Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/qB-9gr0isYdcIWrX08lPVRJYBck.roa
File: qB-9gr0isYdcIWrX08lPVRJYBck.roa (raw, json)
Hash identifier: VP9xujFfeh5GkNocJaGbk02myf5oF90DS5xZzdeElQs=
Subject key identifier: A8:1F:BD:82:BD:22:B1:87:5C:21:6A:D7:D3:C9:4F:55:12:58:05:C9
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0199E27BA59A340B13867185C1034941FEC8
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/qB-9gr0isYdcIWrX08lPVRJYBck.roa
Signing time: Tue 14 Oct 2025 11:29:38 +0000
ROA not before: Tue 14 Oct 2025 11:29:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52468
IP address blocks: 45.10.104.0/24 maxlen: 24
45.10.105.0/24 maxlen: 24
45.10.106.0/24 maxlen: 24
45.10.107.0/24 maxlen: 24
45.130.160.0/24 maxlen: 24
45.130.161.0/24 maxlen: 24
45.150.85.0/24 maxlen: 24
45.150.86.0/24 maxlen: 24
45.150.87.0/24 maxlen: 24
46.29.28.0/24 maxlen: 24
94.125.137.0/24 maxlen: 24
201.77.48.0/24 maxlen: 24
201.77.53.0/24 maxlen: 24
201.77.55.0/24 maxlen: 24
217.76.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 Oct 2025 13:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e2:7b:a5:9a:34:0b:13:86:71:85:c1:03:49:41:fe:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Oct 14 11:29:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a81fbd82bd22b1875c216ad7d3c94f55125805c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7e:a9:eb:43:34:3a:86:ec:32:c0:19:51:bd:
88:cb:54:f6:1c:6d:05:60:21:4f:51:a0:8b:85:c8:
94:b8:af:a6:07:68:f4:ce:29:95:08:56:ab:cb:c6:
a9:98:0c:13:24:e0:ab:c6:e6:42:22:7f:8c:1a:78:
01:fd:a2:48:32:dd:b4:69:12:ac:7c:55:ca:f6:ab:
a9:a4:e6:a0:89:59:d9:c2:01:d4:71:5a:e3:3d:e7:
21:a6:4c:b2:bc:9a:3a:ef:41:46:38:9f:91:29:07:
cb:b5:66:ad:51:1f:00:af:40:ad:d6:45:25:ee:dc:
ef:e1:03:98:b7:52:1a:f7:55:89:a2:55:d5:5a:91:
cf:05:c1:b5:89:0b:76:77:e8:a9:f2:f3:93:6c:92:
42:86:f4:e3:5e:0a:4c:a0:9b:3a:f2:1f:9d:9c:9a:
98:60:76:63:fc:ad:f2:aa:84:89:28:b4:69:cb:34:
4f:80:69:ac:78:5e:56:6a:de:7d:78:7e:d1:8d:6a:
6f:19:03:dc:69:72:5f:a2:88:d0:28:0a:3d:5f:0f:
d4:4f:cf:83:2b:f7:e5:cf:0a:4a:fa:76:51:80:c4:
15:1e:85:f7:fb:74:53:e8:79:d6:62:3b:77:2e:39:
12:90:96:08:7e:55:34:c6:fc:ce:6b:fc:76:c6:fa:
a4:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:1F:BD:82:BD:22:B1:87:5C:21:6A:D7:D3:C9:4F:55:12:58:05:C9
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/qB-9gr0isYdcIWrX08lPVRJYBck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.104.0/22
