Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/JqUTwDiQz2XN4n_rtc98QSVcAgU.roa
File: JqUTwDiQz2XN4n_rtc98QSVcAgU.roa (raw, json)
Hash identifier: pHiFb9tQ1YpNIqFbFLQQworD9lfd3ZDQhLB+/lsEeNI=
Subject key identifier: 26:A5:13:C0:38:90:CF:65:CD:E2:7F:EB:B5:CF:7C:41:25:5C:02:05
Certificate issuer: /CN=fad7100e77ed9119d66e2321bb6711d7e760982b
Certificate serial: 019763FF7E75BDEB8D9E37D98E45CC021604
Authority key identifier: FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/JqUTwDiQz2XN4n_rtc98QSVcAgU.roa
Signing time: Thu 12 Jun 2025 11:56:17 +0000
ROA not before: Thu 12 Jun 2025 11:56:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 46.80.0.0/12 maxlen: 12
62.153.0.0/16 maxlen: 16
62.154.0.0/15 maxlen: 15
62.156.0.0/14 maxlen: 14
62.224.0.0/14 maxlen: 14
79.192.0.0/10 maxlen: 10
80.128.0.0/11 maxlen: 11
80.128.0.0/12 maxlen: 12
80.144.0.0/13 maxlen: 13
80.152.0.0/14 maxlen: 14
80.156.0.0/16 maxlen: 16
80.157.0.0/16 maxlen: 16
80.157.8.0/21 maxlen: 21
80.157.16.0/20 maxlen: 20
84.128.0.0/10 maxlen: 10
87.128.0.0/10 maxlen: 10
91.0.0.0/10 maxlen: 10
93.192.0.0/10 maxlen: 10
192.166.49.0/24 maxlen: 24
193.158.0.0/15 maxlen: 15
194.25.0.0/16 maxlen: 16
194.150.228.0/23 maxlen: 23
195.145.0.0/16 maxlen: 16
195.243.0.0/16 maxlen: 16
212.184.0.0/15 maxlen: 15
217.0.0.0/13 maxlen: 13
217.80.0.0/12 maxlen: 12
217.224.0.0/11 maxlen: 11
2003::/19 maxlen: 19
2003::/23 maxlen: 23
2003:8:f400::/48 maxlen: 48
2003:8:f401::/48 maxlen: 48
2003:8:f402::/48 maxlen: 48
2003:8:f403::/48 maxlen: 48
2003:8:f404::/48 maxlen: 48
2003:8:f405::/48 maxlen: 48
2003:8:f406::/48 maxlen: 48
2003:8:f407::/48 maxlen: 48
2003:8:f408::/48 maxlen: 48
2003:8:f409::/48 maxlen: 48
2003:8:f40a::/48 maxlen: 48
2003:8:f40b::/48 maxlen: 48
2003:8:f40c::/48 maxlen: 48
2003:8:f40d::/48 maxlen: 48
2003:8:f40e::/48 maxlen: 48
2003:8:f40f::/48 maxlen: 48
2003:3c0::/28 maxlen: 28
2003:3e0::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 17:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:63:ff:7e:75:bd:eb:8d:9e:37:d9:8e:45:cc:02:16:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fad7100e77ed9119d66e2321bb6711d7e760982b
Validity
Not Before: Jun 12 11:56:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=26a513c03890cf65cde27febb5cf7c41255c0205
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7c:0b:87:a2:dd:04:4f:73:86:22:af:73:06:
ff:42:e3:38:b9:47:30:21:d7:5b:90:48:a2:d7:a3:
dc:b1:5d:ab:a8:30:ea:5a:a3:16:54:b9:2a:00:63:
70:f6:a0:db:b6:c6:ff:22:4a:f4:5f:8d:83:3c:4b:
0d:4b:c5:30:53:0f:3e:5c:d9:05:cd:9e:17:fc:5b:
b1:a3:ff:c2:0b:01:f3:53:93:39:9b:a8:90:13:80:
3f:ca:53:6d:6d:ee:47:70:51:b8:ce:11:33:a8:ae:
d2:6f:f5:0d:e0:55:69:a7:da:e1:10:7c:88:8d:29:
33:80:e3:59:30:ad:7a:3c:3b:b3:c3:77:30:15:bc:
72:ce:20:29:07:61:68:97:d0:9a:e1:a0:b3:90:6a:
38:21:b8:74:ac:6c:da:63:af:de:3b:7a:f1:ce:41:
d1:ba:91:46:91:f1:b9:1b:26:8d:d1:6d:13:20:4f:
b3:42:e5:1d:84:5d:c3:a7:fa:26:f8:71:d1:48:10:
01:d2:bb:2d:52:d1:67:b8:6e:46:70:39:85:7e:48:
54:fa:21:87:9a:47:fb:25:a0:12:b9:24:bd:c9:48:
b8:c3:cf:ae:47:75:f3:83:c2:6a:18:ab:bd:29:0d:
4b:45:a8:c0:a9:8a:18:a1:45:bb:fa:19:3f:87:10:
78:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:A5:13:C0:38:90:CF:65:CD:E2:7F:EB:B5:CF:7C:41:25:5C:02:05
