Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QGZVFSLC3DTf7Q9XDZI5UFSIxPs.roa
File: QGZVFSLC3DTf7Q9XDZI5UFSIxPs.roa (raw, json)
Hash identifier: 7fGGzU7q3PoMD1LGQLI+ySf6iQJpQpvveq5IbloLjAg=
Subject key identifier: 40:66:55:15:22:C2:DC:34:DF:ED:0F:57:0D:92:39:50:54:88:C4:FB
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0198486F87F0316085EB3052C60F961A419A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QGZVFSLC3DTf7Q9XDZI5UFSIxPs.roa
Signing time: Sat 26 Jul 2025 20:32:05 +0000
ROA not before: Sat 26 Jul 2025 20:32:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 89.213.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 02:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:48:6f:87:f0:31:60:85:eb:30:52:c6:0f:96:1a:41:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 26 20:32:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4066551522c2dc34dfed0f570d9239505488c4fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:12:22:40:7f:4b:bb:3a:90:73:82:33:6b:f8:
2f:e6:ef:04:76:cd:2d:ca:c6:48:ed:17:cd:10:4a:
83:7e:55:0b:ad:99:8a:36:4a:78:09:77:d6:96:23:
af:2f:c0:f4:0f:ca:36:95:e6:7f:67:e0:64:03:3f:
d1:9f:8b:02:9a:f8:78:a2:40:ab:6d:77:81:ae:f4:
0e:08:0e:65:b1:7a:55:a7:73:bf:0f:00:30:3b:cf:
f8:19:73:55:8f:82:25:e5:c5:07:02:54:01:2b:0b:
8f:4d:89:c2:ed:c9:f5:f6:f3:84:44:29:68:e0:ac:
69:f0:b5:44:a5:d7:23:ac:a2:cf:11:66:b0:ef:80:
5c:b0:88:cb:b4:e6:43:f4:42:d4:a0:b1:84:1d:06:
09:06:10:c6:40:5c:be:95:b0:28:c0:20:51:b2:53:
04:84:94:c8:01:a5:47:b1:7f:e4:23:e7:eb:f6:f7:
a9:cc:72:29:58:ca:f7:a0:ae:1d:9c:1b:9a:46:df:
f9:d8:60:51:c1:02:56:02:a8:32:e3:72:2e:09:f8:
f3:7a:ee:80:c0:99:84:8b:72:eb:e4:d7:13:f4:5e:
a7:7d:31:07:a3:9c:4b:5b:05:69:ac:3b:90:ae:21:
78:c7:e1:7b:8c:96:b4:56:76:60:e7:09:49:df:ec:
89:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:66:55:15:22:C2:DC:34:DF:ED:0F:57:0D:92:39:50:54:88:C4:FB
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QGZVFSLC3DTf7Q9XDZI5UFSIxPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.147.0/24
Signature Algorithm: sha256WithRSAEncryption
78:e9:88:61:ae:e7:89:9e:5e:62:ab:58:20:49:92:8f:45:d1:
f0:a9:cf:1a:b7:50:f2:18:d2:8b:fe:57:a6:95:df:52:b5:a6:
76:9f:a6:99:b2:fa:97:a7:cd:0b:dd:09:00:fa:68:99:28:88:
1d:d1:40:78:03:12:ab:ef:a0:36:8f:42:0f:6d:bd:42:c6:a6:
b7:9f:36:82:39:bb:98:c8:ea:8a:98:e8:55:1f:e6:75:37:03:
c2:dc:ec:6f:40:e6:9a:5c:d3:22:fe:d2:a4:f0:47:de:ee:bc:
b9:73:0b:48:14:4d:9b:12:5f:e3:e1:83:65:f4:8c:77:de:7a:
65:ff:fb:a8:e4:7e:3e:dc:6f:d6:40:77:a1:41:d5:56:47:77:
a1:57:b9:71:aa:5d:32:b6:ce:0c:30:10:cc:4d:6f:41:ec:60:
03:09:bc:a2:ed:f0:c4:19:ba:45:8e:a0:9f:22:97:61:f1:72:
61:da:36:fe:dd:1d:d5:3a:41:18:29:a8:a6:5a:61:ff:c5:02:
d7:6d:28:94:76:e4:78:1d:fd:a4:3f:ca:b3:82:58:b4:43:ed:
96:10:4c:fa:53:48:a9:a5:42:d5:6a:6b:4a:92:0d:db:36:70:
64:59:fb:38:4e:a3:6b:8b:5c:0f:2a:2d:22:54:56:c7:bc:64:
16:aa:10:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZhIb4fwMWCF6zBSxg+WGkGaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNzI2MjAzMjA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDY2NTUxNTIyYzJkYzM0ZGZlZDBmNTcwZDkyMzk1MDU0ODhjNGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBIiQH9LuzqQc4Iza/gv5u8Eds0t
ysZI7RfNEEqDflULrZmKNkp4CXfWliOvL8D0D8o2leZ/Z+BkAz/Rn4sCmvh4okCr
bXeBrvQOCA5lsXpVp3O/DwAwO8/4GXNVj4Il5cUHAlQBKwuPTYnC7cn19vOERClo
4Kxp8LVEpdcjrKLPEWaw74BcsIjLtOZD9ELUoLGEHQYJBhDGQFy+lbAowCBRslME
hJTIAaVHsX/kI+fr9vepzHIpWMr3oK4dnBuaRt/52GBRwQJWAqgy43IuCfjzeu6A
wJmEi3Lr5NcT9F6nfTEHo5xLWwVprDuQriF4x+F7jJa0VnZg5wlJ3+yJjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEBmVRUiwtw03+0PVw2SOVBUiMT7MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUUdaVkZTTEMzRFRmN1E5WERaSTVVRlNJeFBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWTMA0G
CSqGSIb3DQEBCwUAA4IBAQB46YhhrueJnl5iq1ggSZKPRdHwqc8at1DyGNKL/lem
ld9StaZ2n6aZsvqXp80L3QkA+miZKIgd0UB4AxKr76A2j0IPbb1Cxqa3nzaCObuY
yOqKmOhVH+Z1NwPC3OxvQOaaXNMi/tKk8Efe7ry5cwtIFE2bEl/j4YNl9Ix33npl
//uo5H4+3G/WQHehQdVWR3ehV7lxql0yts4MMBDMTW9B7GADCbyi7fDEGbpFjqCf
Ipdh8XJh2jb+3R3VOkEYKaimWmH/xQLXbSiUduR4Hf2kP8qzgli0Q+2WEEz6U0ip
pULVamtKkg3bNnBkWfs4TqNri1wPKi0iVFbHvGQWqhBs
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:19:08 2025 by rpki-client