Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/X6FG8vp9oU-aDKMjJlvZ1w9-TRg.roa
File: X6FG8vp9oU-aDKMjJlvZ1w9-TRg.roa (raw, json)
Hash identifier: GAtjgJydI1/w8ZnGJHE5GCoTGzEp1QKcuNq0x8TAna8=
Subject key identifier: 5F:A1:46:F2:FA:7D:A1:4F:9A:0C:A3:23:26:5B:D9:D7:0F:7E:4D:18
Certificate issuer: /CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Certificate serial: 0198097E4DB7E3C52C36E4AE49764BE8B307
Authority key identifier: C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/X6FG8vp9oU-aDKMjJlvZ1w9-TRg.roa
Signing time: Mon 14 Jul 2025 15:12:08 +0000
ROA not before: Mon 14 Jul 2025 15:12:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398549
IP address blocks: 176.10.89.0/24 maxlen: 24
2a13:d8c1::/32 maxlen: 32
2a13:d8c2::/32 maxlen: 32
2a13:d8c3::/32 maxlen: 32
2a13:d8c5::/32 maxlen: 32
2a13:d8c6::/32 maxlen: 32
2a13:d8c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.mft
rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 02:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:7e:4d:b7:e3:c5:2c:36:e4:ae:49:76:4b:e8:b3:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Validity
Not Before: Jul 14 15:12:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5fa146f2fa7da14f9a0ca323265bd9d70f7e4d18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4c:1d:a0:1b:2d:7c:51:c0:be:87:e9:37:81:
30:fe:87:83:b5:1b:04:dc:78:19:32:9e:ec:49:b7:
d3:a6:fb:86:db:cc:56:ee:9c:e9:26:f6:b3:63:88:
17:e7:cb:85:ce:76:31:ff:0a:52:63:4f:6e:95:bc:
68:db:b5:3c:7f:39:e2:71:25:73:d7:d1:27:dc:0a:
bf:f4:10:e2:38:9c:6c:2b:dc:dd:b9:fb:9a:04:82:
bd:93:32:59:da:1e:07:27:58:5d:c4:28:59:2b:2a:
25:e7:ae:9e:0c:c8:a6:56:65:60:04:a9:70:db:56:
91:85:26:67:94:56:13:98:f3:b8:03:ff:96:bb:0b:
31:62:e2:28:71:d5:93:28:a7:17:eb:34:7c:59:6a:
54:e2:89:e2:05:5f:7a:f2:0b:27:69:3f:af:57:61:
6e:71:a8:c6:ae:d5:29:a1:70:3b:df:49:18:5d:f6:
31:7f:f6:94:8f:c0:da:6e:0b:c0:e5:34:41:ae:a7:
9f:34:f9:c5:9e:d9:15:ba:13:90:9e:86:42:9a:5c:
33:33:1e:15:2f:23:18:9d:ac:76:29:ce:28:2a:28:
e1:c3:15:3f:10:05:c3:74:7c:71:4b:44:ca:c7:90:
66:ec:70:b1:d5:1b:21:99:89:41:36:6d:12:6d:69:
92:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:A1:46:F2:FA:7D:A1:4F:9A:0C:A3:23:26:5B:D9:D7:0F:7E:4D:18
X509v3 Authority Key Identifier:
keyid:C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/X6FG8vp9oU-aDKMjJlvZ1w9-TRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.10.89.0/24
IPv6:
2a13:d8c1::-2a13:d8c3:ffff:ffff:ffff:ffff:ffff:ffff
