Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/qrKrZlWqP1xYMoyEfKssy_MBOPc.roa
File: qrKrZlWqP1xYMoyEfKssy_MBOPc.roa (raw, json)
Hash identifier: 7HCvDFegj/Om6sM+U3B+gHYXUnQzqvdjd1JcBWwGFb0=
Subject key identifier: AA:B2:AB:66:55:AA:3F:5C:58:32:8C:84:7C:AB:2C:CB:F3:01:38:F7
Certificate issuer: /CN=50592e68895c7068b4655508917ad5bbddbd0a5f
Certificate serial: 0196AEE429A4B10A57222EBB050524383AF8
Authority key identifier: 50:59:2E:68:89:5C:70:68:B4:65:55:08:91:7A:D5:BB:DD:BD:0A:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/qrKrZlWqP1xYMoyEfKssy_MBOPc.roa
Signing time: Thu 08 May 2025 07:55:10 +0000
ROA not before: Thu 08 May 2025 07:55:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206119
IP address blocks: 185.205.16.0/24 maxlen: 24
185.205.18.0/24 maxlen: 24
185.237.80.0/24 maxlen: 24
185.237.81.0/24 maxlen: 24
185.254.93.0/24 maxlen: 24
193.36.62.0/24 maxlen: 24
194.1.218.0/24 maxlen: 24
194.145.136.0/24 maxlen: 24
194.145.139.0/24 maxlen: 24
2a05:b700::/29 maxlen: 29
2a0a:fa40::/29 maxlen: 29
2a0c:580::/29 maxlen: 29
2a0c:4a40::/29 maxlen: 29
2a0c:4a45::/32 maxlen: 32
2a0c:4a46::/32 maxlen: 32
2a0c:4a47::/32 maxlen: 32
2a0d:d380::/29 maxlen: 29
2a0d:d380::/32 maxlen: 32
2a0d:d381::/32 maxlen: 32
2a0d:d383::/32 maxlen: 32
2a0d:d384::/32 maxlen: 32
2a0d:d385::/32 maxlen: 32
2a0d:d386::/32 maxlen: 32
2a0d:d387::/32 maxlen: 32
2a10:4b40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/UFkuaIlccGi0ZVUIkXrVu929Cl8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/UFkuaIlccGi0ZVUIkXrVu929Cl8.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ae:e4:29:a4:b1:0a:57:22:2e:bb:05:05:24:38:3a:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50592e68895c7068b4655508917ad5bbddbd0a5f
Validity
Not Before: May 8 07:55:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aab2ab6655aa3f5c58328c847cab2ccbf30138f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:17:af:94:b3:04:70:f3:7d:bc:b5:60:15:07:
91:f7:77:35:aa:40:89:57:54:74:68:97:5d:42:f6:
69:92:35:b5:7b:36:5f:83:eb:0a:62:4b:82:31:77:
a3:dc:2e:be:cc:7a:bc:2d:42:95:eb:7f:7e:50:56:
ff:f2:4e:20:30:7d:ae:41:84:30:3f:e3:4f:c2:a0:
b9:d8:84:71:02:99:f7:79:f5:e4:4c:1a:2e:0b:74:
32:42:12:c0:71:ec:a6:ce:48:9e:8f:c3:62:ee:a8:
b1:fb:de:fc:8b:3b:69:8d:b6:db:ec:ed:2c:1f:f0:
43:8f:c7:a3:13:cf:c0:cf:05:7b:56:92:9b:f6:88:
52:b3:0a:c6:e3:b4:40:b8:3b:7d:6b:75:e9:66:67:
3e:f7:ae:40:52:ca:ec:80:92:e0:ad:5f:ab:07:46:
c5:2a:e9:21:97:da:d5:3e:d5:36:d6:ba:0e:1d:19:
c3:3e:1e:0c:d6:6a:54:24:02:12:7e:b6:bd:d2:e0:
6c:b3:23:5e:dc:9e:44:2b:e4:bc:c1:1d:51:de:d6:
34:8d:db:cd:4b:23:08:96:a7:eb:3d:94:c6:53:dd:
a3:09:4b:b5:f2:71:fc:7c:a5:c9:0c:1c:82:a0:12:
05:28:3d:0c:70:0f:15:fc:33:4b:be:43:34:86:7a:
a3:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:B2:AB:66:55:AA:3F:5C:58:32:8C:84:7C:AB:2C:CB:F3:01:38:F7
X509v3 Authority Key Identifier:
keyid:50:59:2E:68:89:5C:70:68:B4:65:55:08:91:7A:D5:BB:DD:BD:0A:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/qrKrZlWqP1xYMoyEfKssy_MBOPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/UFkuaIlccGi0ZVUIkXrVu929Cl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.16.0/24
