Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/211354-ebe4-4797-98f3-1b2ac35c09aa/1/QjojGFow0Vpe3_AWaTD7e7dWICs.roa
File: QjojGFow0Vpe3_AWaTD7e7dWICs.roa (raw, json)
Hash identifier: azKbcXaFk37HPIXqgZTrsiA6Aj4W7zGHRG5fz7k2ea4=
Subject key identifier: 42:3A:23:18:5A:30:D1:5A:5E:DF:F0:16:69:30:FB:7B:B7:56:20:2B
Certificate issuer: /CN=d588212bf5dace1080dc45e2c55b92ff85c6c192
Certificate serial: 0198E33D071079CA4369B73B5C2BDE953925
Authority key identifier: D5:88:21:2B:F5:DA:CE:10:80:DC:45:E2:C5:5B:92:FF:85:C6:C1:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1YghK_XazhCA3EXixVuS_4XGwZI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/211354-ebe4-4797-98f3-1b2ac35c09aa/1/QjojGFow0Vpe3_AWaTD7e7dWICs.roa
Signing time: Mon 25 Aug 2025 21:58:04 +0000
ROA not before: Mon 25 Aug 2025 21:58:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198260
IP address blocks: 2a01:8840:1c1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/211354-ebe4-4797-98f3-1b2ac35c09aa/1/1YghK_XazhCA3EXixVuS_4XGwZI.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/211354-ebe4-4797-98f3-1b2ac35c09aa/1/1YghK_XazhCA3EXixVuS_4XGwZI.mft
rsync://rpki.ripe.net/repository/DEFAULT/1YghK_XazhCA3EXixVuS_4XGwZI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Aug 2025 06:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e3:3d:07:10:79:ca:43:69:b7:3b:5c:2b:de:95:39:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d588212bf5dace1080dc45e2c55b92ff85c6c192
Validity
Not Before: Aug 25 21:58:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=423a23185a30d15a5edff0166930fb7bb756202b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:eb:52:1c:27:4c:06:5f:b8:10:c3:86:c1:09:
43:21:c7:e0:2d:f3:37:2d:8d:8e:91:f4:20:3b:be:
da:a6:a0:70:61:dc:5a:86:72:9f:29:44:36:d3:36:
04:14:d1:a2:32:27:d5:ca:af:08:3a:58:30:31:88:
a6:66:e0:14:12:55:5f:8f:6a:43:bd:06:00:fd:59:
11:dd:06:ba:97:5d:2e:99:1d:eb:02:fd:dc:10:e3:
fb:2f:86:6e:13:37:69:d3:cf:1d:0f:5c:f8:ad:73:
83:8d:d3:84:f7:fe:02:ad:d9:82:80:39:94:b6:07:
82:5b:09:58:f4:5a:14:f9:61:4c:ff:c0:4d:0e:64:
ed:94:04:19:98:44:60:ff:ee:c2:f3:90:d9:4e:f1:
2a:d5:40:e2:5f:4e:6d:d8:b8:01:8e:e0:31:6d:19:
a5:af:86:d5:08:c0:07:4a:27:75:ed:0f:be:83:63:
da:f3:ec:8b:78:57:c2:9f:73:59:3b:1a:ee:30:c4:
7b:02:5a:55:6e:1f:0f:42:3d:a1:0c:45:ce:3f:b5:
83:d4:46:c6:80:f8:c4:b6:2f:f2:89:c0:92:ad:50:
ac:7c:c7:d3:9f:c6:ef:b2:b9:ba:b0:da:e1:ec:1e:
4c:b8:e8:8f:21:2f:d4:eb:77:4f:ae:7c:f9:b5:a1:
bf:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:3A:23:18:5A:30:D1:5A:5E:DF:F0:16:69:30:FB:7B:B7:56:20:2B
X509v3 Authority Key Identifier:
