Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/c0ad4d-20fe-4a93-af06-1d0a4ec827ab/1/QKrM64oQZvgTozlvljxPPFHYkTo.roa
File: QKrM64oQZvgTozlvljxPPFHYkTo.roa (raw, json)
Hash identifier: JywzKYRCgR+CIrIm87qZr7VxIAPOkPxYDUlzkHtRqEQ=
Subject key identifier: 40:AA:CC:EB:8A:10:66:F8:13:A3:39:6F:96:3C:4F:3C:51:D8:91:3A
Certificate issuer: /CN=abc113c7aea6b714a060e9f7c3e71569e603d395
Certificate serial: 01985F97EDB57B2B8D84F0F594AFC27C99E3
Authority key identifier: AB:C1:13:C7:AE:A6:B7:14:A0:60:E9:F7:C3:E7:15:69:E6:03:D3:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q8ETx66mtxSgYOn3w-cVaeYD05U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/c0ad4d-20fe-4a93-af06-1d0a4ec827ab/1/QKrM64oQZvgTozlvljxPPFHYkTo.roa
Signing time: Thu 31 Jul 2025 08:27:28 +0000
ROA not before: Thu 31 Jul 2025 08:27:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50413
IP address blocks: 195.78.106.0/23 maxlen: 23
195.78.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/c0ad4d-20fe-4a93-af06-1d0a4ec827ab/1/q8ETx66mtxSgYOn3w-cVaeYD05U.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/c0ad4d-20fe-4a93-af06-1d0a4ec827ab/1/q8ETx66mtxSgYOn3w-cVaeYD05U.mft
rsync://rpki.ripe.net/repository/DEFAULT/q8ETx66mtxSgYOn3w-cVaeYD05U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 17:44:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5f:97:ed:b5:7b:2b:8d:84:f0:f5:94:af:c2:7c:99:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abc113c7aea6b714a060e9f7c3e71569e603d395
Validity
Not Before: Jul 31 08:27:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40aacceb8a1066f813a3396f963c4f3c51d8913a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8c:13:3c:b2:14:eb:66:f9:5d:ad:0e:c0:fb:
1c:fb:ab:50:e2:ed:3c:c4:df:fb:c5:82:c0:62:82:
de:f5:c2:3b:fe:31:64:9e:b0:21:35:cf:80:11:18:
7c:0c:18:dc:1e:f8:35:3b:b6:c4:c3:d6:9f:fe:2a:
e4:fa:48:99:b5:0b:36:56:8d:76:af:fe:46:73:89:
72:50:b6:ee:bb:a7:db:a8:ca:56:a9:9b:63:9c:23:
fa:f2:71:f3:d6:c5:f1:de:36:c5:0b:b4:72:06:d9:
97:b2:b5:b0:a1:31:e1:6b:8e:f6:ef:6c:12:9e:df:
d5:8d:45:c3:6e:0c:53:4e:8e:04:a8:d8:76:56:53:
f1:9f:02:1d:34:91:40:ec:32:4a:b2:43:25:78:8e:
0a:1a:f5:6b:65:d9:e3:b5:ff:7d:a1:3d:09:76:67:
f3:ef:21:38:fb:4a:3a:da:96:96:f5:a0:e6:9a:15:
c1:30:c1:e3:3a:73:a0:b2:96:61:20:16:e1:ad:c9:
04:e8:4a:24:be:c6:6d:79:be:06:85:24:59:65:e1:
25:b1:04:90:4f:c1:1a:89:7c:aa:76:ea:b3:fa:75:
22:db:42:f1:18:72:17:4a:8c:8a:36:e0:24:06:e9:
4e:ec:84:c4:98:26:90:1e:4c:11:9f:a2:a2:33:eb:
a6:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:AA:CC:EB:8A:10:66:F8:13:A3:39:6F:96:3C:4F:3C:51:D8:91:3A
X509v3 Authority Key Identifier:
