Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/cd9fd4-ccc5-43d6-9d58-9816c67a9262/1/qq8J_fEHI4G11qkKijWQISK00G0.roa
File: qq8J_fEHI4G11qkKijWQISK00G0.roa (raw, json)
Hash identifier: RMB75Z9HEAqFVlcsv+x1Xsp/vs4KwqhHTjxwNb+JGOc=
Subject key identifier: AA:AF:09:FD:F1:07:23:81:B5:D6:A9:0A:8A:35:90:21:22:B4:D0:6D
Certificate issuer: /CN=695bbd542912a66fee6a34128a3a8cf7097dc69b
Certificate serial: 019A10484529840CCC4F4893963C73ADA987
Authority key identifier: 69:5B:BD:54:29:12:A6:6F:EE:6A:34:12:8A:3A:8C:F7:09:7D:C6:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aVu9VCkSpm_uajQSijqM9wl9xps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/cd9fd4-ccc5-43d6-9d58-9816c67a9262/1/qq8J_fEHI4G11qkKijWQISK00G0.roa
Signing time: Thu 23 Oct 2025 08:56:02 +0000
ROA not before: Thu 23 Oct 2025 08:56:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50187
IP address blocks: 37.139.82.0/23 maxlen: 23
91.240.102.0/23 maxlen: 23
91.240.102.0/24 maxlen: 24
91.240.103.0/24 maxlen: 24
185.234.228.0/22 maxlen: 22
185.234.228.0/24 maxlen: 24
185.234.229.0/24 maxlen: 24
185.234.230.0/24 maxlen: 24
185.234.231.0/24 maxlen: 24
195.93.148.0/23 maxlen: 23
195.93.148.0/24 maxlen: 24
195.93.149.0/24 maxlen: 24
212.67.28.0/22 maxlen: 22
212.67.28.0/24 maxlen: 24
212.67.29.0/24 maxlen: 24
212.67.30.0/24 maxlen: 24
212.67.31.0/24 maxlen: 24
2a0e:26c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/cd9fd4-ccc5-43d6-9d58-9816c67a9262/1/aVu9VCkSpm_uajQSijqM9wl9xps.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/cd9fd4-ccc5-43d6-9d58-9816c67a9262/1/aVu9VCkSpm_uajQSijqM9wl9xps.mft
rsync://rpki.ripe.net/repository/DEFAULT/aVu9VCkSpm_uajQSijqM9wl9xps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 Oct 2025 08:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:10:48:45:29:84:0c:cc:4f:48:93:96:3c:73:ad:a9:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=695bbd542912a66fee6a34128a3a8cf7097dc69b
Validity
Not Before: Oct 23 08:56:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aaaf09fdf1072381b5d6a90a8a35902122b4d06d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:7c:5e:f8:db:70:6f:c1:f6:8c:b8:9f:ec:a2:
19:26:15:71:d2:3e:76:f6:e6:e8:9e:fb:c5:98:36:
4f:b6:af:08:df:63:2a:8c:c1:b9:a0:5b:f0:6d:27:
07:0d:89:0a:35:3e:c4:01:4d:76:de:71:53:e7:2f:
8c:1f:e7:e8:e0:e5:1c:a2:e2:5a:46:d8:7b:fe:94:
3c:f3:d9:a5:70:68:d1:75:3e:9e:80:be:d9:90:f1:
4f:56:e0:c5:a6:42:2e:06:0f:28:0f:71:d1:b4:9f:
02:72:bd:fb:cf:c1:c4:1e:2d:87:c7:5a:01:6d:ca:
b4:ff:9d:81:09:0d:f3:46:19:7e:e2:44:46:91:e0:
71:f1:57:ef:43:2f:f7:ab:e4:f7:cc:5d:33:e6:b5:
aa:bc:c0:ad:ae:99:24:dd:5c:4b:77:be:27:4a:d3:
0d:61:0d:18:f9:a4:23:42:1e:7f:89:df:ad:f1:ef:
ca:d8:0f:d8:90:16:77:c7:66:e2:c1:1a:98:b0:19:
11:02:c7:ad:91:b8:5c:22:71:56:f6:9b:4a:0e:78:
02:47:c2:69:00:1f:5a:c6:01:68:8e:04:31:3a:fd:
3a:b4:ab:4d:e6:61:2e:73:27:ec:59:08:5f:b7:29:
64:69:b8:ef:bd:15:d3:14:d5:79:51:ab:19:1a:70:
06:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:AF:09:FD:F1:07:23:81:B5:D6:A9:0A:8A:35:90:21:22:B4:D0:6D
X509v3 Authority Key Identifier:
