Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/qq3OJ7E8FdGE4BJdu3ZOq4LInY8.roa
File: qq3OJ7E8FdGE4BJdu3ZOq4LInY8.roa (raw, json)
Hash identifier: jyVlOFzMs6a5a3ty01oIP3DwXzFAJhXu3CIHkhRdIo8=
Subject key identifier: AA:AD:CE:27:B1:3C:15:D1:84:E0:12:5D:BB:76:4E:AB:82:C8:9D:8F
Certificate issuer: /CN=d8284f18cd44604bdd6d08f4d878dc61456c40fd
Certificate serial: 0197115A3961C935B93BFB9300A7CBD5CDE4
Authority key identifier: D8:28:4F:18:CD:44:60:4B:DD:6D:08:F4:D8:78:DC:61:45:6C:40:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/qq3OJ7E8FdGE4BJdu3ZOq4LInY8.roa
Signing time: Tue 27 May 2025 10:46:54 +0000
ROA not before: Tue 27 May 2025 10:46:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212804
IP address blocks: 46.252.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/2ChPGM1EYEvdbQj02HjcYUVsQP0.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/2ChPGM1EYEvdbQj02HjcYUVsQP0.mft
rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 07:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:11:5a:39:61:c9:35:b9:3b:fb:93:00:a7:cb:d5:cd:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8284f18cd44604bdd6d08f4d878dc61456c40fd
Validity
Not Before: May 27 10:46:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aaadce27b13c15d184e0125dbb764eab82c89d8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:42:bf:30:4c:1b:80:15:2c:99:ed:2e:5d:6e:
d7:6d:c1:74:0b:9e:7f:f9:5b:af:bc:4f:47:21:d8:
3a:fd:33:82:18:41:4e:1c:5f:e8:38:ba:6f:2d:1d:
a0:67:b6:b2:a7:d2:e2:09:d2:67:9c:6e:5d:d8:f5:
d2:30:a8:56:53:bd:cc:a8:1f:26:11:75:dc:9d:76:
94:45:c2:3c:8f:10:08:e2:3b:21:24:cc:a7:c5:c8:
8b:68:b6:ea:f4:23:ee:39:98:d8:14:99:f9:55:2e:
35:ed:ba:7b:d3:22:f2:fd:cc:17:2b:17:6f:dd:1c:
c6:e6:4f:9c:20:9a:4c:d6:1e:6d:75:43:8a:7c:17:
bc:a7:ab:3e:fd:e2:c3:8e:0a:66:48:fc:25:db:d5:
c3:2c:ca:3f:d6:4a:68:a1:de:16:92:b1:9b:bc:f0:
c5:3a:ae:18:86:6d:eb:00:45:56:b3:13:cb:02:24:
ee:2f:44:cd:ab:ff:e6:0d:30:03:8c:e9:00:1a:ba:
2b:92:85:fa:74:54:a8:f1:90:30:50:91:ea:ee:b3:
fd:c0:5f:59:30:c1:77:40:54:0b:e8:16:4c:d1:56:
67:97:d2:4f:d3:ea:7a:dd:be:92:45:ff:52:54:57:
c5:f2:22:d2:1f:80:6a:bc:49:80:d7:ba:cc:b7:bd:
52:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:AD:CE:27:B1:3C:15:D1:84:E0:12:5D:BB:76:4E:AB:82:C8:9D:8F
X509v3 Authority Key Identifier:
keyid:D8:28:4F:18:CD:44:60:4B:DD:6D:08:F4:D8:78:DC:61:45:6C:40:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/qq3OJ7E8FdGE4BJdu3ZOq4LInY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/2ChPGM1EYEvdbQj02HjcYUVsQP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.252.0.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:d6:27:4c:d7:5d:06:93:6c:6e:cd:e5:2e:15:af:bb:c8:04:
