Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/31431e-5a7d-4fc3-a88d-47f043fba13b/1/qg_gTG3kMJ8yASDHg8Zr6JAQqu0.roa
File: qg_gTG3kMJ8yASDHg8Zr6JAQqu0.roa (raw, json)
Hash identifier: wvAdPaglsI8ZgswNM7MBvLU8hMlTWlPPe6zU3kuMz4A=
Subject key identifier: AA:0F:E0:4C:6D:E4:30:9F:32:01:20:C7:83:C6:6B:E8:90:10:AA:ED
Certificate issuer: /CN=d8f1fbdbce2145a0db6900609f7c54732dfb0cd8
Certificate serial: 01975F45CDAD48DCE3F9B679591C4D386B17
Authority key identifier: D8:F1:FB:DB:CE:21:45:A0:DB:69:00:60:9F:7C:54:73:2D:FB:0C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2PH7284hRaDbaQBgn3xUcy37DNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/31431e-5a7d-4fc3-a88d-47f043fba13b/1/qg_gTG3kMJ8yASDHg8Zr6JAQqu0.roa
Signing time: Wed 11 Jun 2025 13:54:59 +0000
ROA not before: Wed 11 Jun 2025 13:54:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4913
IP address blocks: 93.190.185.0/24 maxlen: 24
93.190.186.0/24 maxlen: 24
93.190.187.0/24 maxlen: 24
93.190.188.0/24 maxlen: 24
93.190.189.0/24 maxlen: 24
93.190.190.0/24 maxlen: 24
109.71.186.0/24 maxlen: 24
109.71.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/31431e-5a7d-4fc3-a88d-47f043fba13b/1/2PH7284hRaDbaQBgn3xUcy37DNg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/31431e-5a7d-4fc3-a88d-47f043fba13b/1/2PH7284hRaDbaQBgn3xUcy37DNg.mft
rsync://rpki.ripe.net/repository/DEFAULT/2PH7284hRaDbaQBgn3xUcy37DNg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Jun 2025 14:10:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5f:45:cd:ad:48:dc:e3:f9:b6:79:59:1c:4d:38:6b:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8f1fbdbce2145a0db6900609f7c54732dfb0cd8
Validity
Not Before: Jun 11 13:54:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa0fe04c6de4309f320120c783c66be89010aaed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2f:98:7e:c9:1b:df:d9:6f:0f:c6:9c:2e:4d:
b9:50:28:32:00:5e:99:75:64:3a:70:18:7e:2e:30:
d7:52:95:1a:33:56:76:9f:ba:aa:fe:d9:fb:a6:68:
f4:b4:62:1d:d5:67:e7:29:0e:32:77:b8:2b:a8:69:
f9:04:ad:bf:f5:0e:d5:34:3c:51:39:f2:6e:df:6d:
1a:da:b2:f3:73:08:05:e4:0f:88:6d:09:c5:a1:ae:
df:19:5a:56:d5:4c:91:bb:e6:9b:aa:cf:99:6f:11:
90:9a:cd:e9:65:03:88:ed:a3:b9:cb:57:a2:42:44:
e9:e3:a9:dd:1e:2e:de:8a:ab:55:2e:d3:49:37:65:
dc:1c:d2:a6:8a:95:9f:9e:73:bb:7a:f8:62:9a:2b:
36:22:22:ee:02:ad:84:7d:f0:03:b2:7c:3a:a0:95:
bd:b3:8e:53:7d:69:58:03:a1:f1:5e:71:bd:64:18:
22:96:dd:74:40:71:8a:bb:e1:ef:9b:eb:1a:0b:14:
16:15:86:3d:c2:1b:54:71:e8:ce:68:2e:10:e7:84:
c8:a4:cf:43:63:88:33:33:c5:d5:f5:0d:36:07:e9:
a9:80:07:15:fe:b3:fe:03:87:4a:77:9b:6d:6f:45:
83:f6:c3:16:df:29:e9:04:b1:a6:08:1a:ce:0e:d4:
08:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:0F:E0:4C:6D:E4:30:9F:32:01:20:C7:83:C6:6B:E8:90:10:AA:ED
X509v3 Authority Key Identifier:
keyid:D8:F1:FB:DB:CE:21:45:A0:DB:69:00:60:9F:7C:54:73:2D:FB:0C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2PH7284hRaDbaQBgn3xUcy37DNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/31431e-5a7d-4fc3-a88d-47f043fba13b/1/qg_gTG3kMJ8yASDHg8Zr6JAQqu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/31431e-5a7d-4fc3-a88d-47f043fba13b/1/2PH7284hRaDbaQBgn3xUcy37DNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.185.0-93.190.190.255
109.71.186.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:b2:3e:ef:9d:07:86:c0:db:9d:35:23:64:61:4d:34:3f:da:
7a:2c:8d:e7:84:a8:dd:bc:57:31:79:03:88:e5:2d:ac:bc:c6:
8b:2d:b8:d0:9a:7a:b2:78:cb:5e:46:53:40:eb:69:00:ed:d6:
1c:e3:ab:9e:1b:0b:ad:8f:79:41:3f:be:9c:b0:c4:f0:9b:39:
0d:dd:3a:8f:ae:fc:16:2b:54:54:0e:63:a8:f9:f5:50:da:26:
7e:c9:39:c9:2a:82:40:bb:6b:23:7b:2d:f0:84:a6:10:94:3e:
7f:6a:4c:e4:b8:5f:16:0b:e8:16:d2:05:ca:bd:4f:d3:df:39:
ab:2c:a9:55:4b:b3:4a:ab:14:8a:04:be:e9:c1:1f:6b:5d:dc:
b1:f5:25:e3:1b:13:8f:e3:6a:2a:aa:55:6a:62:b9:87:26:f1:
53:fc:69:84:53:59:7d:60:f9:f3:6d:61:3e:f8:6c:00:dd:47:
1b:d2:81:45:06:13:19:0b:7f:60:e4:ca:fe:93:47:94:12:f9:
1b:74:04:fc:23:b3:75:84:f3:be:d4:66:71:b0:20:3c:8f:80:
c8:2a:59:d9:d3:a1:7c:1b:18:92:f2:d9:7b:dd:55:9b:45:7c:
f9:67:d1:18:4a:d4:8d:10:45:9e:15:d2:af:89:82:63:18:03:
89:75:8a:5a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZdfRc2tSNzj+bZ5WRxNOGsXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZjFmYmRiY2UyMTQ1YTBkYjY5MDA2MDlmN2M1NDczMmRm
YjBjZDgwHhcNMjUwNjExMTM1NDU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTBmZTA0YzZkZTQzMDlmMzIwMTIwYzc4M2M2NmJlODkwMTBhYWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAty+Yfskb39lvD8acLk25UCgyAF6Z
dWQ6cBh+LjDXUpUaM1Z2n7qq/tn7pmj0tGId1WfnKQ4yd7grqGn5BK2/9Q7VNDxR
OfJu320a2rLzcwgF5A+IbQnFoa7fGVpW1UyRu+abqs+ZbxGQms3pZQOI7aO5y1ei
QkTp46ndHi7eiqtVLtNJN2XcHNKmipWfnnO7evhimis2IiLuAq2EffADsnw6oJW9
s45TfWlYA6HxXnG9ZBgilt10QHGKu+Hvm+saCxQWFYY9whtUcejOaC4Q54TIpM9D
Y4gzM8XV9Q02B+mpgAcV/rP+A4dKd5ttb0WD9sMW3ynpBLGmCBrODtQIDQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKoP4Ext5DCfMgEgx4PGa+iQEKrtMB8GA1UdIwQY
MBaAFNjx+9vOIUWg22kAYJ98VHMt+wzYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlBINzI4NGhSYURiYVFCZ24zeFVjeTM3RE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8zMTQzMWUtNWE3ZC00ZmMzLWE4OGQt
NDdmMDQzZmJhMTNiLzEvcWdfZ1RHM2tNSjh5QVNESGc4WnI2SkFRcXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS8zMTQzMWUtNWE3ZC00ZmMzLWE4OGQtNDdmMDQzZmJhMTNi
LzEvMlBINzI4NGhSYURiYVFCZ24zeFVjeTM3RE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABdvrkD
BABdvr4DBAFtR7owDQYJKoZIhvcNAQELBQADggEBAFqyPu+dB4bA2501I2RhTTQ/
2nosjeeEqN28VzF5A4jlLay8xostuNCaerJ4y15GU0DraQDt1hzjq54bC62PeUE/
vpywxPCbOQ3dOo+u/BYrVFQOY6j59VDaJn7JOckqgkC7ayN7LfCEphCUPn9qTOS4
XxYL6BbSBcq9T9PfOassqVVLs0qrFIoEvunBH2td3LH1JeMbE4/jaiqqVWpiuYcm
8VP8aYRTWX1g+fNtYT74bADdRxvSgUUGExkLf2Dkyv6TR5QS+Rt0BPwjs3WE877U
ZnGwIDyPgMgqWdnToXwbGJLy2XvdVZtFfPln0RhK1I0QRZ4V0q+JgmMYA4l1ilo=
-----END CERTIFICATE-----
Generated at Wed Jun 18 18:22:30 2025 by rpki-client