Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/xLGL3BfWxMtcUVRxtiUbq631owE.roa
File: xLGL3BfWxMtcUVRxtiUbq631owE.roa (raw, json)
Hash identifier: +UNhAurOfSKP8/97u/DACbGsjraqdASOxaVTIj4mWJM=
Subject key identifier: C4:B1:8B:DC:17:D6:C4:CB:5C:51:54:71:B6:25:1B:AB:AD:F5:A3:01
Certificate issuer: /CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Certificate serial: 019A10EEE590ACB20F26658271E3F85A8E8F
Authority key identifier: 03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/xLGL3BfWxMtcUVRxtiUbq631owE.roa
Signing time: Thu 23 Oct 2025 11:58:03 +0000
ROA not before: Thu 23 Oct 2025 11:58:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211874
IP address blocks: 185.128.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 22:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:10:ee:e5:90:ac:b2:0f:26:65:82:71:e3:f8:5a:8e:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Validity
Not Before: Oct 23 11:58:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4b18bdc17d6c4cb5c515471b6251babadf5a301
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:80:ad:f5:31:8a:9f:20:7b:a6:1f:0d:61:e9:
09:80:ae:20:6c:08:c2:f0:f6:63:b5:dd:6b:59:de:
18:24:3f:21:a3:b7:84:58:02:9e:a8:17:c2:34:84:
eb:96:33:e5:23:10:f6:9c:a3:1e:cc:44:07:a1:d8:
6f:4d:8e:9f:f8:16:99:a5:96:ba:05:4c:67:b5:ef:
4e:c9:24:60:11:98:b1:42:99:c3:cd:94:54:83:f3:
81:56:cb:42:08:08:93:97:52:9b:48:d2:d3:50:db:
bd:e2:49:ad:a4:5b:3d:56:ee:af:68:b0:c2:85:af:
e4:6e:17:01:e4:b6:3d:e2:48:27:3f:5b:bf:29:a8:
10:73:42:d1:99:ca:29:20:60:26:4a:54:f4:9a:60:
3a:94:b9:c8:d7:af:d1:9f:ea:34:c3:e0:0e:96:49:
89:bb:29:35:33:34:ab:2a:63:3c:c5:c4:fb:5e:21:
9a:13:d1:e5:65:fb:86:35:18:40:cb:fc:32:5a:df:
00:35:6d:2e:7c:b5:05:10:af:d9:35:04:eb:dd:bd:
80:15:7d:e8:dd:df:3d:93:2a:ba:0a:9c:99:91:15:
07:c5:5e:40:b3:57:16:86:79:bc:ce:22:5f:42:39:
6f:61:2e:d1:13:b0:16:11:d6:76:5c:e5:0b:05:29:
92:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:B1:8B:DC:17:D6:C4:CB:5C:51:54:71:B6:25:1B:AB:AD:F5:A3:01
X509v3 Authority Key Identifier:
keyid:03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/xLGL3BfWxMtcUVRxtiUbq631owE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.63.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:69:e5:7a:ae:63:e8:56:a7:3b:fc:86:86:1d:cb:d0:f5:f7:
4c:cb:d1:0d:84:1b:36:80:a6:b2:27:27:bc:a8:5e:6c:76:95:
65:5f:18:f4:d5:8f:94:4b:4c:a3:23:b9:01:3e:61:3a:7c:b0:
ef:9f:f9:c5:97:39:78:26:6b:39:e3:b0:f4:fd:db:18:a8:49:
49:73:c0:d3:98:ef:2b:4a:b9:63:c7:17:73:9c:f6:fe:f1:2b:
54:94:f8:61:58:a7:77:6d:b9:d8:a0:3e:99:1a:eb:a8:d3:5e:
bf:18:37:56:b4:4b:17:0f:d2:e4:aa:df:e1:9b:69:4e:17:2e:
bf:27:e0:df:ba:61:e1:28:84:76:4f:87:12:d0:7a:fd:82:37:
fd:83:ac:c5:45:92:98:86:3d:24:8e:25:7a:82:34:5c:b8:ed:
a3:3d:de:0a:19:7b:1d:9c:0d:a6:98:35:41:8e:f6:48:17:64:
df:eb:70:f7:ff:d0:32:7a:95:b6:8e:43:2e:66:22:eb:04:3a:
33:fc:5f:36:af:f7:b7:fe:d1:d3:33:e3:d8:56:df:e5:c2:98:
8f:fe:99:35:5f:ae:99:2e:29:c1:b6:89:7c:10:91:4e:59:59:
19:78:2a:40:45:e5:07:71:bc:7d:ca:a0:bc:8b:50:9b:4d:f8:
e9:15:4d:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZoQ7uWQrLIPJmWCceP4Wo6PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzY2JkYjA1OTVmYzQ4OTAyOTM4YTc4ZjQyYzFlYWYwYTE1
OWJmNDYwHhcNMjUxMDIzMTE1ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGIxOGJkYzE3ZDZjNGNiNWM1MTU0NzFiNjI1MWJhYmFkZjVhMzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4Ct9TGKnyB7ph8NYekJgK4gbAjC
8PZjtd1rWd4YJD8ho7eEWAKeqBfCNITrljPlIxD2nKMezEQHodhvTY6f+BaZpZa6
BUxnte9OySRgEZixQpnDzZRUg/OBVstCCAiTl1KbSNLTUNu94kmtpFs9Vu6vaLDC
ha/kbhcB5LY94kgnP1u/KagQc0LRmcopIGAmSlT0mmA6lLnI16/Rn+o0w+AOlkmJ
uyk1MzSrKmM8xcT7XiGaE9HlZfuGNRhAy/wyWt8ANW0ufLUFEK/ZNQTr3b2AFX3o
3d89kyq6CpyZkRUHxV5As1cWhnm8ziJfQjlvYS7RE7AWEdZ2XOULBSmSBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMSxi9wX1sTLXFFUcbYlG6ut9aMBMB8GA1UdIwQY
MBaAFAPL2wWV/EiQKTinj0LB6vChWb9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYt
ZjY2MTM4MDY2MzU4LzEveExHTDNCZld4TXRjVVZSeHRpVWJxNjMxb3dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYtZjY2MTM4MDY2MzU4
LzEvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYA/MA0G
CSqGSIb3DQEBCwUAA4IBAQBtaeV6rmPoVqc7/IaGHcvQ9fdMy9ENhBs2gKayJye8
qF5sdpVlXxj01Y+US0yjI7kBPmE6fLDvn/nFlzl4Jms547D0/dsYqElJc8DTmO8r
SrljxxdznPb+8StUlPhhWKd3bbnYoD6ZGuuo016/GDdWtEsXD9Lkqt/hm2lOFy6/
J+DfumHhKIR2T4cS0Hr9gjf9g6zFRZKYhj0kjiV6gjRcuO2jPd4KGXsdnA2mmDVB
jvZIF2Tf63D3/9AyepW2jkMuZiLrBDoz/F82r/e3/tHTM+PYVt/lwpiP/pk1X66Z
LinBtol8EJFOWVkZeCpAReUHcbx9yqC8i1CbTfjpFU2l
-----END CERTIFICATE-----
Generated at Tue Oct 28 06:27:28 2025 by rpki-client