Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/xD6BeE3ArpdZOvnopiFN0-4tsTY.roa
File: xD6BeE3ArpdZOvnopiFN0-4tsTY.roa (raw, json)
Hash identifier: BriWQHFA3ywCML2plYEhoJN/vE9zqfWh6qgkdWn0EcA=
Subject key identifier: C4:3E:81:78:4D:C0:AE:97:59:3A:F9:E8:A6:21:4D:D3:EE:2D:B1:36
Certificate issuer: /CN=5954b6183e459748c89ee5431b8f31de692ae3b7
Certificate serial: 0199139E1EACC48C29266C0D691F257811A0
Authority key identifier: 59:54:B6:18:3E:45:97:48:C8:9E:E5:43:1B:8F:31:DE:69:2A:E3:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/xD6BeE3ArpdZOvnopiFN0-4tsTY.roa
Signing time: Thu 04 Sep 2025 07:25:53 +0000
ROA not before: Thu 04 Sep 2025 07:25:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401783
IP address blocks: 212.11.1.0/24 maxlen: 24
212.11.2.0/24 maxlen: 24
212.11.3.0/24 maxlen: 24
212.11.4.0/24 maxlen: 24
212.11.5.0/24 maxlen: 24
212.11.7.0/24 maxlen: 24
212.11.11.0/24 maxlen: 24
212.11.12.0/24 maxlen: 24
212.11.14.0/24 maxlen: 24
212.11.15.0/24 maxlen: 24
212.11.45.0/24 maxlen: 24
212.11.46.0/24 maxlen: 24
212.11.47.0/24 maxlen: 24
212.11.50.0/24 maxlen: 24
212.11.51.0/24 maxlen: 24
212.11.53.0/24 maxlen: 24
212.11.54.0/24 maxlen: 24
212.11.57.0/24 maxlen: 24
212.11.58.0/24 maxlen: 24
212.11.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.mft
rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 04:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:13:9e:1e:ac:c4:8c:29:26:6c:0d:69:1f:25:78:11:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5954b6183e459748c89ee5431b8f31de692ae3b7
Validity
Not Before: Sep 4 07:25:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c43e81784dc0ae97593af9e8a6214dd3ee2db136
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d1:db:09:b1:6c:2b:0d:2a:b3:0a:7b:41:9e:
a0:f3:04:89:a6:cb:6d:c6:fe:35:26:53:45:b9:ab:
6c:69:3f:17:71:ec:66:2a:ed:bb:ea:5e:37:8b:ed:
f8:a5:29:80:16:9a:96:64:25:3e:f6:ee:4d:93:a6:
13:b4:23:95:31:e1:45:ae:e5:c0:c6:d5:45:98:28:
2a:90:f5:b2:0f:e5:e6:08:42:1e:ba:22:d9:06:50:
ad:c4:b3:43:96:05:13:c9:20:5b:b8:16:fe:ea:c7:
e9:e8:8a:c4:3e:2a:a8:8b:5c:1b:dc:22:45:97:2c:
cb:85:44:56:54:79:c6:6c:26:61:fe:8e:3e:e1:76:
b9:6e:48:43:53:c2:9d:27:b7:6b:94:12:20:b4:2b:
53:da:54:57:e5:ec:41:0c:5e:c4:e6:e3:5f:23:2e:
a5:b0:7d:3e:e6:13:7d:50:0f:43:7b:47:ba:a7:5b:
c7:e3:ac:8c:4d:35:91:84:e3:de:fb:78:7c:c2:eb:
d8:73:8c:a3:96:07:7b:c1:cf:d8:d3:a1:f1:e0:da:
f8:41:a9:5a:fa:6e:e5:cc:ab:7c:4a:ea:d7:09:62:
28:46:40:b8:1c:de:5d:de:0e:f4:38:11:a1:c0:9b:
38:21:4b:68:32:6f:56:fb:bf:80:62:a5:89:22:5c:
50:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:3E:81:78:4D:C0:AE:97:59:3A:F9:E8:A6:21:4D:D3:EE:2D:B1:36
X509v3 Authority Key Identifier:
keyid:59:54:B6:18:3E:45:97:48:C8:9E:E5:43:1B:8F:31:DE:69:2A:E3:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/xD6BeE3ArpdZOvnopiFN0-4tsTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.11.1.0-212.11.5.255
