Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/qicwUVoAQ3e1znH8VOgrAph1s1Y.roa
File: qicwUVoAQ3e1znH8VOgrAph1s1Y.roa (raw, json)
Hash identifier: tXG1pOmIcQqTLNc7wrVdrv3JKZNfjjdSjdyO+bT9zNk=
Subject key identifier: AA:27:30:51:5A:00:43:77:B5:CE:71:FC:54:E8:2B:02:98:75:B3:56
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01991A36D201D74320100B1641F7EB94A797
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/qicwUVoAQ3e1znH8VOgrAph1s1Y.roa
Signing time: Fri 05 Sep 2025 14:10:24 +0000
ROA not before: Fri 05 Sep 2025 14:10:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 45.12.61.0/24 maxlen: 24
45.128.79.0/24 maxlen: 24
45.141.178.0/24 maxlen: 24
93.190.246.0/24 maxlen: 24
2a07:f300::/29 maxlen: 29
2a0f:6d80::/29 maxlen: 29
2a0f:e940::/29 maxlen: 29
2a12:d6c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 11:14:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:1a:36:d2:01:d7:43:20:10:0b:16:41:f7:eb:94:a7:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 5 14:10:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa2730515a004377b5ce71fc54e82b029875b356
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:9e:cd:56:1b:0e:3b:19:da:1c:54:d5:6f:6c:
77:f9:b4:0f:89:81:05:6e:ea:0a:f0:e3:03:2f:a3:
d9:b4:83:ea:4b:1c:ec:6b:d9:0c:a0:1c:33:48:c6:
8d:1e:bb:75:8a:4d:ea:1e:62:8c:98:7e:9a:f9:f6:
04:f5:68:2f:03:8d:7f:68:98:ca:55:74:c1:68:03:
7b:71:4a:c7:99:2d:e8:fe:ba:c2:21:4b:7f:8a:28:
d5:ab:8b:c2:b6:33:96:97:87:ba:59:ea:18:ed:3f:
bd:7a:6a:00:53:77:1c:8d:7c:ac:15:a1:fc:6e:17:
77:a1:a7:47:85:57:cb:da:db:dc:03:ff:b0:ea:29:
c7:fa:f3:eb:3c:8e:1a:d4:fc:9e:d5:85:fc:1a:ca:
ae:b4:fa:f0:6c:d7:87:8c:35:da:23:6f:3a:6f:90:
2c:ad:47:b8:0c:ba:39:3c:ea:4e:57:c2:97:fb:0d:
bd:1a:bc:ff:15:8e:0d:be:8a:63:7b:33:0b:79:8a:
04:82:cd:a1:fb:bf:65:d3:ae:c4:0d:50:44:45:6f:
e5:27:1d:15:69:a0:54:e6:e6:58:86:65:ca:e5:ea:
86:bd:7b:7d:e1:56:b9:40:69:f2:8d:1b:41:9d:12:
85:b0:1c:9b:f8:3b:a7:fc:ef:2d:c0:fe:0d:6d:3c:
54:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:27:30:51:5A:00:43:77:B5:CE:71:FC:54:E8:2B:02:98:75:B3:56
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/qicwUVoAQ3e1znH8VOgrAph1s1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.61.0/24
45.128.79.0/24
45.141.178.0/24
93.190.246.0/24
IPv6:
2a07:f300::/29
2a0f:6d80::/29
2a0f:e940::/29
2a12:d6c0::/29
Signature Algorithm: sha256WithRSAEncryption
00:f7:d6:a7:63:d5:b1:e0:62:9f:0e:a3:66:83:26:82:aa:bf:
81:f4:f4:ef:35:d6:6b:85:63:53:fa:58:f0:de:42:8c:f4:99:
99:a2:5a:19:60:07:70:9f:53:9d:76:6b:52:69:8a:e8:e1:15:
bb:cf:cb:45:68:e7:3a:36:f2:1b:50:83:44:ce:7c:91:2e:b9:
44:71:58:65:57:dd:ab:7c:77:54:71:44:8b:7b:f8:35:f4:93:
8a:09:04:56:c0:ee:1a:30:b5:eb:33:f8:cd:d0:09:ae:29:15:
67:3e:cb:a5:3b:eb:f8:2d:b7:cb:d5:b1:2d:b5:01:33:70:35:
cd:5e:0c:1a:3b:13:3d:5d:7e:08:be:ef:99:5b:b7:5e:7f:e7:
80:da:36:53:90:df:eb:a6:b4:29:b8:7c:39:c2:bf:09:fa:64:
79:5d:4b:c4:f4:23:31:e2:88:7d:d5:b9:5f:4f:d7:26:76:d0:
16:27:c0:77:d2:e5:3e:d9:41:2c:dd:66:fd:97:1a:e6:b4:bb:
9d:94:12:b7:12:80:67:65:f4:e5:fb:8d:67:1b:ea:9c:d1:ec:
bf:95:87:9c:14:c8:11:39:05:e4:49:dc:d0:25:db:39:5b:b0:
ec:35:32:d8:b7:8e:9a:e0:97:91:b3:e1:4f:16:94:a0:24:43:
2f:da:4c:91
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZkaNtIB10MgEAsWQffrlKeXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwOTA1MTQxMDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTI3MzA1MTVhMDA0Mzc3YjVjZTcxZmM1NGU4MmIwMjk4NzViMzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Z7NVhsOOxnaHFTVb2x3+bQPiYEF
buoK8OMDL6PZtIPqSxzsa9kMoBwzSMaNHrt1ik3qHmKMmH6a+fYE9WgvA41/aJjK
VXTBaAN7cUrHmS3o/rrCIUt/iijVq4vCtjOWl4e6WeoY7T+9emoAU3ccjXysFaH8
bhd3oadHhVfL2tvcA/+w6inH+vPrPI4a1Pye1YX8GsqutPrwbNeHjDXaI286b5As
rUe4DLo5POpOV8KX+w29Grz/FY4NvopjezMLeYoEgs2h+79l067EDVBERW/lJx0V
aaBU5uZYhmXK5eqGvXt94Va5QGnyjRtBnRKFsByb+Dun/O8twP4NbTxUlQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFKonMFFaAEN3tc5x/FToKwKYdbNWMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvcWljd1VWb0FRM2Uxem5IOFZPZ3JBcGgxczFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAeBAIAATAYAwQALQw9AwQA
LYBPAwQALY2yAwQAXb72MCIEAgACMBwDBQMqB/MAAwUDKg9tgAMFAyoP6UADBQMq
EtbAMA0GCSqGSIb3DQEBCwUAA4IBAQAA99anY9Wx4GKfDqNmgyaCqr+B9PTvNdZr
hWNT+ljw3kKM9JmZoloZYAdwn1OddmtSaYro4RW7z8tFaOc6NvIbUINEznyRLrlE
cVhlV92rfHdUcUSLe/g19JOKCQRWwO4aMLXrM/jN0AmuKRVnPsulO+v4LbfL1bEt
tQEzcDXNXgwaOxM9XX4Ivu+ZW7def+eA2jZTkN/rprQpuHw5wr8J+mR5XUvE9CMx
4oh91blfT9cmdtAWJ8B30uU+2UEs3Wb9lxrmtLudlBK3EoBnZfTl+41nG+qc0ey/
lYecFMgROQXkSdzQJds5W7DsNTLYt46a4JeRs+FPFpSgJEMv2kyR
-----END CERTIFICATE-----
Generated at Sat Sep 6 20:52:00 2025 by rpki-client