Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Qf1Y3pdyPL1vnWhQ5hU90Q5bWag.roa
File: Qf1Y3pdyPL1vnWhQ5hU90Q5bWag.roa (raw, json)
Hash identifier: StWu8MpOTDjb7x09vhXarA04Ic1DK559b23w2AKNrRM=
Subject key identifier: 41:FD:58:DE:97:72:3C:BD:6F:9D:68:50:E6:15:3D:D1:0E:5B:59:A8
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019A34F7C14E59D38AE55566DF11660DC474
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Qf1Y3pdyPL1vnWhQ5hU90Q5bWag.roa
Signing time: Thu 30 Oct 2025 11:54:03 +0000
ROA not before: Thu 30 Oct 2025 11:54:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209854
IP address blocks: 45.144.227.0/24 maxlen: 24
62.197.144.0/24 maxlen: 24
62.197.145.0/24 maxlen: 24
62.197.146.0/24 maxlen: 24
62.197.147.0/24 maxlen: 24
62.197.148.0/24 maxlen: 24
62.197.149.0/24 maxlen: 24
62.197.150.0/24 maxlen: 24
62.197.151.0/24 maxlen: 24
62.197.152.0/24 maxlen: 24
62.197.153.0/24 maxlen: 24
62.197.154.0/23 maxlen: 24
62.197.156.0/23 maxlen: 24
62.197.158.0/24 maxlen: 24
62.197.159.0/24 maxlen: 24
92.62.120.0/24 maxlen: 24
92.62.121.0/24 maxlen: 24
92.62.122.0/23 maxlen: 24
185.244.139.0/24 maxlen: 24
194.169.168.0/24 maxlen: 24
194.169.169.0/24 maxlen: 24
194.169.170.0/23 maxlen: 24
212.119.32.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:34:f7:c1:4e:59:d3:8a:e5:55:66:df:11:66:0d:c4:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 30 11:54:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41fd58de97723cbd6f9d6850e6153dd10e5b59a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:96:9b:c7:ef:21:8e:54:b1:15:62:92:42:11:
c3:ae:24:42:59:b3:47:51:e4:71:86:f1:4b:36:7e:
d4:aa:61:6b:4d:54:87:d0:92:e3:3c:8a:6b:8f:af:
a3:cd:0e:35:d2:98:70:69:eb:0f:0e:64:66:7b:03:
d6:8e:07:d2:73:9e:9a:fe:7e:8d:6a:fc:f8:0e:85:
72:e5:cd:fe:7f:89:df:14:5a:74:83:c1:b0:21:67:
dc:b2:02:7b:20:e7:c6:71:ef:78:0a:d6:aa:ec:d9:
ce:2e:b9:b1:f8:2f:49:23:43:47:15:70:2e:3b:8d:
c6:9f:b2:51:3d:5b:7c:ea:ab:99:9f:2f:2e:d5:f9:
14:b1:c8:10:6c:e3:49:51:7d:dc:d2:d2:91:d7:2d:
64:7c:0f:00:20:13:50:d0:e3:f2:b4:e5:e2:ea:6d:
52:9a:18:65:3a:d3:61:77:57:82:e5:56:dd:1f:d3:
d9:7b:ac:3d:6d:18:bb:94:ca:d6:fe:08:4c:8d:34:
d9:ab:9b:97:bc:a2:26:7f:73:54:dd:52:1e:f7:e1:
44:24:8e:f6:f7:8d:a2:87:f7:81:bc:29:b9:77:6e:
22:b4:b2:48:0e:3c:52:90:b5:14:ee:56:fc:cd:57:
a0:7c:73:b9:2f:88:77:e2:f4:06:7d:8b:e6:91:ab:
db:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:FD:58:DE:97:72:3C:BD:6F:9D:68:50:E6:15:3D:D1:0E:5B:59:A8
