Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Qk_oPgr-WCQpQMO8JB9XwsPmJ5E.roa
File: Qk_oPgr-WCQpQMO8JB9XwsPmJ5E.roa (raw, json)
Hash identifier: PCHrMwUWmEHVHwE2MEePh11jfyG4VxZwGTQLVSqThV0=
Subject key identifier: 42:4F:E8:3E:0A:FE:58:24:29:40:C3:BC:24:1F:57:C2:C3:E6:27:91
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01987C141C87B1A6A1D881E0010D1835F556
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Qk_oPgr-WCQpQMO8JB9XwsPmJ5E.roa
Signing time: Tue 05 Aug 2025 21:12:29 +0000
ROA not before: Tue 05 Aug 2025 21:12:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198231
IP address blocks: 2a0f:5ec0::/29 maxlen: 32
2a0f:7fc0::/29 maxlen: 32
2a0f:edc0::/29 maxlen: 32
2a0f:fb40::/29 maxlen: 32
2a11:6600::/29 maxlen: 32
2a11:6c00::/29 maxlen: 32
2a11:d400::/29 maxlen: 32
2a12:3c80::/29 maxlen: 32
2a12:e4c0::/29 maxlen: 32
2a13:3a80::/29 maxlen: 32
2a13:3e80::/29 maxlen: 32
2a13:4680::/29 maxlen: 32
2a13:64c0::/29 maxlen: 32
2a13:6540::/29 maxlen: 32
2a13:6840::/29 maxlen: 32
2a13:68c0::/29 maxlen: 32
2a13:69c0::/29 maxlen: 32
2a13:6a40::/29 maxlen: 32
2a13:6ac0::/29 maxlen: 32
2a13:6bc0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 02:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7c:14:1c:87:b1:a6:a1:d8:81:e0:01:0d:18:35:f5:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Aug 5 21:12:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=424fe83e0afe58242940c3bc241f57c2c3e62791
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:14:92:78:9a:b0:8a:48:75:2c:fe:c5:75:8c:
6a:2d:60:2e:ce:e0:99:6b:4d:83:95:9d:0c:aa:d0:
b5:3c:44:9c:df:0c:e0:79:b4:9d:29:37:58:7c:e0:
06:cb:ab:cd:82:85:25:32:c0:fd:d6:db:c3:c4:b0:
8f:1f:b5:e1:5a:d4:03:3d:28:66:2f:50:10:c8:9e:
a6:6f:1e:d0:1b:dd:a5:2b:18:46:42:8a:19:0d:1d:
a0:9d:e4:9c:ca:8d:01:f2:26:96:a8:f2:65:3a:77:
81:45:71:1d:6c:e1:f7:9b:4b:bc:5a:8b:11:a0:15:
fc:95:27:84:65:3e:7b:6c:4a:80:dc:75:64:cb:9f:
90:0d:7a:d2:84:66:aa:46:2d:a7:65:f6:9f:d0:bf:
5d:b8:b8:b5:ee:3d:ac:da:da:65:7a:b3:91:f4:02:
78:b8:8b:55:0c:af:7c:7b:00:3f:2d:86:a4:84:39:
a1:af:a8:39:23:30:24:79:df:63:e1:2f:17:a1:53:
9a:1b:c2:45:f3:fa:9c:5d:68:cf:e2:fd:53:5f:21:
f6:bf:43:55:fe:8a:3b:83:6f:2f:67:a9:a2:04:fc:
f8:0c:7a:ca:eb:bf:d1:ec:bc:68:af:46:67:2f:a2:
03:83:3f:03:0e:44:5a:64:50:9f:e3:c9:d6:d1:87:
ac:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:4F:E8:3E:0A:FE:58:24:29:40:C3:BC:24:1F:57:C2:C3:E6:27:91
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Qk_oPgr-WCQpQMO8JB9XwsPmJ5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5ec0::/29
2a0f:7fc0::/29
2a0f:edc0::/29
2a0f:fb40::/29
2a11:6600::/29
