Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/XWI8UOsSBKLk-uPWG5IIm7lO5T0.roa
File: XWI8UOsSBKLk-uPWG5IIm7lO5T0.roa (raw, json)
Hash identifier: wdsMuB8ozKSUOKmJcSdKQImpm/V8CgY5mxXeyIgvzhE=
Subject key identifier: 5D:62:3C:50:EB:12:04:A2:E4:FA:E3:D6:1B:92:08:9B:B9:4E:E5:3D
Certificate issuer: /CN=feb84d9f8f9e33156589a5ebf722203a899e0a51
Certificate serial: 0197F6321D4290D1122FCB13B2E98001FEA3
Authority key identifier: FE:B8:4D:9F:8F:9E:33:15:65:89:A5:EB:F7:22:20:3A:89:9E:0A:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_rhNn4-eMxVliaXr9yIgOomeClE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/XWI8UOsSBKLk-uPWG5IIm7lO5T0.roa
Signing time: Thu 10 Jul 2025 21:16:08 +0000
ROA not before: Thu 10 Jul 2025 21:16:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 195.210.98.0/24 maxlen: 24
195.210.99.0/24 maxlen: 24
195.210.104.0/24 maxlen: 24
195.210.105.0/24 maxlen: 24
195.210.106.0/24 maxlen: 24
195.210.107.0/24 maxlen: 24
195.210.110.0/24 maxlen: 24
195.210.111.0/24 maxlen: 24
195.210.112.0/24 maxlen: 24
195.210.113.0/24 maxlen: 24
195.210.114.0/24 maxlen: 24
195.210.115.0/24 maxlen: 24
195.210.120.0/24 maxlen: 24
195.210.121.0/24 maxlen: 24
195.210.122.0/24 maxlen: 24
195.210.123.0/24 maxlen: 24
195.210.124.0/24 maxlen: 24
195.210.125.0/24 maxlen: 24
195.210.126.0/24 maxlen: 24
195.210.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/_rhNn4-eMxVliaXr9yIgOomeClE.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/_rhNn4-eMxVliaXr9yIgOomeClE.mft
rsync://rpki.ripe.net/repository/DEFAULT/_rhNn4-eMxVliaXr9yIgOomeClE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f6:32:1d:42:90:d1:12:2f:cb:13:b2:e9:80:01:fe:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=feb84d9f8f9e33156589a5ebf722203a899e0a51
Validity
Not Before: Jul 10 21:16:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d623c50eb1204a2e4fae3d61b92089bb94ee53d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e9:e6:7e:7e:98:d3:cd:60:9e:93:d1:89:f5:
cb:7e:f4:e4:5b:d3:da:57:b3:44:4d:89:2a:ff:2a:
02:4f:71:29:02:87:3e:b4:ae:6a:d6:94:70:09:7c:
3f:64:ed:66:33:0f:3b:35:1a:de:e4:ad:89:af:ce:
7d:61:ab:65:96:71:7c:2a:7b:11:c1:b6:02:62:ce:
1a:d4:a5:4b:c1:45:13:57:ce:31:30:e1:f3:bd:38:
ca:dc:2a:75:e7:77:5d:98:6d:c8:f9:a3:12:0c:d8:
bc:3a:6d:7c:cd:00:95:4c:e8:36:f5:30:7e:a3:26:
cb:06:2f:ed:7a:86:25:41:e2:81:07:07:90:4a:f9:
c8:36:78:ed:f2:6a:ba:17:c4:6f:b9:53:14:b8:6f:
c4:74:17:89:60:57:42:44:a5:b1:aa:18:3e:ab:45:
75:5e:cd:36:af:cb:9d:4e:5a:1e:8b:4d:b0:86:48:
75:28:2e:f3:b6:c0:62:9d:86:e3:b1:47:ab:0b:0b:
f1:c1:6b:a1:bc:85:6f:f7:57:bd:ab:74:25:3a:a1:
1d:5e:4f:8c:15:0e:4f:4a:6e:43:e5:3e:1a:88:30:
af:fd:d0:8a:9f:a6:38:71:1c:eb:71:db:f9:05:a2:
e3:36:ec:26:03:d8:dc:5d:2a:77:f5:25:72:df:f8:
53:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:62:3C:50:EB:12:04:A2:E4:FA:E3:D6:1B:92:08:9B:B9:4E:E5:3D
X509v3 Authority Key Identifier:
keyid:FE:B8:4D:9F:8F:9E:33:15:65:89:A5:EB:F7:22:20:3A:89:9E:0A:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_rhNn4-eMxVliaXr9yIgOomeClE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/XWI8UOsSBKLk-uPWG5IIm7lO5T0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/_rhNn4-eMxVliaXr9yIgOomeClE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.210.98.0/23
195.210.104.0/22
195.210.110.0-195.210.115.255
195.210.120.0/21
Signature Algorithm: sha256WithRSAEncryption
29:45:49:83:e3:8a:6f:64:0a:36:fa:f1:23:88:82:bc:1d:67:
69:1a:26:4e:0a:ea:50:ce:db:16:15:2f:d6:53:5e:af:93:ea:
78:06:be:12:7c:32:c6:19:4b:22:24:02:98:e0:6e:5e:ce:d0:
93:00:c3:e7:d6:e0:e8:c2:7c:01:2f:25:0f:ac:13:75:a9:52:
fa:ff:80:72:dc:c7:28:1b:0d:ae:2c:67:0c:e1:8d:35:12:c8:
e2:12:b5:b4:fe:2e:24:d1:62:46:97:e2:a6:d9:1c:17:c1:86:
50:d2:3b:05:88:af:a9:0b:22:2a:2e:74:1d:2f:3b:22:9f:05:
d1:a2:72:f6:a3:b8:0f:fc:4b:8e:35:13:b1:fe:4c:99:24:83:
2d:81:2f:28:a5:8b:9e:50:d7:08:40:8a:54:70:55:68:65:c1:
c8:3c:a2:0e:31:b1:f2:af:c9:f6:f9:24:b2:79:7a:24:25:c3:
ed:ac:05:db:21:98:6b:ba:f9:76:e2:c4:28:1c:7d:a4:1b:d9:
75:0e:a2:17:6a:05:fb:1b:fd:a5:22:fb:b4:07:c4:16:ce:df:
d3:93:bc:13:a3:56:0f:73:9e:eb:a9:ff:ed:f1:e6:45:ce:98:
5c:9b:23:e5:2f:4b:3c:b4:86:aa:ef:fe:fe:93:11:c4:cc:0b:
9c:32:f9:9c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZf2Mh1CkNESL8sTsumAAf6jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYjg0ZDlmOGY5ZTMzMTU2NTg5YTVlYmY3MjIyMDNhODk5
ZTBhNTEwHhcNMjUwNzEwMjExNjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDYyM2M1MGViMTIwNGEyZTRmYWUzZDYxYjkyMDg5YmI5NGVlNTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvunmfn6Y081gnpPRifXLfvTkW9Pa
V7NETYkq/yoCT3EpAoc+tK5q1pRwCXw/ZO1mMw87NRre5K2Jr859YatllnF8KnsR
wbYCYs4a1KVLwUUTV84xMOHzvTjK3Cp153ddmG3I+aMSDNi8Om18zQCVTOg29TB+
oybLBi/teoYlQeKBBweQSvnINnjt8mq6F8RvuVMUuG/EdBeJYFdCRKWxqhg+q0V1
Xs02r8udTloei02whkh1KC7ztsBinYbjsUerCwvxwWuhvIVv91e9q3QlOqEdXk+M
FQ5PSm5D5T4aiDCv/dCKn6Y4cRzrcdv5BaLjNuwmA9jcXSp39SVy3/hTdwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFF1iPFDrEgSi5Prj1huSCJu5TuU9MB8GA1UdIwQY
MBaAFP64TZ+PnjMVZYml6/ciIDqJngpRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3JoTm40LWVNeFZsaWFYcjl5SWdPb21lQ2xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82MTRlNWMtMjk5Yi00ZmQ0LWEwYmMt
YWYxY2MyMzE3ZTM5LzEvWFdJOFVPc1NCS0xrLXVQV0c1SUltN2xPNVQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82MTRlNWMtMjk5Yi00ZmQ0LWEwYmMtYWYxY2MyMzE3ZTM5
LzEvX3JoTm40LWVNeFZsaWFYcjl5SWdPb21lQ2xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBw9JiAwQC
w9JoMAwDBAHD0m4DBALD0nADBAPD0ngwDQYJKoZIhvcNAQELBQADggEBAClFSYPj
im9kCjb68SOIgrwdZ2kaJk4K6lDO2xYVL9ZTXq+T6ngGvhJ8MsYZSyIkApjgbl7O
0JMAw+fW4OjCfAEvJQ+sE3WpUvr/gHLcxygbDa4sZwzhjTUSyOIStbT+LiTRYkaX
4qbZHBfBhlDSOwWIr6kLIioudB0vOyKfBdGicvajuA/8S441E7H+TJkkgy2BLyil
i55Q1whAilRwVWhlwcg8og4xsfKvyfb5JLJ5eiQlw+2sBdshmGu6+XbixCgcfaQb
2XUOohdqBfsb/aUi+7QHxBbO39OTvBOjVg9znuup/+3x5kXOmFybI+UvSzy0hqrv
/v6TEcTMC5wy+Zw=
-----END CERTIFICATE-----
Generated at Mon Jul 21 02:06:40 2025 by rpki-client