keyid:AB:C1:13:C7:AE:A6:B7:14:A0:60:E9:F7:C3:E7:15:69:E6:03:D3:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q8ETx66mtxSgYOn3w-cVaeYD05U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/c0ad4d-20fe-4a93-af06-1d0a4ec827ab/1/QKrM64oQZvgTozlvljxPPFHYkTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/c0ad4d-20fe-4a93-af06-1d0a4ec827ab/1/q8ETx66mtxSgYOn3w-cVaeYD05U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.78.106.0/23
Signature Algorithm: sha256WithRSAEncryption
02:1e:7d:a1:73:f6:28:95:45:e2:02:10:40:18:4e:bc:5c:bc:
f1:d7:2f:2c:ee:31:de:5b:4e:e4:65:23:2e:2a:0f:eb:9d:58:
f2:8f:5b:f5:15:1a:2a:61:85:17:34:b1:1d:d0:b8:30:c1:de:
2d:74:9f:66:43:0e:c6:ea:0c:79:b4:9d:44:d5:08:99:ad:ed:
6f:dc:31:0c:de:8d:a7:3b:82:ee:fc:5d:80:7c:bf:28:0b:2c:
ad:ec:13:12:7b:6a:af:24:d1:05:a3:d2:08:e1:4f:58:7f:5f:
82:12:e7:a8:85:db:fe:7c:11:ab:82:a8:ca:0b:0c:04:65:38:
fd:fa:68:8e:e2:6f:42:4a:05:06:e8:1d:12:96:b5:94:2e:06:
cf:e7:50:92:80:83:1d:dd:fe:9e:b0:b0:0d:1e:52:26:86:5a:
d5:dd:8f:65:5b:fd:4c:75:78:03:8d:df:8c:25:99:38:92:ef:
1b:31:c9:42:de:04:80:a7:43:dc:13:db:82:4e:51:2d:ca:7c:
c9:21:8a:13:6a:fc:db:34:ce:68:35:de:2c:14:fe:87:9b:d7:
4b:aa:d8:e9:f5:5a:ab:79:5f:d2:74:ff:0d:31:44:27:0f:b8:
31:b9:8e:e1:80:4b:e1:e1:da:05:d9:bc:16:6e:cb:5e:c4:62:
b4:c4:13:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZhfl+21eyuNhPD1lK/CfJnjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYzExM2M3YWVhNmI3MTRhMDYwZTlmN2MzZTcxNTY5ZTYw
M2QzOTUwHhcNMjUwNzMxMDgyNzI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGFhY2NlYjhhMTA2NmY4MTNhMzM5NmY5NjNjNGYzYzUxZDg5MTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4wTPLIU62b5Xa0OwPsc+6tQ4u08
xN/7xYLAYoLe9cI7/jFknrAhNc+AERh8DBjcHvg1O7bEw9af/irk+kiZtQs2Vo12
r/5Gc4lyULbuu6fbqMpWqZtjnCP68nHz1sXx3jbFC7RyBtmXsrWwoTHha47272wS
nt/VjUXDbgxTTo4EqNh2VlPxnwIdNJFA7DJKskMleI4KGvVrZdnjtf99oT0Jdmfz
7yE4+0o62paW9aDmmhXBMMHjOnOgspZhIBbhrckE6EokvsZteb4GhSRZZeElsQSQ
T8EaiXyqduqz+nUi20LxGHIXSoyKNuAkBulO7ITEmCaQHkwRn6KiM+umYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFECqzOuKEGb4E6M5b5Y8TzxR2JE6MB8GA1UdIwQY
MBaAFKvBE8euprcUoGDp98PnFWnmA9OVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcThFVHg2Nm10eFNnWU9uM3ctY1ZhZVlEMDVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9jMGFkNGQtMjBmZS00YTkzLWFmMDYt
MWQwYTRlYzgyN2FiLzEvUUtyTTY0b1FadmdUb3psdmxqeFBQRkhZa1RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9jMGFkNGQtMjBmZS00YTkzLWFmMDYtMWQwYTRlYzgyN2Fi
LzEvcThFVHg2Nm10eFNnWU9uM3ctY1ZhZVlEMDVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw05qMA0G
CSqGSIb3DQEBCwUAA4IBAQACHn2hc/YolUXiAhBAGE68XLzx1y8s7jHeW07kZSMu
Kg/rnVjyj1v1FRoqYYUXNLEd0Lgwwd4tdJ9mQw7G6gx5tJ1E1QiZre1v3DEM3o2n
O4Lu/F2AfL8oCyyt7BMSe2qvJNEFo9II4U9Yf1+CEueohdv+fBGrgqjKCwwEZTj9
+miO4m9CSgUG6B0SlrWULgbP51CSgIMd3f6esLANHlImhlrV3Y9lW/1MdXgDjd+M
JZk4ku8bMclC3gSAp0PcE9uCTlEtynzJIYoTavzbNM5oNd4sFP6Hm9dLqtjp9Vqr
eV/SdP8NMUQnD7gxuY7hgEvh4doF2bwWbstexGK0xBPN
-----END CERTIFICATE-----
Generated at Wed Aug 6 00:55:45 2025 by rpki-client