Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/qwN7W36WCMKARsvs6rQY6HjIsMI.roa
File: qwN7W36WCMKARsvs6rQY6HjIsMI.roa (raw, json)
Hash identifier: Ur1+XATkrWfuk70OT5HwiPAxyGwAUA8ozMf2hvJTnyc=
Subject key identifier: AB:03:7B:5B:7E:96:08:C2:80:46:CB:EC:EA:B4:18:E8:78:C8:B0:C2
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 019A2AD43B61BF7F73F49F952F65A065584A
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/qwN7W36WCMKARsvs6rQY6HjIsMI.roa
Signing time: Tue 28 Oct 2025 12:39:03 +0000
ROA not before: Tue 28 Oct 2025 12:39:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204909
IP address blocks: 2a11:4042::/32 maxlen: 32
2a11:4044::/32 maxlen: 32
2a11:6581::/32 maxlen: 32
2a11:6582::/32 maxlen: 32
2a11:84c3::/32 maxlen: 32
2a11:84c4::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2a:d4:3b:61:bf:7f:73:f4:9f:95:2f:65:a0:65:58:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Oct 28 12:39:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab037b5b7e9608c28046cbeceab418e878c8b0c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9e:13:8f:f7:f1:09:5b:2d:3b:23:81:1d:fc:
97:5b:b8:a1:dd:f3:88:57:80:6c:17:c7:2c:0e:5a:
ee:41:9a:19:28:b6:39:45:1f:34:e6:11:09:82:89:
0a:8b:bd:b5:66:79:c0:26:3f:60:5b:d2:42:c1:f1:
0b:ef:6b:ba:32:99:26:cf:23:65:5d:d0:8d:6c:6d:
5f:f5:d0:c5:ff:66:c2:fb:11:ad:fb:eb:9b:58:85:
8f:24:11:3b:b8:7b:4f:50:5f:6b:ff:54:fa:61:b0:
9c:fb:17:47:85:7d:3b:11:c5:07:4c:a9:31:aa:1f:
96:8d:49:f0:b6:61:17:8d:93:69:39:fd:d7:83:11:
ca:05:5b:6d:7d:1d:98:e8:6e:2b:c9:d8:e5:1d:8d:
ce:df:65:bc:f6:d8:50:de:52:72:db:e7:d2:e2:f3:
99:fe:8d:19:31:36:15:b0:cb:07:b6:52:67:c3:57:
fc:22:9d:de:a8:3e:fd:dd:f9:53:45:ae:7b:3f:b5:
2c:37:5d:41:59:41:16:aa:2f:1f:da:dd:e9:23:1e:
65:9f:a2:ec:15:74:f3:4e:66:26:79:aa:d8:be:a1:
46:92:f2:f4:31:a7:1a:f6:6c:9e:25:36:b2:a7:13:
19:8d:6a:69:d5:08:16:4c:9c:72:ad:46:39:f0:74:
13:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:03:7B:5B:7E:96:08:C2:80:46:CB:EC:EA:B4:18:E8:78:C8:B0:C2
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/qwN7W36WCMKARsvs6rQY6HjIsMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:4042::/32
2a11:4044::/32
2a11:6581::-2a11:6582:ffff:ffff:ffff:ffff:ffff:ffff
2a11:84c3::-2a11:84c4:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
62:f4:e6:db:0c:d1:25:70:48:f8:9d:80:9b:3c:c3:e2:e2:76:
7b:52:d6:22:5f:6b:4e:90:94:77:1c:b5:1b:8a:0f:94:b5:ba:
29:20:a9:8f:4f:a7:a2:47:8b:b4:69:3d:5e:04:de:4e:fc:1a:
3e:79:dc:37:46:9f:63:dc:0f:71:32:0a:23:0d:2d:81:0b:97:
6b:74:7b:58:a3:51:1b:6c:b2:96:5d:1f:96:aa:c5:a4:5c:fc:
01:3c:5c:de:6e:d6:a4:66:5a:ef:71:29:89:7f:cb:69:59:df:
0d:f2:84:1f:29:fc:72:be:13:8e:dd:fb:99:0b:02:28:2a:d7:
de:06:ce:ee:61:6a:7c:e3:a5:9a:6e:56:4a:10:fc:99:d1:76:
84:ab:e3:7d:18:d8:9a:19:f6:e6:d7:22:ff:47:ed:bd:0b:c1:
e0:20:44:ca:70:d3:df:c1:ed:12:36:b5:88:d4:9d:f6:96:1b:
23:b1:8c:1e:60:7a:7a:6d:25:77:2e:fd:b9:f1:00:24:0c:6c:
28:4e:17:24:ef:a5:4d:96:39:2a:ac:0c:d4:72:a1:84:5d:19:
c5:96:31:fe:24:98:9f:73:d1:16:52:e7:90:44:91:a5:6b:87:
43:94:22:72:cb:f9:9d:d2:52:38:ca:0c:3c:23:37:34:8f:b5:
10:06:d8:25
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZoq1Dthv39z9J+VL2WgZVhKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjUxMDI4MTIzOTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjAzN2I1YjdlOTYwOGMyODA0NmNiZWNlYWI0MThlODc4YzhiMGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJ4Tj/fxCVstOyOBHfyXW7ih3fOI
V4BsF8csDlruQZoZKLY5RR805hEJgokKi721ZnnAJj9gW9JCwfEL72u6MpkmzyNl
XdCNbG1f9dDF/2bC+xGt++ubWIWPJBE7uHtPUF9r/1T6YbCc+xdHhX07EcUHTKkx
qh+WjUnwtmEXjZNpOf3XgxHKBVttfR2Y6G4rydjlHY3O32W89thQ3lJy2+fS4vOZ
/o0ZMTYVsMsHtlJnw1f8Ip3eqD793flTRa57P7UsN11BWUEWqi8f2t3pIx5ln6Ls
FXTzTmYmearYvqFGkvL0Maca9myeJTaypxMZjWpp1QgWTJxyrUY58HQTYwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFKsDe1t+lgjCgEbL7Oq0GOh4yLDCMB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvcXdON1czNldDTUtBUnN2czZyUVk2SGpJc01JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAAjAuAwUAKhFAQgMF
ACoRQEQwDgMFACoRZYEDBQAqEWWCMA4DBQAqEYTDAwUAKhGExDANBgkqhkiG9w0B
AQsFAAOCAQEAYvTm2wzRJXBI+J2AmzzD4uJ2e1LWIl9rTpCUdxy1G4oPlLW6KSCp
j0+nokeLtGk9XgTeTvwaPnncN0afY9wPcTIKIw0tgQuXa3R7WKNRG2yyll0flqrF
pFz8ATxc3m7WpGZa73EpiX/LaVnfDfKEHyn8cr4Tjt37mQsCKCrX3gbO7mFqfOOl
mm5WShD8mdF2hKvjfRjYmhn25tci/0ftvQvB4CBEynDT38HtEja1iNSd9pYbI7GM
HmB6em0ldy79ufEAJAxsKE4XJO+lTZY5KqwM1HKhhF0ZxZYx/iSYn3PRFlLnkESR
pWuHQ5Qicsv5ndJSOMoMPCM3NI+1EAbYJQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 12:49:24 2025 by rpki-client