Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9c5404-5ea4-4776-8cec-aedbbf468028/1/XQt8-9bW0FfWOISPdA8ZaGblVY4.roa
File: XQt8-9bW0FfWOISPdA8ZaGblVY4.roa (raw, json)
Hash identifier: fmg6bIRtzaFenySqXfJpj+XCISOy4FuP2PiXszAHZw4=
Subject key identifier: 5D:0B:7C:FB:D6:D6:D0:57:D6:38:84:8F:74:0F:19:68:66:E5:55:8E
Certificate issuer: /CN=1ec0434a5c3cf2374ca360331926ae7d24ac345b
Certificate serial: 0196FC7A497328451D9E7FEAEAF16E784BA0
Authority key identifier: 1E:C0:43:4A:5C:3C:F2:37:4C:A3:60:33:19:26:AE:7D:24:AC:34:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HsBDSlw88jdMo2AzGSaufSSsNFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/9c5404-5ea4-4776-8cec-aedbbf468028/1/XQt8-9bW0FfWOISPdA8ZaGblVY4.roa
Signing time: Fri 23 May 2025 09:29:54 +0000
ROA not before: Fri 23 May 2025 09:29:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 185.201.20.0/22 maxlen: 22
2a0a:be40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/9c5404-5ea4-4776-8cec-aedbbf468028/1/HsBDSlw88jdMo2AzGSaufSSsNFs.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/9c5404-5ea4-4776-8cec-aedbbf468028/1/HsBDSlw88jdMo2AzGSaufSSsNFs.mft
rsync://rpki.ripe.net/repository/DEFAULT/HsBDSlw88jdMo2AzGSaufSSsNFs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Jun 2025 15:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fc:7a:49:73:28:45:1d:9e:7f:ea:ea:f1:6e:78:4b:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ec0434a5c3cf2374ca360331926ae7d24ac345b
Validity
Not Before: May 23 09:29:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d0b7cfbd6d6d057d638848f740f196866e5558e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:bf:c6:f4:36:9d:e0:1b:21:c4:21:ea:8a:5c:
a9:ca:af:73:5a:74:9a:75:54:54:23:1a:e2:e0:83:
37:11:e1:6f:a8:b8:45:ce:8d:0e:a7:fb:94:49:10:
a3:b2:d4:77:ff:d9:11:ec:04:c9:fd:b7:4e:41:aa:
7c:ae:95:7b:ca:ea:07:b8:8e:3f:dd:f0:cf:8c:94:
ad:c1:e7:c3:4d:48:4c:74:d4:ea:45:e8:69:14:6f:
e7:12:52:fe:b0:ca:9e:0d:7b:14:48:6c:0b:f1:e8:
c1:45:6f:e0:34:17:47:6a:54:43:31:99:f0:9d:8c:
e9:ed:82:ed:04:03:13:f9:be:16:8a:f4:ea:a2:c6:
62:ad:1f:e5:df:26:2f:33:0f:b3:37:2e:18:6c:a5:
d4:71:c2:04:a7:7c:36:9c:c9:27:d8:f6:39:2e:ab:
3f:65:ff:ee:df:39:5c:b5:4a:f4:fa:b5:f3:94:24:
74:d3:c1:7c:4b:94:90:e1:bc:ee:34:b1:16:95:5d:
19:c2:42:b5:72:36:a5:8d:c9:b8:b7:64:19:40:02:
47:c3:c6:0d:f1:39:a9:54:9d:93:f3:ff:e5:a7:38:
86:6c:72:15:e8:17:53:82:21:63:04:c1:a6:b0:3f:
08:ec:55:c5:b8:96:84:04:17:dd:0a:5b:7d:e1:92:
fa:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:0B:7C:FB:D6:D6:D0:57:D6:38:84:8F:74:0F:19:68:66:E5:55:8E
X509v3 Authority Key Identifier:
keyid:1E:C0:43:4A:5C:3C:F2:37:4C:A3:60:33:19:26:AE:7D:24:AC:34:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HsBDSlw88jdMo2AzGSaufSSsNFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c5404-5ea4-4776-8cec-aedbbf468028/1/XQt8-9bW0FfWOISPdA8ZaGblVY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c5404-5ea4-4776-8cec-aedbbf468028/1/HsBDSlw88jdMo2AzGSaufSSsNFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.20.0/22
