj62U4CAYLuNbQSuF8yo9Rg.roa (raw, json)
Hash identifier: WelEuZteZjlUXOetnougM0+APhmhxsS7BtV9U+PH3aU=
Subject key identifier: 41:62:CF:6A:3E:B6:53:80:80:60:BB:8D:6D:04:AE:17:CC:A8:F5:18
Certificate issuer: /CN=311d62b7fd9fcfc87dfea987515767c838e21bb9
Certificate serial: 01994D8C2A5EE621C95AF9B09BB9F1FE90BA
Authority key identifier: 31:1D:62:B7:FD:9F:CF:C8:7D:FE:A9:87:51:57:67:C8:38:E2:1B:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/QWLPaj62U4CAYLuNbQSuF8yo9Rg.roa
Signing time: Mon 15 Sep 2025 13:24:15 +0000
ROA not before: Mon 15 Sep 2025 13:24:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 37.49.232.0/23 maxlen: 24
37.49.236.0/22 maxlen: 24
77.95.70.0/23 maxlen: 24
77.95.71.0/24 maxlen: 24
185.1.144.0/24 maxlen: 24
193.105.232.0/24 maxlen: 24
2001:7f8:47:47::/64 maxlen: 64
2001:7f8:54::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.mft
rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 07:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:4d:8c:2a:5e:e6:21:c9:5a:f9:b0:9b:b9:f1:fe:90:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=311d62b7fd9fcfc87dfea987515767c838e21bb9
Validity
Not Before: Sep 15 13:24:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4162cf6a3eb653808060bb8d6d04ae17cca8f518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c8:2e:19:72:b2:83:75:6e:a4:cb:fd:68:d9:
90:bb:e4:70:d1:ea:42:18:b6:dd:60:b8:4a:5c:7b:
11:c6:11:d4:fa:e8:56:a6:bc:6c:d3:5d:f3:4f:8a:
eb:00:f2:8a:64:d3:93:eb:27:47:49:96:23:d2:f7:
11:85:ea:e9:e4:d7:55:5d:8b:64:fd:65:69:ec:ef:
b8:c2:2d:cd:ed:bf:b5:7f:e2:0f:52:b8:03:8b:4f:
16:75:cf:ac:6c:40:46:84:1e:8a:88:04:db:bf:e8:
9b:91:48:d9:16:76:d5:01:38:3e:90:52:4e:15:c3:
43:64:8c:a0:3e:83:18:c0:c3:f7:ee:c5:7e:20:2e:
03:3c:87:0a:00:7b:8b:e6:32:20:49:0d:20:cd:fc:
b4:e1:ce:9c:f4:0d:dc:c7:0a:0e:d7:69:0e:d5:27:
5d:f1:b1:cc:d3:42:a7:b3:dd:c7:c4:1f:d2:31:80:
fc:ea:27:fc:37:3f:3c:0a:89:e7:77:10:c1:be:53:
f0:77:63:58:a2:eb:bd:c0:20:93:13:3a:9d:a6:43:
48:a9:05:86:5b:69:82:5e:52:b9:f9:46:cf:d2:b1:
b3:b7:8f:53:9c:8f:9c:c3:1c:15:38:d7:b2:e9:a3:
3e:d7:8f:d0:38:5d:49:7e:af:42:73:36:07:d7:9a:
c6:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:62:CF:6A:3E:B6:53:80:80:60:BB:8D:6D:04:AE:17:CC:A8:F5:18
X509v3 Authority Key Identifier:
keyid:31:1D:62:B7:FD:9F:CF:C8:7D:FE:A9:87:51:57:67:C8:38:E2:1B:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/QWLPaj62U4CAYLuNbQSuF8yo9Rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.232.0/23
37.49.236.0/22
77.95.70.0/23
185.1.144.0/24
193.105.232.0/24
IPv6:
2001:7f8:47:47::/64
2001:7f8:54::/48
Signature Algorithm: sha256WithRSAEncryption
