Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/RXNrdOw21efpx6l5cQgC8bq0olI.roa
File: RXNrdOw21efpx6l5cQgC8bq0olI.roa (raw, json)
Hash identifier: 8j6x5dvkDJAZguY7H+pN2Kt8JqRUnnSH6EpokJsOPmY=
Subject key identifier: 45:73:6B:74:EC:36:D5:E7:E9:C7:A9:79:71:08:02:F1:BA:B4:A2:52
Certificate issuer: /CN=dc94bb69453f139a60029e22db0fb3424a906cee
Certificate serial: 01992F54103768F2ED8C784E960BA42701A5
Authority key identifier: DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/RXNrdOw21efpx6l5cQgC8bq0olI.roa
Signing time: Tue 09 Sep 2025 16:34:22 +0000
ROA not before: Tue 09 Sep 2025 16:34:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6723
IP address blocks: 178.255.176.0/22 maxlen: 24
178.255.180.0/23 maxlen: 24
178.255.183.0/24 maxlen: 24
185.5.254.0/24 maxlen: 24
185.5.255.0/24 maxlen: 24
2a01:6d80:f000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 20:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2f:54:10:37:68:f2:ed:8c:78:4e:96:0b:a4:27:01:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc94bb69453f139a60029e22db0fb3424a906cee
Validity
Not Before: Sep 9 16:34:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45736b74ec36d5e7e9c7a979710802f1bab4a252
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:fe:50:65:d6:ce:96:e8:49:8f:4a:26:6f:ab:
89:b5:dd:60:30:11:d7:0e:ab:cf:f4:82:82:d8:98:
1e:50:96:7e:f3:13:d1:84:03:3c:60:ac:f7:bd:5a:
02:07:2a:46:91:2b:24:a9:17:49:ab:69:3e:e0:44:
7f:18:90:83:39:7b:a1:3d:ab:de:11:7e:c8:b1:c8:
6b:b9:fb:ec:d9:ed:f8:bd:98:9c:bc:45:29:f0:cd:
81:5c:f2:59:a5:af:11:7a:cd:92:e7:64:5c:33:3c:
32:fa:32:1d:7e:cf:42:46:78:a0:f8:a0:62:f9:29:
f1:08:99:85:2a:3e:61:ff:8d:95:3c:72:ef:fe:17:
60:8f:05:0e:f9:b9:18:6f:89:f1:1c:11:4f:84:b5:
5a:40:3d:fe:81:93:d4:1d:dc:dc:00:7b:d4:38:06:
88:00:c0:d7:31:62:b6:85:ee:5f:79:1f:e9:e8:b3:
c6:32:32:5e:67:78:53:87:16:ec:70:c2:44:b4:54:
90:12:04:29:59:d4:0b:7e:c9:87:7d:c9:4f:9a:65:
0d:57:85:46:c7:e1:7d:46:ee:a4:33:49:1c:ed:57:
43:b8:d4:9c:c2:ad:9d:d9:9a:fb:48:57:9a:06:e0:
0d:32:ef:0b:79:c1:6c:b4:1e:b1:b1:12:5d:91:c4:
1a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:73:6B:74:EC:36:D5:E7:E9:C7:A9:79:71:08:02:F1:BA:B4:A2:52
X509v3 Authority Key Identifier:
keyid:DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/RXNrdOw21efpx6l5cQgC8bq0olI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.176.0-178.255.181.255
178.255.183.0/24
185.5.254.0/23
IPv6:
2a01:6d80:f000::/36
