Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/gq8rwBz2LJ5PXO9yz1x_XMlkNv4.roa
File: gq8rwBz2LJ5PXO9yz1x_XMlkNv4.roa (raw, json)
Hash identifier: DmwvXJu+Zn6PIxbRORpkGHUa2jhR5zkagmMp4cVlA0o=
Subject key identifier: 82:AF:2B:C0:1C:F6:2C:9E:4F:5C:EF:72:CF:5C:7F:5C:C9:64:36:FE
Certificate issuer: /CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Certificate serial: 01985A343AE1E05EDFF2A8EBB203A0BE81FB
Authority key identifier: 30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/gq8rwBz2LJ5PXO9yz1x_XMlkNv4.roa
Signing time: Wed 30 Jul 2025 07:20:29 +0000
ROA not before: Wed 30 Jul 2025 07:20:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212422
IP address blocks: 193.59.94.0/24 maxlen: 24
193.59.95.0/24 maxlen: 24
193.59.98.0/24 maxlen: 24
193.59.102.0/24 maxlen: 24
193.59.103.0/24 maxlen: 24
194.181.250.0/24 maxlen: 24
195.187.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.mft
rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 23:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5a:34:3a:e1:e0:5e:df:f2:a8:eb:b2:03:a0:be:81:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Validity
Not Before: Jul 30 07:20:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82af2bc01cf62c9e4f5cef72cf5c7f5cc96436fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:83:b0:de:60:92:ad:50:92:68:a7:3d:72:51:
bf:ea:0e:25:5a:b9:cf:f2:86:c2:d4:3b:12:86:71:
81:4e:c6:e0:ec:73:c9:7b:9a:db:73:cf:da:83:4b:
71:d5:76:b8:8a:93:68:12:0a:13:28:ca:3e:02:29:
88:ef:64:4a:23:67:9a:53:2e:87:d2:c3:dd:2b:db:
dc:75:ee:5e:ef:f9:3d:e3:77:22:96:d4:33:7e:95:
ef:bd:06:bd:58:80:c6:74:43:66:01:e1:76:7e:f8:
80:a8:89:c2:a0:f3:29:be:fd:7e:6b:07:7a:cf:94:
fd:31:17:cd:5c:bd:ef:75:41:44:12:62:48:06:5a:
96:5e:d5:40:da:ae:67:e5:fa:76:be:2e:69:a2:8a:
ec:ed:fd:38:3b:36:de:f6:a0:46:a6:b6:1c:1a:f8:
10:db:5e:f6:7f:74:91:e8:39:85:5c:aa:1a:88:eb:
34:75:b8:3a:bd:bd:c7:e6:ce:5e:33:45:ea:8e:1e:
f6:c8:bc:5e:f8:eb:88:b0:19:c7:78:3d:c7:3a:dd:
a0:c7:fe:9f:c4:dc:04:c0:19:ea:19:0f:5f:14:de:
2c:f0:f5:62:f3:8f:71:30:fe:1a:f1:4e:40:c5:63:
bb:24:9e:7b:72:67:9a:de:8c:91:13:a5:e5:9d:ae:
ab:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:AF:2B:C0:1C:F6:2C:9E:4F:5C:EF:72:CF:5C:7F:5C:C9:64:36:FE
X509v3 Authority Key Identifier:
keyid:30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/gq8rwBz2LJ5PXO9yz1x_XMlkNv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.59.94.0/23
193.59.98.0/24
193.59.102.0/23