2a13:d8c5::-2a13:d8c7:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7f:dd:4b:d1:e2:5d:2c:45:9d:be:1a:43:04:24:17:a2:d1:d8:
58:74:08:5f:78:ce:ff:df:46:b0:df:c3:aa:58:94:5b:09:9e:
ad:1d:39:78:af:0b:d1:33:67:b6:3a:6b:2b:29:fc:b5:36:10:
97:50:88:5a:aa:a8:7d:b3:d8:72:6f:11:76:63:21:c2:76:ec:
89:21:8c:cb:4a:52:3a:f3:fd:6a:b0:b6:00:ed:7d:6c:1e:3e:
2b:ed:05:91:3e:ad:0c:ce:3b:e6:36:ad:a1:df:9d:49:4d:37:
71:59:d6:ec:93:08:ea:1b:d7:2f:ed:0c:14:d7:df:05:f8:e0:
21:84:24:89:5c:8d:3c:5f:41:28:67:d0:18:a4:6a:ec:a1:36:
b1:6b:46:10:e4:37:2d:a7:3d:6a:02:2d:21:7c:04:f2:97:17:
29:94:2c:02:8d:0e:48:b5:e5:66:38:61:d9:3a:81:a1:1e:b4:
77:46:c9:16:45:e2:ad:71:75:84:e5:65:f2:fb:56:f7:ce:14:
65:c2:d6:01:b6:61:48:47:b4:17:5f:8e:3e:e6:e1:cb:2e:82:
9f:8a:74:cb:20:3b:90:01:e4:51:b0:15:f9:59:e8:19:7e:44:
bb:9d:fa:53:dc:ce:3e:80:e3:02:d2:70:34:90:05:c3:4b:80:
09:b0:77:17
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZgJfk2348UsNuSuSXZL6LMHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZjUzYzAzZDJmNGU3ZjA3YTgxZWE5MDNlY2VmMDFkNjhj
NjgxMzcwHhcNMjUwNzE0MTUxMjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmExNDZmMmZhN2RhMTRmOWEwY2EzMjMyNjViZDlkNzBmN2U0ZDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0wdoBstfFHAvofpN4Ew/oeDtRsE
3HgZMp7sSbfTpvuG28xW7pzpJvazY4gX58uFznYx/wpSY09ulbxo27U8fznicSVz
19En3Aq/9BDiOJxsK9zdufuaBIK9kzJZ2h4HJ1hdxChZKyol566eDMimVmVgBKlw
21aRhSZnlFYTmPO4A/+WuwsxYuIocdWTKKcX6zR8WWpU4oniBV968gsnaT+vV2Fu
cajGrtUpoXA730kYXfYxf/aUj8DabgvA5TRBrqefNPnFntkVuhOQnoZCmlwzMx4V
LyMYnax2Kc4oKijhwxU/EAXDdHxxS0TKx5Bm7HCx1RshmYlBNm0SbWmSIwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFF+hRvL6faFPmgyjIyZb2dcPfk0YMB8GA1UdIwQY
MBaAFMb1PAPS9OfweoHqkD7O8B1oxoE3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDct
OTBlYTM3MjljNTc0LzEvWDZGRzh2cDlvVS1hREtNakpsdloxdzktVFJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDctOTBlYTM3MjljNTc0
LzEveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAMBAIAATAGAwQAsApZMCYE
AgACMCAwDgMFACoT2MEDBQIqE9jAMA4DBQAqE9jFAwUDKhPYwDANBgkqhkiG9w0B
AQsFAAOCAQEAf91L0eJdLEWdvhpDBCQXotHYWHQIX3jO/99GsN/DqliUWwmerR05
eK8L0TNntjprKyn8tTYQl1CIWqqofbPYcm8RdmMhwnbsiSGMy0pSOvP9arC2AO19
bB4+K+0FkT6tDM475jatod+dSU03cVnW7JMI6hvXL+0MFNffBfjgIYQkiVyNPF9B
KGfQGKRq7KE2sWtGEOQ3Lac9agItIXwE8pcXKZQsAo0OSLXlZjhh2TqBoR60d0bJ
FkXirXF1hOVl8vtW984UZcLWAbZhSEe0F1+OPubhyy6Cn4p0yyA7kAHkUbAV+Vno
GX5Eu536U9zOPoDjAtJwNJAFw0uACbB3Fw==
-----END CERTIFICATE-----
Generated at Sat Jul 26 11:58:18 2025 by rpki-client