Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/QIBl_PzzOyhWQ0YwS67cfZQv6q8.roa
File: QIBl_PzzOyhWQ0YwS67cfZQv6q8.roa (raw, json)
Hash identifier: P7SWaJtSk5gky4A+tb7xk+SJWuasiFqqv67n5HbuuCY=
Subject key identifier: 40:80:65:FC:FC:F3:3B:28:56:43:46:30:4B:AE:DC:7D:94:2F:EA:AF
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01975DB42A4FB29339D7CA5017CB8AB72944
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/QIBl_PzzOyhWQ0YwS67cfZQv6q8.roa
Signing time: Wed 11 Jun 2025 06:36:17 +0000
ROA not before: Wed 11 Jun 2025 06:36:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a09:f1c1::/32 maxlen: 32
2a0e:4782::/32 maxlen: 32
2a0e:5cc4::/32 maxlen: 32
2a0e:7345::/32 maxlen: 32
2a0e:b1c3::/32 maxlen: 32
2a0e:ffc2::/32 maxlen: 32
2a0f:4342::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.mft
rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 03:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5d:b4:2a:4f:b2:93:39:d7:ca:50:17:cb:8a:b7:29:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jun 11 06:36:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=408065fcfcf33b28564346304baedc7d942feaaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8c:d7:f3:7b:36:11:1a:91:04:40:44:38:46:
46:e7:49:d2:8f:a0:20:35:73:a7:dd:45:ab:8d:dd:
38:68:f3:06:7b:7c:4e:e5:9d:8d:7c:e6:06:1c:99:
db:e4:ca:b9:f8:ea:4e:31:41:e3:9d:61:d8:a7:72:
82:dd:b4:3b:d5:22:e0:37:5d:fe:50:a8:d1:3f:07:
d6:78:1b:e5:d4:68:33:12:7c:11:92:9c:b8:82:49:
e1:91:5e:6e:cc:11:db:42:09:ba:d3:02:1c:f8:d3:
1a:c9:bd:c5:c7:6c:55:eb:48:65:ea:1a:ba:90:21:
05:2a:7c:7c:91:3c:c5:7c:29:ce:4b:90:dd:5d:46:
24:6f:80:7b:93:5b:cb:32:9f:4d:83:78:06:a0:5b:
d0:a9:03:d2:a5:5c:b0:fd:a3:b7:ce:c8:86:57:a4:
25:6a:09:22:34:44:eb:4e:3b:6b:46:00:0d:e0:6e:
42:62:2d:3f:80:fb:16:29:2b:35:df:d8:b0:68:e5:
a8:7f:15:97:92:b0:d3:dd:9b:a7:b9:11:20:c9:94:
ee:5d:23:f0:0f:88:e0:c6:ae:c1:48:b7:e9:3e:73:
c5:dd:b6:ce:76:57:0a:53:e8:b5:68:6e:56:c5:04:
a1:00:ad:59:c1:34:a1:da:38:08:88:05:bb:02:f1:
3a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:80:65:FC:FC:F3:3B:28:56:43:46:30:4B:AE:DC:7D:94:2F:EA:AF
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/QIBl_PzzOyhWQ0YwS67cfZQv6q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:f1c1::/32
2a0e:4782::/32
2a0e:5cc4::/32
2a0e:7345::/32
2a0e:b1c3::/32
2a0e:ffc2::/32
2a0f:4342::/32
Signature Algorithm: sha256WithRSAEncryption
57:05:7e:39:49:2e:40:b9:9c:db:fe:3a:06:79:c4:b3:3f:cd:
42:96:f9:08:de:7c:51:25:b2:51:9c:1f:39:c6:75:5a:a9:d4:
b3:1c:b5:16:cf:74:f3:55:6b:ca:fc:6d:77:c4:e3:f4:9c:a8:
43:10:35:db:f9:f4:be:e7:c6:fa:e2:f1:72:f0:6f:85:05:7d:
4c:0a:b0:5c:49:be:04:e9:5d:fd:60:1e:44:d3:96:7d:fc:ab:
d0:72:97:25:9f:fe:39:da:24:73:1d:1e:db:97:00:ce:ad:4c:
aa:5d:37:c9:a1:b3:13:38:8a:a8:4d:b9:c8:83:4d:f3:c3:12:
39:9f:ce:c3:a6:18:2b:2d:64:ac:c4:62:de:89:35:a7:0b:04:
f4:03:6d:f4:d3:34:47:65:ee:8c:69:26:b2:99:35:4e:9c:b8:
5d:e8:68:09:23:a7:15:bd:5d:bc:ef:9b:fc:58:b6:44:75:5e:
2a:e0:56:e7:31:12:6d:99:2e:29:8b:e2:03:7e:94:7b:ab:ef:
d7:81:fa:34:e9:b8:f9:56:4c:ab:cb:ef:48:69:cd:2b:af:16:
0a:e5:6e:7c:db:3d:16:67:73:ae:ed:20:55:58:98:49:16:15:
ff:32:99:79:6a:4a:0a:79:49:5e:46:c0:77:c6:f1:3e:da:61:
29:11:e9:d5
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZddtCpPspM518pQF8uKtylEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjUwNjExMDYzNjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDgwNjVmY2ZjZjMzYjI4NTY0MzQ2MzA0YmFlZGM3ZDk0MmZlYWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4zX83s2ERqRBEBEOEZG50nSj6Ag
NXOn3UWrjd04aPMGe3xO5Z2NfOYGHJnb5Mq5+OpOMUHjnWHYp3KC3bQ71SLgN13+
UKjRPwfWeBvl1GgzEnwRkpy4gknhkV5uzBHbQgm60wIc+NMayb3Fx2xV60hl6hq6
kCEFKnx8kTzFfCnOS5DdXUYkb4B7k1vLMp9Ng3gGoFvQqQPSpVyw/aO3zsiGV6Ql
agkiNETrTjtrRgAN4G5CYi0/gPsWKSs139iwaOWofxWXkrDT3ZunuREgyZTuXSPw
D4jgxq7BSLfpPnPF3bbOdlcKU+i1aG5WxQShAK1ZwTSh2jgIiAW7AvE6UQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFECAZfz88zsoVkNGMEuu3H2UL+qvMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvUUlCbF9QenpPeWhXUTBZd1M2N2NmWlF2NnE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUAKgnxwQMF
ACoOR4IDBQAqDlzEAwUAKg5zRQMFACoOscMDBQAqDv/CAwUAKg9DQjANBgkqhkiG
9w0BAQsFAAOCAQEAVwV+OUkuQLmc2/46BnnEsz/NQpb5CN58USWyUZwfOcZ1WqnU
sxy1Fs9081Vryvxtd8Tj9JyoQxA12/n0vufG+uLxcvBvhQV9TAqwXEm+BOld/WAe
RNOWffyr0HKXJZ/+Odokcx0e25cAzq1Mql03yaGzEziKqE25yINN88MSOZ/Ow6YY
Ky1krMRi3ok1pwsE9ANt9NM0R2XujGkmspk1Tpy4XehoCSOnFb1dvO+b/Fi2RHVe
KuBW5zESbZkuKYviA36Ue6vv14H6NOm4+VZMq8vvSGnNK68WCuVufNs9Fmdzru0g
VViYSRYV/zKZeWpKCnlJXkbAd8bxPtphKRHp1Q==
-----END CERTIFICATE-----
Generated at Mon Jun 16 09:59:44 2025 by rpki-client