Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/xUcczhFROayvoLi2UxpwlkF3wFM.roa
File: xUcczhFROayvoLi2UxpwlkF3wFM.roa (raw, json)
Hash identifier: BaWLSpoI1CMOZcgyZWEz/Y7QQKAIvZrZHS/7KK2aTUc=
Subject key identifier: C5:47:1C:CE:11:51:39:AC:AF:A0:B8:B6:53:1A:70:96:41:77:C0:53
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0197E55E2A51097D1890A0A02F735CE93DE2
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/xUcczhFROayvoLi2UxpwlkF3wFM.roa
Signing time: Mon 07 Jul 2025 14:50:43 +0000
ROA not before: Mon 07 Jul 2025 14:50:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204408
IP address blocks: 31.148.245.0/24 maxlen: 24
92.38.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e5:5e:2a:51:09:7d:18:90:a0:a0:2f:73:5c:e9:3d:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jul 7 14:50:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5471cce115139acafa0b8b6531a70964177c053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8d:3f:32:a1:26:87:d9:2b:4b:de:c5:56:0c:
cc:98:f3:37:45:a6:d9:69:10:8a:79:95:0f:7f:e1:
2b:b0:ac:7d:96:41:fb:f5:97:51:a4:64:00:0a:79:
58:fe:35:d3:99:4b:8f:b0:ab:74:b1:93:00:48:cf:
8a:f9:05:36:63:d8:2f:49:f3:60:3b:78:06:41:8d:
0a:25:61:15:2d:34:d5:54:5e:04:04:06:7b:8c:ae:
4d:97:fa:16:71:eb:e9:a6:ee:3b:a9:8b:be:86:b8:
93:8b:d6:4d:37:8c:fe:90:42:7a:68:6f:8c:ac:62:
d1:ee:a5:fe:fc:54:2b:51:7d:9b:8d:02:12:19:06:
4f:c9:47:c1:58:bc:77:d0:5f:f2:91:e0:d5:b5:8b:
bc:3e:e0:fa:2a:46:d0:78:37:53:32:52:2e:8e:6a:
98:07:3b:c1:2e:d2:d5:7e:be:ce:91:61:ad:a0:ef:
1b:91:cc:d3:14:07:4c:1d:6f:d1:fb:6c:03:57:e0:
6b:c5:1b:0e:a7:89:6c:6d:2e:1e:1b:e9:37:39:37:
a1:d2:c5:6a:b1:8d:4e:98:64:60:cb:e9:8a:75:93:
06:63:b0:74:b2:20:6e:fe:c1:70:2b:7e:70:f6:0f:
73:c7:c9:0f:59:a6:ec:bf:81:95:06:29:4e:47:df:
d7:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:47:1C:CE:11:51:39:AC:AF:A0:B8:B6:53:1A:70:96:41:77:C0:53
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/xUcczhFROayvoLi2UxpwlkF3wFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.245.0/24
92.38.34.0/24
Signature Algorithm: sha256WithRSAEncryption
06:e0:18:4b:00:8b:73:27:32:8e:58:37:e3:d0:0f:d9:ae:1f:
cf:86:e0:c7:15:ab:db:8e:0e:98:f3:eb:02:b5:06:0a:3f:bd:
3e:6c:95:e3:bd:54:12:d8:45:aa:18:0e:d1:c3:a9:85:f2:4c:
17:b4:3b:59:e9:0c:0e:4d:09:ec:3b:13:b0:9d:9f:c9:05:47:
89:a6:25:7e:a8:b1:ea:1c:01:0d:75:db:b4:0e:7d:90:e6:b9:
a1:d2:b5:a1:b4:c1:65:2c:7e:bc:34:d3:8c:b2:5e:ff:3d:b3:
14:d2:64:67:77:cf:75:c8:76:9b:3d:cf:e6:ff:5b:ff:91:74:
2c:99:4a:0f:53:1f:67:49:b8:37:8f:ca:10:4d:94:0e:5a:db:
fc:ca:9e:37:f7:d2:ec:59:0e:84:5e:a1:3e:d2:7b:77:b9:e8:
3f:42:c0:37:6a:07:23:a0:30:9d:1d:fa:02:25:16:e0:bf:a7:
af:63:9c:3c:55:db:e7:57:ee:a4:70:64:51:8f:ac:ec:a3:32:
ab:0b:2d:08:0d:88:09:aa:da:d6:d7:c3:11:04:a9:bf:50:2e:
1c:35:f1:05:a4:8f:93:60:d9:5b:ce:c9:67:62:68:a6:f2:27:
16:af:12:fb:1e:6c:5d:37:32:2d:bf:3f:45:aa:b4:85:0a:c3:
c6:7e:90:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZflXipRCX0YkKCgL3Nc6T3iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwNzA3MTQ1MDQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTQ3MWNjZTExNTEzOWFjYWZhMGI4YjY1MzFhNzA5NjQxNzdjMDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtI0/MqEmh9krS97FVgzMmPM3RabZ
aRCKeZUPf+ErsKx9lkH79ZdRpGQACnlY/jXTmUuPsKt0sZMASM+K+QU2Y9gvSfNg
O3gGQY0KJWEVLTTVVF4EBAZ7jK5Nl/oWcevppu47qYu+hriTi9ZNN4z+kEJ6aG+M
rGLR7qX+/FQrUX2bjQISGQZPyUfBWLx30F/ykeDVtYu8PuD6KkbQeDdTMlIujmqY
BzvBLtLVfr7OkWGtoO8bkczTFAdMHW/R+2wDV+BrxRsOp4lsbS4eG+k3OTeh0sVq
sY1OmGRgy+mKdZMGY7B0siBu/sFwK35w9g9zx8kPWabsv4GVBilOR9/X1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMVHHM4RUTmsr6C4tlMacJZBd8BTMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEveFVjY3poRlJPYXl2b0xpMlV4cHdsa0Yzd0ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH5T1AwQA
XCYiMA0GCSqGSIb3DQEBCwUAA4IBAQAG4BhLAItzJzKOWDfj0A/Zrh/PhuDHFavb
jg6Y8+sCtQYKP70+bJXjvVQS2EWqGA7Rw6mF8kwXtDtZ6QwOTQnsOxOwnZ/JBUeJ
piV+qLHqHAENddu0Dn2Q5rmh0rWhtMFlLH68NNOMsl7/PbMU0mRnd891yHabPc/m
/1v/kXQsmUoPUx9nSbg3j8oQTZQOWtv8yp4399LsWQ6EXqE+0nt3ueg/QsA3agcj
oDCdHfoCJRbgv6evY5w8VdvnV+6kcGRRj6zsozKrCy0IDYgJqtrW18MRBKm/UC4c
NfEFpI+TYNlbzslnYmim8icWrxL7HmxdNzItvz9FqrSFCsPGfpDy
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:12:29 2025 by rpki-client