45.130.160.0/23
45.150.85.0-45.150.87.255
46.29.28.0/24
94.125.137.0/24
201.77.48.0/24
201.77.53.0/24
201.77.55.0/24
217.76.240.0/24
Signature Algorithm: sha256WithRSAEncryption
37:40:34:35:b9:cd:64:94:e6:58:62:51:81:88:10:b7:ec:94:
98:ca:af:18:70:36:b3:73:60:3c:67:a5:76:d2:05:3e:44:6a:
7c:f3:4d:4b:ee:bc:70:0b:39:8b:cf:b3:f6:4b:d5:10:17:71:
cd:5e:ea:9c:83:26:22:79:b0:3c:64:5f:f5:54:d6:f5:74:4d:
8e:24:e2:39:fc:9c:08:13:fa:c8:70:7c:c6:52:41:23:b4:91:
76:52:3f:c0:67:9b:61:be:8d:57:0d:f3:f0:b2:d5:e0:f8:19:
18:2d:b6:5d:ed:46:ac:8d:f1:f9:25:4a:8e:85:09:f4:03:34:
4a:d6:f0:a2:4e:a9:ee:ec:e4:16:a6:07:84:77:28:43:f6:ea:
97:23:e3:74:d3:d3:ea:2f:39:4f:56:fd:0d:7d:be:9c:08:ee:
e3:6a:14:a0:e9:d9:eb:5b:11:51:16:11:1a:8e:7e:1f:aa:b8:
38:66:96:13:5a:94:b6:ee:90:9e:88:d5:9f:55:85:2a:e3:39:
32:af:3c:17:03:bc:1f:b9:57:e7:5b:4e:9c:9c:dc:6e:a5:19:
d2:15:57:3a:4b:40:e4:e7:af:5a:6d:c3:91:bf:10:f1:07:00:
c5:ff:9d:18:14:54:34:93:fb:78:a1:5d:9a:4e:c4:28:36:ef:
70:a3:81:ac
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZnie6WaNAsThnGFwQNJQf7IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUxMDE0MTEyOTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODFmYmQ4MmJkMjJiMTg3NWMyMTZhZDdkM2M5NGY1NTEyNTgwNWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr36p60M0OobsMsAZUb2Iy1T2HG0F
YCFPUaCLhciUuK+mB2j0zimVCFary8apmAwTJOCrxuZCIn+MGngB/aJIMt20aRKs
fFXK9quppOagiVnZwgHUcVrjPechpkyyvJo670FGOJ+RKQfLtWatUR8Ar0Ct1kUl
7tzv4QOYt1Ia91WJolXVWpHPBcG1iQt2d+ip8vOTbJJChvTjXgpMoJs68h+dnJqY
YHZj/K3yqoSJKLRpyzRPgGmseF5Wat59eH7RjWpvGQPcaXJfoojQKAo9Xw/UT8+D
K/flzwpK+nZRgMQVHoX3+3RT6HnWYjt3LjkSkJYIflU0xvzOa/x2xvqkfwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFKgfvYK9IrGHXCFq19PJT1USWAXJMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvcUItOWdyMGlzWWRjSVdyWDA4bFBWUkpZQmNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQCLQpoAwQB
LYKgMAwDBAAtllUDBAMtllADBAAuHRwDBABefYkDBADJTTADBADJTTUDBADJTTcD
BADZTPAwDQYJKoZIhvcNAQELBQADggEBADdANDW5zWSU5lhiUYGIELfslJjKrxhw
NrNzYDxnpXbSBT5EanzzTUvuvHALOYvPs/ZL1RAXcc1e6pyDJiJ5sDxkX/VU1vV0
TY4k4jn8nAgT+shwfMZSQSO0kXZSP8Bnm2G+jVcN8/Cy1eD4GRgttl3tRqyN8fkl
So6FCfQDNErW8KJOqe7s5BamB4R3KEP26pcj43TT0+ovOU9W/Q19vpwI7uNqFKDp
2etbEVEWERqOfh+quDhmlhNalLbukJ6I1Z9VhSrjOTKvPBcDvB+5V+dbTpyc3G6l
GdIVVzpLQOTnr1ptw5G/EPEHAMX/nRgUVDST+3ihXZpOxCg273Cjgaw=
-----END CERTIFICATE-----
Generated at Wed Oct 15 19:45:45 2025 by rpki-client