Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/xOiPt-g2hsNHzyr5cjhCKfBNY8g.roa
File: xOiPt-g2hsNHzyr5cjhCKfBNY8g.roa (raw, json)
Hash identifier: Z0AV1hF7BU/QckVQcK3A5B7t58HDFClWDu3HiNwNhLo=
Subject key identifier: C4:E8:8F:B7:E8:36:86:C3:47:CF:2A:F9:72:38:42:29:F0:4D:63:C8
Certificate issuer: /CN=560190bdfb0a3f23b4411e7d748eddbbd09f8546
Certificate serial: 01994CDE3703D76CA9336E1A54B837D5946C
Authority key identifier: 56:01:90:BD:FB:0A:3F:23:B4:41:1E:7D:74:8E:DD:BB:D0:9F:85:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VgGQvfsKPyO0QR59dI7du9CfhUY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/xOiPt-g2hsNHzyr5cjhCKfBNY8g.roa
Signing time: Mon 15 Sep 2025 10:14:15 +0000
ROA not before: Mon 15 Sep 2025 10:14:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29014
IP address blocks: 45.83.108.0/22 maxlen: 24
212.108.160.0/20 maxlen: 20
212.108.176.0/21 maxlen: 21
2a02:358::/32 maxlen: 32
2a02:358::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/VgGQvfsKPyO0QR59dI7du9CfhUY.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/VgGQvfsKPyO0QR59dI7du9CfhUY.mft
rsync://rpki.ripe.net/repository/DEFAULT/VgGQvfsKPyO0QR59dI7du9CfhUY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 22:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:4c:de:37:03:d7:6c:a9:33:6e:1a:54:b8:37:d5:94:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=560190bdfb0a3f23b4411e7d748eddbbd09f8546
Validity
Not Before: Sep 15 10:14:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4e88fb7e83686c347cf2af972384229f04d63c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f1:a4:bb:6d:95:b8:80:a6:34:cd:98:72:93:
9d:3f:bf:25:55:75:b0:b2:90:40:eb:46:d5:e3:42:
99:da:f9:f6:a2:97:da:83:39:d0:a8:75:d9:71:78:
f0:a0:73:5e:90:56:f8:9b:1e:f4:e4:85:e4:ec:a9:
e4:80:ff:fa:92:67:4d:ce:61:bd:10:7b:f4:6e:00:
93:b3:3b:b0:fb:f4:c1:5a:9d:4c:8c:d7:29:90:65:
fc:7c:3d:1e:c5:71:46:a8:16:d5:54:66:97:df:71:
81:47:99:cf:d4:90:63:26:0b:e1:fa:0c:c3:92:1b:
dc:b4:07:b9:7c:bc:ba:f6:9f:01:12:f8:93:81:1f:
e0:f6:ee:7d:d7:36:cd:b4:3b:1b:f5:04:b4:68:e9:
14:5e:e8:f0:d9:fc:89:40:95:5b:9a:6f:f9:db:f2:
9c:6a:de:d3:b5:64:f5:57:51:5f:e9:84:15:59:fb:
e9:32:e6:2d:fe:a7:04:7e:fe:41:72:08:04:23:bb:
71:8e:5a:bb:92:51:c9:80:b4:8b:24:8b:2b:f5:3b:
37:3b:7f:28:52:35:5d:59:07:a5:74:19:5e:07:5f:
a0:41:0e:f5:da:c3:24:98:01:ce:71:a0:fa:45:f6:
35:e4:e6:b8:9a:ae:88:c0:98:8b:71:ff:11:00:08:
8e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:E8:8F:B7:E8:36:86:C3:47:CF:2A:F9:72:38:42:29:F0:4D:63:C8
X509v3 Authority Key Identifier:
keyid:56:01:90:BD:FB:0A:3F:23:B4:41:1E:7D:74:8E:DD:BB:D0:9F:85:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VgGQvfsKPyO0QR59dI7du9CfhUY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/xOiPt-g2hsNHzyr5cjhCKfBNY8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/VgGQvfsKPyO0QR59dI7du9CfhUY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.108.0/22
