Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/xiLzP1pUVJ4HlLptpzl15fneHrg.roa
File: xiLzP1pUVJ4HlLptpzl15fneHrg.roa (raw, json)
Hash identifier: Oybd2JrzjZp9Unasli0WI1/BduGFzHUQWKvicye2j54=
Subject key identifier: C6:22:F3:3F:5A:54:54:9E:07:94:BA:6D:A7:39:75:E5:F9:DE:1E:B8
Certificate issuer: /CN=74aebc154a56c83025cbd8641a9ac315cb551c06
Certificate serial: 0197CF1DE0077D3699D83DAD3CE7F479DEB4
Authority key identifier: 74:AE:BC:15:4A:56:C8:30:25:CB:D8:64:1A:9A:C3:15:CB:55:1C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dK68FUpWyDAly9hkGprDFctVHAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/xiLzP1pUVJ4HlLptpzl15fneHrg.roa
Signing time: Thu 03 Jul 2025 07:08:50 +0000
ROA not before: Thu 03 Jul 2025 07:08:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 45.15.21.0/24 maxlen: 24
194.53.136.0/24 maxlen: 24
194.53.137.0/24 maxlen: 24
2a0e:1d80:6::/48 maxlen: 48
2a0e:1d80:8::/48 maxlen: 48
2a0e:1d80:9::/48 maxlen: 48
2a0e:1d80:10::/48 maxlen: 48
2a0e:1d80:11::/48 maxlen: 48
2a0e:1d80:12::/48 maxlen: 48
2a0e:1d80:13::/48 maxlen: 48
2a0e:1d80:14::/48 maxlen: 48
2a0e:1d80:15::/48 maxlen: 48
2a0e:1d80:117::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/dK68FUpWyDAly9hkGprDFctVHAY.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/dK68FUpWyDAly9hkGprDFctVHAY.mft
rsync://rpki.ripe.net/repository/DEFAULT/dK68FUpWyDAly9hkGprDFctVHAY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cf:1d:e0:07:7d:36:99:d8:3d:ad:3c:e7:f4:79:de:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74aebc154a56c83025cbd8641a9ac315cb551c06
Validity
Not Before: Jul 3 07:08:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c622f33f5a54549e0794ba6da73975e5f9de1eb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:23:9c:7c:d9:42:de:8d:7b:51:dc:70:8a:2c:
99:dc:ce:2d:bd:67:f8:6a:03:a4:70:61:f9:43:85:
a2:00:88:1a:b3:bb:d0:2a:ce:5c:14:1f:f0:e1:f3:
b5:07:a7:0c:5c:d7:69:56:8a:a7:9c:44:2c:7e:3b:
0b:fc:10:d2:4b:b0:46:db:a9:ec:58:16:22:9d:36:
ac:95:b9:ce:88:e3:60:4c:d9:3a:4b:ee:51:8a:16:
61:2b:e1:77:b5:d1:cb:59:04:26:2f:7e:10:3a:d9:
ab:e8:12:23:4d:5d:2b:75:1a:1b:2e:c1:31:12:5e:
6b:4b:bc:af:a0:14:0c:c3:4a:2e:9b:0f:63:ee:39:
96:91:ab:9f:6d:b0:5b:c2:44:36:2a:ba:4d:72:29:
57:e9:c6:30:92:ae:48:dc:89:4e:04:61:52:ee:e9:
ea:8e:3c:9a:4c:88:c8:cc:0b:b2:55:0e:75:b4:82:
be:50:c3:40:95:29:1b:d0:03:d7:12:54:37:e2:27:
25:8c:27:b3:7c:a6:a3:48:06:c9:9f:55:85:24:fa:
cf:32:ed:7b:63:b8:60:ec:6d:8f:6b:4a:73:36:cd:
78:1e:f1:8b:e0:51:90:8f:40:8e:92:47:ff:4d:86:
70:61:d8:9f:b0:80:4f:97:d4:b1:56:1f:98:69:81:
44:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:22:F3:3F:5A:54:54:9E:07:94:BA:6D:A7:39:75:E5:F9:DE:1E:B8
X509v3 Authority Key Identifier:
keyid:74:AE:BC:15:4A:56:C8:30:25:CB:D8:64:1A:9A:C3:15:CB:55:1C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dK68FUpWyDAly9hkGprDFctVHAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/xiLzP1pUVJ4HlLptpzl15fneHrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/dK68FUpWyDAly9hkGprDFctVHAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.21.0/24
