Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/qhjSfnViRtAuJX9-HloVGl6e8yQ.roa
File: qhjSfnViRtAuJX9-HloVGl6e8yQ.roa (raw, json)
Hash identifier: 0c4CC/UoASiPziDV/ISjZ0Wa5pg6sbXo1QCcNSiEk04=
Subject key identifier: AA:18:D2:7E:75:62:46:D0:2E:25:7F:7E:1E:5A:15:1A:5E:9E:F3:24
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 0197206E15C5E36270C41BDCFBF1EB17ADD5
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/qhjSfnViRtAuJX9-HloVGl6e8yQ.roa
Signing time: Fri 30 May 2025 09:02:54 +0000
ROA not before: Fri 30 May 2025 09:02:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214038
IP address blocks: 31.192.210.0/24 maxlen: 24
89.252.136.0/24 maxlen: 24
95.173.183.0/24 maxlen: 24
2a03:2102:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 21:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:20:6e:15:c5:e3:62:70:c4:1b:dc:fb:f1:eb:17:ad:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: May 30 09:02:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa18d27e756246d02e257f7e1e5a151a5e9ef324
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:10:0a:e0:62:c0:2e:99:db:a3:9e:6c:a4:6f:
8f:40:29:6e:76:7d:4b:35:38:98:25:f2:62:6d:2d:
28:42:05:05:4d:bc:1f:b8:4c:14:88:86:e1:f7:cb:
75:5a:4b:55:f1:79:ab:aa:63:6c:9f:69:21:91:bb:
b2:f7:97:28:f1:04:f4:b0:dd:85:8b:de:8e:82:f1:
c4:84:63:94:52:49:84:92:23:e4:58:4a:10:ad:e4:
e4:2c:81:ed:6e:d8:1d:fc:7d:63:94:81:d1:92:58:
e4:56:93:fe:1f:56:5a:6b:6f:ec:f0:64:46:65:f2:
70:99:1e:af:80:59:ad:2f:e6:e0:5c:57:b6:07:08:
7e:26:97:73:a6:7b:b3:3f:f5:49:b1:7e:38:60:27:
7a:48:bf:58:56:b5:44:86:f8:88:6a:3b:37:2a:e0:
65:4c:db:9f:60:0b:72:7f:1c:bc:18:1b:29:e2:dc:
34:71:7d:dd:f4:3f:c9:72:fa:d1:65:63:9a:d9:29:
b1:d9:4d:db:51:ea:61:6f:d1:ea:0b:a6:65:ac:2f:
ab:88:53:05:25:6c:74:45:2d:72:0c:ad:20:22:ef:
ec:d2:6b:b0:18:59:ab:f3:e8:0f:95:d9:ea:c9:b5:
04:a8:ba:f3:f2:4e:72:0c:29:48:61:09:15:ee:f2:
95:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:18:D2:7E:75:62:46:D0:2E:25:7F:7E:1E:5A:15:1A:5E:9E:F3:24
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/qhjSfnViRtAuJX9-HloVGl6e8yQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.192.210.0/24
89.252.136.0/24
95.173.183.0/24
IPv6:
2a03:2102:1::/48
Signature Algorithm: sha256WithRSAEncryption
1b:6a:d8:b6:df:9e:89:80:2f:15:77:5f:a3:20:12:93:d9:83:
59:9d:cd:ae:25:86:b9:1d:9c:02:32:33:1b:90:0a:99:68:91:
32:10:fb:db:a3:28:36:1b:71:9d:7a:d6:be:91:ae:b7:37:c0:
dc:a9:80:dd:cb:ce:bb:78:5c:08:36:01:03:bd:6c:38:90:c1:
3e:b1:be:ab:01:92:0f:28:ae:ed:a0:5b:ac:48:8d:11:49:c2:
76:26:24:b2:78:7b:e9:f4:c9:6f:c8:9f:73:71:28:f0:13:20:
25:20:66:cd:75:4f:41:ef:e8:3c:b2:0c:10:60:27:ea:46:d1:
94:cf:ab:0a:c2:11:c2:2a:bb:3e:f4:d9:bd:c9:7d:e4:10:35:
e6:ab:c2:ac:dc:62:67:ed:8e:39:bc:cb:8b:52:55:b7:26:2b:
5e:34:e8:76:ad:b8:12:73:8c:49:80:31:b0:82:0b:e8:ff:a0:
d5:d8:c6:28:5e:0a:61:10:bd:7f:4c:25:3a:ae:62:00:64:a8:
4e:c4:b5:bc:50:16:88:ab:1b:57:0d:47:fb:79:f3:8a:8b:f7:
75:ee:c9:32:c3:08:b9:33:f0:70:55:65:57:de:df:09:68:84:
af:0f:a6:53:28:21:e1:b6:5c:58:90:bd:ef:1a:53:9c:5e:bd:
27:d4:72:07
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZcgbhXF42JwxBvc+/HrF63VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjUwNTMwMDkwMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTE4ZDI3ZTc1NjI0NmQwMmUyNTdmN2UxZTVhMTUxYTVlOWVmMzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxAK4GLALpnbo55spG+PQCludn1L
NTiYJfJibS0oQgUFTbwfuEwUiIbh98t1WktV8XmrqmNsn2khkbuy95co8QT0sN2F
i96OgvHEhGOUUkmEkiPkWEoQreTkLIHtbtgd/H1jlIHRkljkVpP+H1Zaa2/s8GRG
ZfJwmR6vgFmtL+bgXFe2Bwh+JpdzpnuzP/VJsX44YCd6SL9YVrVEhviIajs3KuBl
TNufYAtyfxy8GBsp4tw0cX3d9D/JcvrRZWOa2Smx2U3bUephb9HqC6ZlrC+riFMF
JWx0RS1yDK0gIu/s0muwGFmr8+gPldnqybUEqLrz8k5yDClIYQkV7vKVkQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKoY0n51YkbQLiV/fh5aFRpenvMkMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvcWhqU2ZuVmlSdEF1Slg5LUhsb1ZHbDZlOHlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAH8DSAwQA
WfyIAwQAX623MA8EAgACMAkDBwAqAyECAAEwDQYJKoZIhvcNAQELBQADggEBABtq
2LbfnomALxV3X6MgEpPZg1mdza4lhrkdnAIyMxuQCplokTIQ+9ujKDYbcZ161r6R
rrc3wNypgN3Lzrt4XAg2AQO9bDiQwT6xvqsBkg8oru2gW6xIjRFJwnYmJLJ4e+n0
yW/In3NxKPATICUgZs11T0Hv6DyyDBBgJ+pG0ZTPqwrCEcIquz702b3JfeQQNear
wqzcYmftjjm8y4tSVbcmK1406HatuBJzjEmAMbCCC+j/oNXYxiheCmEQvX9MJTqu
YgBkqE7EtbxQFoirG1cNR/t584qL93XuyTLDCLkz8HBVZVfe3wlohK8PplMoIeG2
XFiQve8aU5xevSfUcgc=
-----END CERTIFICATE-----
Generated at Sat Jun 7 06:32:07 2025 by rpki-client