keyid:D5:88:21:2B:F5:DA:CE:10:80:DC:45:E2:C5:5B:92:FF:85:C6:C1:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1YghK_XazhCA3EXixVuS_4XGwZI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/211354-ebe4-4797-98f3-1b2ac35c09aa/1/QjojGFow0Vpe3_AWaTD7e7dWICs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/211354-ebe4-4797-98f3-1b2ac35c09aa/1/1YghK_XazhCA3EXixVuS_4XGwZI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:8840:1c1::/48
Signature Algorithm: sha256WithRSAEncryption
33:ea:c4:e5:95:b7:f4:e8:56:4a:a0:6f:f0:c9:9d:ea:5a:5f:
9e:cd:4a:6b:84:bc:ff:d8:0e:87:c4:1f:2c:45:65:4b:13:b5:
d2:93:12:39:8a:f6:8a:b5:42:86:27:0a:8a:a2:27:1d:d6:ed:
0d:f3:68:d7:aa:be:8c:ca:b4:3b:f4:f2:dc:59:60:7e:98:28:
c7:8b:89:50:c8:79:49:f8:d3:9b:8a:a7:77:c6:c1:a1:f0:7a:
08:a3:b2:ae:a7:34:8b:d7:ba:bf:17:45:8b:15:f2:68:4e:c7:
d1:3e:e5:57:cc:d5:6b:e3:3f:56:ae:87:34:46:2e:68:b2:3a:
bd:06:06:45:6d:b6:bb:1d:ee:ec:eb:f0:ca:0f:18:25:87:c3:
e9:9c:65:3d:22:59:40:d4:32:1f:3a:8e:f7:93:43:d7:ea:d1:
c6:50:fb:e8:a4:99:53:1d:a4:10:de:8f:81:49:ab:0b:aa:b0:
a8:2a:89:bf:df:52:ba:33:1d:2c:b4:87:f3:32:0f:1b:c2:65:
0d:6b:ef:e1:10:ea:65:b2:82:ac:45:7d:1d:08:a9:24:8b:8b:
b7:61:d0:1d:ae:6d:8f:fd:ce:9a:62:65:3d:58:da:8d:56:ea:
f8:7a:f6:a8:63:9f:f6:a9:96:4e:1c:5d:e5:4f:03:1c:37:07:
9b:db:08:a9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZjjPQcQecpDabc7XCvelTklMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ODgyMTJiZjVkYWNlMTA4MGRjNDVlMmM1NWI5MmZmODVj
NmMxOTIwHhcNMjUwODI1MjE1ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjNhMjMxODVhMzBkMTVhNWVkZmYwMTY2OTMwZmI3YmI3NTYyMDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoutSHCdMBl+4EMOGwQlDIcfgLfM3
LY2OkfQgO77apqBwYdxahnKfKUQ20zYEFNGiMifVyq8IOlgwMYimZuAUElVfj2pD
vQYA/VkR3Qa6l10umR3rAv3cEOP7L4ZuEzdp088dD1z4rXODjdOE9/4CrdmCgDmU
tgeCWwlY9FoU+WFM/8BNDmTtlAQZmERg/+7C85DZTvEq1UDiX05t2LgBjuAxbRml
r4bVCMAHSid17Q++g2Pa8+yLeFfCn3NZOxruMMR7AlpVbh8PQj2hDEXOP7WD1EbG
gPjEti/yicCSrVCsfMfTn8bvsrm6sNrh7B5MuOiPIS/U63dPrnz5taG/DwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEI6IxhaMNFaXt/wFmkw+3u3ViArMB8GA1UdIwQY
MBaAFNWIISv12s4QgNxF4sVbkv+FxsGSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVlnaEtfWGF6aENBM0VYaXhWdVNfNFhHd1pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8yMTEzNTQtZWJlNC00Nzk3LTk4ZjMt
MWIyYWMzNWMwOWFhLzEvUWpvakdGb3cwVnBlM19BV2FURDdlN2RXSUNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8yMTEzNTQtZWJlNC00Nzk3LTk4ZjMtMWIyYWMzNWMwOWFh
LzEvMVlnaEtfWGF6aENBM0VYaXhWdVNfNFhHd1pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgGIQAHB
MA0GCSqGSIb3DQEBCwUAA4IBAQAz6sTllbf06FZKoG/wyZ3qWl+ezUprhLz/2A6H
xB8sRWVLE7XSkxI5ivaKtUKGJwqKoicd1u0N82jXqr6MyrQ79PLcWWB+mCjHi4lQ
yHlJ+NObiqd3xsGh8HoIo7KupzSL17q/F0WLFfJoTsfRPuVXzNVr4z9Wroc0Ri5o
sjq9BgZFbba7He7s6/DKDxglh8PpnGU9IllA1DIfOo73k0PX6tHGUPvopJlTHaQQ
3o+BSasLqrCoKom/31K6Mx0stIfzMg8bwmUNa+/hEOplsoKsRX0dCKkki4u3YdAd
rm2P/c6aYmU9WNqNVur4evaoY5/2qZZOHF3lTwMcNweb2wip
-----END CERTIFICATE-----
Generated at Tue Aug 26 13:27:35 2025 by rpki-client