Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/87a863-da6f-4981-9378-b2cd4e58100e/1/X8wL7IEItggqG87hU2SRjhDFo0c.roa
File: X8wL7IEItggqG87hU2SRjhDFo0c.roa (raw, json)
Hash identifier: Z7Uz5pUQbhyO7q39OnET5F24kmKZzxNrZzpSD8G3ebQ=
Subject key identifier: 5F:CC:0B:EC:81:08:B6:08:2A:1B:CE:E1:53:64:91:8E:10:C5:A3:47
Certificate issuer: /CN=91b3f5d6f43e83071fa77e6d3ebbb79352f961b5
Certificate serial: 0197E188B689166753187DAB839D360D6A69
Authority key identifier: 91:B3:F5:D6:F4:3E:83:07:1F:A7:7E:6D:3E:BB:B7:93:52:F9:61:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kbP11vQ-gwcfp35tPru3k1L5YbU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/87a863-da6f-4981-9378-b2cd4e58100e/1/X8wL7IEItggqG87hU2SRjhDFo0c.roa
Signing time: Sun 06 Jul 2025 20:58:42 +0000
ROA not before: Sun 06 Jul 2025 20:58:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209835
IP address blocks: 2.59.232.0/22 maxlen: 22
2.59.232.0/24 maxlen: 24
2.59.233.0/24 maxlen: 24
2.59.234.0/24 maxlen: 24
2.59.235.0/24 maxlen: 24
2a09:fc40::/29 maxlen: 48
2a09:fc40:1::/48 maxlen: 48
2a09:fc40:2::/48 maxlen: 48
2a09:fc40:3::/48 maxlen: 48
2a09:fc40:4::/48 maxlen: 48
2a09:fc40:5::/48 maxlen: 48
2a09:fc40:6::/48 maxlen: 48
2a09:fc40:7::/48 maxlen: 48
2a09:fc40:8::/48 maxlen: 48
2a09:fc40:9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/87a863-da6f-4981-9378-b2cd4e58100e/1/kbP11vQ-gwcfp35tPru3k1L5YbU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/87a863-da6f-4981-9378-b2cd4e58100e/1/kbP11vQ-gwcfp35tPru3k1L5YbU.mft
rsync://rpki.ripe.net/repository/DEFAULT/kbP11vQ-gwcfp35tPru3k1L5YbU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 05:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e1:88:b6:89:16:67:53:18:7d:ab:83:9d:36:0d:6a:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91b3f5d6f43e83071fa77e6d3ebbb79352f961b5
Validity
Not Before: Jul 6 20:58:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5fcc0bec8108b6082a1bcee15364918e10c5a347
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d3:24:0b:ec:85:8c:dd:84:c1:1e:4e:ef:1b:
20:b3:20:b3:b8:f4:cc:1a:04:c0:5e:da:35:9b:db:
c0:c1:87:d5:4d:5f:66:a6:0c:49:55:77:46:e1:ae:
ec:da:eb:85:f9:93:2c:14:b5:32:77:af:6d:db:ee:
9c:c3:77:c8:71:86:68:7f:b8:48:c8:64:d4:bb:e4:
ec:23:0e:29:b1:4d:17:ff:44:50:a8:e0:d4:2c:00:
38:8a:45:f3:4a:80:d6:45:53:5c:d7:97:ac:9b:d5:
ef:78:7a:83:5a:5d:d9:2b:fc:9d:49:2f:68:83:fe:
f7:dd:d9:8e:25:c9:1e:31:0a:32:83:00:70:17:d8:
39:f4:94:b9:28:b4:c2:a8:bb:42:d7:d0:cf:0d:68:
0a:b2:5a:9e:4e:b8:ff:7e:fa:f4:f3:34:81:6e:d3:
c6:cb:ce:b7:1b:80:50:e2:df:61:f7:ad:9a:e2:4f:
fc:29:41:82:5b:b3:20:b1:61:46:1c:c5:eb:81:fd:
57:40:9c:2c:6c:35:03:7e:24:02:7f:29:94:ec:b3:
7a:47:9f:1e:52:99:e2:39:d1:55:96:14:34:13:b9:
5d:ce:97:1f:47:c8:68:a3:4c:5d:99:e3:5f:97:14:
8e:9e:80:25:09:6d:76:f0:98:c7:c7:6e:aa:12:48:
ef:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:CC:0B:EC:81:08:B6:08:2A:1B:CE:E1:53:64:91:8E:10:C5:A3:47
X509v3 Authority Key Identifier:
keyid:91:B3:F5:D6:F4:3E:83:07:1F:A7:7E:6D:3E:BB:B7:93:52:F9:61:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kbP11vQ-gwcfp35tPru3k1L5YbU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/87a863-da6f-4981-9378-b2cd4e58100e/1/X8wL7IEItggqG87hU2SRjhDFo0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/87a863-da6f-4981-9378-b2cd4e58100e/1/kbP11vQ-gwcfp35tPru3k1L5YbU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.232.0/22
IPv6:
2a09:fc40::/29
Signature Algorithm: sha256WithRSAEncryption
57:a1:50:78:d3:5f:a0:6a:e3:b8:98:35:a6:e1:33:75:47:58:
3d:e7:0f:45:56:da:24:38:a1:25:fd:5f:79:49:5d:0a:95:7d:
3b:28:f8:b9:0a:cd:80:46:80:23:02:6b:a9:36:f8:59:73:c4:
3e:f4:d4:fc:5a:d1:63:6d:9a:bb:b5:aa:24:9c:3a:94:be:52:
4e:9b:07:16:21:c2:e9:ad:e5:f2:39:10:ed:37:80:33:0a:5c:
be:0a:d9:2d:57:61:49:05:54:e0:dd:da:55:20:04:92:c6:b2:
25:78:f7:13:65:8d:b8:3a:25:c1:94:b6:74:08:6e:9d:5c:79:
43:93:a3:11:c2:ce:80:38:b1:60:14:80:b1:8f:c6:15:22:52:
33:89:98:2f:44:db:69:dc:8f:33:a5:05:19:fb:7c:e6:41:c6:
f2:71:3a:53:f6:f6:58:13:00:4d:37:51:67:d1:29:04:23:f8:
52:2d:86:2b:0b:02:bd:9d:87:cb:0f:dc:ed:ef:14:5d:2f:16:
66:6c:41:54:53:30:71:df:c7:95:ec:64:76:45:e6:ef:96:db:
c6:17:24:00:a2:b5:bd:e9:da:de:c5:34:99:7a:ae:3c:20:74:
e4:ba:59:a9:6f:1c:00:66:e9:69:12:29:aa:89:41:2a:b3:9c:
fb:9a:33:39
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZfhiLaJFmdTGH2rg502DWppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYjNmNWQ2ZjQzZTgzMDcxZmE3N2U2ZDNlYmJiNzkzNTJm
OTYxYjUwHhcNMjUwNzA2MjA1ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmNjMGJlYzgxMDhiNjA4MmExYmNlZTE1MzY0OTE4ZTEwYzVhMzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NMkC+yFjN2EwR5O7xsgsyCzuPTM
GgTAXto1m9vAwYfVTV9mpgxJVXdG4a7s2uuF+ZMsFLUyd69t2+6cw3fIcYZof7hI
yGTUu+TsIw4psU0X/0RQqODULAA4ikXzSoDWRVNc15esm9XveHqDWl3ZK/ydSS9o
g/733dmOJckeMQoygwBwF9g59JS5KLTCqLtC19DPDWgKslqeTrj/fvr08zSBbtPG
y863G4BQ4t9h962a4k/8KUGCW7MgsWFGHMXrgf1XQJwsbDUDfiQCfymU7LN6R58e
UpniOdFVlhQ0E7ldzpcfR8hoo0xdmeNflxSOnoAlCW128JjHx26qEkjvjwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF/MC+yBCLYIKhvO4VNkkY4QxaNHMB8GA1UdIwQY
MBaAFJGz9db0PoMHH6d+bT67t5NS+WG1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2JQMTF2US1nd2NmcDM1dFBydTNrMUw1WWJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS84N2E4NjMtZGE2Zi00OTgxLTkzNzgt
YjJjZDRlNTgxMDBlLzEvWDh3TDdJRUl0Z2dxRzg3aFUyU1JqaERGbzBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS84N2E4NjMtZGE2Zi00OTgxLTkzNzgtYjJjZDRlNTgxMDBl
LzEva2JQMTF2US1nd2NmcDM1dFBydTNrMUw1WWJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCAjvoMA0E
AgACMAcDBQMqCfxAMA0GCSqGSIb3DQEBCwUAA4IBAQBXoVB401+gauO4mDWm4TN1
R1g95w9FVtokOKEl/V95SV0KlX07KPi5Cs2ARoAjAmupNvhZc8Q+9NT8WtFjbZq7
taoknDqUvlJOmwcWIcLpreXyORDtN4AzCly+CtktV2FJBVTg3dpVIASSxrIlePcT
ZY24OiXBlLZ0CG6dXHlDk6MRws6AOLFgFICxj8YVIlIziZgvRNtp3I8zpQUZ+3zm
QcbycTpT9vZYEwBNN1Fn0SkEI/hSLYYrCwK9nYfLD9zt7xRdLxZmbEFUUzBx38eV
7GR2RebvltvGFyQAorW96drexTSZeq48IHTkulmpbxwAZulpEimqiUEqs5z7mjM5
-----END CERTIFICATE-----
Generated at Fri Jul 25 12:55:22 2025 by rpki-client