212.11.7.0/24
212.11.11.0-212.11.12.255
212.11.14.0/23
212.11.45.0-212.11.47.255
212.11.50.0/23
212.11.53.0-212.11.54.255
212.11.57.0-212.11.59.255
Signature Algorithm: sha256WithRSAEncryption
31:ae:d0:07:7e:e6:54:a5:9f:96:35:68:16:7c:42:e0:68:0c:
e9:e6:d0:99:9d:0a:55:fa:cf:e0:55:e6:25:22:dd:0b:95:78:
d0:b0:2c:34:94:ec:7a:e9:74:0b:1c:04:12:3e:3e:ec:a0:e3:
eb:99:3f:96:9b:88:ff:23:09:78:e8:94:dd:c6:56:80:a9:2b:
b6:5b:d7:1f:3b:66:c6:8c:3a:d2:2b:d7:1d:98:09:85:78:22:
af:15:1f:8c:07:f6:aa:b7:11:54:e5:92:af:b3:51:b2:7d:f4:
6f:ea:87:5a:fd:65:4d:60:46:ef:75:64:6a:f8:b0:ea:26:dd:
12:32:15:19:7a:f8:8b:6c:8d:fa:31:c0:ba:f6:e4:e5:2d:8b:
89:e4:11:c9:cb:4f:f9:35:af:8d:13:c6:9c:97:58:7c:fd:82:
ca:e7:b6:0d:5e:77:5b:c9:0f:42:64:af:03:77:de:b9:da:1e:
58:db:76:8c:a4:94:33:b2:36:80:c4:84:6b:6f:28:68:55:0e:
7d:f5:05:9d:18:ff:a3:55:47:80:51:4d:ab:9b:b4:96:10:db:
83:4d:7a:34:46:76:6a:86:5a:d5:f1:98:cb:b8:6e:5e:9d:29:
4e:52:c6:41:21:73:d6:71:ab:76:df:33:ac:e0:d7:b0:94:c3:
84:6f:20:7c
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZkTnh6sxIwpJmwNaR8leBGgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NTRiNjE4M2U0NTk3NDhjODllZTU0MzFiOGYzMWRlNjky
YWUzYjcwHhcNMjUwOTA0MDcyNTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDNlODE3ODRkYzBhZTk3NTkzYWY5ZThhNjIxNGRkM2VlMmRiMTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dHbCbFsKw0qswp7QZ6g8wSJpstt
xv41JlNFuatsaT8XcexmKu276l43i+34pSmAFpqWZCU+9u5Nk6YTtCOVMeFFruXA
xtVFmCgqkPWyD+XmCEIeuiLZBlCtxLNDlgUTySBbuBb+6sfp6IrEPiqoi1wb3CJF
lyzLhURWVHnGbCZh/o4+4Xa5bkhDU8KdJ7drlBIgtCtT2lRX5exBDF7E5uNfIy6l
sH0+5hN9UA9De0e6p1vH46yMTTWRhOPe+3h8wuvYc4yjlgd7wc/Y06Hx4Nr4Qala
+m7lzKt8SurXCWIoRkC4HN5d3g70OBGhwJs4IUtoMm9W+7+AYqWJIlxQaQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFMQ+gXhNwK6XWTr56KYhTdPuLbE2MB8GA1UdIwQY
MBaAFFlUthg+RZdIyJ7lQxuPMd5pKuO3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1ZTMkdENUZsMGpJbnVWREc0OHgzbWtxNDdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83ZGU2NWMtOTBmNS00ZGVmLWI4NzMt
ZDJhZGVlZDc1NWQ4LzEveEQ2QmVFM0FycGRaT3Zub3BpRk4wLTR0c1RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83ZGU2NWMtOTBmNS00ZGVmLWI4NzMtZDJhZGVlZDc1NWQ4
LzEvV1ZTMkdENUZsMGpJbnVWREc0OHgzbWtxNDdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYMAwDBADUCwED
BAHUCwQDBADUCwcwDAMEANQLCwMEANQLDAMEAdQLDjAMAwQA1AstAwQE1AsgAwQB
1AsyMAwDBADUCzUDBADUCzYwDAMEANQLOQMEAtQLODANBgkqhkiG9w0BAQsFAAOC
AQEAMa7QB37mVKWfljVoFnxC4GgM6ebQmZ0KVfrP4FXmJSLdC5V40LAsNJTseul0
CxwEEj4+7KDj65k/lpuI/yMJeOiU3cZWgKkrtlvXHztmxow60ivXHZgJhXgirxUf
jAf2qrcRVOWSr7NRsn30b+qHWv1lTWBG73Vkaviw6ibdEjIVGXr4i2yN+jHAuvbk
5S2LieQRyctP+TWvjRPGnJdYfP2Cyue2DV53W8kPQmSvA3feudoeWNt2jKSUM7I2
gMSEa28oaFUOffUFnRj/o1VHgFFNq5u0lhDbg016NEZ2aoZa1fGYy7huXp0pTlLG
QSFz1nGrdt8zrODXsJTDhG8gfA==
-----END CERTIFICATE-----
Generated at Sat Sep 6 13:44:47 2025 by rpki-client