02:0e:4b:28:81:8f:9b:20:fd:5e:dc:fb:e6:6e:ca:98:d9:fc:
a2:67:02:33:0e:3e:52:8a:2b:36:8e:92:b4:41:8b:37:96:6d:
0a:78:5e:73:83:8e:a4:0f:c7:72:7a:be:d8:60:65:31:6c:5f:
c4:0f:f2:51:93:41:ce:a9:31:be:51:f6:69:c2:23:10:4c:f4:
6d:f4:51:c9:9d:61:f3:30:56:6c:51:7c:13:f5:25:57:75:75:
07:7c:5f:94:a5:ce:1f:23:f8:49:16:f1:bd:8a:0b:8e:2e:cd:
cf:ae:1b:41:82:ff:9d:35:1b:fb:e2:b0:cf:1a:3d:9d:29:d8:
94:dc:89:ff:9c:23:5e:35:4b:ec:40:d7:dd:38:fb:33:1c:60:
96:56:69:65:60:4a:72:ee:c2:eb:7a:d0:e0:4e:00:7e:9f:59:
e5:bd:00:95:b4:1d:5e:54:3c:d2:56:f7:bb:d7:62:c3:1a:e2:
22:98:d1:7f:89:0e:4b:cf:ec:43:c7:ee:04:32:78:d8:2d:9e:
62:e5:9a:8b:5f:e5:49:47:a2:11:dc:93:0f:2e:7e:98:2c:48:
81:e9:f7:e2:84:d5:ae:fb:98:94:c8:af:6c:e2:f0:82:5a:20:
74:a8:45:a6:e4:c9:8a:d2:3c:99:6e:eb:ba:2c:1e:72:2a:83:
dd:9b:c9:dd
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZlNjCpe5iHJWvmwm7nx/pC6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMWQ2MmI3ZmQ5ZmNmYzg3ZGZlYTk4NzUxNTc2N2M4Mzhl
MjFiYjkwHhcNMjUwOTE1MTMyNDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTYyY2Y2YTNlYjY1MzgwODA2MGJiOGQ2ZDA0YWUxN2NjYThmNTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8guGXKyg3VupMv9aNmQu+Rw0epC
GLbdYLhKXHsRxhHU+uhWprxs013zT4rrAPKKZNOT6ydHSZYj0vcRherp5NdVXYtk
/WVp7O+4wi3N7b+1f+IPUrgDi08Wdc+sbEBGhB6KiATbv+ibkUjZFnbVATg+kFJO
FcNDZIygPoMYwMP37sV+IC4DPIcKAHuL5jIgSQ0gzfy04c6c9A3cxwoO12kO1Sdd
8bHM00Kns93HxB/SMYD86if8Nz88ConndxDBvlPwd2NYouu9wCCTEzqdpkNIqQWG
W2mCXlK5+UbP0rGzt49TnI+cwxwVONey6aM+14/QOF1Jfq9CczYH15rGsQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFEFiz2o+tlOAgGC7jW0ErhfMqPUYMB8GA1UdIwQY
MBaAFDEdYrf9n8/Iff6ph1FXZ8g44hu5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVIxaXRfMmZ6OGg5X3FtSFVWZG55RGppRzdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy81NzY4OGUtYTk2NC00OTMzLTg2MzEt
ODUwZjM0OTA2MjI5LzEvUVdMUGFqNjJVNENBWUx1TmJRU3VGOHlvOVJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy81NzY4OGUtYTk2NC00OTMzLTg2MzEtODUwZjM0OTA2MjI5
LzEvTVIxaXRfMmZ6OGg5X3FtSFVWZG55RGppRzdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAkBAIAATAeAwQBJTHoAwQC
JTHsAwQBTV9GAwQAuQGQAwQAwWnoMBoEAgACMBQDCQAgAQf4AEcARwMHACABB/gA
VDANBgkqhkiG9w0BAQsFAAOCAQEAAg5LKIGPmyD9Xtz75m7KmNn8omcCMw4+Uoor
No6StEGLN5ZtCnhec4OOpA/Hcnq+2GBlMWxfxA/yUZNBzqkxvlH2acIjEEz0bfRR
yZ1h8zBWbFF8E/UlV3V1B3xflKXOHyP4SRbxvYoLji7Nz64bQYL/nTUb++Kwzxo9
nSnYlNyJ/5wjXjVL7EDX3Tj7MxxgllZpZWBKcu7C63rQ4E4Afp9Z5b0AlbQdXlQ8
0lb3u9diwxriIpjRf4kOS8/sQ8fuBDJ42C2eYuWai1/lSUeiEdyTDy5+mCxIgen3
4oTVrvuYlMivbOLwglogdKhFpuTJitI8mW7ruiweciqD3ZvJ3Q==
-----END CERTIFICATE-----
Generated at Wed Oct 8 13:59:43 2025 by rpki-client