Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/QTCPFXVRRLkp3ercjSW162nhB-A.roa
File: QTCPFXVRRLkp3ercjSW162nhB-A.roa (raw, json)
Hash identifier: XhEovYLdBmvxmOuXv8xVuohgGdqV/5ES4zlUNTBMGIc=
Subject key identifier: 41:30:8F:15:75:51:44:B9:29:DD:EA:DC:8D:25:B5:EB:69:E1:07:E0
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 0198848893AABCCB828D5267A2AC334302D2
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/QTCPFXVRRLkp3ercjSW162nhB-A.roa
Signing time: Thu 07 Aug 2025 12:36:39 +0000
ROA not before: Thu 07 Aug 2025 12:36:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200202
IP address blocks: 195.216.180.0/24 maxlen: 24
195.216.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 06:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:84:88:93:aa:bc:cb:82:8d:52:67:a2:ac:33:43:02:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Aug 7 12:36:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41308f15755144b929ddeadc8d25b5eb69e107e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:af:59:64:ae:cf:7b:f4:db:b5:5f:46:02:fd:
b8:5d:82:51:61:d6:cd:97:86:6b:6a:9e:a9:4d:a6:
67:39:f7:41:74:fd:d9:f6:4c:0c:0e:50:6e:f3:30:
e2:72:35:3d:fa:74:b6:d6:88:2b:f4:9a:4e:df:99:
b1:4c:8d:a2:d2:69:c2:24:a0:1e:11:40:02:cc:a2:
40:7a:fe:6c:c8:be:d1:0a:ab:fd:16:df:14:e5:75:
39:02:34:9b:80:e5:a1:42:a1:7d:7d:e4:85:76:91:
bf:3e:60:d3:b1:fd:f3:32:94:0a:5c:e3:eb:5e:9a:
72:a6:9e:90:b1:fc:78:42:ee:2b:6c:75:b2:c8:c0:
6f:b0:23:1a:de:38:1c:55:fd:cd:38:52:a8:be:4a:
6d:1b:12:92:4b:35:fb:fd:06:d8:3f:f5:36:3a:43:
a2:ec:72:f0:09:af:47:94:36:f8:0b:b5:bf:d6:64:
7d:29:d9:4b:e3:24:ff:52:4a:bd:4c:e0:74:3c:85:
32:e6:e7:ff:24:1d:df:bf:18:c3:b6:83:85:07:65:
bd:ab:0d:af:ca:a6:57:f2:83:5b:9f:c3:52:e1:37:
16:c7:20:34:83:5a:3c:34:86:af:0e:dd:bd:19:71:
9a:c5:c7:3a:21:ba:c6:fe:7d:2a:d9:30:9e:16:94:
29:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:30:8F:15:75:51:44:B9:29:DD:EA:DC:8D:25:B5:EB:69:E1:07:E0
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/QTCPFXVRRLkp3ercjSW162nhB-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.180.0/24
195.216.190.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:98:7d:19:59:81:43:75:f7:bc:2e:0c:a5:1f:59:90:15:05:
87:ed:15:6a:d2:27:95:cf:62:37:ac:3f:74:a2:89:99:7f:33:
22:5c:50:f1:ba:7b:e2:e8:e1:47:39:fc:14:9c:fa:f1:e4:9e:
da:4e:3d:22:65:eb:32:12:1d:42:6c:79:4b:e4:91:e9:58:72:
4a:4e:ad:e1:3d:96:63:ce:9d:37:9a:d8:5f:40:ac:44:32:d6:
e9:f8:59:84:ab:ab:26:92:69:68:69:f7:c1:ac:3a:e1:f3:0a:
35:44:da:e7:7a:1e:63:90:78:c2:e0:95:30:cd:ab:6d:0f:ad:
1c:5a:4e:ed:c7:80:2a:45:1e:00:3c:f2:af:74:45:32:70:4e:
31:5e:3d:b8:95:99:38:62:38:5d:2d:71:7d:b4:90:2f:d2:06:
08:3e:93:9e:f8:57:fc:27:00:d2:39:be:61:58:6f:4d:9b:6f:
97:b2:bf:a1:de:a9:53:f3:b7:1d:75:b8:13:62:63:da:e3:8a:
2b:6c:6e:92:9f:83:8f:76:c7:81:c7:1a:45:9c:05:7d:54:94:
92:e7:bd:03:36:f6:60:86:b4:c4:1e:e0:d2:93:9a:a0:6b:be:
3b:74:d1:6e:a4:3b:09:0b:0c:c3:1e:79:46:de:9b:95:5f:f7:
7b:72:c8:a9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZiEiJOqvMuCjVJnoqwzQwLSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjUwODA3MTIzNjM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTMwOGYxNTc1NTE0NGI5MjlkZGVhZGM4ZDI1YjVlYjY5ZTEwN2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlq9ZZK7Pe/TbtV9GAv24XYJRYdbN
l4Zrap6pTaZnOfdBdP3Z9kwMDlBu8zDicjU9+nS21ogr9JpO35mxTI2i0mnCJKAe
EUACzKJAev5syL7RCqv9Ft8U5XU5AjSbgOWhQqF9feSFdpG/PmDTsf3zMpQKXOPr
Xppypp6Qsfx4Qu4rbHWyyMBvsCMa3jgcVf3NOFKovkptGxKSSzX7/QbYP/U2OkOi
7HLwCa9HlDb4C7W/1mR9KdlL4yT/Ukq9TOB0PIUy5uf/JB3fvxjDtoOFB2W9qw2v
yqZX8oNbn8NS4TcWxyA0g1o8NIavDt29GXGaxcc6IbrG/n0q2TCeFpQpmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEEwjxV1UUS5Kd3q3I0ltetp4QfgMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvUVRDUEZYVlJSTGtwM2VyY2pTVzE2Mm5oQi1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw9i0AwQA
w9i+MA0GCSqGSIb3DQEBCwUAA4IBAQB/mH0ZWYFDdfe8LgylH1mQFQWH7RVq0ieV
z2I3rD90oomZfzMiXFDxunvi6OFHOfwUnPrx5J7aTj0iZesyEh1CbHlL5JHpWHJK
Tq3hPZZjzp03mthfQKxEMtbp+FmEq6smkmloaffBrDrh8wo1RNrneh5jkHjC4JUw
zattD60cWk7tx4AqRR4APPKvdEUycE4xXj24lZk4YjhdLXF9tJAv0gYIPpOe+Ff8
JwDSOb5hWG9Nm2+Xsr+h3qlT87cddbgTYmPa44orbG6Sn4OPdseBxxpFnAV9VJSS
570DNvZghrTEHuDSk5qga747dNFupDsJCwzDHnlG3puVX/d7csip
-----END CERTIFICATE-----
Generated at Fri Aug 8 12:49:32 2025 by rpki-client