Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/uQJ8uXAtBqaSg0chFS7wIEPvMFk.roa
File: uQJ8uXAtBqaSg0chFS7wIEPvMFk.roa (raw, json)
Hash identifier: OOagBGLstHbMyzpz2lFNp3hjWcGgUfG7Q/Mr5UAMmgY=
Subject key identifier: B9:02:7C:B9:70:2D:06:A6:92:83:47:21:15:2E:F0:20:43:EF:30:59
Certificate issuer: /CN=e760126dce78bc16e66c2e6e7635848ac46846af
Certificate serial: 019A07167457B26B1E4FB5F8A707F312D9FD
Authority key identifier: E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/uQJ8uXAtBqaSg0chFS7wIEPvMFk.roa
Signing time: Tue 21 Oct 2025 14:05:03 +0000
ROA not before: Tue 21 Oct 2025 14:05:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 146.247.106.0/24 maxlen: 24
146.247.112.0/23 maxlen: 23
146.247.114.0/24 maxlen: 24
146.247.121.0/24 maxlen: 24
146.247.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.mft
rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 17:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:07:16:74:57:b2:6b:1e:4f:b5:f8:a7:07:f3:12:d9:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e760126dce78bc16e66c2e6e7635848ac46846af
Validity
Not Before: Oct 21 14:05:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b9027cb9702d06a692834721152ef02043ef3059
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:eb:5d:63:29:86:9a:92:d9:2d:53:8e:a9:2b:
0a:af:31:ff:8c:8e:7b:06:83:e2:f2:65:69:81:c9:
d5:43:43:f3:ac:39:06:63:18:a9:b4:35:3a:b7:eb:
7b:42:5d:da:00:29:92:81:b1:80:92:bd:2d:7d:28:
64:73:41:62:0f:cb:f3:a0:d0:48:0e:4a:1b:0f:6c:
58:74:c9:99:06:46:f2:55:df:4a:f7:fa:eb:6c:d1:
74:c6:cb:52:9e:13:61:8c:a9:a3:2f:b6:4f:17:3c:
c7:83:93:95:ec:c1:a2:80:b5:f5:d1:cf:36:0e:59:
03:f9:29:ea:62:5d:0d:1e:db:3c:d9:60:b3:b3:43:
d4:f1:04:60:d0:5f:ba:a8:f5:44:1a:6a:b9:07:4a:
ae:f5:77:c3:3a:80:ab:51:13:65:a6:2d:b3:29:d8:
ee:d9:c8:16:59:e6:1a:fc:f6:ac:6e:82:1e:4f:57:
9c:f5:1d:2b:69:f1:35:d2:dc:c1:35:a3:13:b3:3b:
d3:57:7a:99:19:36:77:7b:ed:cf:0d:e9:79:8d:a3:
dc:1c:40:62:09:71:50:93:5e:cf:68:e5:7b:8f:59:
cb:4e:2e:3c:9b:47:5c:e4:29:67:60:e4:e0:d5:a7:
a3:09:54:a0:1f:90:50:61:79:ec:fa:48:6e:28:ee:
ef:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:02:7C:B9:70:2D:06:A6:92:83:47:21:15:2E:F0:20:43:EF:30:59
X509v3 Authority Key Identifier:
keyid:E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/uQJ8uXAtBqaSg0chFS7wIEPvMFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.247.106.0/24
146.247.112.0-146.247.114.255
146.247.121.0/24
