Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Qjd35gVWC5YVMMNSfBwjMz9_Alo.roa
File: Qjd35gVWC5YVMMNSfBwjMz9_Alo.roa (raw, json)
Hash identifier: opdbvAw/TNFae+tXX3b1sedy3NsRHNRWxXDKRgnre/g=
Subject key identifier: 42:37:77:E6:05:56:0B:96:15:30:C3:52:7C:1C:23:33:3F:7F:02:5A
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019843C2EF3879D4F468982834378BFE80AF
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Qjd35gVWC5YVMMNSfBwjMz9_Alo.roa
Signing time: Fri 25 Jul 2025 22:45:05 +0000
ROA not before: Fri 25 Jul 2025 22:45:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3257
IP address blocks: 5.180.4.0/22 maxlen: 22
5.182.28.0/22 maxlen: 22
45.86.16.0/21 maxlen: 21
89.39.242.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.73.0/24 maxlen: 24
91.242.74.0/23 maxlen: 23
91.242.94.0/24 maxlen: 24
91.242.95.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
94.231.198.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
178.175.176.0/22 maxlen: 22
185.40.105.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
194.50.206.0/23 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.105.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
195.138.112.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.138.122.0/23 maxlen: 23
195.138.124.0/22 maxlen: 22
195.138.124.0/24 maxlen: 24
195.216.156.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:43:c2:ef:38:79:d4:f4:68:98:28:34:37:8b:fe:80:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jul 25 22:45:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=423777e605560b961530c3527c1c23333f7f025a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4c:fd:d4:e7:b8:d1:cc:ca:00:bb:dc:13:45:
36:f5:17:2a:c3:61:55:15:2b:80:5c:6b:2a:ee:87:
30:79:fc:ef:cc:56:9b:a7:6f:b5:04:64:0f:bf:a9:
7e:37:96:85:97:a7:96:45:1e:31:5f:eb:44:42:5a:
b1:dc:fe:fe:bb:4c:38:32:9b:c3:fb:c9:52:29:da:
db:4a:6c:dc:dd:07:7d:9b:c3:bd:39:49:c0:87:a3:
8d:35:14:12:1a:b8:0b:e9:68:4b:33:aa:ad:01:1b:
35:d2:3e:b3:e5:54:c8:73:7a:74:9e:9b:75:05:d9:
c0:33:e5:84:d3:6d:19:73:a8:8c:10:38:db:ee:a6:
8f:a4:ca:a4:53:2b:5e:43:cf:f2:74:3c:23:18:ad:
f0:a1:fd:d8:6d:54:19:e6:40:8b:04:5d:82:31:de:
74:bd:52:47:74:25:e9:0f:76:63:fe:56:4c:41:7a:
6a:20:78:bf:62:78:ff:00:e0:e6:1a:7f:66:67:d1:
75:71:7f:b3:67:3a:ba:8c:77:84:06:98:54:54:00:
e7:d0:e6:50:ca:6d:09:4c:30:44:b1:3a:10:a1:9f:
82:a1:5a:fd:19:7d:73:61:aa:76:c3:c1:62:a9:17:
d5:a3:6f:88:56:eb:78:b3:7e:01:34:f0:0e:84:dc:
f4:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:37:77:E6:05:56:0B:96:15:30:C3:52:7C:1C:23:33:3F:7F:02:5A
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Qjd35gVWC5YVMMNSfBwjMz9_Alo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.4.0/22
