Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/QpYP7aICb6t-wB-Ae5TMIMzNxKc.roa
File: QpYP7aICb6t-wB-Ae5TMIMzNxKc.roa (raw, json)
Hash identifier: 6l5wYI4rKFuFbwO5LaOnIgodQP9eROSLsioYs0st/CU=
Subject key identifier: 42:96:0F:ED:A2:02:6F:AB:7E:C0:1F:80:7B:94:CC:20:CC:CD:C4:A7
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 01984D7402DF6DD5D530EE68C2183143FDF5
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/QpYP7aICb6t-wB-Ae5TMIMzNxKc.roa
Signing time: Sun 27 Jul 2025 19:55:05 +0000
ROA not before: Sun 27 Jul 2025 19:55:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 109.121.37.0/24 maxlen: 24
109.121.39.0/24 maxlen: 24
109.121.42.0/24 maxlen: 24
109.121.45.0/24 maxlen: 24
109.121.47.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:4d:74:02:df:6d:d5:d5:30:ee:68:c2:18:31:43:fd:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jul 27 19:55:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42960feda2026fab7ec01f807b94cc20cccdc4a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:a0:54:31:9c:10:fd:da:75:dc:f3:65:57:52:
4d:57:e7:e6:97:cf:6b:76:4e:56:9d:9d:0b:23:e3:
83:08:f9:a5:9a:b1:6c:e8:6f:e2:21:7a:14:7a:55:
6b:df:ae:a1:dd:35:8e:a7:84:f2:7a:4d:47:14:aa:
e3:ea:31:2f:c9:68:75:7b:7d:45:f1:a1:f0:25:9f:
87:82:40:8c:4b:ff:23:c3:7a:94:14:50:5d:e4:75:
05:7c:fb:d7:4f:99:a0:8c:5e:f2:53:a5:a3:42:3a:
d0:c2:f9:85:52:e2:6b:0f:a0:a2:12:4f:8a:ea:5f:
ec:2b:f7:93:be:55:00:4a:42:e2:51:f4:0d:48:cc:
81:f8:9b:8b:9e:90:85:81:87:93:09:17:a4:ff:37:
97:48:5f:2d:a5:41:6f:67:2a:73:37:f6:01:b7:c7:
e2:a9:8f:b2:3e:fd:ae:81:82:e0:ce:bc:1f:5e:a0:
cb:bf:19:db:28:8e:68:9d:e4:e9:ce:55:9d:28:9a:
e8:93:01:86:fe:13:0f:56:29:3d:a1:11:93:b3:0f:
50:76:4a:a3:42:c8:26:76:90:6d:e3:e2:a5:97:4b:
53:e3:47:89:e0:3f:50:34:88:43:d4:ce:31:89:c2:
91:85:98:8b:8a:25:fb:a2:17:b0:2e:53:03:58:ac:
0d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:96:0F:ED:A2:02:6F:AB:7E:C0:1F:80:7B:94:CC:20:CC:CD:C4:A7
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/QpYP7aICb6t-wB-Ae5TMIMzNxKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.37.0/24
109.121.39.0/24
109.121.42.0/24
109.121.45.0/24
109.121.47.0/24
185.47.91.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:19:ad:c2:69:23:a1:84:85:5b:53:a8:3d:72:50:ce:7a:ad:
53:25:96:d3:6e:05:a9:a7:f3:f7:2e:5e:6a:b6:4f:14:c6:a4:
27:87:e3:5a:f7:cc:ef:c9:3c:c8:ba:72:c1:7a:1d:f9:b6:86:
10:cb:31:97:a0:41:44:05:e9:2f:e9:ae:aa:8a:73:17:b6:77:
8c:aa:dc:25:de:82:03:31:5e:7b:4b:74:75:6a:6f:ce:ab:25:
bc:cc:57:4b:ed:cb:ec:ef:7a:47:25:13:72:ba:49:21:c8:b7:
3f:63:fb:3d:03:2b:e3:9d:b9:f8:54:18:ce:77:fd:98:eb:82:
b0:8a:57:45:ad:28:ef:a2:3d:ff:42:88:61:6b:03:43:46:d9:
e7:49:30:e7:e3:a6:9f:a0:9a:58:1a:bb:41:17:ee:d7:74:da:
e7:ec:38:51:db:15:41:93:b1:61:81:ac:17:91:1a:0e:48:a7:
28:4a:03:95:2c:c7:c6:1e:ad:c5:8d:59:d3:17:5e:26:1e:cb:
13:08:ea:d5:a6:b8:e6:1e:2e:d9:3e:14:88:89:15:85:90:df:
49:f3:a3:ec:75:d3:60:f6:8b:98:fe:dc:b4:c2:1d:b0:8a:dd:
1b:43:02:ee:1e:46:4c:aa:53:27:b6:15:eb:72:8f:97:63:81:
94:77:dd:8d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZhNdALfbdXVMO5owhgxQ/31MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjUwNzI3MTk1NTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mjk2MGZlZGEyMDI2ZmFiN2VjMDFmODA3Yjk0Y2MyMGNjY2RjNGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2aBUMZwQ/dp13PNlV1JNV+fml89r
dk5WnZ0LI+ODCPmlmrFs6G/iIXoUelVr366h3TWOp4Tyek1HFKrj6jEvyWh1e31F
8aHwJZ+HgkCMS/8jw3qUFFBd5HUFfPvXT5mgjF7yU6WjQjrQwvmFUuJrD6CiEk+K
6l/sK/eTvlUASkLiUfQNSMyB+JuLnpCFgYeTCRek/zeXSF8tpUFvZypzN/YBt8fi
qY+yPv2ugYLgzrwfXqDLvxnbKI5oneTpzlWdKJrokwGG/hMPVik9oRGTsw9Qdkqj
QsgmdpBt4+Kll0tT40eJ4D9QNIhD1M4xicKRhZiLiiX7ohewLlMDWKwNOwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEKWD+2iAm+rfsAfgHuUzCDMzcSnMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvUXBZUDdhSUNiNnQtd0ItQWU1VE1JTXpOeEtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAbXklAwQA
bXknAwQAbXkqAwQAbXktAwQAbXkvAwQAuS9bMA0GCSqGSIb3DQEBCwUAA4IBAQCq
Ga3CaSOhhIVbU6g9clDOeq1TJZbTbgWpp/P3Ll5qtk8UxqQnh+Na98zvyTzIunLB
eh35toYQyzGXoEFEBekv6a6qinMXtneMqtwl3oIDMV57S3R1am/OqyW8zFdL7cvs
73pHJRNyukkhyLc/Y/s9Ayvjnbn4VBjOd/2Y64KwildFrSjvoj3/QohhawNDRtnn
STDn46afoJpYGrtBF+7XdNrn7DhR2xVBk7FhgawXkRoOSKcoSgOVLMfGHq3FjVnT
F14mHssTCOrVprjmHi7ZPhSIiRWFkN9J86PsddNg9ouY/ty0wh2wit0bQwLuHkZM
qlMnthXrco+XY4GUd92N
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:37 2025 by rpki-client