Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/hqAASWWoboFFQyIkWNfxjUWWp3k.roa
File: hqAASWWoboFFQyIkWNfxjUWWp3k.roa (raw, json)
Hash identifier: +tnzQ4vqYbtZJSxQ30UrN7xQ4uO75N1UikAsaqAZNW4=
Subject key identifier: 86:A0:00:49:65:A8:6E:81:45:43:22:24:58:D7:F1:8D:45:96:A7:79
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019A4914ADF8DD5B19493E0345B2CD6AFA13
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/hqAASWWoboFFQyIkWNfxjUWWp3k.roa
Signing time: Mon 03 Nov 2025 09:38:03 +0000
ROA not before: Mon 03 Nov 2025 09:38:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9123
IP address blocks: 93.190.244.0/24 maxlen: 24
2a0a:3200::/29 maxlen: 29
2a0f:2ec0::/29 maxlen: 29
2a0f:dac0::/29 maxlen: 29
2a12:4ac0::/29 maxlen: 29
2a13:200::/29 maxlen: 29
2a13:9580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:49:14:ad:f8:dd:5b:19:49:3e:03:45:b2:cd:6a:fa:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 3 09:38:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86a0004965a86e814543222458d7f18d4596a779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:85:e5:40:df:ab:db:7b:5d:54:b1:f3:81:9d:
c3:ff:5b:bf:c6:04:33:8a:fe:57:f8:b6:35:a4:a5:
1a:38:04:8c:84:be:d7:61:0a:e3:75:1c:b2:05:af:
fe:d0:56:74:b1:69:69:da:e0:7a:13:ae:96:c9:09:
bc:85:1e:28:8f:b7:0d:ed:76:cf:ef:98:bb:9e:5d:
a7:e0:e7:01:40:f3:a6:fd:26:82:3c:2e:e2:59:3a:
f4:04:03:4f:5b:df:9d:19:a8:de:7f:45:5b:99:29:
f2:2a:9e:64:19:d9:c4:2b:c8:a7:9c:8c:bc:a6:03:
d8:79:17:f9:63:f5:11:69:32:03:04:ee:d4:48:3d:
ea:24:62:dc:a0:3b:ab:6b:c7:41:62:b8:80:12:89:
b6:de:6e:b6:47:9a:6c:f0:77:85:af:30:6a:52:42:
d0:a4:1e:0e:ed:83:16:fd:dc:ee:c1:bd:55:dd:6a:
9b:35:ce:1f:1c:1e:d5:31:98:5c:84:2a:4f:c1:2e:
5e:71:75:95:f8:88:14:2a:33:a9:51:44:12:28:05:
78:e2:51:25:91:ac:b5:3f:90:93:dd:04:4e:96:e4:
ae:ea:4a:7f:88:54:65:54:be:27:5a:ea:a6:98:3b:
c5:d0:c8:a5:89:7c:38:b5:fe:b5:99:62:b2:eb:53:
29:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A0:00:49:65:A8:6E:81:45:43:22:24:58:D7:F1:8D:45:96:A7:79
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/hqAASWWoboFFQyIkWNfxjUWWp3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.244.0/24
IPv6:
2a0a:3200::/29
2a0f:2ec0::/29
2a0f:dac0::/29
2a12:4ac0::/29
2a13:200::/29
2a13:9580::/29
Signature Algorithm: sha256WithRSAEncryption
b1:45:ef:08:6e:06:7f:f4:35:79:3d:37:ba:fe:27:40:41:87:
92:a2:47:2a:98:e7:04:c9:73:c3:da:61:3a:58:18:1f:f9:23:
e5:5b:68:ca:4b:0e:2b:69:e7:2d:46:40:99:95:39:a1:60:6b:
48:29:b1:bc:35:b8:c9:db:77:2a:4c:fa:9a:58:a5:89:0f:b7:
11:0a:88:51:a9:23:39:f7:49:33:40:2c:6d:d3:cd:03:23:d8:
92:58:9a:dc:96:f4:62:5d:e5:85:14:fc:0e:7a:32:a7:4a:6c:
de:a5:28:da:73:14:1d:88:62:eb:e5:79:a0:a6:8d:6e:d1:9f:
a5:81:d3:3b:63:89:a5:c3:bc:a9:06:56:61:6a:d0:90:39:7d:
d4:2e:96:50:7b:4f:5f:f3:1e:6d:91:2f:73:b4:b9:e3:2c:1b:
a1:71:d7:8f:4a:0a:b1:95:ab:6d:66:c8:28:68:4d:65:a8:bc:
09:7f:5a:07:12:0e:50:8d:4a:ad:c9:86:dc:98:fb:a5:c2:40:
4f:2d:2d:ed:93:74:36:ca:f9:98:f2:68:9b:a1:b7:63:eb:4b:
cd:17:96:5a:ca:39:a1:ad:77:3b:ce:b7:9f:0a:a9:39:53:8f:
7e:fd:38:b2:a3:1b:01:36:2b:e9:01:6f:1d:e9:c6:e8:42:42:
44:f7:d0:61
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZpJFK343VsZST4DRbLNavoTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUxMTAzMDkzODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmEwMDA0OTY1YTg2ZTgxNDU0MzIyMjQ1OGQ3ZjE4ZDQ1OTZhNzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYXlQN+r23tdVLHzgZ3D/1u/xgQz
iv5X+LY1pKUaOASMhL7XYQrjdRyyBa/+0FZ0sWlp2uB6E66WyQm8hR4oj7cN7XbP
75i7nl2n4OcBQPOm/SaCPC7iWTr0BANPW9+dGajef0VbmSnyKp5kGdnEK8innIy8
pgPYeRf5Y/URaTIDBO7USD3qJGLcoDura8dBYriAEom23m62R5ps8HeFrzBqUkLQ
pB4O7YMW/dzuwb1V3WqbNc4fHB7VMZhchCpPwS5ecXWV+IgUKjOpUUQSKAV44lEl
kay1P5CT3QROluSu6kp/iFRlVL4nWuqmmDvF0MiliXw4tf61mWKy61MptQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFIagAEllqG6BRUMiJFjX8Y1Flqd5MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvaHFBQVNXV29ib0ZGUXlJa1dOZnhqVVdXcDNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAMBAIAATAGAwQAXb70MDAE
AgACMCoDBQMqCjIAAwUDKg8uwAMFAyoP2sADBQMqEkrAAwUDKhMCAAMFAyoTlYAw
DQYJKoZIhvcNAQELBQADggEBALFF7whuBn/0NXk9N7r+J0BBh5KiRyqY5wTJc8Pa
YTpYGB/5I+VbaMpLDitp5y1GQJmVOaFga0gpsbw1uMnbdypM+ppYpYkPtxEKiFGp
Izn3STNALG3TzQMj2JJYmtyW9GJd5YUU/A56MqdKbN6lKNpzFB2IYuvleaCmjW7R
n6WB0ztjiaXDvKkGVmFq0JA5fdQullB7T1/zHm2RL3O0ueMsG6Fx149KCrGVq21m
yChoTWWovAl/WgcSDlCNSq3JhtyY+6XCQE8tLe2TdDbK+ZjyaJuht2PrS80XllrK
OaGtdzvOt58KqTlTj379OLKjGwE2K+kBbx3pxuhCQkT30GE=
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:35:40 2025 by rpki-client