Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/f4f244-8c0c-4564-9c42-af60fd5f06b1/1/xw6VI0SfTqgX1Ykal0pt0rqVfPs.roa
File: xw6VI0SfTqgX1Ykal0pt0rqVfPs.roa (raw, json)
Hash identifier: +mo5fxF621tUv4Tlvitq33EyXbo2V/p/J1JdJ2mFmTo=
Subject key identifier: C7:0E:95:23:44:9F:4E:A8:17:D5:89:1A:97:4A:6D:D2:BA:95:7C:FB
Certificate issuer: /CN=b45addcd579648fc3f6124e558479ef0b07f018c
Certificate serial: 019809449E530A22B19EAB0075BA4E589CC1
Authority key identifier: B4:5A:DD:CD:57:96:48:FC:3F:61:24:E5:58:47:9E:F0:B0:7F:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFrdzVeWSPw_YSTlWEee8LB_AYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/f4f244-8c0c-4564-9c42-af60fd5f06b1/1/xw6VI0SfTqgX1Ykal0pt0rqVfPs.roa
Signing time: Mon 14 Jul 2025 14:09:08 +0000
ROA not before: Mon 14 Jul 2025 14:09:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207304
IP address blocks: 45.138.0.0/24 maxlen: 24
2a14:48c5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/f4f244-8c0c-4564-9c42-af60fd5f06b1/1/tFrdzVeWSPw_YSTlWEee8LB_AYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/f4f244-8c0c-4564-9c42-af60fd5f06b1/1/tFrdzVeWSPw_YSTlWEee8LB_AYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/tFrdzVeWSPw_YSTlWEee8LB_AYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 05:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:44:9e:53:0a:22:b1:9e:ab:00:75:ba:4e:58:9c:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45addcd579648fc3f6124e558479ef0b07f018c
Validity
Not Before: Jul 14 14:09:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c70e9523449f4ea817d5891a974a6dd2ba957cfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:0b:1f:d2:df:9f:94:09:df:e8:60:ff:fb:49:
59:d5:db:41:ab:14:f1:ff:fb:d0:25:84:89:52:b4:
26:9c:fc:77:f5:2c:ec:c5:2b:52:2a:85:50:b7:1d:
37:e1:0d:96:c7:97:a1:4e:0d:87:66:0d:1a:68:aa:
f2:99:48:6d:92:6f:b5:ba:a5:11:d2:53:18:1e:15:
f6:38:61:38:d9:90:bc:c1:54:0d:be:2d:90:2a:79:
8e:4c:40:4f:63:71:be:05:2b:b5:13:a8:c2:de:91:
f7:cb:bd:5c:bd:87:e3:50:f4:0b:96:27:e5:63:7a:
46:ef:4b:84:cd:31:9d:47:37:c1:2a:79:f8:68:0e:
c2:ec:99:6a:ea:74:bb:6a:e8:6e:1a:0b:ef:fa:4e:
6f:2b:ec:87:9f:cd:ca:e2:5d:b8:dc:66:55:dd:cc:
bb:8f:b8:7e:11:23:8e:4d:18:aa:f8:bd:ca:a3:84:
cf:a6:33:76:1b:83:70:76:c5:66:da:6d:9d:75:0c:
43:fd:0d:41:bb:c0:24:e3:c3:59:c5:54:4e:0b:8e:
c5:34:7a:4a:53:b6:f3:31:ba:91:34:86:d7:3c:e8:
4d:39:9d:21:4c:a9:0d:f9:99:d7:35:4c:26:94:d0:
82:7d:71:80:8e:73:7a:ea:b4:a9:e6:e4:07:cf:5c:
5a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:0E:95:23:44:9F:4E:A8:17:D5:89:1A:97:4A:6D:D2:BA:95:7C:FB
X509v3 Authority Key Identifier:
