Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/XaybEw_MkTY28IquFGQbHrSpM7k.roa
File: XaybEw_MkTY28IquFGQbHrSpM7k.roa (raw, json)
Hash identifier: TwRW1DKYPixpCJP4Q5rOfw8R+B/zkE9LC0Lipg8NmYQ=
Subject key identifier: 5D:AC:9B:13:0F:CC:91:36:36:F0:8A:AE:14:64:1B:1E:B4:A9:33:B9
Certificate issuer: /CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
Certificate serial: 019836F2985FE626CB802264646490B26B4E
Authority key identifier: 11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/XaybEw_MkTY28IquFGQbHrSpM7k.roa
Signing time: Wed 23 Jul 2025 11:02:05 +0000
ROA not before: Wed 23 Jul 2025 11:02:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211522
IP address blocks: 94.228.162.0/24 maxlen: 24
94.228.163.0/24 maxlen: 24
94.228.164.0/24 maxlen: 24
94.228.165.0/24 maxlen: 24
94.228.168.0/24 maxlen: 24
94.228.169.0/24 maxlen: 24
94.228.170.0/24 maxlen: 24
178.236.240.0/24 maxlen: 24
178.236.244.0/24 maxlen: 24
178.236.245.0/24 maxlen: 24
178.236.246.0/24 maxlen: 24
178.236.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 14:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:36:f2:98:5f:e6:26:cb:80:22:64:64:64:90:b2:6b:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
Validity
Not Before: Jul 23 11:02:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5dac9b130fcc913636f08aae14641b1eb4a933b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b0:80:1c:7d:5c:22:61:0e:7b:34:6b:b5:75:
03:f3:58:96:8c:5d:8e:3b:57:33:e7:66:be:6d:5a:
05:54:b2:cc:8f:d3:e9:a4:40:ad:64:79:cb:5b:9e:
71:fa:51:1a:b2:73:93:c1:6a:3f:67:b9:e0:16:43:
0d:20:ca:80:10:3f:f8:c2:3d:8a:f3:47:93:18:a3:
a1:16:29:7e:0e:16:42:ce:04:87:b9:3b:d2:bc:49:
59:c1:35:a4:60:fb:9d:4d:46:fb:f3:8b:d2:fb:c6:
b7:01:cc:cd:c8:19:a7:5f:1d:9b:b3:8f:9c:c1:bf:
5d:b3:ca:9b:3e:81:2f:86:19:50:a7:fc:95:28:fe:
b3:d2:4a:d5:83:e6:e2:c5:4b:2c:53:20:3f:42:64:
36:13:52:de:42:88:c3:c2:43:87:5d:f1:7b:55:97:
e8:6b:0b:f5:fc:1b:e1:d9:b4:99:f2:7d:8d:75:de:
7d:d6:f3:18:c7:c9:25:7c:cc:cd:0e:59:e6:90:cb:
76:07:31:b1:73:65:37:5d:ad:13:1e:73:98:e3:12:
7e:5b:6d:b5:47:6c:43:ad:f0:9e:ef:c1:9c:b9:8e:
dc:5b:f7:c7:36:ff:e5:32:49:d2:2e:4d:b5:e5:74:
af:89:89:ec:b4:c2:57:13:a0:61:ec:52:cb:fc:3a:
7f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:AC:9B:13:0F:CC:91:36:36:F0:8A:AE:14:64:1B:1E:B4:A9:33:B9
X509v3 Authority Key Identifier:
keyid:11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/XaybEw_MkTY28IquFGQbHrSpM7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.228.162.0-94.228.165.255
