Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Qp2Zm0LEpJDMsLodusVyq9g9MYg.roa
File: Qp2Zm0LEpJDMsLodusVyq9g9MYg.roa (raw, json)
Hash identifier: jJeE6L6slkKko4q8jcPSzjO62uXdvaJJCBizVLQKBjk=
Subject key identifier: 42:9D:99:9B:42:C4:A4:90:CC:B0:BA:1D:BA:C5:72:AB:D8:3D:31:88
Certificate issuer: /CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Certificate serial: 01970B7E978C1C02A797C5D59B125E205D6C
Authority key identifier: 43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Qp2Zm0LEpJDMsLodusVyq9g9MYg.roa
Signing time: Mon 26 May 2025 07:28:55 +0000
ROA not before: Mon 26 May 2025 07:28:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 45.155.99.0/24 maxlen: 24
2a10:ba00:1::/48 maxlen: 48
2a10:ba00:2::/48 maxlen: 48
2a10:ba00:3::/48 maxlen: 48
2a10:ba00:bee0::/48 maxlen: 48
2a10:ba00:bee1::/48 maxlen: 48
2a10:ba00:bee2::/48 maxlen: 48
2a10:ba00:bee3::/48 maxlen: 48
2a10:ba00:bee4::/48 maxlen: 48
2a10:ba00:bee5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0b:7e:97:8c:1c:02:a7:97:c5:d5:9b:12:5e:20:5d:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Validity
Not Before: May 26 07:28:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=429d999b42c4a490ccb0ba1dbac572abd83d3188
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:25:53:9d:83:04:78:f6:53:35:02:e3:38:dc:
ce:65:d4:0b:27:1a:71:7b:66:75:a5:9f:3d:d0:6f:
69:ac:4b:e4:13:22:47:a6:42:f6:66:0a:62:80:c3:
c6:ad:09:c5:33:32:22:42:ff:90:f5:31:54:6f:49:
5d:cd:cc:3c:13:a1:c1:ce:f5:3d:bd:db:6d:be:01:
eb:8c:a5:92:53:a3:43:55:49:d5:39:27:8c:3d:f3:
f4:6c:8e:8e:29:8e:c7:fc:b6:b6:54:fe:12:ae:23:
cf:ee:b9:72:56:8f:f3:e1:41:25:96:cf:ca:f7:d5:
6e:2b:80:50:ed:d1:62:12:b5:5d:46:4a:b1:34:b1:
a6:38:ad:a9:2f:f2:47:33:0a:70:a2:f1:51:53:c1:
3f:4a:3f:37:c1:ea:8b:2f:80:08:21:b9:70:5c:b8:
cd:b4:de:b2:dc:79:4e:92:54:f8:a5:7c:1e:e3:c6:
88:98:55:4f:36:ef:ef:8e:2a:1c:cc:f5:dd:43:1a:
06:44:9a:1b:89:bf:4d:ff:7a:3d:56:83:b2:fc:13:
e0:a1:71:3b:ea:38:2d:b5:ae:00:15:59:bb:f0:19:
4c:b7:3d:a4:c8:e4:fd:5b:68:cf:db:17:b6:61:41:
7f:84:af:af:a0:6e:56:2f:9f:c4:b2:f6:51:c6:33:
8f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:9D:99:9B:42:C4:A4:90:CC:B0:BA:1D:BA:C5:72:AB:D8:3D:31:88
X509v3 Authority Key Identifier:
keyid:43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Qp2Zm0LEpJDMsLodusVyq9g9MYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.99.0/24
IPv6:
2a10:ba00:1::-2a10:ba00:3:ffff:ffff:ffff:ffff:ffff
2a10:ba00:bee0::-2a10:ba00:bee5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
61:d4:7e:49:5c:4e:c4:2a:95:5a:a3:f1:08:9d:fd:8f:08:7b:
f6:67:e0:fe:f1:41:35:3c:9a:8a:2c:f0:7b:ed:9f:9f:c3:f9:
7a:1c:6b:94:91:11:1c:1b:85:c0:62:dd:5a:e8:de:55:c0:ed:
28:d4:b1:fd:8f:cd:24:18:aa:85:79:57:3f:40:4b:4f:4a:2b:
7e:9c:ae:62:ea:38:cf:7c:63:bd:cc:6d:65:aa:9b:bc:37:98:
ba:29:64:63:08:69:7f:1d:2b:d5:f1:7e:65:02:c7:dd:95:6d:
41:ef:f9:36:c4:62:ca:d0:d9:a9:9c:e7:58:d2:04:a6:f4:29:
4b:9e:66:3e:71:1a:96:ef:30:a6:fc:66:83:90:fe:a1:45:2c:
0d:fd:70:14:3f:33:f3:cd:4d:7f:bf:47:f1:2c:08:4f:67:a0:
b2:ac:1d:ef:4c:a7:60:6f:37:df:17:a2:2a:56:e9:8e:80:3e:
9e:57:d3:4b:2c:54:79:e1:fc:b8:0a:71:9a:49:3c:86:96:98:
c2:f1:69:ef:2c:46:f8:a9:c3:fc:6d:6f:df:ae:c7:6d:e4:0f:
c7:18:6c:e0:95:82:40:dd:f8:de:87:cd:da:dc:42:81:e0:07:
b5:d5:d5:5e:86:60:2f:df:6d:f5:09:e5:27:5c:83:ea:fd:0e:
dd:ba:9e:db
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZcLfpeMHAKnl8XVmxJeIF1sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZGZjMDY2Y2U3Y2QzZTM4MjU3NGE2ODY2Nzk3M2IwYjQ2
OGRmM2MwHhcNMjUwNTI2MDcyODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjlkOTk5YjQyYzRhNDkwY2NiMGJhMWRiYWM1NzJhYmQ4M2QzMTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiVTnYMEePZTNQLjONzOZdQLJxpx
e2Z1pZ890G9prEvkEyJHpkL2ZgpigMPGrQnFMzIiQv+Q9TFUb0ldzcw8E6HBzvU9
vdttvgHrjKWSU6NDVUnVOSeMPfP0bI6OKY7H/La2VP4SriPP7rlyVo/z4UElls/K
99VuK4BQ7dFiErVdRkqxNLGmOK2pL/JHMwpwovFRU8E/Sj83weqLL4AIIblwXLjN
tN6y3HlOklT4pXwe48aImFVPNu/vjioczPXdQxoGRJobib9N/3o9VoOy/BPgoXE7
6jgtta4AFVm78BlMtz2kyOT9W2jP2xe2YUF/hK+voG5WL5/EsvZRxjOPYQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFEKdmZtCxKSQzLC6HbrFcqvYPTGIMB8GA1UdIwQY
MBaAFEPfwGbOfNPjgldKaGZ5c7C0aN88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlfQVpzNTgwLU9DVjBwb1pubHpzTFJvM3p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xNjM2ZjgtNTAyNi00MDRlLWExYWUt
MjUwOTc0M2FkMjllLzEvUXAyWm0wTEVwSkRNc0xvZHVzVnlxOWc5TVlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xNjM2ZjgtNTAyNi00MDRlLWExYWUtMjUwOTc0M2FkMjll
LzEvUTlfQVpzNTgwLU9DVjBwb1pubHpzTFJvM3p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAMBAIAATAGAwQALZtjMC4E
AgACMCgwEgMHACoQugAAAQMHAioQugAAADASAwcFKhC6AL7gAwcBKhC6AL7kMA0G
CSqGSIb3DQEBCwUAA4IBAQBh1H5JXE7EKpVao/EInf2PCHv2Z+D+8UE1PJqKLPB7
7Z+fw/l6HGuUkREcG4XAYt1a6N5VwO0o1LH9j80kGKqFeVc/QEtPSit+nK5i6jjP
fGO9zG1lqpu8N5i6KWRjCGl/HSvV8X5lAsfdlW1B7/k2xGLK0NmpnOdY0gSm9ClL
nmY+cRqW7zCm/GaDkP6hRSwN/XAUPzPzzU1/v0fxLAhPZ6CyrB3vTKdgbzffF6Iq
VumOgD6eV9NLLFR54fy4CnGaSTyGlpjC8WnvLEb4qcP8bW/frsdt5A/HGGzglYJA
3fjeh83a3EKB4Ae11dVehmAv3231CeUnXIPq/Q7dup7b
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:19:44 2025 by rpki-client