5.182.28.0/22
45.86.16.0/21
89.39.242.0/24
91.242.72.0/22
91.242.94.0/23
91.242.103.0/24
94.231.198.0/24
176.126.223.0/24
178.175.176.0/22
185.40.105.0/24
185.180.145.0/24
185.212.11.0/24
194.50.206.0/23
195.138.103.0/24
195.138.105.0-195.138.106.255
195.138.112.0/24
195.138.120.0/24
195.138.122.0-195.138.127.255
195.216.156.0/22
Signature Algorithm: sha256WithRSAEncryption
91:b0:aa:50:ee:73:71:79:0f:e5:fc:d1:83:d9:ce:12:50:24:
77:47:51:ce:e4:06:f7:92:06:3a:74:25:fa:2c:e1:e6:b7:86:
b5:3b:8f:31:46:a6:bc:37:50:4c:a1:5a:10:bd:c3:86:72:6b:
a7:70:6e:80:da:d7:7e:23:2a:56:b2:4d:08:b7:d2:e2:eb:6d:
02:02:42:bd:2b:b8:3e:0e:ab:57:f1:fd:c3:70:b7:ab:84:f6:
85:ca:48:74:f3:19:99:f6:06:18:15:d2:68:4c:c2:fb:94:8a:
31:f2:df:48:d1:96:aa:36:e0:ac:e3:07:63:75:21:ca:fc:53:
17:a3:24:df:80:6c:6f:ee:ad:3d:7d:c5:56:cc:af:c2:ea:c7:
25:64:48:ea:ad:61:0f:3a:d2:f7:c5:09:db:0a:5c:98:75:1f:
cc:61:bf:41:f6:b3:0e:53:a7:e9:b3:2e:bf:5c:b4:d6:70:c6:
a1:78:53:b5:9d:5b:7b:08:3f:2a:08:11:74:5b:e5:1d:36:d0:
54:30:23:87:54:72:e6:48:9f:53:98:0e:f5:08:4a:6d:6a:2f:
a3:22:d6:da:b0:84:22:03:f7:32:13:fb:a9:f6:1b:2f:15:3f:
12:24:45:47:7e:4d:04:fa:ea:6d:1e:48:b0:68:53:cd:9b:6b:
2d:59:ee:a5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZhDwu84edT0aJgoNDeL/oCvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwNzI1MjI0NTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjM3NzdlNjA1NTYwYjk2MTUzMGMzNTI3YzFjMjMzMzNmN2YwMjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0z91Oe40czKALvcE0U29Rcqw2FV
FSuAXGsq7ocwefzvzFabp2+1BGQPv6l+N5aFl6eWRR4xX+tEQlqx3P7+u0w4MpvD
+8lSKdrbSmzc3Qd9m8O9OUnAh6ONNRQSGrgL6WhLM6qtARs10j6z5VTIc3p0npt1
BdnAM+WE020Zc6iMEDjb7qaPpMqkUyteQ8/ydDwjGK3wof3YbVQZ5kCLBF2CMd50
vVJHdCXpD3Zj/lZMQXpqIHi/Ynj/AODmGn9mZ9F1cX+zZzq6jHeEBphUVADn0OZQ
ym0JTDBEsToQoZ+CoVr9GX1zYap2w8FiqRfVo2+IVut4s34BNPAOhNz0hwIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFEI3d+YFVguWFTDDUnwcIzM/fwJaMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvUWpkMzVnVldDNVlWTU1OU2ZCd2pNejlfQWxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAIF
tAQDBAIFthwDBAMtVhADBABZJ/IDBAJb8kgDBAFb8l4DBABb8mcDBABe58YDBACw
ft8DBAKyr7ADBAC5KGkDBAC5tJEDBAC51AsDBAHCMs4DBADDimcwDAMEAMOKaQME
AMOKagMEAMOKcAMEAMOKeDAMAwQBw4p6AwQHw4oAAwQCw9icMA0GCSqGSIb3DQEB
CwUAA4IBAQCRsKpQ7nNxeQ/l/NGD2c4SUCR3R1HO5Ab3kgY6dCX6LOHmt4a1O48x
Rqa8N1BMoVoQvcOGcmuncG6A2td+IypWsk0It9Li620CAkK9K7g+DqtX8f3DcLer
hPaFykh08xmZ9gYYFdJoTML7lIox8t9I0ZaqNuCs4wdjdSHK/FMXoyTfgGxv7q09
fcVWzK/C6sclZEjqrWEPOtL3xQnbClyYdR/MYb9B9rMOU6fpsy6/XLTWcMaheFO1
nVt7CD8qCBF0W+UdNtBUMCOHVHLmSJ9TmA71CEptai+jItbasIQiA/cyE/up9hsv
FT8SJEVHfk0E+uptHkiwaFPNm2stWe6l
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:55:49 2025 by rpki-client