Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/qxvPMaX8OGrCfU_og9o2DVWnb6o.roa
File: qxvPMaX8OGrCfU_og9o2DVWnb6o.roa (raw, json)
Hash identifier: EVV5E8QbGEPDIg0iJeaGWGQ6+38SPbZU14znorEijaI=
Subject key identifier: AB:1B:CF:31:A5:FC:38:6A:C2:7D:4F:E8:83:DA:36:0D:55:A7:6F:AA
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 01987E20B411ADE6B644CACAB561F07B2DD0
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/qxvPMaX8OGrCfU_og9o2DVWnb6o.roa
Signing time: Wed 06 Aug 2025 06:45:29 +0000
ROA not before: Wed 06 Aug 2025 06:45:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55207
IP address blocks: 185.186.8.0/24 maxlen: 24
2a0b:6b81::/48 maxlen: 48
2a0b:6b86::/48 maxlen: 48
2a0b:6b86:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.mft
rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 06:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7e:20:b4:11:ad:e6:b6:44:ca:ca:b5:61:f0:7b:2d:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: Aug 6 06:45:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab1bcf31a5fc386ac27d4fe883da360d55a76faa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ee:f9:87:39:74:82:dc:b7:8d:8d:5f:5c:04:
61:be:d0:e5:ae:c3:e1:c8:3f:79:c6:b2:a3:60:cf:
32:d7:49:a3:c2:30:26:08:98:94:1c:6e:c5:6b:87:
cd:a2:72:88:19:04:37:ab:8b:f0:90:8f:d4:06:04:
ea:48:5b:70:e0:1f:27:bc:97:32:3c:b7:f1:ee:5c:
f4:e2:e9:50:00:4f:38:1f:90:75:e3:66:76:73:c9:
1b:1f:1b:ca:29:40:36:27:24:e3:ea:61:12:2f:1a:
5e:c4:76:8b:df:b6:ea:f2:95:da:7f:54:5a:a7:05:
7d:59:a0:81:a0:5e:fd:c4:08:6d:4e:f5:b9:02:5d:
48:82:9e:53:7c:8e:1f:1f:e7:85:0a:5c:d4:8a:95:
28:91:c0:dc:88:50:48:b3:86:8b:3d:31:92:fa:d2:
dd:69:28:9a:fc:f5:35:78:d4:dd:05:c6:70:36:74:
e7:84:49:b3:69:56:20:b1:de:21:46:3c:13:de:d9:
8e:10:c2:df:3e:2d:bd:75:de:9d:12:4d:3f:86:30:
58:1c:ec:ff:c2:a9:60:d2:7d:39:13:2d:9f:cf:0a:
bc:d7:94:f8:ae:c8:fb:42:d7:ff:a7:82:fd:7b:85:
a6:bf:a0:02:44:56:e9:60:47:06:0a:1b:bf:e1:d5:
72:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:1B:CF:31:A5:FC:38:6A:C2:7D:4F:E8:83:DA:36:0D:55:A7:6F:AA
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/qxvPMaX8OGrCfU_og9o2DVWnb6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.8.0/24
IPv6:
2a0b:6b81::/48
2a0b:6b86::/47
Signature Algorithm: sha256WithRSAEncryption
cc:e0:77:c0:b2:f4:4b:a0:95:bf:40:66:20:53:d6:99:4d:a7:
bf:46:9e:57:e6:38:65:25:e0:01:90:cb:1f:9a:13:ef:28:38:
e1:6e:54:87:ba:01:ea:73:00:5c:e0:79:ce:99:12:18:65:4e:
4c:7f:7b:2a:4b:a2:75:38:e2:b3:c1:24:11:75:64:90:f6:8e:
00:54:29:74:a1:f5:04:9c:97:cd:3f:ba:32:7a:d7:0d:e8:05:
b8:db:7c:de:c5:18:35:9a:01:ff:a3:47:b0:33:fa:c1:76:46:
a0:95:9f:45:7e:46:96:32:04:c0:be:6f:71:c0:0b:b6:c4:7d:
63:de:fa:87:7c:78:d0:7e:aa:15:b3:4e:09:67:f5:d0:0e:7c:
0b:a5:a1:eb:22:da:e4:43:04:cd:47:b8:7f:a7:ca:a1:41:5a:
6d:f6:bc:81:9b:7f:54:1a:95:1f:d8:c8:de:2b:04:32:9c:89:
6b:16:2e:8b:51:7a:7d:70:7c:32:8c:3a:e0:18:5b:b6:57:c2:
2c:ff:48:d5:20:bc:39:9d:61:51:08:ca:bc:f4:12:d2:76:07:
69:0b:9c:7f:44:37:4f:6d:19:36:7c:1b:91:bb:5b:76:ba:2d:
7d:84:05:a0:65:3d:90:df:66:a2:6b:71:d5:43:b5:cd:dc:bd:
21:1c:e9:61
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZh+ILQRrea2RMrKtWHwey3QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjUwODA2MDY0NTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjFiY2YzMWE1ZmMzODZhYzI3ZDRmZTg4M2RhMzYwZDU1YTc2ZmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApe75hzl0gty3jY1fXARhvtDlrsPh
yD95xrKjYM8y10mjwjAmCJiUHG7Fa4fNonKIGQQ3q4vwkI/UBgTqSFtw4B8nvJcy
PLfx7lz04ulQAE84H5B142Z2c8kbHxvKKUA2JyTj6mESLxpexHaL37bq8pXaf1Ra
pwV9WaCBoF79xAhtTvW5Al1Igp5TfI4fH+eFClzUipUokcDciFBIs4aLPTGS+tLd
aSia/PU1eNTdBcZwNnTnhEmzaVYgsd4hRjwT3tmOEMLfPi29dd6dEk0/hjBYHOz/
wqlg0n05Ey2fzwq815T4rsj7Qtf/p4L9e4Wmv6ACRFbpYEcGChu/4dVy9QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKsbzzGl/Dhqwn1P6IPaNg1Vp2+qMB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvcXh2UE1hWDhPR3JDZlVfb2c5bzJEVlduYjZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAuboIMBgE
AgACMBIDBwAqC2uBAAADBwEqC2uGAAAwDQYJKoZIhvcNAQELBQADggEBAMzgd8Cy
9Euglb9AZiBT1plNp79GnlfmOGUl4AGQyx+aE+8oOOFuVIe6AepzAFzgec6ZEhhl
Tkx/eypLonU44rPBJBF1ZJD2jgBUKXSh9QScl80/ujJ61w3oBbjbfN7FGDWaAf+j
R7Az+sF2RqCVn0V+RpYyBMC+b3HAC7bEfWPe+od8eNB+qhWzTgln9dAOfAuloesi
2uRDBM1HuH+nyqFBWm32vIGbf1QalR/YyN4rBDKciWsWLotRen1wfDKMOuAYW7ZX
wiz/SNUgvDmdYVEIyrz0EtJ2B2kLnH9EN09tGTZ8G5G7W3a6LX2EBaBlPZDfZqJr
cdVDtc3cvSEc6WE=
-----END CERTIFICATE-----
Generated at Thu Aug 7 11:07:23 2025 by rpki-client