Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/xtSN8iG4Nl-BeXCg9S8-gFJ-4nA.roa
File: xtSN8iG4Nl-BeXCg9S8-gFJ-4nA.roa (raw, json)
Hash identifier: SQhTOTq5fti7Jw//IQa95GZPfPn0ytB9LtnF7LJa2IM=
Subject key identifier: C6:D4:8D:F2:21:B8:36:5F:81:79:70:A0:F5:2F:3E:80:52:7E:E2:70
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0198093368FD962C5452BFAFC46F25EFFBC8
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/xtSN8iG4Nl-BeXCg9S8-gFJ-4nA.roa
Signing time: Mon 14 Jul 2025 13:50:20 +0000
ROA not before: Mon 14 Jul 2025 13:50:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200740
IP address blocks: 80.76.32.0/23 maxlen: 23
80.76.34.0/23 maxlen: 23
92.118.8.0/23 maxlen: 23
185.114.72.0/23 maxlen: 23
185.114.72.0/24 maxlen: 24
185.114.73.0/24 maxlen: 24
193.239.160.0/23 maxlen: 23
193.239.166.0/23 maxlen: 23
2a04:5200:68::/48 maxlen: 48
2a04:5201:2::/48 maxlen: 48
2a04:5201:4::/48 maxlen: 48
2a04:5201:6::/48 maxlen: 48
2a04:5201:7::/48 maxlen: 48
2a04:5201:9::/48 maxlen: 48
2a04:5201:10::/48 maxlen: 48
2a04:5201:8018::/48 maxlen: 48
2a0b:7780::/32 maxlen: 32
2a0b:7781::/32 maxlen: 32
2a0b:7782::/32 maxlen: 32
2a0b:7783::/32 maxlen: 32
2a0c:77c0::/32 maxlen: 32
2a0c:77c1::/32 maxlen: 32
2a0c:77c2::/32 maxlen: 32
2a0c:77c3::/32 maxlen: 32
2a0d:3880::/32 maxlen: 32
2a0d:3881::/32 maxlen: 32
2a0d:3882::/32 maxlen: 32
2a0d:3883::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:33:68:fd:96:2c:54:52:bf:af:c4:6f:25:ef:fb:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jul 14 13:50:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6d48df221b8365f817970a0f52f3e80527ee270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:7c:d2:00:03:7a:19:e2:24:ce:2d:4b:0a:bd:
7a:5b:98:3b:b8:3d:79:81:44:ee:c6:d1:27:05:f8:
37:2e:7b:f2:ec:40:90:e2:4c:fc:e5:f8:7d:fa:c5:
aa:42:9a:52:31:20:f5:34:6b:a9:db:b9:8a:d3:eb:
f3:7d:ff:f5:ab:28:12:53:04:59:75:06:7b:b5:d9:
57:30:a1:a3:de:9c:20:55:68:f8:19:d8:46:1b:ad:
3d:a0:b0:c6:c0:07:b7:e0:e5:db:c4:d4:df:c4:0f:
a8:13:73:70:40:89:20:56:b2:05:34:7c:20:cb:de:
56:6e:d3:e0:56:71:e3:86:bc:16:f3:48:2c:9a:4f:
d8:32:ec:26:5a:34:ac:57:f9:39:44:58:68:18:42:
96:b9:95:87:7c:84:72:47:0f:d5:df:b4:2c:3a:1e:
87:b8:92:d2:58:7e:d4:94:64:22:c6:2c:97:25:45:
2f:74:e4:1e:43:e0:51:e7:90:61:63:15:99:4e:d4:
9d:8c:7a:15:55:81:02:a3:84:2c:0c:89:b5:4b:a9:
bc:14:ba:bc:09:8b:53:99:ef:d1:d3:a0:c3:4c:af:
db:4c:63:ff:4d:ad:38:05:eb:98:dc:d8:74:dd:c0:
c3:69:59:3f:a0:91:d4:06:9c:ec:7e:c9:44:e1:66:
3c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:D4:8D:F2:21:B8:36:5F:81:79:70:A0:F5:2F:3E:80:52:7E:E2:70
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/xtSN8iG4Nl-BeXCg9S8-gFJ-4nA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.32.0/22
