Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/d09fb0-9aa5-4b5a-8a4f-a237444af829/1/Xziix3WpukeN1e5SpGgnYgqIF3I.roa
File: Xziix3WpukeN1e5SpGgnYgqIF3I.roa (raw, json)
Hash identifier: IunBp4C+veP99rGSTt8SQ5POqclxS7qKVFGqTiG4pb0=
Subject key identifier: 5F:38:A2:C7:75:A9:BA:47:8D:D5:EE:52:A4:68:27:62:0A:88:17:72
Certificate issuer: /CN=063badc7853b05100a6b224ddcefc18e2e7d3dd5
Certificate serial: 0197363515278D2F9E0F0424F4930F71FDE6
Authority key identifier: 06:3B:AD:C7:85:3B:05:10:0A:6B:22:4D:DC:EF:C1:8E:2E:7D:3D:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bjutx4U7BRAKayJN3O_Bji59PdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/d09fb0-9aa5-4b5a-8a4f-a237444af829/1/Xziix3WpukeN1e5SpGgnYgqIF3I.roa
Signing time: Tue 03 Jun 2025 14:32:17 +0000
ROA not before: Tue 03 Jun 2025 14:32:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8387
IP address blocks: 46.17.224.0/21 maxlen: 24
92.61.208.0/20 maxlen: 24
185.49.176.0/22 maxlen: 24
193.162.45.0/24 maxlen: 24
212.31.64.0/19 maxlen: 24
212.166.96.0/19 maxlen: 24
212.166.108.0/24 maxlen: 24
212.166.115.0/24 maxlen: 24
212.166.122.0/23 maxlen: 23
2001:9d0::/32 maxlen: 48
2a10:f8c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/d09fb0-9aa5-4b5a-8a4f-a237444af829/1/Bjutx4U7BRAKayJN3O_Bji59PdU.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/d09fb0-9aa5-4b5a-8a4f-a237444af829/1/Bjutx4U7BRAKayJN3O_Bji59PdU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Bjutx4U7BRAKayJN3O_Bji59PdU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 02:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:36:35:15:27:8d:2f:9e:0f:04:24:f4:93:0f:71:fd:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=063badc7853b05100a6b224ddcefc18e2e7d3dd5
Validity
Not Before: Jun 3 14:32:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f38a2c775a9ba478dd5ee52a46827620a881772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:33:59:25:f6:04:32:75:29:2c:63:86:48:bf:
c5:c4:a3:e3:c2:b7:1f:64:5c:0f:de:cd:5d:d1:a7:
17:3c:ae:4a:5e:da:53:3a:63:d9:86:a7:a9:35:c2:
3c:57:93:b0:8d:a4:81:35:ca:fd:27:db:96:e1:4b:
15:07:40:3e:0d:ac:43:96:17:5f:7c:d4:2a:4e:f0:
0e:fc:8d:52:c3:66:4b:bb:7a:5b:ed:7d:e3:1b:70:
9b:2d:85:2c:1d:e9:e8:95:36:05:5d:f1:12:8d:52:
69:4c:d0:f6:a1:96:a7:01:35:75:04:34:1f:3e:1e:
b0:7c:93:3f:96:c8:83:9e:b8:b1:fb:59:45:ff:8a:
09:94:56:6a:15:a5:7d:b7:e2:55:a3:7b:46:da:49:
8c:45:44:56:9a:1f:25:c3:52:9c:da:9f:e2:b2:ee:
85:cd:aa:94:5b:12:26:d2:80:7b:8d:3f:3f:c1:bb:
7f:e2:4b:be:85:9a:94:41:f5:63:a2:a9:26:95:5f:
7a:7b:0d:3d:b3:d4:1d:13:35:f1:53:df:4c:6c:67:
74:89:fa:2a:5a:52:c8:a4:dd:59:23:b2:79:fc:52:
13:c0:9b:9f:31:d6:5b:73:06:aa:bf:ad:49:7b:06:
08:19:d1:8b:83:8c:66:49:fa:13:47:51:51:c9:d7:
61:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:38:A2:C7:75:A9:BA:47:8D:D5:EE:52:A4:68:27:62:0A:88:17:72
X509v3 Authority Key Identifier:
keyid:06:3B:AD:C7:85:3B:05:10:0A:6B:22:4D:DC:EF:C1:8E:2E:7D:3D:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bjutx4U7BRAKayJN3O_Bji59PdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d09fb0-9aa5-4b5a-8a4f-a237444af829/1/Xziix3WpukeN1e5SpGgnYgqIF3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d09fb0-9aa5-4b5a-8a4f-a237444af829/1/Bjutx4U7BRAKayJN3O_Bji59PdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.224.0/21
92.61.208.0/20
185.49.176.0/22
193.162.45.0/24
212.31.64.0/19
212.166.96.0/19
IPv6:
2001:9d0::/32
2a10:f8c0::/29
Signature Algorithm: sha256WithRSAEncryption
42:cb:18:dc:8e:07:a2:71:49:6c:43:43:ed:d0:45:97:b7:f7:
12:1d:b8:b3:d6:67:25:0d:c5:50:b6:65:ea:61:bf:13:a5:4c:
21:2f:93:f4:70:bc:37:c3:5e:1d:fe:51:56:ab:7c:8e:8a:a5:
94:5e:ec:9b:0f:66:84:fd:41:a6:86:d9:54:1c:a3:67:2f:17:
5a:49:4e:6f:b2:4b:37:60:b5:17:13:5e:9a:26:39:b6:ae:c1:
db:2d:49:39:24:b5:47:19:16:b6:64:c6:6f:c5:01:91:24:9d:
49:e2:35:05:c1:29:ac:8c:92:4d:39:b1:b8:f2:8a:8e:b7:54:
fc:60:63:f8:55:72:15:80:7a:52:bc:f4:dd:c2:f0:f4:ef:53:
08:35:6d:c6:aa:b5:7a:3e:9f:33:70:b0:30:44:50:50:35:69:
d2:27:44:6f:f6:8c:f6:14:b4:a9:ab:0e:f6:86:d7:4b:41:a1:
75:ab:8a:12:b2:f5:ae:59:1b:b6:6b:6a:b7:ae:09:88:16:1e:
92:02:8a:2f:c4:e1:b7:9c:7c:c1:d7:bc:ed:c0:2d:a3:70:e0:
fc:21:81:9f:d1:fe:f9:00:39:71:eb:60:65:fd:11:14:c3:75:
69:94:c4:9b:8c:1c:08:f6:da:00:5a:f7:50:70:16:f0:2a:c5:
1b:bd:66:08
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZc2NRUnjS+eDwQk9JMPcf3mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2M2JhZGM3ODUzYjA1MTAwYTZiMjI0ZGRjZWZjMThlMmU3
ZDNkZDUwHhcNMjUwNjAzMTQzMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjM4YTJjNzc1YTliYTQ3OGRkNWVlNTJhNDY4Mjc2MjBhODgxNzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzNZJfYEMnUpLGOGSL/FxKPjwrcf
ZFwP3s1d0acXPK5KXtpTOmPZhqepNcI8V5OwjaSBNcr9J9uW4UsVB0A+DaxDlhdf
fNQqTvAO/I1Sw2ZLu3pb7X3jG3CbLYUsHenolTYFXfESjVJpTND2oZanATV1BDQf
Ph6wfJM/lsiDnrix+1lF/4oJlFZqFaV9t+JVo3tG2kmMRURWmh8lw1Kc2p/isu6F
zaqUWxIm0oB7jT8/wbt/4ku+hZqUQfVjoqkmlV96ew09s9QdEzXxU99MbGd0ifoq
WlLIpN1ZI7J5/FITwJufMdZbcwaqv61JewYIGdGLg4xmSfoTR1FRyddhYQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFF84osd1qbpHjdXuUqRoJ2IKiBdyMB8GA1UdIwQY
MBaAFAY7rceFOwUQCmsiTdzvwY4ufT3VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmp1dHg0VTdCUkFLYXlKTjNPX0JqaTU5UGRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9kMDlmYjAtOWFhNS00YjVhLThhNGYt
YTIzNzQ0NGFmODI5LzEvWHppaXgzV3B1a2VOMWU1U3BHZ25ZZ3FJRjNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9kMDlmYjAtOWFhNS00YjVhLThhNGYtYTIzNzQ0NGFmODI5
LzEvQmp1dHg0VTdCUkFLYXlKTjNPX0JqaTU5UGRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQDLhHgAwQE
XD3QAwQCuTGwAwQAwaItAwQF1B9AAwQF1KZgMBQEAgACMA4DBQAgAQnQAwUDKhD4
wDANBgkqhkiG9w0BAQsFAAOCAQEAQssY3I4HonFJbEND7dBFl7f3Eh24s9ZnJQ3F
ULZl6mG/E6VMIS+T9HC8N8NeHf5RVqt8joqllF7smw9mhP1BpobZVByjZy8XWklO
b7JLN2C1FxNemiY5tq7B2y1JOSS1RxkWtmTGb8UBkSSdSeI1BcEprIySTTmxuPKK
jrdU/GBj+FVyFYB6Urz03cLw9O9TCDVtxqq1ej6fM3CwMERQUDVp0idEb/aM9hS0
qasO9obXS0GhdauKErL1rlkbtmtqt64JiBYekgKKL8Tht5x8wde87cAto3Dg/CGB
n9H++QA5cetgZf0RFMN1aZTEm4wcCPbaAFr3UHAW8CrFG71mCA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 10:28:36 2025 by rpki-client