Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/qC9pupdeKTbRm5arViYO-LZXEe0.roa
File: qC9pupdeKTbRm5arViYO-LZXEe0.roa (raw, json)
Hash identifier: 1rSDWuh/2Zz+Ot3z1ajd4SQbW5q3+QfeV8TxLGUjh2Q=
Subject key identifier: A8:2F:69:BA:97:5E:29:36:D1:9B:96:AB:56:26:0E:F8:B6:57:11:ED
Certificate issuer: /CN=962bd76a5cac283ece0a0f8eab2c97021401fb89
Certificate serial: 0198E2547DBD70765C60B72BFDAFC49E2015
Authority key identifier: 96:2B:D7:6A:5C:AC:28:3E:CE:0A:0F:8E:AB:2C:97:02:14:01:FB:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/livXalysKD7OCg-OqyyXAhQB-4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/qC9pupdeKTbRm5arViYO-LZXEe0.roa
Signing time: Mon 25 Aug 2025 17:44:04 +0000
ROA not before: Mon 25 Aug 2025 17:44:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 85.203.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/livXalysKD7OCg-OqyyXAhQB-4k.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/livXalysKD7OCg-OqyyXAhQB-4k.mft
rsync://rpki.ripe.net/repository/DEFAULT/livXalysKD7OCg-OqyyXAhQB-4k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 17:17:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e2:54:7d:bd:70:76:5c:60:b7:2b:fd:af:c4:9e:20:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=962bd76a5cac283ece0a0f8eab2c97021401fb89
Validity
Not Before: Aug 25 17:44:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a82f69ba975e2936d19b96ab56260ef8b65711ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:76:77:d1:a2:13:fb:b3:2e:22:ca:2c:a0:7c:
29:a3:5d:d3:36:6f:55:39:28:60:c3:88:29:cc:59:
04:84:bc:f0:f3:10:a7:87:d1:11:7a:df:40:56:7c:
ee:8b:32:4b:ca:a2:e9:4e:37:94:e4:a9:ea:16:fb:
ce:1d:ad:f7:cc:8d:27:26:76:ca:55:32:e2:b1:4a:
bb:df:ab:a6:3c:8a:e6:0c:48:72:48:1c:1e:3b:70:
54:b3:a5:42:dd:04:dc:71:04:02:39:6b:08:18:0e:
53:1a:10:70:2d:1f:83:9a:d3:7e:dd:7d:d7:1e:7f:
60:20:d8:fb:89:92:97:71:c9:fe:7a:27:80:d6:63:
13:3c:1d:a2:ae:c7:f2:be:64:03:1f:a3:81:47:1f:
43:fc:94:b9:b3:e9:57:1b:7c:c1:fb:f2:0e:9c:4b:
6b:22:a9:55:00:77:58:be:05:9d:be:a8:78:f6:f2:
6f:96:7f:81:c0:9d:c6:7d:64:19:dd:00:2c:19:e5:
72:ec:f7:8e:3d:db:e9:82:9c:f4:02:09:f6:48:fc:
64:9f:2d:ca:da:3f:ae:63:e4:6f:bf:99:80:a4:95:
e4:11:9c:91:d4:0c:fa:1d:a3:47:90:da:57:f9:46:
73:a0:67:a6:c7:c0:25:7e:0b:61:5a:5c:59:1b:ab:
22:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:2F:69:BA:97:5E:29:36:D1:9B:96:AB:56:26:0E:F8:B6:57:11:ED
X509v3 Authority Key Identifier:
keyid:96:2B:D7:6A:5C:AC:28:3E:CE:0A:0F:8E:AB:2C:97:02:14:01:FB:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/livXalysKD7OCg-OqyyXAhQB-4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/qC9pupdeKTbRm5arViYO-LZXEe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/livXalysKD7OCg-OqyyXAhQB-4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.23.0/24