Signature Algorithm: sha256WithRSAEncryption
ae:7d:83:ea:56:1f:df:3c:2b:e3:a3:95:c3:82:b1:6c:0b:01:
a2:66:66:c3:19:d8:fe:f8:04:7e:cb:b1:22:e8:2c:a0:00:fb:
b2:08:9c:dd:87:4e:03:3e:49:67:e1:db:c4:09:34:7f:b0:ef:
40:fa:b0:78:cf:91:be:9b:4e:34:42:17:85:75:42:c2:06:86:
3e:48:bb:ed:14:7e:43:13:76:a0:db:46:bc:7f:8b:e2:fa:9f:
08:13:07:f6:b3:6e:17:a6:94:f8:5a:0d:27:28:6e:6e:cf:b6:
e6:11:9a:2f:e6:ea:3f:aa:d2:f1:c0:2f:5d:b5:8d:95:32:88:
12:19:b0:58:ca:47:e1:eb:a5:d4:39:f2:a3:37:6b:2a:7a:2c:
66:56:be:55:da:ca:12:e1:a8:2f:4d:e6:8b:d9:c6:1d:21:fd:
80:80:6c:32:fd:26:a2:29:5e:a7:1e:fd:e9:67:b7:f1:21:fb:
f1:37:da:57:42:52:bb:f8:2d:e2:45:85:c0:14:02:e5:81:c1:
a1:2a:94:35:76:4f:bd:00:7a:f9:ab:89:f2:e0:ca:23:1e:2c:
97:4d:ac:bb:7f:24:8b:b2:e0:af:f6:47:e2:51:59:f9:85:8a:
d1:7f:02:31:17:ae:03:e7:f6:3f:a7:c1:bb:3a:14:9f:c9:50:
59:7e:6c:33
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZkvVBA3aPLtjHhOlgukJwGlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOTRiYjY5NDUzZjEzOWE2MDAyOWUyMmRiMGZiMzQyNGE5
MDZjZWUwHhcNMjUwOTA5MTYzNDIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTczNmI3NGVjMzZkNWU3ZTljN2E5Nzk3MTA4MDJmMWJhYjRhMjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/5QZdbOluhJj0omb6uJtd1gMBHX
DqvP9IKC2JgeUJZ+8xPRhAM8YKz3vVoCBypGkSskqRdJq2k+4ER/GJCDOXuhPave
EX7Ischrufvs2e34vZicvEUp8M2BXPJZpa8Res2S52RcMzwy+jIdfs9CRnig+KBi
+SnxCJmFKj5h/42VPHLv/hdgjwUO+bkYb4nxHBFPhLVaQD3+gZPUHdzcAHvUOAaI
AMDXMWK2he5feR/p6LPGMjJeZ3hThxbscMJEtFSQEgQpWdQLfsmHfclPmmUNV4VG
x+F9Ru6kM0kc7VdDuNScwq2d2Zr7SFeaBuANMu8LecFstB6xsRJdkcQaewIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEVza3TsNtXn6cepeXEIAvG6tKJSMB8GA1UdIwQY
MBaAFNyUu2lFPxOaYAKeItsPs0JKkGzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGIt
MDkwYzQ2ZTlmMmVkLzEvUlhOcmRPdzIxZWZweDZsNWNRZ0M4YnEwb2xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGItMDkwYzQ2ZTlmMmVk
LzEvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAgBAIAATAaMAwDBASy/7AD
BAGy/7QDBACy/7cDBAG5Bf4wDgQCAAIwCAMGBCoBbYDwMA0GCSqGSIb3DQEBCwUA
A4IBAQCufYPqVh/fPCvjo5XDgrFsCwGiZmbDGdj++AR+y7Ei6CygAPuyCJzdh04D
Pkln4dvECTR/sO9A+rB4z5G+m040QheFdULCBoY+SLvtFH5DE3ag20a8f4vi+p8I
Ewf2s24XppT4Wg0nKG5uz7bmEZov5uo/qtLxwC9dtY2VMogSGbBYykfh66XUOfKj
N2sqeixmVr5V2soS4agvTeaL2cYdIf2AgGwy/SaiKV6nHv3pZ7fxIfvxN9pXQlK7
+C3iRYXAFALlgcGhKpQ1dk+9AHr5q4ny4MojHiyXTay7fySLsuCv9kfiUVn5hYrR
fwIxF64D5/Y/p8G7OhSfyVBZfmwz
-----END CERTIFICATE-----
Generated at Wed Sep 10 22:37:27 2025 by rpki-client