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Qf1Y3pdyPL1vnWhQ5hU90Q5bWag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.227.0/24
62.197.144.0/20
92.62.120.0/22
185.244.139.0/24
194.169.168.0/22
212.119.32.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:ef:aa:ec:f7:f8:17:6e:dd:18:4c:fb:d5:3d:16:86:b7:e9:
6e:25:17:d3:7b:91:fd:cb:ad:cf:6c:86:02:d5:b9:4a:4d:c2:
32:8f:cf:77:b9:dd:47:7a:ff:9c:39:6d:bb:a8:32:65:e9:58:
bb:70:c0:c1:9f:f4:35:2b:11:a5:b1:e0:33:7f:71:d1:ed:b5:
df:0c:40:d8:f3:a8:53:c7:34:8a:fb:3d:1c:c2:99:01:3a:61:
18:5b:77:1a:1b:3b:6a:5b:91:f5:22:60:36:44:4a:1b:4d:7b:
72:a9:07:cf:01:e9:d3:16:e7:e5:33:7f:9d:e1:ac:5c:c8:ab:
e5:e9:37:a2:fc:d3:fb:2e:34:c4:a2:a2:95:0e:d3:73:09:d9:
e6:bb:bd:4b:91:d2:70:0a:ea:fa:5c:93:5b:b0:c4:1e:2d:05:
32:da:7d:2d:9b:bb:30:76:da:3f:12:9b:89:ab:e8:d7:46:d3:
d6:f7:bc:40:09:6e:e9:11:bc:b2:6a:3b:61:95:38:7f:ce:25:
06:ab:25:82:b0:a0:43:48:42:ce:1a:80:9e:50:40:2d:66:29:
3a:33:51:d9:42:c1:6f:59:92:ff:73:58:f4:37:a9:7e:e2:2c:
33:d4:97:2d:69:ac:69:35:5f:05:32:03:30:04:19:12:5b:56:
cc:38:3d:0c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZo098FOWdOK5VVm3xFmDcR0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUxMDMwMTE1NDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWZkNThkZTk3NzIzY2JkNmY5ZDY4NTBlNjE1M2RkMTBlNWI1OWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpabx+8hjlSxFWKSQhHDriRCWbNH
UeRxhvFLNn7UqmFrTVSH0JLjPIprj6+jzQ410phwaesPDmRmewPWjgfSc56a/n6N
avz4DoVy5c3+f4nfFFp0g8GwIWfcsgJ7IOfGce94Ctaq7NnOLrmx+C9JI0NHFXAu
O43Gn7JRPVt86quZny8u1fkUscgQbONJUX3c0tKR1y1kfA8AIBNQ0OPytOXi6m1S
mhhlOtNhd1eC5VbdH9PZe6w9bRi7lMrW/ghMjTTZq5uXvKImf3NU3VIe9+FEJI72
942ih/eBvCm5d24itLJIDjxSkLUU7lb8zVegfHO5L4h34vQGfYvmkavbwQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEH9WN6Xcjy9b51oUOYVPdEOW1moMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUWYxWTNwZHlQTDF2bldoUTVoVTkwUTViV2FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALZDjAwQE
PsWQAwQCXD54AwQAufSLAwQCwqmoAwQB1HcgMA0GCSqGSIb3DQEBCwUAA4IBAQAq
76rs9/gXbt0YTPvVPRaGt+luJRfTe5H9y63PbIYC1blKTcIyj893ud1Hev+cOW27
qDJl6Vi7cMDBn/Q1KxGlseAzf3HR7bXfDEDY86hTxzSK+z0cwpkBOmEYW3caGztq
W5H1ImA2REobTXtyqQfPAenTFuflM3+d4axcyKvl6Tei/NP7LjTEoqKVDtNzCdnm
u71LkdJwCur6XJNbsMQeLQUy2n0tm7swdto/EpuJq+jXRtPW97xACW7pEbyyajth
lTh/ziUGqyWCsKBDSELOGoCeUEAtZik6M1HZQsFvWZL/c1j0N6l+4iwz1Jctaaxp
NV8FMgMwBBkSW1bMOD0M
-----END CERTIFICATE-----
Generated at Wed Nov 5 18:30:00 2025 by rpki-client