212.108.160.0-212.108.183.255
IPv6:
2a02:358::/32
Signature Algorithm: sha256WithRSAEncryption
31:83:f7:44:6b:c1:50:b3:25:96:01:30:c8:a5:04:d4:78:0f:
d9:45:9c:ee:c5:a2:67:39:9d:7f:7f:c3:ce:de:0c:0a:f4:3e:
e9:b6:05:2b:92:54:5a:8b:05:54:b5:2f:b0:6e:91:7b:89:98:
e5:92:eb:34:f6:d2:04:95:cc:13:78:e5:83:0e:66:d4:ee:da:
3b:3c:90:97:b1:21:e7:9d:24:c5:74:59:da:50:26:63:4e:ce:
72:68:68:c2:56:f9:ba:c1:b0:9d:b7:19:b5:9d:ba:76:41:f8:
99:83:eb:8e:6d:10:b8:da:1e:f4:73:48:2a:32:f5:b4:87:80:
ac:27:2a:56:b5:53:cb:09:97:05:7f:7b:c6:ec:3e:f6:be:22:
44:b3:a8:ee:87:a7:0a:6b:b4:d1:21:7c:47:b9:b6:3d:b6:8b:
5a:dc:4e:af:11:c7:26:f9:35:73:7a:bd:f1:b2:f3:46:17:2a:
17:ad:2d:52:a1:5d:55:08:2d:54:28:35:43:a7:76:1d:8b:4c:
1f:e9:b9:ec:a3:49:c5:1b:1f:5f:f7:36:ab:d8:f4:07:19:75:
28:fa:8a:a4:b1:de:8c:19:27:b0:04:77:5e:9d:32:51:90:1d:
e6:13:cd:52:19:83:4a:2e:c6:47:70:c2:9f:a2:a2:0a:4c:52:
a3:33:ba:12
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZlM3jcD12ypM24aVLg31ZRsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2MDE5MGJkZmIwYTNmMjNiNDQxMWU3ZDc0OGVkZGJiZDA5
Zjg1NDYwHhcNMjUwOTE1MTAxNDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGU4OGZiN2U4MzY4NmMzNDdjZjJhZjk3MjM4NDIyOWYwNGQ2M2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/Gku22VuICmNM2YcpOdP78lVXWw
spBA60bV40KZ2vn2opfagznQqHXZcXjwoHNekFb4mx705IXk7KnkgP/6kmdNzmG9
EHv0bgCTszuw+/TBWp1MjNcpkGX8fD0exXFGqBbVVGaX33GBR5nP1JBjJgvh+gzD
khvctAe5fLy69p8BEviTgR/g9u591zbNtDsb9QS0aOkUXujw2fyJQJVbmm/52/Kc
at7TtWT1V1Ff6YQVWfvpMuYt/qcEfv5BcggEI7txjlq7klHJgLSLJIsr9Ts3O38o
UjVdWQeldBleB1+gQQ712sMkmAHOcaD6RfY15Oa4mq6IwJiLcf8RAAiO9QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFMToj7foNobDR88q+XI4QinwTWPIMB8GA1UdIwQY
MBaAFFYBkL37Cj8jtEEefXSO3bvQn4VGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmdHUXZmc0tQeU8wUVI1OWRJN2R1OUNmaFVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9iNjZjODMtMGQ2MS00MjFmLWIwODMt
MmI5ZmM0MWUwYTgwLzEveE9pUHQtZzJoc05IenlyNWNqaENLZkJOWThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9iNjZjODMtMGQ2MS00MjFmLWIwODMtMmI5ZmM0MWUwYTgw
LzEvVmdHUXZmc0tQeU8wUVI1OWRJN2R1OUNmaFVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCLVNsMAwD
BAXUbKADBAPUbLAwDQQCAAIwBwMFACoCA1gwDQYJKoZIhvcNAQELBQADggEBADGD
90RrwVCzJZYBMMilBNR4D9lFnO7Fomc5nX9/w87eDAr0Pum2BSuSVFqLBVS1L7Bu
kXuJmOWS6zT20gSVzBN45YMOZtTu2js8kJexIeedJMV0WdpQJmNOznJoaMJW+brB
sJ23GbWdunZB+JmD645tELjaHvRzSCoy9bSHgKwnKla1U8sJlwV/e8bsPva+IkSz
qO6HpwprtNEhfEe5tj22i1rcTq8Rxyb5NXN6vfGy80YXKhetLVKhXVUILVQoNUOn
dh2LTB/pueyjScUbH1/3NqvY9AcZdSj6iqSx3owZJ7AEd16dMlGQHeYTzVIZg0ou
xkdwwp+iogpMUqMzuhI=
-----END CERTIFICATE-----
Generated at Tue Sep 16 07:50:49 2025 by rpki-client