185.205.18.0/24
185.237.80.0/23
185.254.93.0/24
193.36.62.0/24
194.1.218.0/24
194.145.136.0/24
194.145.139.0/24
IPv6:
2a05:b700::/29
2a0a:fa40::/29
2a0c:580::/29
2a0c:4a40::/29
2a0d:d380::/29
2a10:4b40::/29
Signature Algorithm: sha256WithRSAEncryption
a7:32:41:dd:0e:e9:86:9f:af:79:7b:5e:5a:74:a1:b5:63:c5:
7e:81:8b:7c:08:1c:40:c9:0f:3c:6b:ea:db:60:46:65:39:b8:
ed:99:e1:3f:20:ba:55:ef:1d:a2:c3:bb:1e:d2:47:3d:f0:fc:
ee:0c:7b:9b:8f:30:f0:ac:7c:95:14:63:53:a0:72:ab:af:36:
31:96:0f:e4:41:d8:46:a9:74:31:b6:64:eb:d0:c7:6c:6d:3d:
e2:7e:0e:85:15:43:cb:8a:de:e7:ee:ef:30:eb:64:3c:02:73:
3f:51:dd:4d:3c:c2:2f:b6:6a:4d:9e:d1:94:9a:bc:51:37:c1:
92:4b:89:c6:f4:89:d0:e3:e6:2c:e5:a2:ff:1a:84:5e:4d:ee:
c3:3d:3b:06:7d:37:21:2e:43:a6:7b:53:a5:3b:aa:cd:40:91:
f7:5b:ae:b9:a2:c6:7b:ff:ab:a7:0f:49:09:ca:f5:fd:11:a7:
82:17:44:f3:2b:ca:53:7d:48:2e:de:f2:fc:18:7e:63:c7:6f:
ae:b5:52:5d:86:e9:14:40:a0:12:9e:b6:36:23:b4:83:f6:91:
c9:13:21:5b:26:72:a7:47:53:35:ff:2b:6a:eb:74:d3:83:ed:
e7:78:a4:c0:d7:33:82:50:73:4e:2b:b6:57:3c:23:fb:7a:58:
4b:2c:88:fc
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZau5CmksQpXIi67BQUkODr4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTkyZTY4ODk1YzcwNjhiNDY1NTUwODkxN2FkNWJiZGRi
ZDBhNWYwHhcNMjUwNTA4MDc1NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWIyYWI2NjU1YWEzZjVjNTgzMjhjODQ3Y2FiMmNjYmYzMDEzOGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxevlLMEcPN9vLVgFQeR93c1qkCJ
V1R0aJddQvZpkjW1ezZfg+sKYkuCMXej3C6+zHq8LUKV639+UFb/8k4gMH2uQYQw
P+NPwqC52IRxApn3efXkTBouC3QyQhLAceymzkiej8Ni7qix+978iztpjbbb7O0s
H/BDj8ejE8/AzwV7VpKb9ohSswrG47RAuDt9a3XpZmc+965AUsrsgJLgrV+rB0bF
Kukhl9rVPtU21roOHRnDPh4M1mpUJAISfra90uBssyNe3J5EK+S8wR1R3tY0jdvN
SyMIlqfrPZTGU92jCUu18nH8fKXJDByCoBIFKD0McA8V/DNLvkM0hnqj0wIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFKqyq2ZVqj9cWDKMhHyrLMvzATj3MB8GA1UdIwQY
MBaAFFBZLmiJXHBotGVVCJF61bvdvQpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZrdWFJbGNjR2kwWlZVSWtYclZ1OTI5Q2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8yYTgxMDAtMTcyYi00OGUzLWEzMmEt
N2JiZDI4Y2U0YTc1LzEvcXJLclpsV3FQMXhZTW95RWZLc3N5X01CT1BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8yYTgxMDAtMTcyYi00OGUzLWEzMmEtN2JiZDI4Y2U0YTc1
LzEvVUZrdWFJbGNjR2kwWlZVSWtYclZ1OTI5Q2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajA2BAIAATAwAwQAuc0QAwQA
uc0SAwQBue1QAwQAuf5dAwQAwSQ+AwQAwgHaAwQAwpGIAwQAwpGLMDAEAgACMCoD
BQMqBbcAAwUDKgr6QAMFAyoMBYADBQMqDEpAAwUDKg3TgAMFAyoQS0AwDQYJKoZI
hvcNAQELBQADggEBAKcyQd0O6Yafr3l7Xlp0obVjxX6Bi3wIHEDJDzxr6ttgRmU5
uO2Z4T8gulXvHaLDux7SRz3w/O4Me5uPMPCsfJUUY1OgcquvNjGWD+RB2EapdDG2
ZOvQx2xtPeJ+DoUVQ8uK3ufu7zDrZDwCcz9R3U08wi+2ak2e0ZSavFE3wZJLicb0
idDj5izlov8ahF5N7sM9OwZ9NyEuQ6Z7U6U7qs1Akfdbrrmixnv/q6cPSQnK9f0R
p4IXRPMrylN9SC7e8vwYfmPHb661Ul2G6RRAoBKetjYjtIP2kckTIVsmcqdHUzX/
K2rrdNOD7ed4pMDXM4JQc04rtlc8I/t6WEssiPw=
-----END CERTIFICATE-----
Generated at Sat Jun 7 19:43:15 2025 by rpki-client