Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/q8QQgA7GC0znR3p7BWyx70W9Wy0.roa
File: q8QQgA7GC0znR3p7BWyx70W9Wy0.roa (raw, json)
Hash identifier: z6ABTs8Ko+RG9NU5x1+aIR6aLmZ/QI4e21dSlsLG9pk=
Subject key identifier: AB:C4:10:80:0E:C6:0B:4C:E7:47:7A:7B:05:6C:B1:EF:45:BD:5B:2D
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 019A1249E23C72B47E60ABD60522D72C8971
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/q8QQgA7GC0znR3p7BWyx70W9Wy0.roa
Signing time: Thu 23 Oct 2025 18:17:03 +0000
ROA not before: Thu 23 Oct 2025 18:17:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 85.239.145.0/24 maxlen: 24
85.239.152.0/24 maxlen: 24
85.239.154.0/24 maxlen: 24
178.239.117.0/24 maxlen: 24
178.239.118.0/24 maxlen: 24
178.239.119.0/24 maxlen: 24
178.239.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:12:49:e2:3c:72:b4:7e:60:ab:d6:05:22:d7:2c:89:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Oct 23 18:17:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=abc410800ec60b4ce7477a7b056cb1ef45bd5b2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:cd:c9:91:19:3e:d6:6e:8d:b5:04:15:94:69:
d7:43:9c:b8:fe:8b:a6:dd:61:f1:01:83:8f:95:d9:
1a:8c:0f:73:91:7b:88:3f:c2:93:dd:68:6d:9e:48:
ca:df:a9:47:2e:52:7d:d7:2e:96:e2:96:09:05:71:
ff:d6:e7:81:52:bd:f9:43:16:00:37:d4:b8:e3:b9:
2c:fd:c3:1a:d1:3e:bb:9a:56:44:1d:e9:60:e0:4b:
3f:37:59:91:33:94:a3:cb:95:f3:1b:67:5d:19:79:
f5:42:82:dc:b5:ce:ab:be:7a:93:b0:08:54:9d:a0:
76:3b:a9:87:94:73:74:4d:5a:03:93:3d:bd:a5:5e:
7f:e7:d6:bb:7c:10:19:20:05:67:ad:f7:d2:f9:31:
a8:5d:06:78:a9:f1:11:31:38:77:1c:71:4c:1a:0e:
d7:c1:5b:5e:c4:f2:1d:10:ce:13:f6:82:2b:30:f7:
3b:21:d3:c5:00:5f:fb:2a:64:66:53:66:c2:6c:1c:
87:2c:5f:3c:5e:1c:cb:20:9b:c7:5e:6c:75:a8:56:
2f:f4:88:05:89:c0:89:44:08:50:d8:0b:22:c8:e1:
c9:2b:00:7f:b8:e7:bd:83:27:f8:3d:f2:ec:13:47:
f1:10:82:93:3b:54:58:84:4c:6c:fe:b9:9d:6a:53:
43:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:C4:10:80:0E:C6:0B:4C:E7:47:7A:7B:05:6C:B1:EF:45:BD:5B:2D
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/q8QQgA7GC0znR3p7BWyx70W9Wy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.145.0/24
85.239.152.0/24
85.239.154.0/24
178.239.117.0-178.239.120.255
Signature Algorithm: sha256WithRSAEncryption
a9:a3:0c:d8:54:e0:c4:c2:59:68:e7:8b:ac:93:45:ea:36:5e:
35:93:d8:4b:d6:23:7b:9e:d2:6c:cc:35:e7:63:2d:d7:0c:33:
5c:f8:e7:df:56:14:67:db:7e:01:dc:9d:ae:bd:a7:4d:33:53:
d5:7b:06:34:9d:73:6a:70:af:a7:7e:c2:fd:9a:0b:ba:91:ed:
68:66:bf:7b:7b:e0:72:f4:3a:4e:84:08:ae:d4:6f:12:31:e1:
e5:62:d3:93:d7:f6:df:61:68:f3:53:f9:cf:94:45:f5:f1:37:
f7:5d:9a:23:9d:eb:0d:72:39:86:f8:f6:7e:47:9a:f2:60:c8:
31:33:d1:ea:d9:f6:d2:97:b7:c3:50:97:89:d8:d4:13:67:37:
eb:98:f0:b4:42:94:9a:15:65:90:ea:51:80:e2:71:2a:fa:ef:
93:dc:6b:fa:6b:a3:8f:6b:92:75:e4:95:1f:46:44:2b:41:35:
49:9f:3c:5c:79:a4:88:d3:4e:2c:ab:71:f0:0b:fa:a7:94:b1:
80:79:2c:ff:01:9a:03:28:31:ef:7e:56:0d:e6:f3:a5:39:f1:
c3:ca:93:53:ab:ab:6f:c3:bb:e3:d3:c4:74:19:f0:5f:01:16:
94:6f:2f:66:9e:8c:df:b6:5d:a5:3a:be:ee:3d:d4:1b:4e:c6:
60:df:b0:cd
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZoSSeI8crR+YKvWBSLXLIlxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUxMDIzMTgxNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmM0MTA4MDBlYzYwYjRjZTc0NzdhN2IwNTZjYjFlZjQ1YmQ1YjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAys3JkRk+1m6NtQQVlGnXQ5y4/oum
3WHxAYOPldkajA9zkXuIP8KT3WhtnkjK36lHLlJ91y6W4pYJBXH/1ueBUr35QxYA
N9S447ks/cMa0T67mlZEHelg4Es/N1mRM5Sjy5XzG2ddGXn1QoLctc6rvnqTsAhU
naB2O6mHlHN0TVoDkz29pV5/59a7fBAZIAVnrffS+TGoXQZ4qfERMTh3HHFMGg7X
wVtexPIdEM4T9oIrMPc7IdPFAF/7KmRmU2bCbByHLF88XhzLIJvHXmx1qFYv9IgF
icCJRAhQ2AsiyOHJKwB/uOe9gyf4PfLsE0fxEIKTO1RYhExs/rmdalNDmQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKvEEIAOxgtM50d6ewVsse9FvVstMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvcThRUWdBN0dDMHpuUjNwN0JXeXg3MFc5V3kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAVe+RAwQA
Ve+YAwQAVe+aMAwDBACy73UDBACy73gwDQYJKoZIhvcNAQELBQADggEBAKmjDNhU
4MTCWWjni6yTReo2XjWT2EvWI3ue0mzMNedjLdcMM1z4599WFGfbfgHcna69p00z
U9V7BjSdc2pwr6d+wv2aC7qR7Whmv3t74HL0Ok6ECK7UbxIx4eVi05PX9t9haPNT
+c+URfXxN/ddmiOd6w1yOYb49n5HmvJgyDEz0erZ9tKXt8NQl4nY1BNnN+uY8LRC
lJoVZZDqUYDicSr675Pca/pro49rknXklR9GRCtBNUmfPFx5pIjTTiyrcfAL+qeU
sYB5LP8BmgMoMe9+Vg3m86U58cPKk1Orq2/Du+PTxHQZ8F8BFpRvL2aejN+2XaU6
vu491BtOxmDfsM0=
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:36:06 2025 by rpki-client