keyid:B4:5A:DD:CD:57:96:48:FC:3F:61:24:E5:58:47:9E:F0:B0:7F:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFrdzVeWSPw_YSTlWEee8LB_AYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/f4f244-8c0c-4564-9c42-af60fd5f06b1/1/xw6VI0SfTqgX1Ykal0pt0rqVfPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/f4f244-8c0c-4564-9c42-af60fd5f06b1/1/tFrdzVeWSPw_YSTlWEee8LB_AYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.0.0/24
IPv6:
2a14:48c5::/48
Signature Algorithm: sha256WithRSAEncryption
68:14:f0:23:a7:96:59:a1:89:7c:ba:e3:03:75:1d:f3:5d:34:
44:fe:08:8d:cb:83:47:eb:2e:f3:9d:36:91:59:f0:70:5d:dd:
9d:de:fc:7b:42:5f:99:9f:60:ed:0f:36:d1:9c:19:de:09:79:
26:f3:06:81:18:56:04:4d:33:cf:7a:7c:f6:47:c1:da:4e:4a:
10:7f:bf:4b:63:7e:73:44:a8:3e:0d:b5:59:37:2e:24:28:24:
cc:20:f0:15:f4:92:b9:8d:ed:e0:ac:d9:d5:f1:bb:f5:bb:ea:
e9:2d:d8:4e:8d:98:c0:d0:dd:6a:77:d4:fa:a6:88:f5:8a:89:
43:c0:38:1c:92:71:d2:e4:95:1b:03:50:a0:55:e4:fb:51:86:
ba:3a:14:5d:aa:e7:61:71:af:93:74:6f:8d:98:82:2f:e9:a0:
67:d5:50:db:34:f2:ef:01:96:82:18:82:57:22:45:1a:1a:72:
d4:0f:da:2e:83:8d:df:1b:8f:1f:5b:c5:7a:e8:1d:da:ac:3b:
c1:cf:92:99:56:ac:1f:f6:f9:90:e2:ab:5e:96:be:2a:76:52:
0f:1e:bd:b4:ce:2b:66:9a:66:4e:fe:b7:ce:d7:d6:51:7f:7c:
21:e9:42:85:d1:75:a5:43:ee:80:6c:65:c5:6c:9a:9a:ee:fa:
d2:52:ee:b6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZgJRJ5TCiKxnqsAdbpOWJzBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NWFkZGNkNTc5NjQ4ZmMzZjYxMjRlNTU4NDc5ZWYwYjA3
ZjAxOGMwHhcNMjUwNzE0MTQwOTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzBlOTUyMzQ0OWY0ZWE4MTdkNTg5MWE5NzRhNmRkMmJhOTU3Y2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgsf0t+flAnf6GD/+0lZ1dtBqxTx
//vQJYSJUrQmnPx39SzsxStSKoVQtx034Q2Wx5ehTg2HZg0aaKrymUhtkm+1uqUR
0lMYHhX2OGE42ZC8wVQNvi2QKnmOTEBPY3G+BSu1E6jC3pH3y71cvYfjUPQLlifl
Y3pG70uEzTGdRzfBKnn4aA7C7Jlq6nS7auhuGgvv+k5vK+yHn83K4l243GZV3cy7
j7h+ESOOTRiq+L3Ko4TPpjN2G4NwdsVm2m2ddQxD/Q1Bu8Ak48NZxVROC47FNHpK
U7bzMbqRNIbXPOhNOZ0hTKkN+ZnXNUwmlNCCfXGAjnN66rSp5uQHz1xaMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMcOlSNEn06oF9WJGpdKbdK6lXz7MB8GA1UdIwQY
MBaAFLRa3c1Xlkj8P2Ek5VhHnvCwfwGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZyZHpWZVdTUHdfWVNUbFdFZWU4TEJfQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9mNGYyNDQtOGMwYy00NTY0LTljNDIt
YWY2MGZkNWYwNmIxLzEveHc2VkkwU2ZUcWdYMVlrYWwwcHQwcnFWZlBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9mNGYyNDQtOGMwYy00NTY0LTljNDItYWY2MGZkNWYwNmIx
LzEvdEZyZHpWZVdTUHdfWVNUbFdFZWU4TEJfQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALYoAMA8E
AgACMAkDBwAqFEjFAAAwDQYJKoZIhvcNAQELBQADggEBAGgU8COnllmhiXy64wN1
HfNdNET+CI3Lg0frLvOdNpFZ8HBd3Z3e/HtCX5mfYO0PNtGcGd4JeSbzBoEYVgRN
M896fPZHwdpOShB/v0tjfnNEqD4NtVk3LiQoJMwg8BX0krmN7eCs2dXxu/W76ukt
2E6NmMDQ3Wp31PqmiPWKiUPAOByScdLklRsDUKBV5PtRhro6FF2q52Fxr5N0b42Y
gi/poGfVUNs08u8BloIYglciRRoactQP2i6Djd8bjx9bxXroHdqsO8HPkplWrB/2
+ZDiq16Wvip2Ug8evbTOK2aaZk7+t87X1lF/fCHpQoXRdaVD7oBsZcVsmpru+tJS
7rY=
-----END CERTIFICATE-----
Generated at Sat Jul 26 14:56:04 2025 by rpki-client