Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/QKHedA5oCs2GkodXUBvwNsBaeDU.roa
File: QKHedA5oCs2GkodXUBvwNsBaeDU.roa (raw, json)
Hash identifier: yLRo4GcmQokUVzdnu7pWd/8XthGL017ao4NoMcn2oXw=
Subject key identifier: 40:A1:DE:74:0E:68:0A:CD:86:92:87:57:50:1B:F0:36:C0:5A:78:35
Certificate issuer: /CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Certificate serial: 019875B00ED37C452B6672D9A324959B0B34
Authority key identifier: C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/QKHedA5oCs2GkodXUBvwNsBaeDU.roa
Signing time: Mon 04 Aug 2025 15:25:29 +0000
ROA not before: Mon 04 Aug 2025 15:25:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211381
IP address blocks: 45.88.76.0/24 maxlen: 24
45.88.105.0/24 maxlen: 24
45.91.200.0/24 maxlen: 24
45.91.201.0/24 maxlen: 24
45.91.202.0/24 maxlen: 24
45.132.107.0/24 maxlen: 24
45.147.196.0/24 maxlen: 24
77.83.175.0/24 maxlen: 24
81.91.179.0/24 maxlen: 24
91.211.248.0/24 maxlen: 24
91.211.249.0/24 maxlen: 24
91.211.250.0/24 maxlen: 24
92.119.114.0/24 maxlen: 24
95.215.204.0/24 maxlen: 24
95.215.206.0/24 maxlen: 24
95.215.207.0/24 maxlen: 24
103.246.144.0/24 maxlen: 24
103.246.145.0/24 maxlen: 24
103.246.146.0/24 maxlen: 24
103.246.147.0/24 maxlen: 24
185.203.240.0/24 maxlen: 24
185.203.241.0/24 maxlen: 24
185.209.20.0/24 maxlen: 24
185.209.21.0/24 maxlen: 24
185.219.81.0/24 maxlen: 24
185.219.83.0/24 maxlen: 24
185.231.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 15:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:75:b0:0e:d3:7c:45:2b:66:72:d9:a3:24:95:9b:0b:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Validity
Not Before: Aug 4 15:25:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40a1de740e680acd86928757501bf036c05a7835
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1a:9a:ec:60:a9:bc:0e:86:13:40:61:c6:96:
99:79:24:d3:f3:7d:4f:ac:ea:f3:56:2f:e5:b5:5a:
f9:00:58:22:70:aa:71:9c:94:6d:49:d9:36:0d:bd:
eb:3d:28:9e:fe:a8:6e:ae:76:94:af:12:22:28:57:
c7:1b:01:39:aa:fc:88:58:e5:f2:49:97:a1:cf:0c:
f7:ae:c2:14:a1:c6:93:67:cc:5b:b1:46:29:98:07:
1d:ec:7c:85:cd:74:e5:63:92:70:72:82:ff:33:06:
3b:e6:38:82:bf:18:2e:28:89:4c:f4:42:5a:d1:38:
c5:2d:da:25:b0:13:29:5e:a3:2c:c8:08:ca:9d:99:
50:e6:55:10:e4:1b:0b:bf:fe:ef:c0:45:93:cb:24:
30:1d:08:21:70:1c:5e:4b:85:31:02:7f:e5:93:b6:
15:b5:88:39:e7:49:68:0e:16:b7:76:a6:77:96:1d:
f3:de:b1:58:5c:e1:a7:3e:e4:b5:18:ac:f5:0e:f4:
e3:d0:2d:09:60:55:2f:99:e2:e0:d9:d1:94:e6:f3:
04:c3:cd:0b:76:84:43:65:79:ca:93:c1:d8:76:3d:
64:10:92:3e:22:31:b2:76:31:89:93:77:89:8c:36:
00:4f:1d:10:ed:41:70:8d:66:ec:75:90:f8:b6:36:
af:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:A1:DE:74:0E:68:0A:CD:86:92:87:57:50:1B:F0:36:C0:5A:78:35
X509v3 Authority Key Identifier:
keyid:C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/QKHedA5oCs2GkodXUBvwNsBaeDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.76.0/24