92.118.8.0/23
185.114.72.0/23
193.239.160.0/23
193.239.166.0/23
IPv6:
2a04:5200:68::/48
2a04:5201:2::/48
2a04:5201:4::/48
2a04:5201:6::/47
2a04:5201:9::/48
2a04:5201:10::/48
2a04:5201:8018::/48
2a0b:7780::/30
2a0c:77c0::/30
2a0d:3880::/30
Signature Algorithm: sha256WithRSAEncryption
05:c0:c1:98:03:f6:a5:84:41:da:0a:a0:ce:c1:f9:5a:90:82:
5b:51:05:21:30:e3:11:d6:77:5e:a2:fa:79:4c:c2:e0:8c:77:
90:33:e5:e5:96:3f:d2:84:06:5b:26:c7:fe:f4:3c:d1:6f:a2:
4e:8c:13:1d:69:ce:1e:c9:9d:c3:69:13:4c:a9:26:23:06:a1:
cb:ae:24:f6:be:bc:a4:16:54:cc:62:6e:d6:9a:18:9a:32:d9:
a4:82:64:34:39:63:1a:5f:60:0b:c0:cc:14:36:c3:04:6d:ee:
5b:9a:4a:aa:cc:f6:81:32:64:00:7c:26:6c:a1:95:8c:8b:d7:
2d:26:ca:c3:51:e8:e8:24:18:98:8d:49:f9:2e:1a:c7:4b:e7:
15:31:fb:c2:70:b5:fb:21:b7:78:ba:66:97:83:f9:26:5c:d2:
ec:05:f2:c2:ba:7e:eb:2e:37:fb:c9:3a:24:0f:c7:d5:d3:c5:
2b:e1:14:78:2c:d0:79:37:4b:b6:43:b6:8a:3d:bb:72:5c:b4:
4b:48:d9:0c:d9:68:61:8c:e1:b5:f2:39:18:56:cd:0e:a8:6b:
eb:cf:e6:4b:bb:2d:eb:9d:86:b9:b9:b0:23:2e:a6:24:a3:31:
1a:60:26:07:c7:f4:86:e4:45:1a:99:7c:d6:45:04:cf:a0:7a:
ef:f7:52:e5
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgISAZgJM2j9lixUUr+vxG8l7/vIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwNzE0MTM1MDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmQ0OGRmMjIxYjgzNjVmODE3OTcwYTBmNTJmM2U4MDUyN2VlMjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinzSAAN6GeIkzi1LCr16W5g7uD15
gUTuxtEnBfg3Lnvy7ECQ4kz85fh9+sWqQppSMSD1NGup27mK0+vzff/1qygSUwRZ
dQZ7tdlXMKGj3pwgVWj4GdhGG609oLDGwAe34OXbxNTfxA+oE3NwQIkgVrIFNHwg
y95WbtPgVnHjhrwW80gsmk/YMuwmWjSsV/k5RFhoGEKWuZWHfIRyRw/V37QsOh6H
uJLSWH7UlGQixiyXJUUvdOQeQ+BR55BhYxWZTtSdjHoVVYECo4QsDIm1S6m8FLq8
CYtTme/R06DDTK/bTGP/Ta04BeuY3Nh03cDDaVk/oJHUBpzsfslE4WY8KwIDAQAB
o4ICgDCCAnwwHQYDVR0OBBYEFMbUjfIhuDZfgXlwoPUvPoBSfuJwMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEveHRTTjhpRzRObC1CZVhDZzlTOC1nRkotNG5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGVBggrBgEFBQcBBwEB/wSBhTCBgjAkBAIAATAeAwQCUEwg
AwQBXHYIAwQBuXJIAwQBwe+gAwQBwe+mMFoEAgACMFQDBwAqBFIAAGgDBwAqBFIB
AAIDBwAqBFIBAAQDBwEqBFIBAAYDBwAqBFIBAAkDBwAqBFIBABADBwAqBFIBgBgD
BQIqC3eAAwUCKgx3wAMFAioNOIAwDQYJKoZIhvcNAQELBQADggEBAAXAwZgD9qWE
QdoKoM7B+VqQgltRBSEw4xHWd16i+nlMwuCMd5Az5eWWP9KEBlsmx/70PNFvok6M
Ex1pzh7JncNpE0ypJiMGocuuJPa+vKQWVMxibtaaGJoy2aSCZDQ5YxpfYAvAzBQ2
wwRt7luaSqrM9oEyZAB8JmyhlYyL1y0mysNR6OgkGJiNSfkuGsdL5xUx+8Jwtfsh
t3i6ZpeD+SZc0uwF8sK6fusuN/vJOiQPx9XTxSvhFHgs0Hk3S7ZDtoo9u3JctEtI
2QzZaGGM4bXyORhWzQ6oa+vP5ku7Leudhrm5sCMupiSjMRpgJgfH9IbkRRqZfNZF
BM+geu/3UuU=
-----END CERTIFICATE-----
Generated at Sun Jul 20 21:55:18 2025 by rpki-client