194.181.250.0/24
195.187.35.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:f6:a6:46:a0:06:74:95:80:8e:fd:86:96:03:d5:d1:86:42:
f4:38:ac:fd:d5:fc:1e:ad:74:e6:d1:52:61:71:f4:c6:74:34:
2d:bc:e7:f7:92:71:c0:e8:82:43:a1:4a:37:c8:91:2f:e4:a2:
d3:4e:99:b6:58:ea:0c:29:72:eb:60:12:9f:9e:72:ec:06:bd:
3f:f3:4b:ad:97:98:63:69:57:22:5b:17:60:2c:02:12:5a:11:
10:99:55:ae:90:5f:11:b5:58:71:0b:de:9d:88:c7:bd:17:b2:
71:d6:46:db:52:cd:e5:ed:8a:b4:f4:b0:1a:31:45:8a:cf:24:
e8:0e:97:5c:4d:aa:e1:04:51:aa:c7:22:cb:9c:84:78:4d:21:
ed:1b:de:e9:f8:18:aa:76:27:d5:f0:62:8b:3c:a3:11:ad:2c:
d0:3b:e6:d5:15:ed:ed:23:22:37:c7:9e:e6:4b:0a:c9:5a:63:
2e:b0:c9:42:4e:f8:61:df:b4:ef:38:95:65:b4:74:4f:b1:37:
57:4b:c4:a6:db:d2:d2:13:32:8f:08:ed:27:87:6f:d8:72:d3:
d0:b5:0f:d9:d3:12:77:8d:cc:da:18:46:36:5c:3f:68:6b:58:
ac:15:f6:7e:a4:4a:de:7d:b7:1c:99:2f:b4:ab:00:3b:83:be:
a8:f2:0d:b5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZhaNDrh4F7f8qjrsgOgvoH7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYzQwOTYxM2ZlYTBhMmI0NDJjZTExMmU5Y2JkYjQ4NWUw
MTE4OGYwHhcNMjUwNzMwMDcyMDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmFmMmJjMDFjZjYyYzllNGY1Y2VmNzJjZjVjN2Y1Y2M5NjQzNmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4Ow3mCSrVCSaKc9clG/6g4lWrnP
8obC1DsShnGBTsbg7HPJe5rbc8/ag0tx1Xa4ipNoEgoTKMo+AimI72RKI2eaUy6H
0sPdK9vcde5e7/k943ciltQzfpXvvQa9WIDGdENmAeF2fviAqInCoPMpvv1+awd6
z5T9MRfNXL3vdUFEEmJIBlqWXtVA2q5n5fp2vi5poors7f04Ozbe9qBGprYcGvgQ
2172f3SR6DmFXKoaiOs0dbg6vb3H5s5eM0Xqjh72yLxe+OuIsBnHeD3HOt2gx/6f
xNwEwBnqGQ9fFN4s8PVi849xMP4a8U5AxWO7JJ57cmea3oyRE6Xlna6rSwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIKvK8Ac9iyeT1zvcs9cf1zJZDb+MB8GA1UdIwQY
MBaAFDDECWE/6gorRCzhEunL20heARiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYt
YzA2NzFiZjRjZjNlLzEvZ3E4cndCejJMSjVQWE85eXoxeF9YTWxrTnY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYtYzA2NzFiZjRjZjNl
LzEvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBwTteAwQA
wTtiAwQBwTtmAwQAwrX6AwQAw7sjMA0GCSqGSIb3DQEBCwUAA4IBAQB/9qZGoAZ0
lYCO/YaWA9XRhkL0OKz91fwerXTm0VJhcfTGdDQtvOf3knHA6IJDoUo3yJEv5KLT
Tpm2WOoMKXLrYBKfnnLsBr0/80utl5hjaVciWxdgLAISWhEQmVWukF8RtVhxC96d
iMe9F7Jx1kbbUs3l7Yq09LAaMUWKzyToDpdcTarhBFGqxyLLnIR4TSHtG97p+Biq
difV8GKLPKMRrSzQO+bVFe3tIyI3x57mSwrJWmMusMlCTvhh37TvOJVltHRPsTdX
S8Sm29LSEzKPCO0nh2/YctPQtQ/Z0xJ3jczaGEY2XD9oa1isFfZ+pErefbccmS+0
qwA7g76o8g21
-----END CERTIFICATE-----
Generated at Wed Aug 6 09:28:15 2025 by rpki-client