Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Qt7wR-JjaoBDMr6AbXq5gYc2Tis.roa
File: Qt7wR-JjaoBDMr6AbXq5gYc2Tis.roa (raw, json)
Hash identifier: 6KaJPiJzXNmt26SczpOEb+HjU8UFKPoGfY0ZSQTNHG4=
Subject key identifier: 42:DE:F0:47:E2:63:6A:80:43:32:BE:80:6D:7A:B9:81:87:36:4E:2B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01985AF56BCDFE8DE46B498DC02DBF0F23E5
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Qt7wR-JjaoBDMr6AbXq5gYc2Tis.roa
Signing time: Wed 30 Jul 2025 10:51:30 +0000
ROA not before: Wed 30 Jul 2025 10:51:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44559
IP address blocks: 5.253.56.0/24 maxlen: 24
5.253.57.0/24 maxlen: 24
5.253.58.0/24 maxlen: 24
37.139.128.0/24 maxlen: 24
45.88.66.0/24 maxlen: 24
45.128.234.0/24 maxlen: 24
45.128.235.0/24 maxlen: 24
85.31.44.0/24 maxlen: 24
85.31.46.0/24 maxlen: 24
85.208.136.0/24 maxlen: 24
87.120.108.0/24 maxlen: 24
87.120.196.0/24 maxlen: 24
87.121.216.0/24 maxlen: 24
91.92.21.0/24 maxlen: 24
93.123.31.0/24 maxlen: 24
94.125.102.0/24 maxlen: 24
94.125.103.0/24 maxlen: 24
109.206.240.0/24 maxlen: 24
109.206.243.0/24 maxlen: 24
185.207.14.0/24 maxlen: 24
185.207.15.0/24 maxlen: 24
185.218.138.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.8.186.0/24 maxlen: 24
193.8.187.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
193.148.56.0/24 maxlen: 24
193.148.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 01:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5a:f5:6b:cd:fe:8d:e4:6b:49:8d:c0:2d:bf:0f:23:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 30 10:51:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42def047e2636a804332be806d7ab98187364e2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b6:fa:d6:17:18:4f:8a:71:77:ca:d9:61:a1:
5d:fa:f5:69:a4:b3:c7:9e:ba:0f:75:69:64:d7:ff:
cf:cc:44:42:22:59:67:e7:51:e9:5e:91:82:fd:e3:
80:38:0e:65:f4:7d:bc:ca:8e:21:7b:2a:df:ee:c5:
92:6c:74:a1:53:23:fc:86:23:4a:b9:c8:19:37:b5:
04:41:59:32:9d:f0:52:b4:90:fc:24:b0:e9:a8:c4:
48:ab:26:2f:77:5b:df:ca:a7:67:be:db:76:9b:4e:
ea:2d:c7:b8:e6:a1:30:d7:4d:b3:f9:4c:d7:54:92:
1b:15:16:71:37:0d:dd:5d:3a:96:f9:21:a1:1f:76:
d7:ba:b3:b9:7c:e0:da:e4:8f:7c:39:f8:d7:af:f4:
b9:64:a4:63:a2:1d:d6:e8:f4:a3:89:88:f6:f5:fa:
3c:ac:c0:bd:f9:f7:ca:90:7d:b6:e3:6c:85:f8:e4:
0a:bd:fa:60:f0:6b:1e:5e:aa:e4:47:fd:d1:0c:c3:
cb:8e:3c:82:62:9e:62:4c:f5:d7:74:a0:e2:8c:23:
6f:09:66:69:9f:8f:e9:f1:aa:69:2a:ca:6b:6c:aa:
3e:21:cf:bf:58:b0:88:45:eb:2b:ee:0c:3f:fb:00:
a0:34:bf:93:d1:5a:d3:dc:19:8a:b3:93:0e:3e:59:
3a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:DE:F0:47:E2:63:6A:80:43:32:BE:80:6D:7A:B9:81:87:36:4E:2B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Qt7wR-JjaoBDMr6AbXq5gYc2Tis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0-5.253.58.255
