Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Q3aDEKYP7VSMkWkVXmqc_cJlRZo.roa
File: Q3aDEKYP7VSMkWkVXmqc_cJlRZo.roa (raw, json)
Hash identifier: VFrc/prsoNDSVqB9mSy4j/MKkZOEO6P1wFCPXEOjScA=
Subject key identifier: 43:76:83:10:A6:0F:ED:54:8C:91:69:15:5E:6A:9C:FD:C2:65:45:9A
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 01975459F334AEB0D192DF6F1C18DE0A9442
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Q3aDEKYP7VSMkWkVXmqc_cJlRZo.roa
Signing time: Mon 09 Jun 2025 11:01:10 +0000
ROA not before: Mon 09 Jun 2025 11:01:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44467
IP address blocks: 83.239.44.0/24 maxlen: 24
83.239.45.0/24 maxlen: 24
83.239.46.0/24 maxlen: 24
85.173.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Jun 2025 04:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:54:59:f3:34:ae:b0:d1:92:df:6f:1c:18:de:0a:94:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jun 9 11:01:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43768310a60fed548c9169155e6a9cfdc265459a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:87:07:88:bd:dd:d7:08:8e:31:89:8e:87:5c:
a7:60:f9:cc:bf:c0:90:95:03:21:37:70:11:fb:a0:
df:e2:2d:20:ee:0d:59:0c:09:00:31:ee:f0:4a:e0:
64:a1:fa:30:fc:16:c4:ae:61:7e:81:bb:84:2a:16:
72:a5:17:19:29:e3:d6:79:54:d8:23:36:ce:1c:b3:
dd:10:f9:c4:00:fa:64:1c:1a:55:ca:1b:8e:d2:15:
f3:f7:5b:5a:d0:f6:6e:2d:47:c3:ae:7e:2c:a8:ff:
19:69:d7:64:88:10:7e:6c:a4:4a:f7:83:90:6d:4a:
54:e4:66:e7:70:8d:ca:72:db:07:95:eb:51:11:a3:
26:3e:60:0d:fe:22:b5:91:bd:ae:87:22:6b:c7:37:
e5:78:d2:7b:0f:60:c5:53:2b:43:a2:0e:15:be:0d:
a7:b6:ef:8a:b6:6f:87:bf:e7:9c:9c:7f:d1:9f:ef:
a7:fa:f8:f2:2d:68:2a:aa:52:a9:ee:38:88:9a:a8:
fb:95:d3:f5:0d:28:65:fc:58:d7:d8:0d:87:8a:68:
8c:a9:ca:3b:50:8d:d5:4f:ac:85:1a:ed:60:fb:50:
4b:c8:48:46:f8:bc:9d:f4:0c:59:84:e2:c9:1b:2a:
d2:dd:f1:39:b7:6c:5b:de:bc:0c:d6:5f:7c:51:e9:
2c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:76:83:10:A6:0F:ED:54:8C:91:69:15:5E:6A:9C:FD:C2:65:45:9A
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Q3aDEKYP7VSMkWkVXmqc_cJlRZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.239.44.0-83.239.46.255
85.173.3.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:d4:37:d1:62:ed:89:3c:a5:7e:27:2c:c2:49:d4:5e:c4:47:
d8:15:ef:48:7c:f4:9f:e0:7c:84:f4:62:15:10:16:e4:2b:23:
07:22:b8:8e:20:d9:8b:6a:25:57:95:84:f6:5e:73:7c:fa:36:
17:48:6e:04:a3:55:aa:ed:4a:02:db:be:5f:37:2d:7b:2a:d0:
39:f9:a8:93:2b:71:d4:5b:67:43:0f:94:04:3a:8f:2c:44:d7:
29:c9:72:e8:6c:32:73:64:9e:0b:8f:fe:18:c7:8f:96:2f:ff:
5c:3e:44:46:f1:96:4a:c5:04:ae:c7:bf:6b:1c:c9:5c:cd:e6:
93:7d:0e:d5:a3:14:c0:6e:ff:b1:1d:4c:5b:bc:a3:a0:37:68:
59:32:d9:44:5d:bb:38:bb:01:6e:d7:9c:3f:d2:bc:43:c6:53:
2a:8f:a5:ef:8d:d3:9e:52:03:1e:61:43:55:b8:97:1a:29:46:
0c:74:2e:33:51:89:7c:d9:1d:d8:31:c6:6e:e8:a2:56:68:a3:
20:23:c5:72:cd:a7:a8:fc:bf:6f:30:e7:3d:7e:78:51:50:bb:
aa:80:c6:3b:5a:95:0b:01:29:d6:4b:79:c5:22:4a:c1:b0:aa:
b7:26:a1:2d:d6:de:12:b5:40:b2:d1:5d:f6:75:53:47:d4:fb:
9c:40:1d:17
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZdUWfM0rrDRkt9vHBjeCpRCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwNjA5MTEwMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mzc2ODMxMGE2MGZlZDU0OGM5MTY5MTU1ZTZhOWNmZGMyNjU0NTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIcHiL3d1wiOMYmOh1ynYPnMv8CQ
lQMhN3AR+6Df4i0g7g1ZDAkAMe7wSuBkofow/BbErmF+gbuEKhZypRcZKePWeVTY
IzbOHLPdEPnEAPpkHBpVyhuO0hXz91ta0PZuLUfDrn4sqP8ZaddkiBB+bKRK94OQ
bUpU5GbncI3KctsHletREaMmPmAN/iK1kb2uhyJrxzfleNJ7D2DFUytDog4Vvg2n
tu+Ktm+Hv+ecnH/Rn++n+vjyLWgqqlKp7jiImqj7ldP1DShl/FjX2A2HimiMqco7
UI3VT6yFGu1g+1BLyEhG+Lyd9AxZhOLJGyrS3fE5t2xb3rwM1l98UeksDQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEN2gxCmD+1UjJFpFV5qnP3CZUWaMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvUTNhREVLWVA3VlNNa1drVlhtcWNfY0psUlpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAJT7ywD
BABT7y4DBABVrQMwDQYJKoZIhvcNAQELBQADggEBAJ3UN9Fi7Yk8pX4nLMJJ1F7E
R9gV70h89J/gfIT0YhUQFuQrIwciuI4g2YtqJVeVhPZec3z6NhdIbgSjVartSgLb
vl83LXsq0Dn5qJMrcdRbZ0MPlAQ6jyxE1ynJcuhsMnNknguP/hjHj5Yv/1w+REbx
lkrFBK7Hv2scyVzN5pN9DtWjFMBu/7EdTFu8o6A3aFky2URduzi7AW7XnD/SvEPG
UyqPpe+N055SAx5hQ1W4lxopRgx0LjNRiXzZHdgxxm7oolZooyAjxXLNp6j8v28w
5z1+eFFQu6qAxjtalQsBKdZLecUiSsGwqrcmoS3W3hK1QLLRXfZ1U0fU+5xAHRc=
-----END CERTIFICATE-----
Generated at Fri Jun 20 09:36:41 2025 by rpki-client