Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Xs2LqzeWMw_BEeWsETVp2PibTQg.roa
File: Xs2LqzeWMw_BEeWsETVp2PibTQg.roa (raw, json)
Hash identifier: wPUJOwbwYIu3P5PGi8O5gCoo6gVEJbXntzahzJLryE8=
Subject key identifier: 5E:CD:8B:AB:37:96:33:0F:C1:11:E5:AC:11:35:69:D8:F8:9B:4D:08
Certificate issuer: /CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823
Certificate serial: 0198F56A39FFF9528689729C57E6C1922226
Authority key identifier: 62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Xs2LqzeWMw_BEeWsETVp2PibTQg.roa
Signing time: Fri 29 Aug 2025 10:40:36 +0000
ROA not before: Fri 29 Aug 2025 10:40:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 158.173.3.0/24 maxlen: 24
158.173.4.0/24 maxlen: 24
158.173.5.0/24 maxlen: 24
158.173.6.0/24 maxlen: 24
158.173.7.0/24 maxlen: 24
158.173.16.0/24 maxlen: 24
158.173.17.0/24 maxlen: 24
158.173.18.0/24 maxlen: 24
158.173.19.0/24 maxlen: 24
158.173.20.0/24 maxlen: 24
158.173.21.0/24 maxlen: 24
158.173.22.0/24 maxlen: 24
158.173.23.0/24 maxlen: 24
158.173.24.0/24 maxlen: 24
158.173.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 01:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f5:6a:39:ff:f9:52:86:89:72:9c:57:e6:c1:92:22:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823
Validity
Not Before: Aug 29 10:40:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ecd8bab3796330fc111e5ac113569d8f89b4d08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:85:10:cd:1e:f7:f5:91:16:cb:96:b2:1f:37:
02:3f:c4:8f:a0:dc:fd:b5:78:f8:b3:41:7b:61:2a:
d3:e5:02:7c:91:d8:59:02:8a:d0:bd:9d:22:69:ca:
3a:62:31:f0:2b:f1:59:e7:0f:7d:9c:31:af:51:34:
1e:ba:33:b3:83:a6:42:94:4b:db:80:39:f5:49:de:
77:65:1b:2a:b4:fe:fe:e3:cb:c7:aa:f5:e6:60:c3:
0a:4f:08:60:c0:68:51:73:e3:f4:1a:6e:0f:5f:ec:
46:fb:7a:3f:e8:ff:9e:9e:92:40:29:2f:db:95:82:
b2:56:ba:38:5d:85:26:69:55:e2:dd:5e:6d:5e:55:
db:ad:65:a4:b6:de:ed:92:6b:f5:13:cf:72:da:5f:
bc:2f:59:f7:b7:5c:d9:95:8a:c5:a5:a4:cf:f9:73:
61:e0:46:43:2e:42:fe:e9:af:44:06:72:0b:d4:df:
ef:29:8e:8f:0d:57:f4:ae:e7:0d:ce:70:9d:7f:f9:
f4:56:13:82:b7:88:a8:cc:d9:d2:d4:ec:b1:03:56:
28:47:a1:e1:ad:c4:9d:c1:b8:c3:1a:ed:3a:49:0b:
6a:93:0e:2f:ac:ae:e6:c1:d6:4f:d7:30:f3:67:87:
f9:a9:77:8d:1a:a4:0a:4b:dd:c4:af:c3:73:2d:c5:
9e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:CD:8B:AB:37:96:33:0F:C1:11:E5:AC:11:35:69:D8:F8:9B:4D:08
X509v3 Authority Key Identifier:
keyid:62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Xs2LqzeWMw_BEeWsETVp2PibTQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.173.3.0-158.173.7.255
158.173.16.0-158.173.25.255