X509v3 Authority Key Identifier:
keyid:FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/JqUTwDiQz2XN4n_rtc98QSVcAgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.80.0.0/12
62.153.0.0-62.159.255.255
62.224.0.0/14
79.192.0.0/10
80.128.0.0/11
84.128.0.0/10
87.128.0.0/10
91.0.0.0/10
93.192.0.0/10
192.166.49.0/24
193.158.0.0/15
194.25.0.0/16
194.150.228.0/23
195.145.0.0/16
195.243.0.0/16
212.184.0.0/15
217.0.0.0/13
217.80.0.0/12
217.224.0.0/11
IPv6:
2003::/19
Signature Algorithm: sha256WithRSAEncryption
b1:8b:b0:0c:90:df:ef:06:00:e5:2a:ef:e9:12:42:f3:99:db:
62:25:b8:7b:62:78:3f:f5:6b:62:f3:25:66:86:15:0e:37:81:
7f:79:74:2e:af:0a:e4:d5:66:78:7b:33:96:00:69:b2:66:9b:
f0:ec:39:f4:d5:48:18:4f:fc:c7:da:fc:b2:40:ff:62:52:10:
61:73:6c:c5:0a:da:e8:9b:46:08:5f:f3:5c:60:38:bf:d0:26:
02:c6:5e:dd:02:93:50:2a:1c:55:8a:b6:c8:a4:e3:e7:1f:7e:
a7:1d:41:1d:ed:2b:7a:34:88:be:e1:4d:59:2f:6c:9b:b5:f9:
5e:96:7f:bf:03:53:cd:eb:f2:e5:18:de:5e:1e:ab:c7:c4:fd:
2f:2a:43:b5:d0:2c:94:82:9f:d9:b5:24:c9:31:4f:60:2a:a4:
bb:ce:6e:be:14:f2:06:9e:e9:6f:54:79:f4:1d:ba:b7:a3:87:
21:0f:02:e1:1d:e8:ff:14:47:a9:c2:90:c5:58:10:a4:ea:cc:
39:88:17:96:fc:07:39:3d:4c:59:76:89:ce:0e:69:4a:f0:d9:
da:bf:6e:5b:5f:d8:f2:fe:d0:c2:68:4d:7b:aa:ff:e7:c0:14:
80:94:65:c7:ee:de:8d:9d:f8:39:4a:08:00:13:7b:45:10:cb:
cd:ba:48:fe
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgISAZdj/351veuNnjfZjkXMAhYEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZDcxMDBlNzdlZDkxMTlkNjZlMjMyMWJiNjcxMWQ3ZTc2
MDk4MmIwHhcNMjUwNjEyMTE1NjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmE1MTNjMDM4OTBjZjY1Y2RlMjdmZWJiNWNmN2M0MTI1NWMwMjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXwLh6LdBE9zhiKvcwb/QuM4uUcw
IddbkEii16PcsV2rqDDqWqMWVLkqAGNw9qDbtsb/Ikr0X42DPEsNS8UwUw8+XNkF
zZ4X/Fuxo//CCwHzU5M5m6iQE4A/ylNtbe5HcFG4zhEzqK7Sb/UN4FVpp9rhEHyI
jSkzgONZMK16PDuzw3cwFbxyziApB2Fol9Ca4aCzkGo4Ibh0rGzaY6/eO3rxzkHR
upFGkfG5GyaN0W0TIE+zQuUdhF3Dp/om+HHRSBAB0rstUtFnuG5GcDmFfkhU+iGH
mkf7JaASuSS9yUi4w8+uR3Xzg8JqGKu9KQ1LRajAqYoYoUW7+hk/hxB4NwIDAQAB
o4ICfTCCAnkwHQYDVR0OBBYEFCalE8A4kM9lzeJ/67XPfEElXAIFMB8GA1UdIwQY
MBaAFPrXEA537ZEZ1m4jIbtnEdfnYJgrMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS10Y1FEbmZ0a1JuV2JpTWh1MmNSMS1kZ21Dcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2UvMDFkNDExLWQ5MTUtNDI3Ny04ZmUy
LTc2YjBkZGEyYmYzZS8xL0pxVVR3RGlRejJYTjRuX3J0Yzk4UVNWY0FnVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2UvMDFkNDExLWQ5MTUtNDI3Ny04ZmUyLTc2YjBkZGEyYmYz
ZS8xLzEtdGNRRG5mdGtSbldiaU1odTJjUjEtZGdtQ3MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZAGCCsGAQUFBwEHAQH/BIGAMH4wbgQCAAEwaAMDBC5Q
MAoDAwA+mQMDBT6AAwMCPuADAwZPwAMDBVCAAwMGVIADAwZXgAMDBlsAAwMGXcAD
BADApjEDAwHBngMDAMIZAwQBwpbkAwMAw5EDAwDD8wMDAdS4AwMD2QADAwTZUAMD
BdngMAwEAgACMAYDBAUgAwAwDQYJKoZIhvcNAQELBQADggEBALGLsAyQ3+8GAOUq
7+kSQvOZ22IluHtieD/1a2LzJWaGFQ43gX95dC6vCuTVZnh7M5YAabJmm/DsOfTV
SBhP/Mfa/LJA/2JSEGFzbMUK2uibRghf81xgOL/QJgLGXt0Ck1AqHFWKtsik4+cf
fqcdQR3tK3o0iL7hTVkvbJu1+V6Wf78DU83r8uUY3l4eq8fE/S8qQ7XQLJSCn9m1
JMkxT2AqpLvObr4U8gae6W9UefQdurejhyEPAuEd6P8UR6nCkMVYEKTqzDmIF5b8
Bzk9TFl2ic4OaUrw2dq/bltf2PL+0MJoTXuq/+fAFICUZcfu3o2d+DlKCAATe0UQ
y826SP4=
-----END CERTIFICATE-----
Generated at Sun Jun 15 02:06:19 2025 by rpki-client