Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/8ec8e0-9b93-48fc-962a-6f836f35f594/1/CqEll3qj27nC3RPq0fziUJlBCNs.roa
File: CqEll3qj27nC3RPq0fziUJlBCNs.roa (raw, json)
Hash identifier: ne9W9a5q+GjzbaXSyhc66nMcJYTTVJvwji8w4P/0Sl4=
Subject key identifier: 0A:A1:25:97:7A:A3:DB:B9:C2:DD:13:EA:D1:FC:E2:50:99:41:08:DB
Certificate issuer: /CN=7c696782ff121ae5a6d9d5cfa38479768b6bf0bd
Certificate serial: 019860EE560B4BF5FC20B2F2EDCA5988D980
Authority key identifier: 7C:69:67:82:FF:12:1A:E5:A6:D9:D5:CF:A3:84:79:76:8B:6B:F0:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fGlngv8SGuWm2dXPo4R5dotr8L0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/8ec8e0-9b93-48fc-962a-6f836f35f594/1/CqEll3qj27nC3RPq0fziUJlBCNs.roa
Signing time: Thu 31 Jul 2025 14:41:28 +0000
ROA not before: Thu 31 Jul 2025 14:41:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9123
IP address blocks: 109.73.192.0/24 maxlen: 24
109.73.193.0/24 maxlen: 24
109.73.194.0/24 maxlen: 24
109.73.195.0/24 maxlen: 24
109.73.196.0/24 maxlen: 24
109.73.197.0/24 maxlen: 24
109.73.198.0/24 maxlen: 24
109.73.199.0/24 maxlen: 24
109.73.201.0/24 maxlen: 24
109.73.202.0/24 maxlen: 24
109.73.203.0/24 maxlen: 24
109.73.205.0/24 maxlen: 24
109.73.206.0/24 maxlen: 24
109.73.207.0/24 maxlen: 24
217.198.5.0/24 maxlen: 24
217.198.6.0/24 maxlen: 24
217.198.9.0/24 maxlen: 24
217.198.12.0/24 maxlen: 24
217.198.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/8ec8e0-9b93-48fc-962a-6f836f35f594/1/fGlngv8SGuWm2dXPo4R5dotr8L0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/8ec8e0-9b93-48fc-962a-6f836f35f594/1/fGlngv8SGuWm2dXPo4R5dotr8L0.mft
rsync://rpki.ripe.net/repository/DEFAULT/fGlngv8SGuWm2dXPo4R5dotr8L0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 17:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:60:ee:56:0b:4b:f5:fc:20:b2:f2:ed:ca:59:88:d9:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c696782ff121ae5a6d9d5cfa38479768b6bf0bd
Validity
Not Before: Jul 31 14:41:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0aa125977aa3dbb9c2dd13ead1fce250994108db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a4:7c:af:e6:92:68:ff:30:6f:b0:62:78:c4:
1f:04:5f:4e:8a:b6:a8:20:61:df:12:f2:8c:29:74:
6e:94:77:4f:d0:46:e7:bd:cb:8a:d6:64:d5:1f:8b:
18:69:da:c5:58:3f:de:c7:f4:24:de:60:3b:98:1c:
03:35:1b:1d:f0:9c:4f:dd:49:64:66:51:a8:fd:f9:
c5:9c:56:ea:bd:97:ba:88:20:9e:86:a0:33:58:df:
c3:00:31:3e:dd:c0:0f:9a:86:6d:65:2b:4c:81:ab:
58:ac:4a:c7:bb:01:34:57:d7:23:e2:b2:1e:dd:80:
40:d1:f0:89:a2:7c:b8:e6:2b:ac:9a:ae:95:3c:49:
dc:d0:5d:41:91:ef:db:25:ad:57:eb:15:cc:9e:ba:
61:5b:d1:8e:2a:73:23:e0:ef:7d:e2:e2:a9:5b:5d:
3d:cb:58:98:7a:61:a2:de:fb:dc:ed:c6:c6:ad:bb:
c9:01:1a:f7:6e:be:c7:b6:b6:90:ef:91:58:aa:10:
73:1a:14:d3:53:74:e1:8d:d0:14:ed:be:b3:4d:19:
c5:1a:b1:0f:fe:0d:d4:87:0d:bc:09:7a:df:c2:c2:
54:c5:de:34:ea:89:6a:2b:2e:fd:25:2d:c7:2f:67:
cb:16:55:82:90:48:0f:c6:81:e3:64:29:cd:e3:4f:
9c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:A1:25:97:7A:A3:DB:B9:C2:DD:13:EA:D1:FC:E2:50:99:41:08:DB
X509v3 Authority Key Identifier:
keyid:7C:69:67:82:FF:12:1A:E5:A6:D9:D5:CF:A3:84:79:76:8B:6B:F0:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fGlngv8SGuWm2dXPo4R5dotr8L0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/8ec8e0-9b93-48fc-962a-6f836f35f594/1/CqEll3qj27nC3RPq0fziUJlBCNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/8ec8e0-9b93-48fc-962a-6f836f35f594/1/fGlngv8SGuWm2dXPo4R5dotr8L0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.73.192.0/21
109.73.201.0-109.73.203.255
109.73.205.0-109.73.207.255
217.198.5.0-217.198.6.255
217.198.9.0/24
217.198.12.0/23
Signature Algorithm: sha256WithRSAEncryption
59:aa:ef:1d:7d:6a:d9:52:ee:a0:23:1e:fb:e5:67:89:e3:0b:
d9:5a:84:59:f9:5d:3a:4f:a7:c5:d2:ad:85:71:01:84:12:7b:
dc:68:c8:70:b3:d3:c6:51:1d:8c:21:2b:e5:53:c6:34:62:03:
e4:58:9f:4b:6e:df:8e:ef:b5:21:b2:e7:86:d0:3a:77:02:06:
4f:b0:85:81:dc:e0:45:76:dd:88:ff:f7:48:a5:e0:c0:73:25:
12:3f:cc:2a:34:bb:91:db:0f:cd:42:0c:fb:8b:90:86:ee:b0:
51:58:85:3e:81:42:e4:ca:68:1d:23:64:a0:42:a8:03:83:e5:
7a:0e:9b:ce:bb:51:45:3e:e6:b3:fc:45:4c:3e:31:da:86:70:
c6:60:23:fa:32:3b:42:0a:15:51:fb:cc:1d:50:a2:10:49:2f:
b5:a9:b2:a9:db:37:ea:64:bc:15:05:6f:23:c8:47:49:da:90:
fb:8e:ec:3e:48:b9:6c:aa:46:d5:92:fe:c4:9c:d2:ae:64:2f:
31:f0:8b:dc:e7:0d:96:ca:aa:37:e0:3b:39:ec:3a:1d:e4:37:
0b:5b:ac:28:3e:0b:f8:3e:21:35:43:e6:78:6a:5b:c4:9d:7e:
e4:aa:c1:fb:36:b7:05:5b:d2:63:ed:1f:33:ca:60:d0:55:26:
ad:20:21:e6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZhg7lYLS/X8ILLy7cpZiNmAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjNjk2NzgyZmYxMjFhZTVhNmQ5ZDVjZmEzODQ3OTc2OGI2
YmYwYmQwHhcNMjUwNzMxMTQ0MTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWExMjU5NzdhYTNkYmI5YzJkZDEzZWFkMWZjZTI1MDk5NDEwOGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKR8r+aSaP8wb7BieMQfBF9Oirao
IGHfEvKMKXRulHdP0EbnvcuK1mTVH4sYadrFWD/ex/Qk3mA7mBwDNRsd8JxP3Ulk
ZlGo/fnFnFbqvZe6iCCehqAzWN/DADE+3cAPmoZtZStMgatYrErHuwE0V9cj4rIe
3YBA0fCJony45iusmq6VPEnc0F1Bke/bJa1X6xXMnrphW9GOKnMj4O994uKpW109
y1iYemGi3vvc7cbGrbvJARr3br7HtraQ75FYqhBzGhTTU3ThjdAU7b6zTRnFGrEP
/g3Uhw28CXrfwsJUxd406olqKy79JS3HL2fLFlWCkEgPxoHjZCnN40+cGQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFAqhJZd6o9u5wt0T6tH84lCZQQjbMB8GA1UdIwQY
MBaAFHxpZ4L/EhrlptnVz6OEeXaLa/C9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkdsbmd2OFNHdVdtMmRYUG80UjVkb3RyOEwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84ZWM4ZTAtOWI5My00OGZjLTk2MmEt
NmY4MzZmMzVmNTk0LzEvQ3FFbGwzcWoyN25DM1JQcTBmemlVSmxCQ05zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84ZWM4ZTAtOWI5My00OGZjLTk2MmEtNmY4MzZmMzVmNTk0
LzEvZkdsbmd2OFNHdVdtMmRYUG80UjVkb3RyOEwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQDbUnAMAwD
BABtSckDBAJtScgwDAMEAG1JzQMEBG1JwDAMAwQA2cYFAwQA2cYGAwQA2cYJAwQB
2cYMMA0GCSqGSIb3DQEBCwUAA4IBAQBZqu8dfWrZUu6gIx775WeJ4wvZWoRZ+V06
T6fF0q2FcQGEEnvcaMhws9PGUR2MISvlU8Y0YgPkWJ9Lbt+O77UhsueG0Dp3AgZP
sIWB3OBFdt2I//dIpeDAcyUSP8wqNLuR2w/NQgz7i5CG7rBRWIU+gULkymgdI2Sg
QqgDg+V6DpvOu1FFPuaz/EVMPjHahnDGYCP6MjtCChVR+8wdUKIQSS+1qbKp2zfq
ZLwVBW8jyEdJ2pD7juw+SLlsqkbVkv7EnNKuZC8x8Ivc5w2Wyqo34Ds57Dod5DcL
W6woPgv4PiE1Q+Z4alvEnX7kqsH7NrcFW9Jj7R8zymDQVSatICHm
-----END CERTIFICATE-----
Generated at Fri Aug 8 00:41:29 2025 by rpki-client