Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/rqssHEFaU9cBbAYq5h-Z5dZhD70.roa
File: rqssHEFaU9cBbAYq5h-Z5dZhD70.roa (raw, json)
Hash identifier: XPmsPoFUAhDePBRt0rX+aTeKt9kZS58GDddsgp5etNk=
Subject key identifier: AE:AB:2C:1C:41:5A:53:D7:01:6C:06:2A:E6:1F:99:E5:D6:61:0F:BD
Certificate issuer: /CN=1366b960a6f1f04439f09186f9ecf531a9ce2648
Certificate serial: 01985B18325CF5B475F4094F1DAEC5E2D886
Authority key identifier: 13:66:B9:60:A6:F1:F0:44:39:F0:91:86:F9:EC:F5:31:A9:CE:26:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E2a5YKbx8EQ58JGG-ez1ManOJkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/rqssHEFaU9cBbAYq5h-Z5dZhD70.roa
Signing time: Wed 30 Jul 2025 11:29:29 +0000
ROA not before: Wed 30 Jul 2025 11:29:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7843
IP address blocks: 194.150.220.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/E2a5YKbx8EQ58JGG-ez1ManOJkg.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/E2a5YKbx8EQ58JGG-ez1ManOJkg.mft
rsync://rpki.ripe.net/repository/DEFAULT/E2a5YKbx8EQ58JGG-ez1ManOJkg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 08:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5b:18:32:5c:f5:b4:75:f4:09:4f:1d:ae:c5:e2:d8:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1366b960a6f1f04439f09186f9ecf531a9ce2648
Validity
Not Before: Jul 30 11:29:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aeab2c1c415a53d7016c062ae61f99e5d6610fbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9b:25:5b:fd:55:20:a6:b1:95:d2:e1:f8:83:
44:b6:28:e2:c4:75:9c:88:e9:fd:6d:47:79:02:38:
4e:4c:c3:9e:49:08:04:d9:77:4e:ac:5e:1e:d7:5b:
8e:f9:40:37:07:8e:71:f7:31:d2:c6:fb:81:64:0d:
a4:a0:5f:b0:6f:22:f7:cb:17:82:87:f5:5c:c7:41:
f3:0d:a0:65:61:32:a6:fc:1a:91:95:d9:da:b5:3e:
76:78:d2:25:88:01:57:55:fd:f1:ce:3e:28:de:e6:
64:ba:b1:42:62:60:4c:4c:4e:f7:ca:04:c9:8a:b5:
55:aa:7a:3d:f7:01:6e:ce:13:87:a2:37:09:e5:0f:
2c:dd:9c:3b:61:b1:12:ae:06:c8:72:3e:c1:74:0f:
7d:65:26:d0:90:73:f9:91:5f:02:0c:73:f1:f4:b6:
9f:cb:af:b3:6d:4a:94:da:fa:6a:a0:df:8d:10:db:
95:69:ef:0f:c8:37:e5:e4:3d:7b:85:e8:8e:de:9e:
50:bc:2f:55:ea:36:63:b9:4f:17:4b:ff:cc:a7:39:
84:c0:ff:b0:9d:12:9c:7f:e9:51:1d:2c:a6:24:39:
0c:97:a3:1d:ea:22:cc:77:8f:52:8c:c1:6b:66:1d:
22:8f:29:66:ae:5a:51:22:ac:3d:aa:46:0a:3a:a3:
d7:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:AB:2C:1C:41:5A:53:D7:01:6C:06:2A:E6:1F:99:E5:D6:61:0F:BD
X509v3 Authority Key Identifier:
keyid:13:66:B9:60:A6:F1:F0:44:39:F0:91:86:F9:EC:F5:31:A9:CE:26:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E2a5YKbx8EQ58JGG-ez1ManOJkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/rqssHEFaU9cBbAYq5h-Z5dZhD70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/E2a5YKbx8EQ58JGG-ez1ManOJkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.220.0/23
