Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/CQeGz_S30dJ1d9L8JvanoMrChpc.roa
File: CQeGz_S30dJ1d9L8JvanoMrChpc.roa (raw, json)
Hash identifier: icC5NPEHhE0zgBFcDS2jNyhSsrZPiKNTeZAcbDdZqwI=
Subject key identifier: 09:07:86:CF:F4:B7:D1:D2:75:77:D2:FC:26:F6:A7:A0:CA:C2:86:97
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01974959E79F229A85C0BBFE37FA2E443A80
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/CQeGz_S30dJ1d9L8JvanoMrChpc.roa
Signing time: Sat 07 Jun 2025 07:45:18 +0000
ROA not before: Sat 07 Jun 2025 07:45:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44103
IP address blocks: 5.83.149.0/24 maxlen: 24
77.90.23.0/24 maxlen: 24
89.144.40.0/24 maxlen: 24
178.18.152.0/22 maxlen: 32
178.18.152.0/24 maxlen: 32
178.18.153.0/24 maxlen: 32
178.18.154.0/24 maxlen: 32
178.18.155.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 12:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:49:59:e7:9f:22:9a:85:c0:bb:fe:37:fa:2e:44:3a:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jun 7 07:45:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=090786cff4b7d1d27577d2fc26f6a7a0cac28697
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d7:87:ed:0f:7f:e3:13:91:fc:01:9d:3c:62:
c3:93:d4:c6:0b:51:e6:86:18:ea:a6:e8:57:df:d1:
d6:85:6a:21:de:32:d2:42:0f:40:b0:b6:f8:95:6e:
9d:13:2d:05:5a:63:ec:7c:ce:75:04:72:b0:2f:f6:
31:4c:f0:ed:f1:8f:f9:fa:9a:3d:34:7b:ab:01:ef:
ef:d7:56:4f:e1:e7:3b:a8:fd:f3:8e:de:34:45:6a:
06:dc:76:53:d7:46:68:7f:e7:3d:8f:90:0e:6d:ee:
00:3e:86:0d:cc:06:fd:65:4f:cc:22:34:91:30:e4:
81:73:70:6b:c3:ad:95:54:2f:26:68:2e:c9:33:27:
2e:48:2f:a8:81:b6:19:7a:25:27:7c:02:4f:dd:d8:
3b:ee:89:f8:51:a4:6d:73:08:0b:cd:02:08:8f:02:
aa:da:64:27:96:31:82:77:5c:25:7e:39:d1:b0:7e:
0d:69:58:aa:a8:7d:76:cd:ce:c7:cb:90:b1:74:35:
03:bc:6e:30:54:57:17:67:0d:6b:fa:0b:73:af:11:
da:d5:0b:6b:60:2b:2b:b3:4f:ea:8b:97:2d:ae:40:
bf:0f:e9:fb:23:59:ef:b2:bb:44:0b:b4:4b:86:fc:
eb:4e:eb:89:2e:fa:ac:62:8a:9e:d4:56:88:2d:dc:
c3:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:07:86:CF:F4:B7:D1:D2:75:77:D2:FC:26:F6:A7:A0:CA:C2:86:97
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/CQeGz_S30dJ1d9L8JvanoMrChpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.149.0/24
77.90.23.0/24
89.144.40.0/24
178.18.152.0/22
Signature Algorithm: sha256WithRSAEncryption
77:c6:f0:ab:c8:17:0b:7c:9d:60:82:5e:76:0f:83:2e:d9:36:
6b:65:df:de:42:48:9b:64:54:cb:12:ce:a7:93:f1:5b:0d:41:
f1:a5:23:af:02:37:f2:de:bb:40:7b:8c:e6:18:52:fb:66:51:
f1:73:21:fb:6e:bb:e3:c6:a3:35:ee:df:0b:1d:41:48:08:ff:
3c:f5:44:da:fa:d4:aa:f3:97:f4:d7:ac:ea:2b:67:2f:73:57:
64:f3:1c:03:29:8a:9d:cc:9e:c8:85:b7:3f:9e:5f:7b:99:08:
f7:2c:33:2a:9e:78:b5:cc:0f:46:4c:04:d7:88:cd:73:07:62:
b8:c2:e0:79:be:2f:99:06:b5:3a:49:53:3d:97:07:ab:33:0f:
67:62:2c:bd:94:71:0b:e6:65:07:cb:47:d8:59:98:86:1c:39:
b5:90:67:cb:fd:c7:e4:fe:25:98:a5:69:53:3b:4f:f2:40:4a:
f4:8a:ac:dd:5f:90:da:c8:b0:3f:8e:c2:89:79:71:e0:16:60:
c1:04:cf:6a:b2:9a:fc:f6:b9:42:9b:e3:93:86:55:b8:e5:00:
28:8b:45:50:fd:c5:a1:83:ed:11:a5:82:52:22:c4:bc:f9:63:
d9:ee:66:0a:2c:52:d4:08:77:95:a5:19:b5:15:64:d6:c8:b4:
fc:39:19:fc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZdJWeefIpqFwLv+N/ouRDqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNjA3MDc0NTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTA3ODZjZmY0YjdkMWQyNzU3N2QyZmMyNmY2YTdhMGNhYzI4Njk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNeH7Q9/4xOR/AGdPGLDk9TGC1Hm
hhjqpuhX39HWhWoh3jLSQg9AsLb4lW6dEy0FWmPsfM51BHKwL/YxTPDt8Y/5+po9
NHurAe/v11ZP4ec7qP3zjt40RWoG3HZT10Zof+c9j5AObe4APoYNzAb9ZU/MIjSR
MOSBc3Brw62VVC8maC7JMycuSC+ogbYZeiUnfAJP3dg77on4UaRtcwgLzQIIjwKq
2mQnljGCd1wlfjnRsH4NaViqqH12zc7Hy5CxdDUDvG4wVFcXZw1r+gtzrxHa1Qtr
YCsrs0/qi5ctrkC/D+n7I1nvsrtEC7RLhvzrTuuJLvqsYoqe1FaILdzDwQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAkHhs/0t9HSdXfS/Cb2p6DKwoaXMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvQ1FlR3pfUzMwZEoxZDlMOEp2YW5vTXJDaHBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABVOVAwQA
TVoXAwQAWZAoAwQCshKYMA0GCSqGSIb3DQEBCwUAA4IBAQB3xvCryBcLfJ1ggl52
D4Mu2TZrZd/eQkibZFTLEs6nk/FbDUHxpSOvAjfy3rtAe4zmGFL7ZlHxcyH7brvj
xqM17t8LHUFICP889UTa+tSq85f016zqK2cvc1dk8xwDKYqdzJ7Ihbc/nl97mQj3
LDMqnni1zA9GTATXiM1zB2K4wuB5vi+ZBrU6SVM9lwerMw9nYiy9lHEL5mUHy0fY
WZiGHDm1kGfL/cfk/iWYpWlTO0/yQEr0iqzdX5DayLA/jsKJeXHgFmDBBM9qspr8
9rlCm+OThlW45QAoi0VQ/cWhg+0RpYJSIsS8+WPZ7mYKLFLUCHeVpRm1FWTWyLT8
ORn8
-----END CERTIFICATE-----
Generated at Sun Jun 15 20:38:10 2025 by rpki-client