Signature Algorithm: sha256WithRSAEncryption
85:49:51:ae:d1:3e:bf:f6:1e:5b:3c:d2:77:3e:a0:79:4f:69:
29:a8:09:26:cc:36:68:c4:ab:80:d1:b5:75:c8:8d:2a:a6:42:
bc:5a:c3:62:2a:ef:f7:9c:db:93:81:03:fd:ff:4f:f7:37:be:
b7:fd:3f:fc:ea:e5:56:3a:1f:e3:40:27:ec:07:c9:e1:10:ad:
56:54:23:f4:3f:41:1e:1a:e9:80:db:53:8c:a0:87:62:25:57:
31:62:70:69:c4:c5:df:b1:b9:cf:32:0c:31:ab:b8:69:7f:54:
e0:41:36:8d:88:63:d1:f1:88:06:66:72:82:bb:17:cf:e1:a2:
49:0b:65:d8:d6:28:a6:b3:1e:3b:0d:5d:85:5d:2b:b2:ba:dd:
2a:ee:64:d2:0c:52:b6:bb:5e:e3:19:39:e2:59:e8:fd:ae:b8:
3a:7d:69:60:21:51:bb:aa:07:51:47:0e:8c:5c:c4:e8:28:9f:
1d:aa:f0:bb:02:00:51:ea:ac:b7:b3:5f:08:da:56:d1:8a:47:
0d:58:7e:d4:78:60:c9:61:8d:bd:63:26:12:61:60:b1:c8:c1:
ea:e1:67:43:e6:78:92:b4:5b:fd:c0:63:73:ca:cc:3b:aa:34:
36:c1:a6:1c:3e:1e:fb:b2:8b:ee:a5:84:39:74:cf:87:14:93:
d8:07:05:5a
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZj1ajn/+VKGiXKcV+bBkiImMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNmEyOGI3YzYzZWY2YWIyMTRhNTJjZmE3YzNlNzhkYjlh
NDA4MjMwHhcNMjUwODI5MTA0MDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWNkOGJhYjM3OTYzMzBmYzExMWU1YWMxMTM1NjlkOGY4OWI0ZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYUQzR739ZEWy5ayHzcCP8SPoNz9
tXj4s0F7YSrT5QJ8kdhZAorQvZ0iaco6YjHwK/FZ5w99nDGvUTQeujOzg6ZClEvb
gDn1Sd53ZRsqtP7+48vHqvXmYMMKTwhgwGhRc+P0Gm4PX+xG+3o/6P+enpJAKS/b
lYKyVro4XYUmaVXi3V5tXlXbrWWktt7tkmv1E89y2l+8L1n3t1zZlYrFpaTP+XNh
4EZDLkL+6a9EBnIL1N/vKY6PDVf0rucNznCdf/n0VhOCt4iozNnS1OyxA1YoR6Hh
rcSdwbjDGu06SQtqkw4vrK7mwdZP1zDzZ4f5qXeNGqQKS93Er8NzLcWe6QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFF7Ni6s3ljMPwRHlrBE1adj4m00IMB8GA1UdIwQY
MBaAFGJqKLfGPvarIUpSz6fD5425pAgjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW1vb3Q4WS05cXNoU2xMUHA4UG5qYm1rQ0NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zYzA3ODUtYjI3My00MDcyLWE2MzUt
ZDJjZDI2YjY5ZGYxLzEvWHMyTHF6ZVdNd19CRWVXc0VUVnAyUGliVFFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8zYzA3ODUtYjI3My00MDcyLWE2MzUtZDJjZDI2YjY5ZGYx
LzEvWW1vb3Q4WS05cXNoU2xMUHA4UG5qYm1rQ0NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBACerQMD
BAOerQAwDAMEBJ6tEAMEAZ6tGDANBgkqhkiG9w0BAQsFAAOCAQEAhUlRrtE+v/Ye
WzzSdz6geU9pKagJJsw2aMSrgNG1dciNKqZCvFrDYirv95zbk4ED/f9P9ze+t/0/
/OrlVjof40An7AfJ4RCtVlQj9D9BHhrpgNtTjKCHYiVXMWJwacTF37G5zzIMMau4
aX9U4EE2jYhj0fGIBmZygrsXz+GiSQtl2NYoprMeOw1dhV0rsrrdKu5k0gxStrte
4xk54lno/a64On1pYCFRu6oHUUcOjFzE6CifHarwuwIAUeqst7NfCNpW0YpHDVh+
1HhgyWGNvWMmEmFgscjB6uFnQ+Z4krRb/cBjc8rMO6o0NsGmHD4e+7KL7qWEOXTP
hxST2AcFWg==
-----END CERTIFICATE-----
Generated at Fri Sep 5 07:56:37 2025 by rpki-client