67:80:1f:67:69:40:04:81:10:7b:13:27:36:5e:a6:24:20:6e:
81:30:d0:f4:24:d2:25:9f:37:dd:cf:89:06:e7:88:dd:6f:26:
5e:7a:bd:40:a6:93:e6:a3:ba:7c:42:23:a5:79:d0:94:8b:e8:
4e:d3:1d:d8:d4:b4:f2:e2:e9:f0:f4:64:b2:cd:e9:b6:5a:b4:
5b:7d:d1:08:c6:58:ac:7f:c0:bd:2b:c1:b3:88:42:d6:d9:41:
8f:0f:3e:2c:70:89:c9:e2:e3:bd:fd:bb:8c:69:dd:1a:a1:fd:
56:46:7a:5a:e8:ee:42:e0:54:df:cc:8e:cf:8f:07:ed:8b:fa:
dd:10:a9:9e:58:49:81:41:ce:45:85:ba:e8:1c:57:9e:9d:16:
27:4f:10:d1:54:cc:27:97:2a:f3:cd:a4:3e:83:39:85:d6:99:
35:23:05:3a:ba:c3:22:a9:b0:9d:e9:eb:37:53:09:a6:d1:af:
d0:fa:92:37:8e:3b:08:5b:5d:65:b7:7e:6d:94:70:45:23:79:
f7:36:69:73:78:8f:12:d1:ee:e1:e4:e7:46:a3:bf:6a:8c:87:
90:cb:4d:a9:fb:07:c3:75:69:18:3f:ef:2e:ab:08:b1:c1:7d:
32:d4:f5:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZcRWjlhyTW5O/uTAKfL1c3kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4Mjg0ZjE4Y2Q0NDYwNGJkZDZkMDhmNGQ4NzhkYzYxNDU2
YzQwZmQwHhcNMjUwNTI3MTA0NjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWFkY2UyN2IxM2MxNWQxODRlMDEyNWRiYjc2NGVhYjgyYzg5ZDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEK/MEwbgBUsme0uXW7XbcF0C55/
+VuvvE9HIdg6/TOCGEFOHF/oOLpvLR2gZ7ayp9LiCdJnnG5d2PXSMKhWU73MqB8m
EXXcnXaURcI8jxAI4jshJMynxciLaLbq9CPuOZjYFJn5VS417bp70yLy/cwXKxdv
3RzG5k+cIJpM1h5tdUOKfBe8p6s+/eLDjgpmSPwl29XDLMo/1kpood4WkrGbvPDF
Oq4Yhm3rAEVWsxPLAiTuL0TNq//mDTADjOkAGrorkoX6dFSo8ZAwUJHq7rP9wF9Z
MMF3QFQL6BZM0VZnl9JP0+p63b6SRf9SVFfF8iLSH4BqvEmA17rMt71ShwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKqtziexPBXRhOASXbt2TquCyJ2PMB8GA1UdIwQY
MBaAFNgoTxjNRGBL3W0I9Nh43GFFbED9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkNoUEdNMUVZRXZkYlFqMDJIamNZVVZzUVAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8yNjUyY2QtN2VjZi00OWU4LWE0Zjgt
Yzc4NjkxMjg1ODJjLzEvcXEzT0o3RThGZEdFNEJKZHUzWk9xNExJblk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8yNjUyY2QtN2VjZi00OWU4LWE0ZjgtYzc4NjkxMjg1ODJj
LzEvMkNoUEdNMUVZRXZkYlFqMDJIamNZVVZzUVAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALvwAMA0G
CSqGSIb3DQEBCwUAA4IBAQCm1idM110Gk2xuzeUuFa+7yARngB9naUAEgRB7Eyc2
XqYkIG6BMND0JNIlnzfdz4kG54jdbyZeer1AppPmo7p8QiOledCUi+hO0x3Y1LTy
4unw9GSyzem2WrRbfdEIxlisf8C9K8GziELW2UGPDz4scInJ4uO9/buMad0aof1W
Rnpa6O5C4FTfzI7Pjwfti/rdEKmeWEmBQc5FhbroHFeenRYnTxDRVMwnlyrzzaQ+
gzmF1pk1IwU6usMiqbCd6es3Uwmm0a/Q+pI3jjsIW11lt35tlHBFI3n3NmlzeI8S
0e7h5OdGo79qjIeQy02p+wfDdWkYP+8uqwixwX0y1PWk
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:47:16 2025 by rpki-client