Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/QPOItXD2ZqkmH3xjUtu5DGhWKI4.roa
File: QPOItXD2ZqkmH3xjUtu5DGhWKI4.roa (raw, json)
Hash identifier: SHES9E7tG91+EZsQJp5gRnn+++sSqcnE/MyHd2VvniM=
Subject key identifier: 40:F3:88:B5:70:F6:66:A9:26:1F:7C:63:52:DB:B9:0C:68:56:28:8E
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 019744021AF5FA40C9FC55F292D87CBD80DF
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/QPOItXD2ZqkmH3xjUtu5DGhWKI4.roa
Signing time: Fri 06 Jun 2025 06:51:18 +0000
ROA not before: Fri 06 Jun 2025 06:51:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12332
IP address blocks: 77.34.0.0/15 maxlen: 24
81.2.0.0/18 maxlen: 19
81.2.0.0/19 maxlen: 24
82.162.0.0/16 maxlen: 18
86.102.0.0/16 maxlen: 18
212.91.192.0/19 maxlen: 24
212.107.192.0/19 maxlen: 24
212.107.192.0/20 maxlen: 24
212.107.208.0/20 maxlen: 24
212.122.0.0/19 maxlen: 24
212.122.0.0/20 maxlen: 24
212.122.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 18:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:44:02:1a:f5:fa:40:c9:fc:55:f2:92:d8:7c:bd:80:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jun 6 06:51:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40f388b570f666a9261f7c6352dbb90c6856288e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:6d:22:1d:47:60:2c:7c:4f:7b:ca:24:e4:71:
c0:5b:4c:ed:9f:36:06:41:3e:ba:6b:0b:a8:a7:cf:
4a:cd:ee:f3:19:75:6f:65:ff:85:67:0d:39:f9:01:
93:34:01:ff:b4:f3:47:7d:f2:3e:4f:26:7c:23:ed:
65:9f:9b:b1:2c:8f:73:99:6d:3e:6e:3e:2b:b7:1e:
43:9b:d0:db:61:85:42:20:e5:8b:11:22:73:c6:b5:
be:10:42:80:99:ea:55:70:f2:45:f6:5c:80:b9:1c:
b1:97:04:a2:08:7c:c3:00:51:8d:26:8e:3c:0a:a8:
08:0f:6f:fd:8b:9f:96:0d:51:20:d2:31:cc:0e:11:
e3:c7:c2:bb:7a:70:42:25:a3:6c:3a:b1:b4:fc:78:
a5:22:79:84:65:8e:01:bf:6a:43:61:d3:c3:3e:38:
9f:97:5a:ad:b4:52:2a:1a:bb:12:28:9f:6d:e4:ac:
83:6e:e8:39:c9:18:10:8e:fc:f0:da:ef:58:55:62:
5c:2d:08:4c:25:23:9c:f3:3b:3d:dd:57:84:75:39:
36:7d:a8:ee:1c:b1:dd:87:16:0f:94:ce:22:73:b2:
5b:6e:71:56:b7:2f:97:cc:01:38:05:ab:39:ab:b5:
9f:b2:1b:d8:84:5d:03:49:c0:98:2d:ea:ab:44:34:
dc:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:F3:88:B5:70:F6:66:A9:26:1F:7C:63:52:DB:B9:0C:68:56:28:8E
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/QPOItXD2ZqkmH3xjUtu5DGhWKI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.34.0.0/15
81.2.0.0/18
82.162.0.0/16
86.102.0.0/16
212.91.192.0/19
212.107.192.0/19
212.122.0.0/19
Signature Algorithm: sha256WithRSAEncryption
59:f8:b1:20:fd:25:d7:5a:f2:7b:43:eb:1c:7f:72:29:f0:d6:
65:3f:07:2e:53:e3:05:b9:7c:4d:ed:f5:16:d2:e6:80:aa:78:
d5:5f:00:26:8c:b7:6f:76:b4:72:e6:84:d2:df:bf:d2:29:27:
7d:6e:ab:75:ae:fe:1d:b6:7f:1e:d7:fa:ed:6b:40:a5:4f:57:
99:82:1b:3d:78:65:e8:c9:f1:c2:6e:dd:c5:d1:52:8d:14:95:
43:07:cb:4d:43:37:d2:5d:ca:6f:9d:37:f7:57:5d:4a:47:2d:
b9:b7:1f:90:3f:fb:b4:2f:d6:db:2b:1a:f6:8d:05:d4:2a:9b:
fa:06:13:7c:09:47:19:59:bc:23:f2:53:9b:16:dd:77:f1:9c:
ea:44:83:05:60:ab:39:fb:a0:89:9c:35:e2:67:69:5f:e7:3d:
a0:2c:b9:a5:5c:8e:b4:12:87:5f:ee:ba:73:a8:b8:f5:f9:ff:
2f:42:01:e9:74:ee:f6:89:7e:3c:6c:fd:96:10:9b:92:e0:75:
61:68:8b:fe:36:40:d4:77:de:d9:78:55:36:52:a0:ea:91:a5:
98:91:0a:f4:4b:ff:7c:88:51:e7:b4:70:7e:52:bf:14:08:6a:
7a:c0:8b:9a:a8:36:ce:ee:9f:f8:30:d6:f6:b1:fa:8e:b7:02:
af:8e:66:67
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZdEAhr1+kDJ/FXykth8vYDfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwNjA2MDY1MTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGYzODhiNTcwZjY2NmE5MjYxZjdjNjM1MmRiYjkwYzY4NTYyODhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzm0iHUdgLHxPe8ok5HHAW0ztnzYG
QT66awuop89Kze7zGXVvZf+FZw05+QGTNAH/tPNHffI+TyZ8I+1ln5uxLI9zmW0+
bj4rtx5Dm9DbYYVCIOWLESJzxrW+EEKAmepVcPJF9lyAuRyxlwSiCHzDAFGNJo48
CqgID2/9i5+WDVEg0jHMDhHjx8K7enBCJaNsOrG0/HilInmEZY4Bv2pDYdPDPjif
l1qttFIqGrsSKJ9t5KyDbug5yRgQjvzw2u9YVWJcLQhMJSOc8zs93VeEdTk2faju
HLHdhxYPlM4ic7JbbnFWty+XzAE4Bas5q7WfshvYhF0DScCYLeqrRDTclQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEDziLVw9mapJh98Y1LbuQxoViiOMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvUVBPSXRYRDJacWttSDN4alV0dTVER2hXS0k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnAwMBTSIDBAZR
AgADAwBSogMDAFZmAwQF1FvAAwQF1GvAAwQF1HoAMA0GCSqGSIb3DQEBCwUAA4IB
AQBZ+LEg/SXXWvJ7Q+scf3Ip8NZlPwcuU+MFuXxN7fUW0uaAqnjVXwAmjLdvdrRy
5oTS37/SKSd9bqt1rv4dtn8e1/rta0ClT1eZghs9eGXoyfHCbt3F0VKNFJVDB8tN
QzfSXcpvnTf3V11KRy25tx+QP/u0L9bbKxr2jQXUKpv6BhN8CUcZWbwj8lObFt13
8ZzqRIMFYKs5+6CJnDXiZ2lf5z2gLLmlXI60Eodf7rpzqLj1+f8vQgHpdO72iX48
bP2WEJuS4HVhaIv+NkDUd97ZeFU2UqDqkaWYkQr0S/98iFHntHB+Ur8UCGp6wIua
qDbO7p/4MNb2sfqOtwKvjmZn
-----END CERTIFICATE-----
Generated at Mon Jun 9 03:54:41 2025 by rpki-client