Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/26d193-40c2-417b-bd52-5c10bdb866e0/1/rQUKCahIBhl3q6X_ssqHaslUPkw.roa
File: rQUKCahIBhl3q6X_ssqHaslUPkw.roa (raw, json)
Hash identifier: oqWMNr1y2jXmtuppkY6LyFtpsdVUxnQjZycMv+hYavM=
Subject key identifier: AD:05:0A:09:A8:48:06:19:77:AB:A5:FF:B2:CA:87:6A:C9:54:3E:4C
Certificate issuer: /CN=d3abf8f4cdf8963a182da0cdf908c38447fa7a09
Certificate serial: 019885BB0BCEF237BE1878BCF60346DAD77A
Authority key identifier: D3:AB:F8:F4:CD:F8:96:3A:18:2D:A0:CD:F9:08:C3:84:47:FA:7A:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/06v49M34ljoYLaDN-QjDhEf6egk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/26d193-40c2-417b-bd52-5c10bdb866e0/1/rQUKCahIBhl3q6X_ssqHaslUPkw.roa
Signing time: Thu 07 Aug 2025 18:11:24 +0000
ROA not before: Thu 07 Aug 2025 18:11:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39704
IP address blocks: 185.146.216.0/23 maxlen: 23
185.146.218.0/23 maxlen: 23
2a07:52c0::/29 maxlen: 29
2a07:52c0::/32 maxlen: 32
2a07:52c2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/26d193-40c2-417b-bd52-5c10bdb866e0/1/06v49M34ljoYLaDN-QjDhEf6egk.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/26d193-40c2-417b-bd52-5c10bdb866e0/1/06v49M34ljoYLaDN-QjDhEf6egk.mft
rsync://rpki.ripe.net/repository/DEFAULT/06v49M34ljoYLaDN-QjDhEf6egk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 Aug 2025 13:24:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:85:bb:0b:ce:f2:37:be:18:78:bc:f6:03:46:da:d7:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3abf8f4cdf8963a182da0cdf908c38447fa7a09
Validity
Not Before: Aug 7 18:11:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad050a09a848061977aba5ffb2ca876ac9543e4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:5d:4d:e3:4f:34:f7:41:ab:96:90:3a:04:83:
6c:13:5c:cb:7e:30:29:06:30:c4:db:3e:72:d5:f8:
ac:b6:f5:65:e5:12:7f:cc:d1:00:88:97:21:ec:06:
63:1f:6a:7b:78:11:90:aa:94:19:a1:97:7a:a0:91:
a2:28:59:98:5b:93:70:07:49:e5:cb:76:97:41:8a:
77:ee:70:69:9b:4b:c6:36:53:2d:26:72:c5:5d:93:
6f:0b:59:2b:6a:66:07:04:c1:34:0e:79:3f:5b:dc:
a4:59:83:d2:37:85:9e:28:02:7e:14:c0:89:5f:7d:
02:0f:f3:cf:ff:36:98:2c:f1:9b:cf:ac:36:0a:65:
bd:b3:2c:6d:bc:38:9e:aa:41:67:37:68:7d:1a:03:
7d:76:de:77:51:06:75:cc:59:ec:d4:bc:ce:de:f5:
dc:ba:de:46:a7:e4:27:5f:a9:ac:b5:83:51:99:ba:
63:06:03:c1:07:87:50:4d:58:4e:94:4a:b2:c5:18:
b7:d8:cf:82:69:9e:51:2a:25:bb:8e:20:4f:7e:66:
0a:b7:2d:f1:9e:a1:9f:70:b4:9a:02:1c:7e:f6:bb:
56:54:6c:eb:83:69:00:15:43:b1:89:a5:af:47:98:
3e:08:d8:ea:88:2e:4d:29:a2:f1:6a:d4:c5:74:ac:
7f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:05:0A:09:A8:48:06:19:77:AB:A5:FF:B2:CA:87:6A:C9:54:3E:4C
X509v3 Authority Key Identifier:
keyid:D3:AB:F8:F4:CD:F8:96:3A:18:2D:A0:CD:F9:08:C3:84:47:FA:7A:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/06v49M34ljoYLaDN-QjDhEf6egk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/26d193-40c2-417b-bd52-5c10bdb866e0/1/rQUKCahIBhl3q6X_ssqHaslUPkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/26d193-40c2-417b-bd52-5c10bdb866e0/1/06v49M34ljoYLaDN-QjDhEf6egk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.216.0/22
IPv6:
2a07:52c0::/29
Signature Algorithm: sha256WithRSAEncryption
6c:cd:36:41:a7:4e:34:51:4c:64:ac:c5:20:cc:cc:7f:6c:8b:
11:c1:98:79:5a:a6:89:9d:7c:1d:a6:39:d0:39:b6:9c:64:27:
27:de:c0:c2:bb:f3:4e:6c:28:a0:b4:65:c3:91:ad:4d:f6:04:
44:4c:c3:8a:02:91:3d:e3:9d:bb:b5:c7:2b:d0:a1:9c:51:eb:
49:79:f5:18:7f:26:21:8a:73:ac:2b:64:29:56:bf:da:ad:38:
f2:88:8f:f0:23:9a:b5:64:1a:52:4b:92:d1:96:26:a0:14:1f:
bc:d3:0a:2f:d6:3a:20:11:3a:98:69:d1:db:af:c7:00:e3:07:
7f:50:e8:f6:8c:a1:11:f3:2a:68:0b:b1:b6:26:5e:1e:3f:b6:
fd:db:98:0d:bf:c8:07:d9:ee:45:4c:ae:4f:41:82:e3:0e:89:
f4:01:8d:36:33:29:13:af:51:d1:5b:b8:95:2d:18:43:72:9d:
e6:31:f7:c2:bd:df:44:58:06:79:1e:a3:4e:46:2f:1b:a4:94:
be:6d:88:0e:05:d6:9c:f1:2f:4d:3a:16:c7:c5:48:16:13:40:
16:56:4c:f8:7c:a3:f9:d5:4a:45:75:4a:92:b8:2c:ef:c8:df:
cb:e5:5d:2a:d7:81:f1:5d:8f:b3:1e:61:4b:10:9b:73:77:35:
df:08:f1:b3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZiFuwvO8je+GHi89gNG2td6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYWJmOGY0Y2RmODk2M2ExODJkYTBjZGY5MDhjMzg0NDdm
YTdhMDkwHhcNMjUwODA3MTgxMTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDA1MGEwOWE4NDgwNjE5NzdhYmE1ZmZiMmNhODc2YWM5NTQzZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkF1N408090GrlpA6BINsE1zLfjAp
BjDE2z5y1fistvVl5RJ/zNEAiJch7AZjH2p7eBGQqpQZoZd6oJGiKFmYW5NwB0nl
y3aXQYp37nBpm0vGNlMtJnLFXZNvC1kramYHBME0Dnk/W9ykWYPSN4WeKAJ+FMCJ
X30CD/PP/zaYLPGbz6w2CmW9syxtvDieqkFnN2h9GgN9dt53UQZ1zFns1LzO3vXc
ut5Gp+QnX6mstYNRmbpjBgPBB4dQTVhOlEqyxRi32M+CaZ5RKiW7jiBPfmYKty3x
nqGfcLSaAhx+9rtWVGzrg2kAFUOxiaWvR5g+CNjqiC5NKaLxatTFdKx/3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK0FCgmoSAYZd6ul/7LKh2rJVD5MMB8GA1UdIwQY
MBaAFNOr+PTN+JY6GC2gzfkIw4RH+noJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDZ2NDlNMzRsam9ZTGFETi1RakRoRWY2ZWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yNmQxOTMtNDBjMi00MTdiLWJkNTIt
NWMxMGJkYjg2NmUwLzEvclFVS0NhaElCaGwzcTZYX3NzcUhhc2xVUGt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yNmQxOTMtNDBjMi00MTdiLWJkNTItNWMxMGJkYjg2NmUw
LzEvMDZ2NDlNMzRsam9ZTGFETi1RakRoRWY2ZWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZLYMA0E
AgACMAcDBQMqB1LAMA0GCSqGSIb3DQEBCwUAA4IBAQBszTZBp040UUxkrMUgzMx/
bIsRwZh5WqaJnXwdpjnQObacZCcn3sDCu/NObCigtGXDka1N9gRETMOKApE94527
tccr0KGcUetJefUYfyYhinOsK2QpVr/arTjyiI/wI5q1ZBpSS5LRliagFB+80wov
1jogETqYadHbr8cA4wd/UOj2jKER8ypoC7G2Jl4eP7b925gNv8gH2e5FTK5PQYLj
Don0AY02MykTr1HRW7iVLRhDcp3mMffCvd9EWAZ5HqNORi8bpJS+bYgOBdac8S9N
OhbHxUgWE0AWVkz4fKP51UpFdUqSuCzvyN/L5V0q14HxXY+zHmFLEJtzdzXfCPGz
-----END CERTIFICATE-----
Generated at Tue Aug 12 18:56:00 2025 by rpki-client