Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/0f0927-c29b-4698-859e-f9c180ba4801/1/QjuxJ6qQtAfkxBg368Hm1m7WVg4.roa
File: QjuxJ6qQtAfkxBg368Hm1m7WVg4.roa (raw, json)
Hash identifier: t8EQkQ4/YMRDclHW8vhweaMsa94SAKvAmv2jUXhwu6A=
Subject key identifier: 42:3B:B1:27:AA:90:B4:07:E4:C4:18:37:EB:C1:E6:D6:6E:D6:56:0E
Certificate issuer: /CN=1f810cc3fd228338d9b969725d95bb33c4e65a48
Certificate serial: 019A05ECE6F825EB7C50923DCFF44677EDEA
Authority key identifier: 1F:81:0C:C3:FD:22:83:38:D9:B9:69:72:5D:95:BB:33:C4:E6:5A:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H4EMw_0igzjZuWlyXZW7M8TmWkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/0f0927-c29b-4698-859e-f9c180ba4801/1/QjuxJ6qQtAfkxBg368Hm1m7WVg4.roa
Signing time: Tue 21 Oct 2025 08:40:03 +0000
ROA not before: Tue 21 Oct 2025 08:40:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200814
IP address blocks: 176.120.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/0f0927-c29b-4698-859e-f9c180ba4801/1/H4EMw_0igzjZuWlyXZW7M8TmWkg.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/0f0927-c29b-4698-859e-f9c180ba4801/1/H4EMw_0igzjZuWlyXZW7M8TmWkg.mft
rsync://rpki.ripe.net/repository/DEFAULT/H4EMw_0igzjZuWlyXZW7M8TmWkg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:05:ec:e6:f8:25:eb:7c:50:92:3d:cf:f4:46:77:ed:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f810cc3fd228338d9b969725d95bb33c4e65a48
Validity
Not Before: Oct 21 08:40:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=423bb127aa90b407e4c41837ebc1e6d66ed6560e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b5:b4:86:d6:6e:ea:51:29:0d:c3:f0:5c:7a:
73:88:9a:a0:14:4c:cf:2d:c1:bb:86:75:ac:66:69:
85:3a:21:63:29:4d:90:aa:a8:a1:35:1f:4b:e2:c8:
2b:07:f1:1a:56:7b:4c:d7:12:9c:8c:08:f7:c5:3c:
7d:47:17:79:69:e0:29:01:11:ec:40:bb:3b:42:56:
bc:e5:8d:5f:a4:78:30:12:ef:a1:4a:95:b1:0e:d4:
7f:c1:04:5b:7e:4c:4b:65:8b:6e:eb:0d:ea:df:6e:
df:b1:df:69:46:ae:82:6d:c9:40:a2:6d:e0:b1:3e:
9f:ba:3b:f1:67:61:0b:a0:3d:5b:37:23:98:4c:11:
5c:1c:fc:67:74:47:22:a4:74:ab:52:ea:e8:94:45:
6d:8a:9c:d2:3a:81:e7:a3:44:12:79:34:fd:c4:27:
2c:4a:78:38:1a:e8:e0:34:95:54:5d:71:5f:52:2b:
0d:97:70:51:70:2e:f6:48:18:bc:9d:bd:77:5f:6e:
fc:42:0e:77:30:3f:31:97:a7:a6:6e:dd:14:50:83:
fd:25:3a:0f:db:3f:48:2c:51:30:3f:1a:4a:62:99:
32:15:c7:90:16:47:fc:c9:cb:4d:88:47:4b:cf:f3:
43:00:34:25:3e:3c:9b:52:97:66:ee:24:d4:fa:06:
c3:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:3B:B1:27:AA:90:B4:07:E4:C4:18:37:EB:C1:E6:D6:6E:D6:56:0E
X509v3 Authority Key Identifier:
keyid:1F:81:0C:C3:FD:22:83:38:D9:B9:69:72:5D:95:BB:33:C4:E6:5A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H4EMw_0igzjZuWlyXZW7M8TmWkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/0f0927-c29b-4698-859e-f9c180ba4801/1/QjuxJ6qQtAfkxBg368Hm1m7WVg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/0f0927-c29b-4698-859e-f9c180ba4801/1/H4EMw_0igzjZuWlyXZW7M8TmWkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.120.100.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:6d:62:61:f7:ef:3b:fe:33:d1:07:02:38:42:32:9f:87:1c:
8c:eb:51:6c:7b:9e:13:ed:65:8a:d4:c9:d8:9d:ff:2f:d7:03:
eb:31:00:43:71:fa:29:bd:75:30:01:fe:c4:ee:04:f8:15:ed:
ea:02:88:87:13:0b:40:1e:21:f0:5a:0d:63:55:d0:7e:c5:18:
89:3b:ca:13:6f:e9:ef:a7:e0:eb:13:cd:93:8d:b2:7b:d5:56:
7b:30:90:a6:16:16:a5:12:c7:eb:fe:6c:cc:54:0a:11:26:13:
ed:b0:f9:8d:e5:b8:bd:77:df:c5:6b:45:19:8a:51:be:fe:2d:
11:07:16:3f:c0:f4:38:ed:13:a1:77:e5:60:82:80:4c:8e:72:
62:f2:3b:bd:2f:bb:08:7d:4a:f0:d1:36:07:6c:fa:09:f6:1b:
23:a2:ea:71:06:ef:ac:4f:74:7b:16:e3:d6:c8:6a:ac:af:f3:
28:bb:e4:e4:bd:aa:4c:cf:dc:40:16:f0:f8:5c:f1:f0:6c:5e:
2c:cc:85:82:c2:52:21:00:22:d0:85:8b:b9:da:20:73:e3:91:
bc:41:0e:88:70:ab:dc:fd:04:9a:65:06:81:c1:ca:13:5f:c4:
cd:39:05:b3:36:46:23:6f:34:bd:1e:2d:bf:3d:ea:5c:74:c5:
77:83:b8:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZoF7Ob4Jet8UJI9z/RGd+3qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmODEwY2MzZmQyMjgzMzhkOWI5Njk3MjVkOTViYjMzYzRl
NjVhNDgwHhcNMjUxMDIxMDg0MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjNiYjEyN2FhOTBiNDA3ZTRjNDE4MzdlYmMxZTZkNjZlZDY1NjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrW0htZu6lEpDcPwXHpziJqgFEzP
LcG7hnWsZmmFOiFjKU2QqqihNR9L4sgrB/EaVntM1xKcjAj3xTx9Rxd5aeApARHs
QLs7Qla85Y1fpHgwEu+hSpWxDtR/wQRbfkxLZYtu6w3q327fsd9pRq6CbclAom3g
sT6fujvxZ2ELoD1bNyOYTBFcHPxndEcipHSrUurolEVtipzSOoHno0QSeTT9xCcs
Sng4GujgNJVUXXFfUisNl3BRcC72SBi8nb13X278Qg53MD8xl6embt0UUIP9JToP
2z9ILFEwPxpKYpkyFceQFkf8yctNiEdLz/NDADQlPjybUpdm7iTU+gbDLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEI7sSeqkLQH5MQYN+vB5tZu1lYOMB8GA1UdIwQY
MBaAFB+BDMP9IoM42blpcl2VuzPE5lpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDRFTXdfMGlnempadVdseVhaVzdNOFRtV2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8wZjA5MjctYzI5Yi00Njk4LTg1OWUt
ZjljMTgwYmE0ODAxLzEvUWp1eEo2cVF0QWZreEJnMzY4SG0xbTdXVmc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8wZjA5MjctYzI5Yi00Njk4LTg1OWUtZjljMTgwYmE0ODAx
LzEvSDRFTXdfMGlnempadVdseVhaVzdNOFRtV2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHhkMA0G
CSqGSIb3DQEBCwUAA4IBAQDLbWJh9+87/jPRBwI4QjKfhxyM61Fse54T7WWK1MnY
nf8v1wPrMQBDcfopvXUwAf7E7gT4Fe3qAoiHEwtAHiHwWg1jVdB+xRiJO8oTb+nv
p+DrE82TjbJ71VZ7MJCmFhalEsfr/mzMVAoRJhPtsPmN5bi9d9/Fa0UZilG+/i0R
BxY/wPQ47ROhd+VggoBMjnJi8ju9L7sIfUrw0TYHbPoJ9hsjoupxBu+sT3R7FuPW
yGqsr/Mou+TkvapMz9xAFvD4XPHwbF4szIWCwlIhACLQhYu52iBz45G8QQ6IcKvc
/QSaZQaBwcoTX8TNOQWzNkYjbzS9Hi2/PepcdMV3g7gk
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:36:07 2025 by rpki-client