IPv6:
2a0a:be40::/29
Signature Algorithm: sha256WithRSAEncryption
20:73:ce:0d:36:aa:d8:3f:4f:a1:5e:ce:d4:82:8d:89:29:03:
79:5c:84:eb:d5:66:28:1f:48:3b:61:3e:26:0e:ad:76:da:4b:
4a:4b:a8:24:40:6a:6d:29:d9:49:5f:0b:6f:63:32:8f:5e:1a:
b1:db:97:b4:c9:fd:1c:b4:5d:0b:a3:87:a3:60:be:78:44:ce:
19:05:5b:6d:52:a9:0f:91:17:e5:17:f6:06:1b:7b:cc:1a:1d:
09:b6:f9:eb:4d:aa:28:70:36:2b:de:25:c4:f0:b3:d9:7e:6a:
66:24:a8:00:4c:a8:82:7a:78:9c:c9:65:9b:4b:4a:92:f9:fb:
b1:4d:ce:a1:27:68:4c:07:82:6b:8c:b1:78:48:67:c1:c8:d0:
bb:00:76:21:bc:a6:31:7e:04:24:14:02:9a:b8:42:a3:60:5f:
0a:8b:0d:25:fd:b1:9f:4b:a2:18:80:f9:1b:e8:71:58:c0:76:
f9:9b:9b:be:f3:34:dd:83:5d:a8:b1:23:20:5a:8e:a0:85:01:
b7:48:ed:f4:65:30:20:9d:60:df:ca:d8:55:8c:59:5d:38:db:
ca:26:fa:79:5b:0a:08:72:a4:e4:af:0f:c6:21:40:1b:fa:6b:
0e:a2:37:07:fd:6e:9b:22:c6:47:86:cf:ce:0f:5e:2f:89:f2:
d6:4b:7a:30
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZb8eklzKEUdnn/q6vFueEugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYzA0MzRhNWMzY2YyMzc0Y2EzNjAzMzE5MjZhZTdkMjRh
YzM0NWIwHhcNMjUwNTIzMDkyOTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDBiN2NmYmQ2ZDZkMDU3ZDYzODg0OGY3NDBmMTk2ODY2ZTU1NThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2r/G9Dad4BshxCHqilypyq9zWnSa
dVRUIxri4IM3EeFvqLhFzo0Op/uUSRCjstR3/9kR7ATJ/bdOQap8rpV7yuoHuI4/
3fDPjJStwefDTUhMdNTqRehpFG/nElL+sMqeDXsUSGwL8ejBRW/gNBdHalRDMZnw
nYzp7YLtBAMT+b4WivTqosZirR/l3yYvMw+zNy4YbKXUccIEp3w2nMkn2PY5Lqs/
Zf/u3zlctUr0+rXzlCR008F8S5SQ4bzuNLEWlV0ZwkK1cjaljcm4t2QZQAJHw8YN
8TmpVJ2T8//lpziGbHIV6BdTgiFjBMGmsD8I7FXFuJaEBBfdClt94ZL6MwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF0LfPvW1tBX1jiEj3QPGWhm5VWOMB8GA1UdIwQY
MBaAFB7AQ0pcPPI3TKNgMxkmrn0krDRbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHNCRFNsdzg4amRNbzJBekdTYXVmU1NzTkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85YzU0MDQtNWVhNC00Nzc2LThjZWMt
YWVkYmJmNDY4MDI4LzEvWFF0OC05YlcwRmZXT0lTUGRBOFphR2JsVlk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85YzU0MDQtNWVhNC00Nzc2LThjZWMtYWVkYmJmNDY4MDI4
LzEvSHNCRFNsdzg4amRNbzJBekdTYXVmU1NzTkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuckUMA0E
AgACMAcDBQMqCr5AMA0GCSqGSIb3DQEBCwUAA4IBAQAgc84NNqrYP0+hXs7Ugo2J
KQN5XITr1WYoH0g7YT4mDq122ktKS6gkQGptKdlJXwtvYzKPXhqx25e0yf0ctF0L
o4ejYL54RM4ZBVttUqkPkRflF/YGG3vMGh0JtvnrTaoocDYr3iXE8LPZfmpmJKgA
TKiCenicyWWbS0qS+fuxTc6hJ2hMB4JrjLF4SGfByNC7AHYhvKYxfgQkFAKauEKj
YF8Kiw0l/bGfS6IYgPkb6HFYwHb5m5u+8zTdg12osSMgWo6ghQG3SO30ZTAgnWDf
ythVjFldONvKJvp5WwoIcqTkrw/GIUAb+msOojcH/W6bIsZHhs/OD14vifLWS3ow
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:12:17 2025 by rpki-client