Signature Algorithm: sha256WithRSAEncryption
58:93:b4:53:55:64:77:a2:18:f0:09:59:e4:01:3b:b7:5d:c5:
6c:32:aa:e3:db:f9:8f:81:4d:d8:6b:68:d1:8a:f0:8f:38:3d:
ef:13:32:3a:4b:09:91:66:f3:7a:a2:eb:a0:73:dd:0c:84:4a:
1b:2e:13:7e:b8:25:0a:ef:8e:72:16:48:86:71:53:ae:5c:9f:
2d:de:3e:3d:21:fb:53:ce:a6:fa:8e:0b:95:f4:af:bf:21:0e:
c7:5e:7d:59:6c:3b:60:aa:c5:ea:86:6a:c3:25:13:f4:24:e2:
ef:f3:9e:14:d5:21:1b:8c:23:97:65:eb:98:2d:1c:b4:6b:14:
a2:37:d5:2e:51:da:c9:0b:97:83:c8:71:78:c8:c2:d7:d4:21:
32:bf:2d:dd:7e:43:86:30:44:6c:d1:2e:41:af:b9:e0:ae:5a:
e7:1f:89:a1:08:c9:b1:8a:d2:87:af:ec:1a:10:54:7d:36:a5:
6e:99:8d:f9:18:fc:da:26:6e:3b:59:f3:b3:73:30:05:6a:3b:
c2:8e:f0:0b:a8:7f:9b:f7:5c:07:2f:95:e3:9d:98:b1:86:07:
34:42:cf:66:2e:67:e3:bf:ad:3b:0c:fd:8c:8c:08:db:c2:82:
fa:49:98:09:d9:30:12:1c:11:8f:34:e5:f0:ce:4a:7e:13:0f:
96:f1:a7:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZjiVH29cHZcYLcr/a/EniAVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MmJkNzZhNWNhYzI4M2VjZTBhMGY4ZWFiMmM5NzAyMTQw
MWZiODkwHhcNMjUwODI1MTc0NDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODJmNjliYTk3NWUyOTM2ZDE5Yjk2YWI1NjI2MGVmOGI2NTcxMWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA63Z30aIT+7MuIsosoHwpo13TNm9V
OShgw4gpzFkEhLzw8xCnh9ERet9AVnzuizJLyqLpTjeU5KnqFvvOHa33zI0nJnbK
VTLisUq736umPIrmDEhySBweO3BUs6VC3QTccQQCOWsIGA5TGhBwLR+DmtN+3X3X
Hn9gINj7iZKXccn+eieA1mMTPB2irsfyvmQDH6OBRx9D/JS5s+lXG3zB+/IOnEtr
IqlVAHdYvgWdvqh49vJvln+BwJ3GfWQZ3QAsGeVy7PeOPdvpgpz0Agn2SPxkny3K
2j+uY+Rvv5mApJXkEZyR1Az6HaNHkNpX+UZzoGemx8AlfgthWlxZG6simwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKgvabqXXik20ZuWq1YmDvi2VxHtMB8GA1UdIwQY
MBaAFJYr12pcrCg+zgoPjqsslwIUAfuJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGl2WGFseXNLRDdPQ2ctT3F5eVhBaFFCLTRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8wNDY0NjAtMTAyYy00OTMwLTg0MmMt
NmFiMTExNTVmNmZiLzEvcUM5cHVwZGVLVGJSbTVhclZpWU8tTFpYRWUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8wNDY0NjAtMTAyYy00OTMwLTg0MmMtNmFiMTExNTVmNmZi
LzEvbGl2WGFseXNLRDdPQ2ctT3F5eVhBaFFCLTRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcsXMA0G
CSqGSIb3DQEBCwUAA4IBAQBYk7RTVWR3ohjwCVnkATu3XcVsMqrj2/mPgU3Ya2jR
ivCPOD3vEzI6SwmRZvN6ouugc90MhEobLhN+uCUK745yFkiGcVOuXJ8t3j49IftT
zqb6jguV9K+/IQ7HXn1ZbDtgqsXqhmrDJRP0JOLv854U1SEbjCOXZeuYLRy0axSi
N9UuUdrJC5eDyHF4yMLX1CEyvy3dfkOGMERs0S5Br7ngrlrnH4mhCMmxitKHr+wa
EFR9NqVumY35GPzaJm47WfOzczAFajvCjvALqH+b91wHL5XjnZixhgc0Qs9mLmfj
v607DP2MjAjbwoL6SZgJ2TASHBGPNOXwzkp+Ew+W8ac5
-----END CERTIFICATE-----
Generated at Sat Sep 6 02:51:11 2025 by rpki-client