Signature Algorithm: sha256WithRSAEncryption
33:fc:88:12:71:2b:b4:26:89:e8:71:c9:e3:b7:2e:9c:11:41:
87:5b:d4:b4:60:57:e0:c1:8d:ad:0c:ba:5c:8e:cc:33:95:9d:
2a:06:f8:cf:73:88:99:f3:4e:b4:ca:f6:ad:d6:77:1b:13:d8:
d7:f3:06:90:d6:2f:c3:f1:82:58:43:ae:af:76:5c:3d:b5:e4:
3f:7d:00:7a:2e:ea:f5:25:7f:e1:43:3a:78:67:f9:06:51:5a:
74:de:58:13:45:29:72:9c:68:75:d4:50:93:37:e2:31:cc:b5:
db:ff:5a:0d:fd:4d:04:e7:1b:ab:03:a9:5f:92:05:f4:a7:6b:
dd:d2:58:8f:a9:f7:6d:87:eb:6f:06:6a:d3:a6:ab:e4:7e:92:
5e:fd:05:69:ce:6d:30:31:7f:e4:05:c3:62:bf:8d:8b:3d:46:
79:1c:f7:70:2c:2c:34:2c:bb:92:c9:53:6f:36:9c:ce:f8:84:
b0:8e:13:e7:41:cf:97:d2:e4:fc:ff:e7:89:c1:2f:0e:2a:b6:
72:cf:ed:d5:80:e0:4d:86:bd:42:69:95:80:e7:91:cf:18:80:
88:dd:e4:0a:fa:f3:94:c3:03:be:13:38:c4:65:ce:be:b0:5f:
16:3d:bd:ad:e6:39:aa:a4:ba:3f:a0:da:6a:c4:0d:68:7d:ba:
fe:82:a9:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZhbGDJc9bR19AlPHa7F4tiGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNjZiOTYwYTZmMWYwNDQzOWYwOTE4NmY5ZWNmNTMxYTlj
ZTI2NDgwHhcNMjUwNzMwMTEyOTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWFiMmMxYzQxNWE1M2Q3MDE2YzA2MmFlNjFmOTllNWQ2NjEwZmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpslW/1VIKaxldLh+INEtijixHWc
iOn9bUd5AjhOTMOeSQgE2XdOrF4e11uO+UA3B45x9zHSxvuBZA2koF+wbyL3yxeC
h/Vcx0HzDaBlYTKm/BqRldnatT52eNIliAFXVf3xzj4o3uZkurFCYmBMTE73ygTJ
irVVqno99wFuzhOHojcJ5Q8s3Zw7YbESrgbIcj7BdA99ZSbQkHP5kV8CDHPx9Laf
y6+zbUqU2vpqoN+NENuVae8PyDfl5D17heiO3p5QvC9V6jZjuU8XS//MpzmEwP+w
nRKcf+lRHSymJDkMl6Md6iLMd49SjMFrZh0ijylmrlpRIqw9qkYKOqPXSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK6rLBxBWlPXAWwGKuYfmeXWYQ+9MB8GA1UdIwQY
MBaAFBNmuWCm8fBEOfCRhvns9TGpziZIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTJhNVlLYng4RVE1OEpHRy1lejFNYW5PSmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80NDAyYjAtMmVjYS00ODM2LWJmMjIt
YTk2NzE1OWY4ODdkLzEvcnFzc0hFRmFVOWNCYkFZcTVoLVo1ZFpoRDcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80NDAyYjAtMmVjYS00ODM2LWJmMjItYTk2NzE1OWY4ODdk
LzEvRTJhNVlLYng4RVE1OEpHRy1lejFNYW5PSmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwpbcMA0G
CSqGSIb3DQEBCwUAA4IBAQAz/IgScSu0Jonoccnjty6cEUGHW9S0YFfgwY2tDLpc
jswzlZ0qBvjPc4iZ8060yvat1ncbE9jX8waQ1i/D8YJYQ66vdlw9teQ/fQB6Lur1
JX/hQzp4Z/kGUVp03lgTRSlynGh11FCTN+IxzLXb/1oN/U0E5xurA6lfkgX0p2vd
0liPqfdth+tvBmrTpqvkfpJe/QVpzm0wMX/kBcNiv42LPUZ5HPdwLCw0LLuSyVNv
NpzO+ISwjhPnQc+X0uT8/+eJwS8OKrZyz+3VgOBNhr1CaZWA55HPGICI3eQK+vOU
wwO+EzjEZc6+sF8WPb2t5jmqpLo/oNpqxA1ofbr+gqnE
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:53:51 2025 by rpki-client