45.88.105.0/24
45.91.200.0-45.91.202.255
45.132.107.0/24
45.147.196.0/24
77.83.175.0/24
81.91.179.0/24
91.211.248.0-91.211.250.255
92.119.114.0/24
95.215.204.0/24
95.215.206.0/23
103.246.144.0/22
185.203.240.0/23
185.209.20.0/23
185.219.81.0/24
185.219.83.0/24
185.231.69.0/24
Signature Algorithm: sha256WithRSAEncryption
59:9f:e2:22:dc:cb:3f:de:10:4e:15:8f:96:3b:9e:32:ac:29:
32:2c:ce:cc:81:24:6d:27:67:4f:f9:27:b3:ef:26:72:a1:1d:
da:8c:a5:45:00:62:69:dc:7e:3e:f0:c0:95:c0:a1:4e:4b:70:
01:1c:82:cc:dc:53:52:a5:02:b2:d4:95:8a:5b:08:52:c3:bb:
c5:d5:a3:3f:24:7e:98:85:66:37:c2:f8:f2:b3:db:87:57:a5:
1e:47:30:50:ee:35:43:f8:cb:f1:eb:42:87:ce:91:77:35:34:
90:86:38:07:2e:c5:1c:9c:76:74:3f:5f:01:35:29:e9:d8:a5:
fb:f8:37:b7:2e:39:2b:50:65:24:41:65:88:37:d1:7b:62:36:
bc:52:95:f2:05:3f:42:16:f0:21:ad:fd:ff:6b:48:77:73:da:
4e:d1:40:82:0a:64:e0:25:f4:de:75:40:73:0b:8e:ef:0b:93:
24:c9:83:30:dd:a9:dc:f5:0b:00:22:cb:f0:ce:31:c8:82:36:
22:a5:a8:9f:29:00:e8:e1:79:62:de:97:8f:4f:8a:95:14:93:
7a:07:0a:be:5d:ab:3e:86:cb:c3:da:23:5e:7a:1b:a4:dd:b2:
ca:64:74:32:3c:67:cd:7d:9d:59:f0:f2:b4:13:7f:40:42:18:
84:d8:aa:78
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZh1sA7TfEUrZnLZoySVmws0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZDM2OWU2NmNkYmUzMGQ3YjNhZmY2MDgxZjIwYzE3YTk4
ZmRjNWIwHhcNMjUwODA0MTUyNTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGExZGU3NDBlNjgwYWNkODY5Mjg3NTc1MDFiZjAzNmMwNWE3ODM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRqa7GCpvA6GE0BhxpaZeSTT831P
rOrzVi/ltVr5AFgicKpxnJRtSdk2Db3rPSie/qhurnaUrxIiKFfHGwE5qvyIWOXy
SZehzwz3rsIUocaTZ8xbsUYpmAcd7HyFzXTlY5JwcoL/MwY75jiCvxguKIlM9EJa
0TjFLdolsBMpXqMsyAjKnZlQ5lUQ5BsLv/7vwEWTyyQwHQghcBxeS4UxAn/lk7YV
tYg550loDha3dqZ3lh3z3rFYXOGnPuS1GKz1DvTj0C0JYFUvmeLg2dGU5vMEw80L
doRDZXnKk8HYdj1kEJI+IjGydjGJk3eJjDYATx0Q7UFwjWbsdZD4tjavkwIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFECh3nQOaArNhpKHV1Ab8DbAWng1MB8GA1UdIwQY
MBaAFMHTaeZs2+MNezr/YIHyDBepj9xbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUt
YTYzNDc5NjEwOTY4LzEvUUtIZWRBNW9DczJHa29kWFVCdndOc0JhZURVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUtYTYzNDc5NjEwOTY4
LzEvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAAtWEwD
BAAtWGkwDAMEAy1byAMEAC1bygMEAC2EawMEAC2TxAMEAE1TrwMEAFFbszAMAwQD
W9P4AwQAW9P6AwQAXHdyAwQAX9fMAwQBX9fOAwQCZ/aQAwQBucvwAwQBudEUAwQA
udtRAwQAudtTAwQAuedFMA0GCSqGSIb3DQEBCwUAA4IBAQBZn+Ii3Ms/3hBOFY+W
O54yrCkyLM7MgSRtJ2dP+Sez7yZyoR3ajKVFAGJp3H4+8MCVwKFOS3ABHILM3FNS
pQKy1JWKWwhSw7vF1aM/JH6YhWY3wvjys9uHV6UeRzBQ7jVD+Mvx60KHzpF3NTSQ
hjgHLsUcnHZ0P18BNSnp2KX7+De3LjkrUGUkQWWIN9F7Yja8UpXyBT9CFvAhrf3/
a0h3c9pO0UCCCmTgJfTedUBzC47vC5MkyYMw3anc9QsAIsvwzjHIgjYipaifKQDo
4Xli3pePT4qVFJN6Bwq+Xas+hsvD2iNeehuk3bLKZHQyPGfNfZ1Z8PK0E39AQhiE
2Kp4
-----END CERTIFICATE-----
Generated at Sun Aug 10 21:01:06 2025 by rpki-client