keyid:69:5B:BD:54:29:12:A6:6F:EE:6A:34:12:8A:3A:8C:F7:09:7D:C6:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aVu9VCkSpm_uajQSijqM9wl9xps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/cd9fd4-ccc5-43d6-9d58-9816c67a9262/1/qq8J_fEHI4G11qkKijWQISK00G0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/cd9fd4-ccc5-43d6-9d58-9816c67a9262/1/aVu9VCkSpm_uajQSijqM9wl9xps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.82.0/23
91.240.102.0/23
185.234.228.0/22
195.93.148.0/23
212.67.28.0/22
IPv6:
2a0e:26c0::/32
Signature Algorithm: sha256WithRSAEncryption
66:06:df:f6:d9:10:18:59:d0:d2:0e:60:4c:4a:97:d7:5f:9e:
77:d6:53:18:b9:8f:43:92:60:9c:af:f0:7e:30:e4:ab:d5:8f:
6d:dc:b5:42:9d:30:c9:c4:a1:cd:e3:14:6a:a5:65:1e:40:ec:
6e:40:ca:3f:6a:47:d7:f0:27:2f:b7:d0:b9:99:01:66:73:74:
83:ad:c0:4b:44:41:32:23:2e:58:c6:b2:91:98:ee:ed:e1:63:
df:48:81:4d:70:b9:31:7b:fc:bf:a5:7f:e9:72:16:9e:26:33:
cf:0d:aa:5a:be:80:a3:59:5d:f2:64:ae:32:3c:df:bf:f0:b7:
cb:be:1c:f9:e2:72:06:6e:ee:87:5d:73:9f:0c:cf:48:0e:f9:
87:d0:78:d3:c6:0c:c0:98:56:65:70:2c:d0:e1:72:76:c1:3f:
5b:85:c7:23:8f:49:78:63:ce:ef:b3:23:cb:c7:ec:b2:3b:95:
d8:d7:d9:6e:43:f9:de:ed:60:67:97:05:ec:eb:c2:a2:06:a2:
4c:81:3e:cc:ed:33:04:a8:58:3a:33:e6:71:51:b6:dd:0f:47:
be:8b:f0:8d:6e:22:50:23:fd:86:c1:dc:96:15:30:6a:0d:a1:
f6:86:e4:83:8a:e4:fd:cf:bd:6c:93:38:f4:45:e1:5f:33:b7:
bb:bd:86:5e
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZoQSEUphAzMT0iTljxzramHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NWJiZDU0MjkxMmE2NmZlZTZhMzQxMjhhM2E4Y2Y3MDk3
ZGM2OWIwHhcNMjUxMDIzMDg1NjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWFmMDlmZGYxMDcyMzgxYjVkNmE5MGE4YTM1OTAyMTIyYjRkMDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2nxe+Ntwb8H2jLif7KIZJhVx0j52
9ubonvvFmDZPtq8I32MqjMG5oFvwbScHDYkKNT7EAU123nFT5y+MH+fo4OUcouJa
Rth7/pQ889mlcGjRdT6egL7ZkPFPVuDFpkIuBg8oD3HRtJ8Ccr37z8HEHi2Hx1oB
bcq0/52BCQ3zRhl+4kRGkeBx8VfvQy/3q+T3zF0z5rWqvMCtrpkk3VxLd74nStMN
YQ0Y+aQjQh5/id+t8e/K2A/YkBZ3x2biwRqYsBkRAsetkbhcInFW9ptKDngCR8Jp
AB9axgFojgQxOv06tKtN5mEucyfsWQhftylkabjvvRXTFNV5UasZGnAGnQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFKqvCf3xByOBtdapCoo1kCEitNBtMB8GA1UdIwQY
MBaAFGlbvVQpEqZv7mo0Eoo6jPcJfcabMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVZ1OVZDa1NwbV91YWpRU2lqcU05d2w5eHBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9jZDlmZDQtY2NjNS00M2Q2LTlkNTgt
OTgxNmM2N2E5MjYyLzEvcXE4Sl9mRUhJNEcxMXFrS2lqV1FJU0swMEcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9jZDlmZDQtY2NjNS00M2Q2LTlkNTgtOTgxNmM2N2E5MjYy
LzEvYVZ1OVZDa1NwbV91YWpRU2lqcU05d2w5eHBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQBJYtSAwQB
W/BmAwQCuerkAwQBw12UAwQC1EMcMA0EAgACMAcDBQAqDibAMA0GCSqGSIb3DQEB
CwUAA4IBAQBmBt/22RAYWdDSDmBMSpfXX5531lMYuY9DkmCcr/B+MOSr1Y9t3LVC
nTDJxKHN4xRqpWUeQOxuQMo/akfX8Ccvt9C5mQFmc3SDrcBLREEyIy5YxrKRmO7t
4WPfSIFNcLkxe/y/pX/pchaeJjPPDapavoCjWV3yZK4yPN+/8LfLvhz54nIGbu6H
XXOfDM9IDvmH0HjTxgzAmFZlcCzQ4XJ2wT9bhccjj0l4Y87vsyPLx+yyO5XY19lu
Q/ne7WBnlwXs68KiBqJMgT7M7TMEqFg6M+ZxUbbdD0e+i/CNbiJQI/2GwdyWFTBq
DaH2huSDiuT9z71skzj0ReFfM7e7vYZe
-----END CERTIFICATE-----
Generated at Thu Oct 23 18:06:23 2025 by rpki-client