Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/qNl-Q8HhmrUArxLKQehroWC5qDc.roa
File: qNl-Q8HhmrUArxLKQehroWC5qDc.roa (raw, json)
Hash identifier: 9pycVyvA/LfKV0R0Bhd4fllbZltDwLcpn1H2WIOi7gw=
Subject key identifier: A8:D9:7E:43:C1:E1:9A:B5:00:AF:12:CA:41:E8:6B:A1:60:B9:A8:37
Certificate issuer: /CN=dc94bb69453f139a60029e22db0fb3424a906cee
Certificate serial: 01972846C0511C9B7359C3AB2CBC63825A3D
Authority key identifier: DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/qNl-Q8HhmrUArxLKQehroWC5qDc.roa
Signing time: Sat 31 May 2025 21:36:54 +0000
ROA not before: Sat 31 May 2025 21:36:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15683
IP address blocks: 78.27.128.0/18 maxlen: 24
91.196.192.0/22 maxlen: 24
91.203.48.0/22 maxlen: 24
94.45.40.0/21 maxlen: 24
94.45.48.0/21 maxlen: 24
94.45.56.0/22 maxlen: 24
193.222.140.0/24 maxlen: 24
193.243.152.0/23 maxlen: 24
2a01:6d80:2000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:28:46:c0:51:1c:9b:73:59:c3:ab:2c:bc:63:82:5a:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc94bb69453f139a60029e22db0fb3424a906cee
Validity
Not Before: May 31 21:36:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8d97e43c1e19ab500af12ca41e86ba160b9a837
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:11:00:1b:fd:4f:de:38:7c:4c:6b:44:79:62:
9b:f0:3d:e4:e9:78:0c:83:9f:a6:f4:ec:35:ab:05:
b9:c4:7b:63:47:f2:9c:ff:97:9c:0a:50:72:3b:f6:
f7:ca:66:1f:1c:73:fd:1b:65:36:28:a8:86:b4:9c:
08:5d:f5:af:53:4e:8f:2c:23:b7:bb:78:61:ca:e1:
8c:99:1d:92:8b:88:af:f7:77:f4:1a:d2:20:f8:e8:
d8:30:e0:5b:95:fe:a7:73:bf:08:5b:80:86:db:88:
a4:fa:e1:d6:ea:50:ee:f9:78:84:2a:39:83:43:41:
9f:eb:cb:f7:2b:3c:7e:46:6f:3c:a8:c0:2d:61:4b:
34:e3:39:00:ed:c6:b6:6d:be:bf:e5:27:db:de:18:
6c:0f:ae:09:d4:92:76:1c:8a:f6:e0:ca:5a:01:6f:
90:11:74:19:16:3f:59:f2:d5:16:b2:d0:f2:0c:94:
f2:91:0b:83:ae:1f:ee:28:de:bf:e1:34:94:c9:8c:
7a:2f:39:46:c4:f3:8a:b3:d2:f6:52:0b:95:fb:2b:
5d:d0:5b:77:8d:b8:c2:cf:4c:0e:53:68:ee:b5:6f:
0a:0c:d6:28:3c:64:40:49:44:34:f3:15:24:65:f7:
b7:ac:3b:4f:a1:95:92:22:a7:73:2b:72:27:fc:38:
43:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:D9:7E:43:C1:E1:9A:B5:00:AF:12:CA:41:E8:6B:A1:60:B9:A8:37
X509v3 Authority Key Identifier:
keyid:DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/qNl-Q8HhmrUArxLKQehroWC5qDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.27.128.0/18
91.196.192.0/22
91.203.48.0/22
94.45.40.0-94.45.59.255
193.222.140.0/24
193.243.152.0/23
IPv6:
2a01:6d80:2000::/36
Signature Algorithm: sha256WithRSAEncryption
02:32:18:69:ff:a1:06:36:0e:2c:e4:20:c3:0a:a1:5f:ae:79:
e7:03:70:66:f6:73:5a:c8:4b:50:61:c6:85:ac:c7:e8:a1:74:
15:8d:ab:1c:98:e8:f1:f4:2a:1e:32:89:2c:d6:73:95:eb:88:
3f:fe:9a:0a:ad:49:1b:8c:24:ff:4c:3e:d9:e4:82:c4:6f:3c:
1c:b9:a9:8c:2c:8f:c9:52:52:61:3a:8e:5e:88:58:05:74:a0:
f4:80:d3:a4:32:48:16:0c:a3:c0:dd:51:07:f1:f2:74:65:84:
8b:db:27:d8:6b:14:81:d6:40:cd:02:7e:e4:35:84:20:97:94:
27:a7:e7:e6:83:dc:5f:3b:a9:ff:01:4c:0e:c9:15:e1:e9:5a:
2a:c6:67:c4:ea:9c:de:0c:45:1f:74:c4:10:92:bf:27:e4:b2:
6a:24:21:e2:5d:e2:07:08:7f:b6:66:6d:9e:cb:50:9a:b9:de:
c5:84:11:43:05:54:b4:a4:c6:ea:9b:90:fb:37:31:9b:60:ab:
49:5f:8f:00:3b:37:28:40:45:8c:a5:ad:df:70:f4:e6:55:a2:
e4:d0:15:40:7a:56:ec:d7:e7:cb:39:31:3d:f8:14:ad:96:bc:
8c:5c:49:52:91:6e:54:e1:f7:28:03:08:9e:b4:52:f5:01:3c:
0a:27:c1:d4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZcoRsBRHJtzWcOrLLxjglo9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOTRiYjY5NDUzZjEzOWE2MDAyOWUyMmRiMGZiMzQyNGE5
MDZjZWUwHhcNMjUwNTMxMjEzNjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGQ5N2U0M2MxZTE5YWI1MDBhZjEyY2E0MWU4NmJhMTYwYjlhODM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxEAG/1P3jh8TGtEeWKb8D3k6XgM
g5+m9Ow1qwW5xHtjR/Kc/5ecClByO/b3ymYfHHP9G2U2KKiGtJwIXfWvU06PLCO3
u3hhyuGMmR2Si4iv93f0GtIg+OjYMOBblf6nc78IW4CG24ik+uHW6lDu+XiEKjmD
Q0Gf68v3Kzx+Rm88qMAtYUs04zkA7ca2bb6/5Sfb3hhsD64J1JJ2HIr24MpaAW+Q
EXQZFj9Z8tUWstDyDJTykQuDrh/uKN6/4TSUyYx6LzlGxPOKs9L2UguV+ytd0Ft3
jbjCz0wOU2jutW8KDNYoPGRASUQ08xUkZfe3rDtPoZWSIqdzK3In/DhD1QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFKjZfkPB4Zq1AK8SykHoa6Fguag3MB8GA1UdIwQY
MBaAFNyUu2lFPxOaYAKeItsPs0JKkGzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGIt
MDkwYzQ2ZTlmMmVkLzEvcU5sLVE4SGhtclVBcnhMS1FlaHJvV0M1cURjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGItMDkwYzQ2ZTlmMmVk
LzEvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAyBAIAATAsAwQGThuAAwQC
W8TAAwQCW8swMAwDBANeLSgDBAJeLTgDBADB3owDBAHB85gwDgQCAAIwCAMGBCoB
bYAgMA0GCSqGSIb3DQEBCwUAA4IBAQACMhhp/6EGNg4s5CDDCqFfrnnnA3Bm9nNa
yEtQYcaFrMfooXQVjascmOjx9CoeMoks1nOV64g//poKrUkbjCT/TD7Z5ILEbzwc
uamMLI/JUlJhOo5eiFgFdKD0gNOkMkgWDKPA3VEH8fJ0ZYSL2yfYaxSB1kDNAn7k
NYQgl5Qnp+fmg9xfO6n/AUwOyRXh6VoqxmfE6pzeDEUfdMQQkr8n5LJqJCHiXeIH
CH+2Zm2ey1Caud7FhBFDBVS0pMbqm5D7NzGbYKtJX48AOzcoQEWMpa3fcPTmVaLk
0BVAelbs1+fLOTE9+BStlryMXElSkW5U4fcoAwietFL1ATwKJ8HU
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:05:44 2025 by rpki-client