94.228.168.0-94.228.170.255
178.236.240.0/24
178.236.244.0/22
Signature Algorithm: sha256WithRSAEncryption
92:b1:e6:6d:5e:7a:8c:e9:5c:c3:aa:69:d3:87:51:b0:f8:e1:
ab:26:7a:90:00:71:e6:1d:11:42:ae:ba:6b:f5:90:9e:0c:8b:
11:29:1d:0c:59:95:03:06:7b:88:e4:04:ab:70:a7:f2:59:c4:
2e:8f:e5:9f:6a:e4:83:bf:91:d1:4d:6a:73:d2:75:5b:c4:3b:
05:04:44:66:1c:61:e2:c6:d3:3e:ae:13:53:45:75:c2:dc:8e:
96:0b:25:ac:ea:02:65:70:98:00:bc:3d:17:2e:f8:ea:ca:ff:
9f:48:7f:70:ea:aa:cc:5a:c6:84:c7:3a:17:c9:38:2a:43:04:
88:7d:c2:a7:4a:10:00:91:8e:a0:e7:7b:bf:b5:30:7d:df:0e:
8c:4e:24:12:af:dc:4c:ee:8a:4d:4c:05:d4:ad:8f:5c:c2:9b:
ae:49:e0:2c:5a:16:f6:d7:b3:8b:d3:99:08:3f:b5:dc:c9:2a:
12:e5:a1:d9:7c:b0:aa:04:28:f0:40:25:e8:38:65:7d:11:7e:
ea:23:62:0a:32:99:81:e6:27:54:0a:b0:63:c8:23:c2:32:42:
79:1b:0d:2d:39:61:98:b9:d4:19:84:c2:ac:21:ff:07:bb:80:
f4:a0:21:16:6e:42:4b:97:23:bd:0e:7b:2d:4d:a3:87:0a:3b:
09:9e:cb:18
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZg28phf5ibLgCJkZGSQsmtOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExN2Y5ZDU1ODI2YjQyNDg2ZGZjODRkMzVjMWE2M2E1Y2U4
NzUwN2MwHhcNMjUwNzIzMTEwMjA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGFjOWIxMzBmY2M5MTM2MzZmMDhhYWUxNDY0MWIxZWI0YTkzM2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbCAHH1cImEOezRrtXUD81iWjF2O
O1cz52a+bVoFVLLMj9PppECtZHnLW55x+lEasnOTwWo/Z7ngFkMNIMqAED/4wj2K
80eTGKOhFil+DhZCzgSHuTvSvElZwTWkYPudTUb784vS+8a3AczNyBmnXx2bs4+c
wb9ds8qbPoEvhhlQp/yVKP6z0krVg+bixUssUyA/QmQ2E1LeQojDwkOHXfF7VZfo
awv1/Bvh2bSZ8n2Ndd591vMYx8klfMzNDlnmkMt2BzGxc2U3Xa0THnOY4xJ+W221
R2xDrfCe78GcuY7cW/fHNv/lMknSLk215XSviYnstMJXE6Bh7FLL/Dp/sQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFF2smxMPzJE2NvCKrhRkGx60qTO5MB8GA1UdIwQY
MBaAFBF/nVWCa0JIbfyE01waY6XOh1B8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMt
M2ZiYmJhOTI0OWNkLzEvWGF5YkV3X01rVFkyOElxdUZHUWJIclNwTTdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMtM2ZiYmJhOTI0OWNk
LzEvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAFe5KID
BAFe5KQwDAMEA17kqAMEAF7kqgMEALLs8AMEArLs9DANBgkqhkiG9w0BAQsFAAOC
AQEAkrHmbV56jOlcw6pp04dRsPjhqyZ6kABx5h0RQq66a/WQngyLESkdDFmVAwZ7
iOQEq3Cn8lnELo/ln2rkg7+R0U1qc9J1W8Q7BQREZhxh4sbTPq4TU0V1wtyOlgsl
rOoCZXCYALw9Fy746sr/n0h/cOqqzFrGhMc6F8k4KkMEiH3Cp0oQAJGOoOd7v7Uw
fd8OjE4kEq/cTO6KTUwF1K2PXMKbrkngLFoW9tezi9OZCD+13MkqEuWh2XywqgQo
8EAl6DhlfRF+6iNiCjKZgeYnVAqwY8gjwjJCeRsNLTlhmLnUGYTCrCH/B7uA9KAh
Fm5CS5cjvQ57LU2jhwo7CZ7LGA==
-----END CERTIFICATE-----
Generated at Thu Jul 24 23:11:29 2025 by rpki-client