Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/qEbaHTwES9MYs2v7kTGTWsuTuX0.roa
File: qEbaHTwES9MYs2v7kTGTWsuTuX0.roa (raw, json)
Hash identifier: 3HjlXsMLF3RpdUN33oSOKeO4KFy2hS3RgEhstzg5zM4=
Subject key identifier: A8:46:DA:1D:3C:04:4B:D3:18:B3:6B:FB:91:31:93:5A:CB:93:B9:7D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0198615E0A246E5A0D2F098B706C774E42B0
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/qEbaHTwES9MYs2v7kTGTWsuTuX0.roa
Signing time: Thu 31 Jul 2025 16:43:29 +0000
ROA not before: Thu 31 Jul 2025 16:43:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 45.129.127.0/24 maxlen: 24
93.190.246.0/23 maxlen: 23
2a12:ecc0:200::/48 maxlen: 48
2a13:8c86:150::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 Aug 2025 23:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:61:5e:0a:24:6e:5a:0d:2f:09:8b:70:6c:77:4e:42:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 31 16:43:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a846da1d3c044bd318b36bfb9131935acb93b97d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f0:49:0d:9e:8a:75:71:82:38:99:2c:95:56:
81:96:3d:1e:31:d3:24:26:3a:7c:b1:15:0a:ac:a9:
22:a2:2d:eb:67:d0:cf:44:99:af:b1:c0:3b:9f:bf:
01:b3:b5:2b:8e:75:11:00:e0:43:ce:01:2b:08:95:
b4:46:f4:f5:69:da:9a:d0:bf:8b:64:46:79:1c:df:
65:be:7e:10:b7:5c:4d:b9:fa:1c:9a:bc:8a:1d:82:
0e:90:52:1f:b1:2d:94:31:76:8a:eb:f5:15:cf:25:
f7:e9:b6:20:39:04:95:03:ab:c9:a3:2e:49:3b:f6:
34:51:4c:1a:ae:ca:55:f7:ef:e1:af:5f:43:c6:6c:
5c:a7:0a:91:51:f8:f1:35:9f:e7:45:ba:d0:4f:a8:
52:4b:9d:7d:cd:13:35:b6:00:28:2d:df:9b:9c:b1:
f7:34:92:96:f1:c9:bd:03:55:de:4c:93:97:dd:70:
5a:ad:bf:2c:f2:5c:be:08:f2:f5:33:61:9f:76:3e:
cb:db:8b:c0:cb:ee:45:e1:21:a1:1c:5a:ff:d1:16:
36:c3:0f:96:d5:45:4c:72:a5:19:7c:55:1b:16:8d:
9b:d3:b4:00:c4:bf:f8:dc:67:be:8a:89:ed:10:82:
59:6e:d7:e0:74:37:19:7e:ce:b0:28:d5:42:c8:35:
5f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:46:DA:1D:3C:04:4B:D3:18:B3:6B:FB:91:31:93:5A:CB:93:B9:7D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/qEbaHTwES9MYs2v7kTGTWsuTuX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.127.0/24
93.190.246.0/23
IPv6:
2a12:ecc0:200::/48
2a13:8c86:150::/48
Signature Algorithm: sha256WithRSAEncryption
b2:24:72:86:db:f7:9b:b1:8a:22:45:da:86:d3:7c:84:ba:d0:
17:e2:83:03:a3:1c:e6:fe:58:2f:9b:4b:fd:da:b8:94:72:df:
87:b2:f1:a3:98:75:1c:19:e7:81:67:dc:29:db:81:8f:15:d5:
cf:c7:9e:a1:99:2a:15:74:73:3c:c0:db:9c:7b:b7:38:d0:3b:
6e:db:cd:9c:68:73:c5:8b:3b:7a:92:60:b3:e2:e0:84:61:49:
6a:9d:ce:ac:6f:7e:94:9c:3c:35:f1:86:46:df:ee:e1:c5:60:
3e:f5:9c:bc:de:f0:e5:94:61:1d:69:37:50:56:2c:13:25:05:
de:33:dd:87:f9:59:b4:80:3e:aa:07:13:78:f4:b1:70:79:ed:
9a:6e:c5:e0:f8:35:f6:e6:79:c0:30:25:6d:71:55:2d:60:99:
1e:3f:5b:00:ae:97:9d:47:ba:2f:47:cf:f1:fa:43:88:dc:b7:
37:b7:3d:fc:24:63:0e:8c:7a:d8:b1:4b:3f:90:ea:87:fc:93:
0f:07:89:12:fd:d0:b3:47:97:5f:ef:bf:18:75:83:87:89:a0:
60:24:f4:d7:4a:b9:ea:38:d8:2f:a7:b0:90:75:2f:e7:0b:da:
13:f9:d3:49:39:7e:96:2d:ab:b8:10:4d:cf:92:13:8b:d7:40:
97:cf:50:95
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZhhXgokbloNLwmLcGx3TkKwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNzMxMTY0MzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODQ2ZGExZDNjMDQ0YmQzMThiMzZiZmI5MTMxOTM1YWNiOTNiOTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPBJDZ6KdXGCOJkslVaBlj0eMdMk
Jjp8sRUKrKkioi3rZ9DPRJmvscA7n78Bs7UrjnURAOBDzgErCJW0RvT1adqa0L+L
ZEZ5HN9lvn4Qt1xNufocmryKHYIOkFIfsS2UMXaK6/UVzyX36bYgOQSVA6vJoy5J
O/Y0UUwarspV9+/hr19DxmxcpwqRUfjxNZ/nRbrQT6hSS519zRM1tgAoLd+bnLH3
NJKW8cm9A1XeTJOX3XBarb8s8ly+CPL1M2Gfdj7L24vAy+5F4SGhHFr/0RY2ww+W
1UVMcqUZfFUbFo2b07QAxL/43Ge+iontEIJZbtfgdDcZfs6wKNVCyDVfUwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKhG2h08BEvTGLNr+5Exk1rLk7l9MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvcUViYUhUd0VTOU1ZczJ2N2tUR1RXc3VUdVgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQALYF/AwQB
Xb72MBgEAgACMBIDBwAqEuzAAgADBwAqE4yGAVAwDQYJKoZIhvcNAQELBQADggEB
ALIkcobb95uxiiJF2obTfIS60BfigwOjHOb+WC+bS/3auJRy34ey8aOYdRwZ54Fn
3CnbgY8V1c/HnqGZKhV0czzA25x7tzjQO27bzZxoc8WLO3qSYLPi4IRhSWqdzqxv
fpScPDXxhkbf7uHFYD71nLze8OWUYR1pN1BWLBMlBd4z3Yf5WbSAPqoHE3j0sXB5
7ZpuxeD4NfbmecAwJW1xVS1gmR4/WwCul51Hui9Hz/H6Q4jctze3PfwkYw6Metix
Sz+Q6of8kw8HiRL90LNHl1/vvxh1g4eJoGAk9NdKueo42C+nsJB1L+cL2hP500k5
fpYtq7gQTc+SE4vXQJfPUJU=
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:56:07 2025 by rpki-client