146.247.127.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:f1:40:5e:8e:9b:a2:3d:db:db:d1:9d:1a:7f:02:b4:be:6f:
dd:a9:85:ce:56:fc:b0:ca:0b:6c:7e:b5:2a:78:25:10:2d:3d:
ce:f6:03:f2:10:b8:f9:5b:75:1b:57:e7:fe:e3:65:26:07:b8:
93:63:33:74:2e:d3:94:5a:d9:b4:f0:7d:80:b9:3e:d7:12:e1:
a3:e7:e8:1a:df:20:23:05:b4:40:61:36:b6:ef:13:4f:dc:11:
74:f8:88:46:76:4f:26:89:02:9c:1d:7b:c8:8b:cd:45:ee:f4:
ab:6f:56:7a:aa:49:e3:8a:c7:92:08:88:41:72:60:ae:05:04:
48:a9:13:32:97:de:1d:c0:03:4a:f2:9b:5d:16:65:5b:7c:8e:
4e:65:f6:40:a6:8c:e9:35:c5:7d:e4:3a:c5:bf:e1:06:7e:f8:
e1:05:42:8e:92:ee:3c:0b:c3:40:06:4d:00:e2:75:5e:98:30:
e1:1a:b1:4b:9a:4c:22:6e:3e:a5:35:1c:f5:ac:0d:f6:bd:fd:
cf:15:66:8a:04:32:e4:b5:bc:13:06:cd:ba:fb:18:e7:c0:fe:
bb:97:a6:95:7a:cf:2b:7d:a7:14:86:26:ac:9f:90:05:a6:cd:
c7:c1:94:4c:e5:9e:21:1e:4e:84:e3:0e:75:3d:60:77:20:2b:
c6:23:dd:7a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZoHFnRXsmseT7X4pwfzEtn9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NjAxMjZkY2U3OGJjMTZlNjZjMmU2ZTc2MzU4NDhhYzQ2
ODQ2YWYwHhcNMjUxMDIxMTQwNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTAyN2NiOTcwMmQwNmE2OTI4MzQ3MjExNTJlZjAyMDQzZWYzMDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1utdYymGmpLZLVOOqSsKrzH/jI57
BoPi8mVpgcnVQ0PzrDkGYxiptDU6t+t7Ql3aACmSgbGAkr0tfShkc0FiD8vzoNBI
DkobD2xYdMmZBkbyVd9K9/rrbNF0xstSnhNhjKmjL7ZPFzzHg5OV7MGigLX10c82
DlkD+SnqYl0NHts82WCzs0PU8QRg0F+6qPVEGmq5B0qu9XfDOoCrURNlpi2zKdju
2cgWWeYa/PasboIeT1ec9R0rafE10tzBNaMTszvTV3qZGTZ3e+3PDel5jaPcHEBi
CXFQk17PaOV7j1nLTi48m0dc5ClnYOTg1aejCVSgH5BQYXns+khuKO7v2QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLkCfLlwLQamkoNHIRUu8CBD7zBZMB8GA1UdIwQY
MBaAFOdgEm3OeLwW5mwubnY1hIrEaEavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3Yjgt
ZDI0ZjU2MmRlZGQyLzEvdVFKOHVYQXRCcWFTZzBjaEZTN3dJRVB2TUZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3YjgtZDI0ZjU2MmRlZGQy
LzEvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAkvdqMAwD
BASS93ADBACS93IDBACS93kDBACS938wDQYJKoZIhvcNAQELBQADggEBABrxQF6O
m6I929vRnRp/ArS+b92phc5W/LDKC2x+tSp4JRAtPc72A/IQuPlbdRtX5/7jZSYH
uJNjM3Qu05Ra2bTwfYC5PtcS4aPn6BrfICMFtEBhNrbvE0/cEXT4iEZ2TyaJApwd
e8iLzUXu9KtvVnqqSeOKx5IIiEFyYK4FBEipEzKX3h3AA0rym10WZVt8jk5l9kCm
jOk1xX3kOsW/4QZ++OEFQo6S7jwLw0AGTQDidV6YMOEasUuaTCJuPqU1HPWsDfa9
/c8VZooEMuS1vBMGzbr7GOfA/ruXppV6zyt9pxSGJqyfkAWmzcfBlEzlniEeToTj
DnU9YHcgK8Yj3Xo=
-----END CERTIFICATE-----
Generated at Sat Oct 25 22:14:43 2025 by rpki-client