194.53.136.0/23
IPv6:
2a0e:1d80:6::/48
2a0e:1d80:8::/47
2a0e:1d80:10::-2a0e:1d80:15:ffff:ffff:ffff:ffff:ffff
2a0e:1d80:117::/64
Signature Algorithm: sha256WithRSAEncryption
ab:d9:8d:88:78:aa:12:b0:1a:3b:aa:a2:e1:c4:df:b7:37:17:
c7:8c:38:1e:1e:1e:56:b3:85:a5:32:c8:1b:33:36:e1:a8:22:
e8:3e:5f:67:28:df:2c:cf:69:b4:8f:f4:42:31:59:3d:bb:1d:
40:3c:b9:09:31:f2:3a:66:a0:37:5e:7f:32:4e:ee:9d:94:32:
87:74:0d:a3:34:50:87:5a:5b:3c:23:c8:5e:ec:e8:2f:23:e8:
2a:b8:66:83:17:5a:cb:12:25:35:84:8d:eb:31:c2:05:e8:9d:
cf:4f:28:c8:1d:fb:90:c4:ee:87:3d:1d:5b:15:86:8e:fd:da:
6d:3b:a6:92:8f:bc:ee:4e:2a:9f:98:87:88:0a:a2:21:d3:7e:
22:0c:9b:ec:4f:95:e1:df:ee:7b:72:6d:99:a4:30:8e:ea:b9:
d4:23:43:5d:1f:f0:86:d5:1c:f0:0b:16:03:7d:9a:d8:cc:6a:
6b:cd:21:14:89:7b:64:15:57:f1:6c:6a:27:a7:03:5f:bf:fe:
a0:e7:6a:88:c5:31:42:05:57:77:a7:da:d2:cb:b5:72:fb:2e:
a2:1f:34:66:4a:1e:d8:2e:3e:fe:57:dd:c5:75:42:1f:b0:6f:
ad:c6:d3:3f:53:35:6f:79:3e:81:a7:9d:9d:0d:c1:cb:af:b9:
25:81:9b:a2
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZfPHeAHfTaZ2D2tPOf0ed60MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YWViYzE1NGE1NmM4MzAyNWNiZDg2NDFhOWFjMzE1Y2I1
NTFjMDYwHhcNMjUwNzAzMDcwODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjIyZjMzZjVhNTQ1NDllMDc5NGJhNmRhNzM5NzVlNWY5ZGUxZWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiOcfNlC3o17UdxwiiyZ3M4tvWf4
agOkcGH5Q4WiAIgas7vQKs5cFB/w4fO1B6cMXNdpVoqnnEQsfjsL/BDSS7BG26ns
WBYinTaslbnOiONgTNk6S+5RihZhK+F3tdHLWQQmL34QOtmr6BIjTV0rdRobLsEx
El5rS7yvoBQMw0oumw9j7jmWkaufbbBbwkQ2KrpNcilX6cYwkq5I3IlOBGFS7unq
jjyaTIjIzAuyVQ51tIK+UMNAlSkb0APXElQ34icljCezfKajSAbJn1WFJPrPMu17
Y7hg7G2Pa0pzNs14HvGL4FGQj0COkkf/TYZwYdifsIBPl9SxVh+YaYFEhwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFMYi8z9aVFSeB5S6bac5deX53h64MB8GA1UdIwQY
MBaAFHSuvBVKVsgwJcvYZBqawxXLVRwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEs2OEZVcFd5REFseTloa0dwckRGY3RWSEFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy82ZGU3YTAtNDA3My00MjcyLWJmNDQt
MDdhMWQ2NTU0OGJhLzEveGlMelAxcFVWSjRIbExwdHB6bDE1Zm5lSHJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy82ZGU3YTAtNDA3My00MjcyLWJmNDQtMDdhMWQ2NTU0OGJh
LzEvZEs2OEZVcFd5REFseTloa0dwckRGY3RWSEFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTASBAIAATAMAwQALQ8VAwQB
wjWIMDcEAgACMDEDBwAqDh2AAAYDBwEqDh2AAAgwEgMHBCoOHYAAEAMHASoOHYAA
FAMJACoOHYABFwAAMA0GCSqGSIb3DQEBCwUAA4IBAQCr2Y2IeKoSsBo7qqLhxN+3
NxfHjDgeHh5Ws4WlMsgbMzbhqCLoPl9nKN8sz2m0j/RCMVk9ux1APLkJMfI6ZqA3
Xn8yTu6dlDKHdA2jNFCHWls8I8he7OgvI+gquGaDF1rLEiU1hI3rMcIF6J3PTyjI
HfuQxO6HPR1bFYaO/dptO6aSj7zuTiqfmIeICqIh034iDJvsT5Xh3+57cm2ZpDCO
6rnUI0NdH/CG1RzwCxYDfZrYzGprzSEUiXtkFVfxbGonpwNfv/6g52qIxTFCBVd3
p9rSy7Vy+y6iHzRmSh7YLj7+V93FdUIfsG+txtM/UzVveT6Bp52dDcHLr7klgZui
-----END CERTIFICATE-----
Generated at Sun Jul 20 11:31:38 2025 by rpki-client