Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/QKE5A2-VWyd3J0DRrfMQlK1fMX8.roa
File: QKE5A2-VWyd3J0DRrfMQlK1fMX8.roa (raw, json)
Hash identifier: fb4kqhQuHHEA1R522FziGZUhpgN31KA7VLx4uSTZ7+0=
Subject key identifier: 40:A1:39:03:6F:95:5B:27:77:27:40:D1:AD:F3:10:94:AD:5F:31:7F
Certificate issuer: /CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Certificate serial: 0198793B57EFBDB7872BA085A509266C0126
Authority key identifier: 76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/QKE5A2-VWyd3J0DRrfMQlK1fMX8.roa
Signing time: Tue 05 Aug 2025 07:56:28 +0000
ROA not before: Tue 05 Aug 2025 07:56:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 45.91.148.0/24 maxlen: 24
185.155.103.0/24 maxlen: 24
194.62.16.0/24 maxlen: 24
213.109.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 01:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:79:3b:57:ef:bd:b7:87:2b:a0:85:a5:09:26:6c:01:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Validity
Not Before: Aug 5 07:56:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40a139036f955b27772740d1adf31094ad5f317f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ca:c1:0a:d2:97:54:78:56:7e:17:bb:a8:ed:
3d:c8:db:80:c3:ff:7c:02:72:b7:c1:15:3f:19:00:
82:ac:7f:7b:0c:71:ad:0b:d5:1d:21:e2:bd:bb:48:
9e:94:eb:83:24:bf:e5:25:46:a9:5c:f3:b0:32:63:
04:e5:9f:ee:d5:5f:f9:2d:6c:73:da:6a:e7:fc:1b:
43:41:30:70:18:d4:19:54:80:60:aa:2f:3b:f3:6d:
7e:ec:76:87:27:7d:2c:3e:f7:7f:67:5c:c0:c5:01:
c9:ed:2c:69:60:61:5f:62:23:24:d3:ec:19:b2:cf:
ce:62:58:f7:08:d1:68:2c:48:a4:47:33:8e:59:0b:
b3:30:ac:b2:a1:e9:d2:a6:3a:aa:25:82:24:39:98:
6e:77:e2:48:b0:cd:aa:53:11:b4:b2:60:78:66:4f:
fc:90:08:53:ee:27:65:6a:71:df:4a:63:21:fd:68:
1a:46:75:c9:7e:78:f7:ed:29:1f:73:b3:16:29:c9:
65:26:2c:c2:f7:22:c0:69:7e:1a:ca:52:da:e5:98:
26:97:4e:0b:38:bb:1a:20:10:46:f3:b2:4e:db:8a:
9c:0a:41:96:c3:22:37:41:19:cd:e0:fe:24:12:37:
4e:88:d2:96:5c:21:0a:fc:a3:78:30:e8:3b:ae:f4:
6a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:A1:39:03:6F:95:5B:27:77:27:40:D1:AD:F3:10:94:AD:5F:31:7F
X509v3 Authority Key Identifier:
keyid:76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/QKE5A2-VWyd3J0DRrfMQlK1fMX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.148.0/24
185.155.103.0/24
194.62.16.0/24
213.109.152.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:8c:09:10:14:82:eb:6d:09:d5:ed:b8:87:38:56:d4:8e:81:
c1:56:d6:c2:3b:2a:d5:a2:b3:be:1b:5b:d8:cc:26:da:af:81:
94:99:07:55:17:97:c0:76:50:ae:0d:f5:aa:4f:8e:30:87:18:
ee:a4:35:02:7d:b0:54:41:e3:fa:95:08:0c:3d:a3:2e:5f:3d:
6b:bd:f8:4b:d8:23:25:d2:e9:62:97:8d:a2:bf:fe:de:a1:03:
8c:bf:30:31:5f:af:eb:1f:04:e5:8c:30:70:68:6f:44:5f:82:
96:db:15:23:dd:3f:5b:89:a9:2f:11:02:85:b3:f3:08:9c:33:
bb:68:a5:ab:e3:ce:4f:46:ff:45:eb:80:6e:d5:80:51:15:61:
2e:e6:ae:1f:2d:78:10:98:4f:4a:80:c7:73:64:2e:83:c2:43:
63:93:d0:ce:3d:c7:d9:4d:c2:2b:5a:73:83:bd:3b:2b:4f:4b:
32:96:95:be:fe:9f:01:ca:76:80:34:a3:78:13:c5:e5:e6:25:
f6:68:bb:83:b3:84:1d:60:46:ec:a3:5a:72:d1:55:ca:13:9f:
15:a0:82:c3:50:c7:e7:51:dd:33:03:72:58:f5:68:20:5f:ae:
62:b2:33:f3:82:2e:82:ed:74:b8:0b:25:f4:d4:53:1d:44:10:
01:74:4d:bb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZh5O1fvvbeHK6CFpQkmbAEmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2N2YzYmQ0YmZiZDMwNzFjMzhjZDRkNzA5MmJkMzQ5MDky
MGMzZDkwHhcNMjUwODA1MDc1NjI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGExMzkwMzZmOTU1YjI3NzcyNzQwZDFhZGYzMTA5NGFkNWYzMTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5MrBCtKXVHhWfhe7qO09yNuAw/98
AnK3wRU/GQCCrH97DHGtC9UdIeK9u0ielOuDJL/lJUapXPOwMmME5Z/u1V/5LWxz
2mrn/BtDQTBwGNQZVIBgqi87821+7HaHJ30sPvd/Z1zAxQHJ7SxpYGFfYiMk0+wZ
ss/OYlj3CNFoLEikRzOOWQuzMKyyoenSpjqqJYIkOZhud+JIsM2qUxG0smB4Zk/8
kAhT7idlanHfSmMh/WgaRnXJfnj37Skfc7MWKcllJizC9yLAaX4aylLa5Zgml04L
OLsaIBBG87JO24qcCkGWwyI3QRnN4P4kEjdOiNKWXCEK/KN4MOg7rvRqlQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEChOQNvlVsndydA0a3zEJStXzF/MB8GA1UdIwQY
MBaAFHZ/O9S/vTBxw4zU1wkr00kJIMPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgt
NGZiNTU5YjNiOWIzLzEvUUtFNUEyLVZXeWQzSjBEUnJmTVFsSzFmTVg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgtNGZiNTU5YjNiOWIz
LzEvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVuUAwQA
uZtnAwQAwj4QAwQA1W2YMA0GCSqGSIb3DQEBCwUAA4IBAQBqjAkQFILrbQnV7biH
OFbUjoHBVtbCOyrVorO+G1vYzCbar4GUmQdVF5fAdlCuDfWqT44whxjupDUCfbBU
QeP6lQgMPaMuXz1rvfhL2CMl0ulil42iv/7eoQOMvzAxX6/rHwTljDBwaG9EX4KW
2xUj3T9biakvEQKFs/MInDO7aKWr485PRv9F64Bu1YBRFWEu5q4fLXgQmE9KgMdz
ZC6DwkNjk9DOPcfZTcIrWnODvTsrT0sylpW+/p8BynaANKN4E8Xl5iX2aLuDs4Qd
YEbso1py0VXKE58VoILDUMfnUd0zA3JY9WggX65isjPzgi6C7XS4CyX01FMdRBAB
dE27
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:08:17 2025 by rpki-client