Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/QibsYMI2HzBANNUyuh3X_SXi7C8.roa
File: QibsYMI2HzBANNUyuh3X_SXi7C8.roa (raw, json)
Hash identifier: J+6lvfhlLdmu7GB6QikI0qn006fBR9guwOXMkwXCaOk=
Subject key identifier: 42:26:EC:60:C2:36:1F:30:40:34:D5:32:BA:1D:D7:FD:25:E2:EC:2F
Certificate issuer: /CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Certificate serial: 019856D6B85AF90F5ABC6032CC7DF0059F9B
Authority key identifier: 76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/QibsYMI2HzBANNUyuh3X_SXi7C8.roa
Signing time: Tue 29 Jul 2025 15:39:29 +0000
ROA not before: Tue 29 Jul 2025 15:39:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 91.132.225.0/24 maxlen: 24
94.247.139.0/24 maxlen: 24
176.116.13.0/24 maxlen: 24
188.244.123.0/24 maxlen: 24
193.9.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 10:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:56:d6:b8:5a:f9:0f:5a:bc:60:32:cc:7d:f0:05:9f:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Validity
Not Before: Jul 29 15:39:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4226ec60c2361f304034d532ba1dd7fd25e2ec2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e5:e7:5d:26:a4:c7:89:b6:38:2c:e6:f8:cd:
7b:94:07:16:4b:14:d0:41:5c:62:b6:59:d7:7d:82:
05:57:de:08:d4:3b:f4:c6:b9:2a:f3:2d:88:6f:50:
5e:88:4b:4b:1e:10:15:ff:de:fd:28:e5:7f:9d:f9:
9f:61:ec:18:7f:c1:cd:37:e7:c6:b8:0e:19:9b:fd:
dc:af:1e:1f:1c:f2:80:5b:d2:a1:97:ed:53:22:35:
40:11:50:ed:6f:f5:63:81:99:99:b9:41:08:a2:05:
ce:7c:e9:fb:74:73:2e:a4:20:ce:83:cb:6a:bd:f3:
00:7d:31:32:10:e4:67:96:a1:cc:8b:97:ce:bd:64:
44:01:74:4b:89:c3:70:e6:5d:6d:50:fc:b3:6e:52:
c6:1f:ca:0d:12:15:05:e2:71:5f:0a:2d:ad:90:57:
9c:09:2e:ed:dd:2d:cb:77:00:ee:f3:aa:88:fc:83:
c3:65:8c:24:f7:8e:a4:e4:db:31:61:92:f3:a8:15:
7a:25:3a:83:33:b5:f7:af:98:62:d3:9c:5c:28:ba:
58:60:56:99:78:80:dc:4d:ec:bf:b0:91:72:fd:95:
af:4c:18:6d:68:d9:4f:e1:2c:9b:9f:57:6c:66:5d:
6e:b2:d2:39:bc:c9:d9:05:58:d2:09:3a:2a:28:83:
c0:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:26:EC:60:C2:36:1F:30:40:34:D5:32:BA:1D:D7:FD:25:E2:EC:2F
X509v3 Authority Key Identifier:
keyid:76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/QibsYMI2HzBANNUyuh3X_SXi7C8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.225.0/24
94.247.139.0/24
176.116.13.0/24
188.244.123.0/24
193.9.124.0/24
Signature Algorithm: sha256WithRSAEncryption