37.139.128.0/24
45.88.66.0/24
45.128.234.0/23
85.31.44.0/24
85.31.46.0/24
85.208.136.0/24
87.120.108.0/24
87.120.196.0/24
87.121.216.0/24
91.92.21.0/24
93.123.31.0/24
94.125.102.0/23
109.206.240.0/24
109.206.243.0/24
185.207.14.0/23
185.218.138.0/24
185.246.221.0/24
185.252.179.0/24
193.8.186.0/23
193.47.61.0/24
193.148.56.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:94:50:c9:86:29:be:0d:9b:0f:36:a8:b9:bd:42:13:be:4e:
88:b2:12:8b:80:98:fe:62:5a:76:29:c4:4c:34:f1:1f:ae:21:
cb:4e:59:45:07:18:8c:35:74:8c:e3:3e:b2:e0:bd:0b:81:87:
f6:91:fc:c6:c3:fa:f6:54:eb:68:1d:82:97:29:e5:b8:e7:a3:
a9:80:c1:d2:27:e5:b6:46:aa:e5:a8:a5:f0:59:7b:d1:a0:13:
4c:0b:30:e7:81:56:f5:61:3d:b2:56:9e:a9:a9:0e:64:51:4c:
c5:21:a6:da:6e:1b:7f:20:da:f9:ce:54:26:8b:3e:30:45:eb:
fe:4e:bc:30:7d:3a:f9:5f:4c:24:11:93:d2:81:ce:1b:aa:40:
8c:cf:f0:95:42:f7:1d:9d:89:be:dd:39:21:5b:46:4e:63:35:
23:8c:05:d6:45:ae:4f:c8:f7:34:00:8b:e8:2a:22:94:ff:a2:
cb:40:d3:16:9d:c3:5d:20:90:c7:1c:55:a1:f0:68:19:f5:3e:
25:6a:a5:c8:6f:53:a2:5a:94:bf:6d:50:8a:a7:c6:d2:a1:77:
e5:20:ff:fa:4f:ff:6a:02:3d:27:38:0e:37:fc:ba:09:11:e0:
2e:93:f1:f6:69:2b:25:f5:52:ce:56:1f:d1:7a:96:da:ce:94:
d6:63:00:e4
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZha9WvN/o3ka0mNwC2/DyPlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNzMwMTA1MTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmRlZjA0N2UyNjM2YTgwNDMzMmJlODA2ZDdhYjk4MTg3MzY0ZTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrb61hcYT4pxd8rZYaFd+vVppLPH
nroPdWlk1//PzERCIlln51HpXpGC/eOAOA5l9H28yo4heyrf7sWSbHShUyP8hiNK
ucgZN7UEQVkynfBStJD8JLDpqMRIqyYvd1vfyqdnvtt2m07qLce45qEw102z+UzX
VJIbFRZxNw3dXTqW+SGhH3bXurO5fODa5I98OfjXr/S5ZKRjoh3W6PSjiYj29fo8
rMC9+ffKkH2242yF+OQKvfpg8GseXqrkR/3RDMPLjjyCYp5iTPXXdKDijCNvCWZp
n4/p8appKsprbKo+Ic+/WLCIResr7gw/+wCgNL+T0VrT3BmKs5MOPlk6dwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFELe8EfiY2qAQzK+gG16uYGHNk4rMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUXQ3d1ItSmphb0JETXI2QWJYcTVnWWMyVGlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwwDAME
AwX9OAMEAAX9OgMEACWLgAMEAC1YQgMEAS2A6gMEAFUfLAMEAFUfLgMEAFXQiAME
AFd4bAMEAFd4xAMEAFd52AMEAFtcFQMEAF17HwMEAV59ZgMEAG3O8AMEAG3O8wME
AbnPDgMEALnaigMEALn23QMEALn8swMEAcEIugMEAMEvPQMEAcGUODANBgkqhkiG
9w0BAQsFAAOCAQEAX5RQyYYpvg2bDzaoub1CE75OiLISi4CY/mJadinETDTxH64h
y05ZRQcYjDV0jOM+suC9C4GH9pH8xsP69lTraB2ClynluOejqYDB0ifltkaq5ail
8Fl70aATTAsw54FW9WE9slaeqakOZFFMxSGm2m4bfyDa+c5UJos+MEXr/k68MH06
+V9MJBGT0oHOG6pAjM/wlUL3HZ2Jvt05IVtGTmM1I4wF1kWuT8j3NACL6CoilP+i
y0DTFp3DXSCQxxxVofBoGfU+JWqlyG9TolqUv21QiqfG0qF35SD/+k//agI9JzgO
N/y6CRHgLpPx9mkrJfVSzlYf0XqW2s6U1mMA5A==
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:11:28 2025 by rpki-client