Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/X33Nuee0w6GTBtZodhIbCfryLHg.roa
File: X33Nuee0w6GTBtZodhIbCfryLHg.roa (raw, json)
Hash identifier: q4lpuwTTRU669YBE3yh5vrkAgExUqfjgBFzui/pDGDI=
Subject key identifier: 5F:7D:CD:B9:E7:B4:C3:A1:93:06:D6:68:76:12:1B:09:FA:F2:2C:78
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019A507DA6C7D3BE3FE3D188CDABBBBDC5B9
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/X33Nuee0w6GTBtZodhIbCfryLHg.roa
Signing time: Tue 04 Nov 2025 20:10:03 +0000
ROA not before: Tue 04 Nov 2025 20:10:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400529
IP address blocks: 45.155.64.0/24 maxlen: 24
80.244.15.0/24 maxlen: 24
94.103.187.0/24 maxlen: 24
176.118.33.0/24 maxlen: 24
185.244.106.0/24 maxlen: 24
194.69.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Nov 2025 20:52:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:7d:a6:c7:d3:be:3f:e3:d1:88:cd:ab:bb:bd:c5:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Nov 4 20:10:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f7dcdb9e7b4c3a19306d66876121b09faf22c78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:71:d0:7c:ff:af:8a:0a:77:6c:de:f0:08:4f:
25:7a:ab:2f:95:a3:c9:3e:0f:aa:23:d9:f5:89:8f:
68:fd:f5:63:11:23:f4:ce:64:48:f5:2b:4c:64:12:
4d:ab:37:17:56:60:7c:f6:13:8b:38:df:ab:b8:84:
c9:ab:15:5d:c4:aa:dd:1a:39:48:0d:94:62:96:84:
f6:01:bb:e7:dd:39:4a:d6:a1:27:82:47:93:20:66:
47:3a:54:e2:1a:6f:ff:4f:92:39:fa:de:0e:bf:40:
16:cd:c1:b1:b2:08:f8:f4:3c:3c:b9:96:52:03:b8:
db:42:40:5e:6d:f2:07:b1:68:c7:ec:03:81:10:ba:
54:ef:0b:8e:2e:7f:eb:c4:e1:5b:cf:b4:f1:a2:87:
40:5c:45:bf:17:3c:30:8e:44:d4:88:03:13:0b:61:
73:ac:36:48:c0:5f:a1:ec:50:45:ba:20:b0:82:8b:
33:c1:e4:82:a6:da:c6:b9:45:93:02:81:35:08:6e:
d5:b2:29:b9:a6:98:f2:62:6c:ab:59:51:1a:0f:9e:
6d:71:1d:7a:20:3a:af:d1:b2:41:12:d4:c6:52:b3:
42:a7:e0:f1:ac:1e:e2:07:65:38:b4:d5:48:84:25:
dd:11:a9:fe:25:7d:4e:bf:ca:c3:39:b5:4b:10:35:
4a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:7D:CD:B9:E7:B4:C3:A1:93:06:D6:68:76:12:1B:09:FA:F2:2C:78
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/X33Nuee0w6GTBtZodhIbCfryLHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.64.0/24
80.244.15.0/24
94.103.187.0/24
176.118.33.0/24
185.244.106.0/24
194.69.160.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:ab:dc:cb:ec:4f:59:19:69:30:18:3b:41:fb:90:b9:b0:6b:
d0:48:45:cf:5f:a9:d1:fb:06:5b:03:bb:45:b3:e8:26:12:59:
30:96:5c:96:c8:38:e9:a9:61:88:d8:1e:d5:10:bf:6c:35:63:
08:83:14:71:2d:7f:31:f2:4a:eb:3c:8f:ec:b2:fd:65:56:0e:
88:29:63:74:a2:19:18:40:c0:5d:27:c5:ec:83:f5:a2:d8:55:
b5:ad:1b:46:29:a5:88:ed:28:65:52:ce:7e:84:bc:72:ba:38:
44:f9:71:2d:d2:1f:45:70:ba:b3:63:dc:3f:e3:43:83:f1:21:
b2:ef:ab:6b:e9:9e:8b:5b:45:e0:aa:46:3f:44:9c:05:e2:55:
8f:dd:a2:77:7d:85:43:d8:95:a1:d4:38:fa:f7:02:e4:4d:de:
e2:15:3e:52:ff:59:00:ed:4c:c4:01:75:90:93:a7:53:79:0c:
6c:5d:61:f2:cd:2a:27:6e:78:6a:d5:7c:33:f0:45:2a:bc:11:
fd:c9:8d:bc:84:c3:0e:12:ff:00:5d:11:c5:bb:b7:1f:9b:dc:
55:88:27:2e:9b:c2:b8:00:3f:a3:ad:7d:6f:9b:ad:3a:45:f6:
80:92:70:f0:96:f8:09:a0:10:e2:6c:ee:48:15:fd:00:51:64:
f0:c6:e6:43
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZpQfabH074/49GIzau7vcW5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUxMTA0MjAxMDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjdkY2RiOWU3YjRjM2ExOTMwNmQ2Njg3NjEyMWIwOWZhZjIyYzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA63HQfP+vigp3bN7wCE8leqsvlaPJ
Pg+qI9n1iY9o/fVjESP0zmRI9StMZBJNqzcXVmB89hOLON+ruITJqxVdxKrdGjlI
DZRiloT2Abvn3TlK1qEngkeTIGZHOlTiGm//T5I5+t4Ov0AWzcGxsgj49Dw8uZZS
A7jbQkBebfIHsWjH7AOBELpU7wuOLn/rxOFbz7TxoodAXEW/FzwwjkTUiAMTC2Fz
rDZIwF+h7FBFuiCwgoszweSCptrGuUWTAoE1CG7Vsim5ppjyYmyrWVEaD55tcR16
IDqv0bJBEtTGUrNCp+DxrB7iB2U4tNVIhCXdEan+JX1Ov8rDObVLEDVKawIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFF99zbnntMOhkwbWaHYSGwn68ix4MB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvWDMzTnVlZTB3NkdUQnRab2RoSWJDZnJ5TEhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALZtAAwQA
UPQPAwQAXme7AwQAsHYhAwQAufRqAwQAwkWgMA0GCSqGSIb3DQEBCwUAA4IBAQDH
q9zL7E9ZGWkwGDtB+5C5sGvQSEXPX6nR+wZbA7tFs+gmElkwllyWyDjpqWGI2B7V
EL9sNWMIgxRxLX8x8krrPI/ssv1lVg6IKWN0ohkYQMBdJ8Xsg/Wi2FW1rRtGKaWI
7ShlUs5+hLxyujhE+XEt0h9FcLqzY9w/40OD8SGy76tr6Z6LW0XgqkY/RJwF4lWP
3aJ3fYVD2JWh1Dj69wLkTd7iFT5S/1kA7UzEAXWQk6dTeQxsXWHyzSonbnhq1Xwz
8EUqvBH9yY28hMMOEv8AXRHFu7cfm9xViCcum8K4AD+jrX1vm606RfaAknDwlvgJ
oBDibO5IFf0AUWTwxuZD
-----END CERTIFICATE-----
Generated at Fri Nov 14 05:47:34 2025 by rpki-client