Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/XjjcGaFtxkR8Vch8qVgJb_VRacM.roa
File: XjjcGaFtxkR8Vch8qVgJb_VRacM.roa (raw, json)
Hash identifier: cAaddo8Qm5eWnbSJbxt9DpVjnEOwpF1B5zjZ2kNgvoM=
Subject key identifier: 5E:38:DC:19:A1:6D:C6:44:7C:55:C8:7C:A9:58:09:6F:F5:51:69:C3
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019915AC7643467245A35F9F54E818233C49
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/XjjcGaFtxkR8Vch8qVgJb_VRacM.roa
Signing time: Thu 04 Sep 2025 17:00:47 +0000
ROA not before: Thu 04 Sep 2025 17:00:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 91.208.61.0/24 maxlen: 24
206.245.156.0/24 maxlen: 24
212.192.16.0/23 maxlen: 23
212.192.18.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:15:ac:76:43:46:72:45:a3:5f:9f:54:e8:18:23:3c:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 4 17:00:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e38dc19a16dc6447c55c87ca958096ff55169c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:26:c5:35:3e:18:38:8f:66:97:4b:f7:92:c9:
12:d4:54:ea:a6:73:d8:db:6d:3d:3a:af:95:d0:e2:
8a:b4:d5:fe:8b:e9:35:31:ab:fc:f0:6c:32:be:ec:
f1:62:09:6c:22:36:ee:5f:df:3b:9a:fb:5a:c9:68:
b3:42:32:36:9d:fb:a4:f0:a6:f4:d1:6f:33:6b:15:
27:e0:54:df:49:89:dd:f3:b1:16:50:7b:3a:76:d3:
29:0e:65:e0:8a:f3:4a:f0:22:ee:49:7e:f3:a7:1d:
7c:41:7e:b1:76:50:d7:dd:08:3d:c1:66:4f:29:a1:
ac:22:1b:be:95:7f:c5:ea:63:e6:bb:e7:4f:65:bc:
c4:6f:68:ea:f6:e8:61:4e:f8:e4:a8:e1:6e:f5:d5:
3c:3e:a8:74:ba:a9:ca:98:84:7b:9e:f5:dc:d6:b9:
b2:97:5c:69:ff:4b:15:cc:46:02:33:e9:21:2f:2e:
34:df:c0:a3:e1:3e:76:01:82:2a:1a:d2:93:3a:d4:
c0:d1:ed:9f:ce:c7:d3:32:e5:d3:cf:cf:16:25:a2:
97:2b:73:d3:b0:ce:3d:ed:dd:5c:6c:aa:f7:78:1b:
4d:10:63:a7:1b:e0:2a:51:82:64:23:73:37:bb:46:
45:e7:39:9b:0f:31:31:d6:c8:16:da:9f:2c:28:64:
4e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:38:DC:19:A1:6D:C6:44:7C:55:C8:7C:A9:58:09:6F:F5:51:69:C3
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/XjjcGaFtxkR8Vch8qVgJb_VRacM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.61.0/24
206.245.156.0/24
212.192.16.0/22
Signature Algorithm: sha256WithRSAEncryption
06:0d:6c:b1:b5:f2:46:ef:85:e7:0e:f8:b9:ea:86:91:9e:d1:
3f:ec:86:0c:7d:d2:89:cc:c0:c8:ef:77:84:26:2d:be:3e:78:
9e:fa:77:ae:5a:42:3b:5e:8b:67:43:f7:7d:51:af:48:ff:8d:
1c:92:81:18:1f:61:97:9f:d0:04:47:ad:7d:a0:a4:cc:a1:c7:
fc:2c:4f:3a:98:84:56:f1:b8:57:76:22:fb:94:e2:36:e6:df:
90:0a:c6:79:aa:0f:5b:71:3a:1c:d3:41:cb:63:b6:0f:13:a2:
4b:ee:b9:d0:d4:1a:d6:ca:33:35:47:6f:8d:d2:a6:00:f2:d7:
d6:92:36:bd:ee:d0:af:1c:47:0f:c1:4e:b5:03:1b:43:f1:88:
f2:6c:52:f9:f7:b9:b2:f8:83:ea:99:b0:44:f5:19:bd:37:82:
94:bc:16:d3:61:d0:90:8a:b0:77:b2:bc:98:5d:e7:2b:5c:1a:
72:a1:9f:40:b8:35:4d:f5:5f:6b:6c:a4:14:79:ec:b8:27:c5:
a8:35:01:12:8a:12:43:af:6c:20:28:41:a3:2a:55:4b:56:72:
68:7f:97:1c:dc:ab:ad:74:77:e2:cd:85:ff:4e:8c:54:a8:83:
29:f8:f3:40:a1:96:8a:ab:9a:d2:f7:e8:f3:3c:68:4c:14:8a:
e0:74:d8:a5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZkVrHZDRnJFo1+fVOgYIzxJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwOTA0MTcwMDQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTM4ZGMxOWExNmRjNjQ0N2M1NWM4N2NhOTU4MDk2ZmY1NTE2OWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSbFNT4YOI9ml0v3kskS1FTqpnPY
2209Oq+V0OKKtNX+i+k1Mav88GwyvuzxYglsIjbuX987mvtayWizQjI2nfuk8Kb0
0W8zaxUn4FTfSYnd87EWUHs6dtMpDmXgivNK8CLuSX7zpx18QX6xdlDX3Qg9wWZP
KaGsIhu+lX/F6mPmu+dPZbzEb2jq9uhhTvjkqOFu9dU8Pqh0uqnKmIR7nvXc1rmy
l1xp/0sVzEYCM+khLy4038Cj4T52AYIqGtKTOtTA0e2fzsfTMuXTz88WJaKXK3PT
sM497d1cbKr3eBtNEGOnG+AqUYJkI3M3u0ZF5zmbDzEx1sgW2p8sKGROEQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF443BmhbcZEfFXIfKlYCW/1UWnDMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvWGpqY0dhRnR4a1I4VmNoOHFWZ0piX1ZSYWNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9A9AwQA
zvWcAwQC1MAQMA0GCSqGSIb3DQEBCwUAA4IBAQAGDWyxtfJG74XnDvi56oaRntE/
7IYMfdKJzMDI73eEJi2+Pnie+neuWkI7XotnQ/d9Ua9I/40ckoEYH2GXn9AER619
oKTMocf8LE86mIRW8bhXdiL7lOI25t+QCsZ5qg9bcToc00HLY7YPE6JL7rnQ1BrW
yjM1R2+N0qYA8tfWkja97tCvHEcPwU61AxtD8YjybFL597my+IPqmbBE9Rm9N4KU
vBbTYdCQirB3sryYXecrXBpyoZ9AuDVN9V9rbKQUeey4J8WoNQESihJDr2wgKEGj
KlVLVnJof5cc3KutdHfizYX/ToxUqIMp+PNAoZaKq5rS9+jzPGhMFIrgdNil
-----END CERTIFICATE-----
Generated at Sun Sep 7 15:41:01 2025 by rpki-client