2a11:6c00::/29
2a11:d400::/29
2a12:3c80::/29
2a12:e4c0::/29
2a13:3a80::/29
2a13:3e80::/29
2a13:4680::/29
2a13:64c0::/29
2a13:6540::/29
2a13:6840::/29
2a13:68c0::/29
2a13:69c0::/29
2a13:6a40::/29
2a13:6ac0::/29
2a13:6bc0::/29
Signature Algorithm: sha256WithRSAEncryption
65:c5:b4:69:48:e9:e1:3c:c2:1d:ce:8d:82:69:0e:c1:b2:01:
63:bc:1d:83:fb:88:e6:64:0c:ca:2e:e3:d5:97:e1:2b:5c:92:
9a:d9:b4:0b:62:ae:ff:6a:f6:08:32:e8:e1:b5:a4:0b:ce:be:
62:35:7b:44:90:d3:03:44:7e:35:c9:7c:5f:df:a6:90:58:17:
c0:fa:60:62:62:fe:59:e4:00:6c:d4:5a:80:a1:dd:db:ff:9e:
7c:9a:a6:9f:43:b0:78:66:93:57:c3:40:ec:59:f9:38:f2:5d:
a6:a7:e0:a3:36:82:6f:17:3e:13:9c:14:bc:1b:66:b1:84:23:
26:10:5c:81:26:45:2c:f4:9f:95:61:6b:b9:36:90:1c:a5:94:
06:48:75:06:a5:ea:cf:c8:08:78:eb:5a:3b:93:30:a0:97:81:
56:4c:78:53:56:bf:60:c2:f0:ce:a7:c6:08:81:eb:92:84:ce:
8b:a2:13:3a:34:9f:bc:f0:a7:a4:07:85:18:00:bf:9e:aa:01:
b0:f0:85:fd:57:f9:8e:93:f1:7b:59:97:00:d3:56:7c:98:b9:
6b:fc:29:6e:ae:7a:05:79:d8:f6:fd:99:4b:c1:72:65:81:5d:
15:3c:db:66:f4:3c:95:2f:88:a8:8c:20:aa:6b:13:cb:d9:51:
92:5c:bd:5a
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZh8FByHsaah2IHgAQ0YNfVWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwODA1MjExMjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjRmZTgzZTBhZmU1ODI0Mjk0MGMzYmMyNDFmNTdjMmMzZTYyNzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7RSSeJqwikh1LP7FdYxqLWAuzuCZ
a02DlZ0MqtC1PESc3wzgebSdKTdYfOAGy6vNgoUlMsD91tvDxLCPH7XhWtQDPShm
L1AQyJ6mbx7QG92lKxhGQooZDR2gneScyo0B8iaWqPJlOneBRXEdbOH3m0u8WosR
oBX8lSeEZT57bEqA3HVky5+QDXrShGaqRi2nZfaf0L9duLi17j2s2tplerOR9AJ4
uItVDK98ewA/LYakhDmhr6g5IzAked9j4S8XoVOaG8JF8/qcXWjP4v1TXyH2v0NV
/oo7g28vZ6miBPz4DHrK67/R7Lxor0ZnL6IDgz8DDkRaZFCf48nW0YesNwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFEJP6D4K/lgkKUDDvCQfV8LD5ieRMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvUWtfb1Bnci1XQ1FwUU1POEpCOVh3c1BtSjVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAIwgYwDBQMq
D17AAwUDKg9/wAMFAyoP7cADBQMqD/tAAwUDKhFmAAMFAyoRbAADBQMqEdQAAwUD
KhI8gAMFAyoS5MADBQMqEzqAAwUDKhM+gAMFAyoTRoADBQMqE2TAAwUDKhNlQAMF
AyoTaEADBQMqE2jAAwUDKhNpwAMFAyoTakADBQMqE2rAAwUDKhNrwDANBgkqhkiG
9w0BAQsFAAOCAQEAZcW0aUjp4TzCHc6NgmkOwbIBY7wdg/uI5mQMyi7j1ZfhK1yS
mtm0C2Ku/2r2CDLo4bWkC86+YjV7RJDTA0R+Ncl8X9+mkFgXwPpgYmL+WeQAbNRa
gKHd2/+efJqmn0OweGaTV8NA7Fn5OPJdpqfgozaCbxc+E5wUvBtmsYQjJhBcgSZF
LPSflWFruTaQHKWUBkh1BqXqz8gIeOtaO5MwoJeBVkx4U1a/YMLwzqfGCIHrkoTO
i6ITOjSfvPCnpAeFGAC/nqoBsPCF/Vf5jpPxe1mXANNWfJi5a/wpbq56BXnY9v2Z
S8FyZYFdFTzbZvQ8lS+IqIwgqmsTy9lRkly9Wg==
-----END CERTIFICATE-----
Generated at Thu Aug 7 11:15:23 2025 by rpki-client