55:60:c5:4a:a4:b0:8a:a2:d5:35:22:fd:e2:f8:b5:f0:8d:52:
99:bc:67:00:68:96:62:b6:3a:05:e4:35:80:5f:7d:44:28:b8:
d3:39:3d:9b:51:eb:2d:5b:f3:2f:ce:7d:f7:70:5a:21:12:88:
2c:a9:5e:44:f5:86:86:53:ee:4a:62:c7:4c:b7:40:b7:82:70:
28:d4:7c:28:5e:b9:cc:b1:4f:03:6a:2a:91:98:b3:ca:3d:86:
d2:67:05:a0:98:2e:77:6d:93:84:56:c7:18:ba:e2:48:f6:22:
0b:97:c8:41:70:e7:11:2d:45:ef:28:37:ea:35:60:53:ff:2c:
9c:29:a7:a1:e7:c1:66:c3:0d:6d:e1:c8:33:d4:43:58:12:d1:
d4:c3:ae:1e:e8:c0:f4:40:0c:da:4c:90:1b:c0:a4:20:f4:d5:
0b:28:06:a8:d7:ba:13:46:1e:72:6e:25:dd:9b:04:0b:e4:ec:
77:be:6a:21:7c:e3:98:52:89:19:e9:e1:84:22:d7:65:10:a1:
8c:0e:78:50:81:29:76:2e:13:4e:c8:b0:be:f3:85:1b:74:f0:
9d:3d:a9:bf:7d:68:6a:8d:45:ee:52:37:c4:b0:57:b6:6b:e6:
75:50:36:e1:c2:0a:0d:51:bb:ad:7f:ff:a9:5b:c5:ce:54:25:
2c:d2:72:1c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZhW1rha+Q9avGAyzH3wBZ+bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2N2YzYmQ0YmZiZDMwNzFjMzhjZDRkNzA5MmJkMzQ5MDky
MGMzZDkwHhcNMjUwNzI5MTUzOTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjI2ZWM2MGMyMzYxZjMwNDAzNGQ1MzJiYTFkZDdmZDI1ZTJlYzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+XnXSakx4m2OCzm+M17lAcWSxTQ
QVxitlnXfYIFV94I1Dv0xrkq8y2Ib1BeiEtLHhAV/979KOV/nfmfYewYf8HNN+fG
uA4Zm/3crx4fHPKAW9Khl+1TIjVAEVDtb/VjgZmZuUEIogXOfOn7dHMupCDOg8tq
vfMAfTEyEORnlqHMi5fOvWREAXRLicNw5l1tUPyzblLGH8oNEhUF4nFfCi2tkFec
CS7t3S3LdwDu86qI/IPDZYwk946k5NsxYZLzqBV6JTqDM7X3r5hi05xcKLpYYFaZ
eIDcTey/sJFy/ZWvTBhtaNlP4Sybn1dsZl1ustI5vMnZBVjSCToqKIPACQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEIm7GDCNh8wQDTVMrod1/0l4uwvMB8GA1UdIwQY
MBaAFHZ/O9S/vTBxw4zU1wkr00kJIMPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgt
NGZiNTU5YjNiOWIzLzEvUWlic1lNSTJIekJBTk5VeXVoM1hfU1hpN0M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgtNGZiNTU5YjNiOWIz
LzEvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW4ThAwQA
XveLAwQAsHQNAwQAvPR7AwQAwQl8MA0GCSqGSIb3DQEBCwUAA4IBAQBVYMVKpLCK
otU1Iv3i+LXwjVKZvGcAaJZitjoF5DWAX31EKLjTOT2bUestW/Mvzn33cFohEogs
qV5E9YaGU+5KYsdMt0C3gnAo1HwoXrnMsU8DaiqRmLPKPYbSZwWgmC53bZOEVscY
uuJI9iILl8hBcOcRLUXvKDfqNWBT/yycKaeh58Fmww1t4cgz1ENYEtHUw64e6MD0
QAzaTJAbwKQg9NULKAao17oTRh5ybiXdmwQL5Ox3vmohfOOYUokZ6eGEItdlEKGM
DnhQgSl2LhNOyLC+84UbdPCdPam/fWhqjUXuUjfEsFe2a+Z1UDbhwgoNUbutf/+p
W8XOVCUs0nIc
-----END CERTIFICATE-----
Generated at Wed Aug 6 16:24:43 2025 by rpki-client