Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/XsPFojMpEbHDi34DUKTIraQM9tc.roa
File: XsPFojMpEbHDi34DUKTIraQM9tc.roa (raw, json)
Hash identifier: S/NlXEiZJGoNClwEuB3xIbT6nUIEMeeIsWP2jU0Bam0=
Subject key identifier: 5E:C3:C5:A2:33:29:11:B1:C3:8B:7E:03:50:A4:C8:AD:A4:0C:F6:D7
Certificate issuer: /CN=58b3de5f9adb50fe41f6dc78ffd0a2c9086d2512
Certificate serial: 019924F7CEC4C5F3EEA55E9553C6508218E1
Authority key identifier: 58:B3:DE:5F:9A:DB:50:FE:41:F6:DC:78:FF:D0:A2:C9:08:6D:25:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/XsPFojMpEbHDi34DUKTIraQM9tc.roa
Signing time: Sun 07 Sep 2025 16:17:24 +0000
ROA not before: Sun 07 Sep 2025 16:17:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205987
IP address blocks: 2a14:c380:b00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.mft
rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 23:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:24:f7:ce:c4:c5:f3:ee:a5:5e:95:53:c6:50:82:18:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58b3de5f9adb50fe41f6dc78ffd0a2c9086d2512
Validity
Not Before: Sep 7 16:17:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ec3c5a2332911b1c38b7e0350a4c8ada40cf6d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:79:66:23:27:88:ce:5f:fe:f8:e2:18:7c:ab:
2e:76:48:2f:e8:c0:85:52:cf:12:4b:de:1c:ba:40:
c9:b8:ad:b8:d1:7c:6c:13:ef:1d:cb:fa:41:05:69:
b2:97:28:9f:1a:ac:a7:4d:26:c6:a4:14:fd:b9:d5:
62:dc:d0:0d:c8:90:1a:2d:60:07:98:ef:f6:56:d4:
41:fb:5f:1c:fb:41:91:ac:3d:99:c0:47:2e:c9:f7:
e4:7e:e9:05:6f:09:ad:00:ce:c0:99:d9:5a:00:f5:
02:ef:25:91:81:4a:22:4d:a8:2e:a6:7c:dc:ea:d7:
5f:b9:9a:84:06:2d:80:c4:b6:e0:da:8f:db:d4:98:
f9:c7:dd:17:39:ac:d7:7e:a1:3d:13:04:ed:05:15:
36:78:41:04:76:93:d0:d5:d9:98:b9:a0:8b:72:24:
b1:f8:69:fd:13:cc:58:b3:a7:ad:72:23:da:b6:41:
a0:70:f8:fe:d0:34:5e:1b:0b:ee:e8:a1:18:8e:9d:
9e:fa:e4:af:f2:be:a6:44:c2:21:31:31:8c:cf:ea:
4b:f5:19:99:7d:be:d2:57:e7:6e:bc:ba:22:56:fa:
f9:cc:59:00:f8:bc:40:0c:77:77:44:d8:fe:c2:da:
41:5f:d7:1c:1c:8c:d6:1b:fd:c2:a4:11:ef:44:b3:
eb:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:C3:C5:A2:33:29:11:B1:C3:8B:7E:03:50:A4:C8:AD:A4:0C:F6:D7
X509v3 Authority Key Identifier:
keyid:58:B3:DE:5F:9A:DB:50:FE:41:F6:DC:78:FF:D0:A2:C9:08:6D:25:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/XsPFojMpEbHDi34DUKTIraQM9tc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:c380:b00::/40
Signature Algorithm: sha256WithRSAEncryption
4a:79:d3:75:43:36:00:31:e5:01:3e:70:80:f2:90:55:4e:fd:
b9:83:b8:d9:d6:fb:48:17:fc:bf:a2:34:25:41:8f:56:85:07:
45:b3:92:b2:1f:31:51:16:06:ed:3d:3c:7d:e6:e8:23:f7:eb:
44:08:4c:1a:95:53:34:71:d7:d9:ef:32:5e:ae:44:ed:08:b2:
91:9c:bc:53:64:14:12:20:ca:b3:9f:1e:7a:9b:35:2c:58:ed:
44:10:ae:19:d5:48:8f:ce:ea:2f:35:cb:8d:56:b4:5d:ae:c1:
4b:51:88:b9:82:0f:ca:53:5e:b0:da:b1:7c:27:b8:51:7d:62:
4b:12:2a:22:12:74:9e:4b:90:eb:b9:15:0c:9a:fd:b7:9c:0c:
6c:6a:aa:00:5e:cd:5b:e0:a4:2d:ed:82:23:c6:7a:ac:6b:08:
67:53:2d:7b:a3:3c:e9:84:45:94:56:31:70:73:58:32:31:7a:
6c:7a:ed:b2:c2:2d:69:15:9e:18:2b:ba:d0:04:7a:f4:fa:c7:
30:48:ed:e5:d8:23:e3:02:f5:ce:84:b0:53:61:2d:cc:0d:32:
c1:ca:c8:b0:9e:6b:12:ea:d1:2c:d2:3d:c1:bb:a5:45:ea:18:
b6:5f:b3:a8:d6:19:b2:23:a4:85:a5:93:8f:f1:87:dc:1b:68:
00:0f:e4:7f
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZkk987ExfPupV6VU8ZQghjhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YjNkZTVmOWFkYjUwZmU0MWY2ZGM3OGZmZDBhMmM5MDg2
ZDI1MTIwHhcNMjUwOTA3MTYxNzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWMzYzVhMjMzMjkxMWIxYzM4YjdlMDM1MGE0YzhhZGE0MGNmNmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHlmIyeIzl/++OIYfKsudkgv6MCF
Us8SS94cukDJuK240XxsE+8dy/pBBWmylyifGqynTSbGpBT9udVi3NANyJAaLWAH
mO/2VtRB+18c+0GRrD2ZwEcuyffkfukFbwmtAM7AmdlaAPUC7yWRgUoiTagupnzc
6tdfuZqEBi2AxLbg2o/b1Jj5x90XOazXfqE9EwTtBRU2eEEEdpPQ1dmYuaCLciSx
+Gn9E8xYs6etciPatkGgcPj+0DReGwvu6KEYjp2e+uSv8r6mRMIhMTGMz+pL9RmZ
fb7SV+duvLoiVvr5zFkA+LxADHd3RNj+wtpBX9ccHIzWG/3CpBHvRLPrMQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFF7DxaIzKRGxw4t+A1CkyK2kDPbXMB8GA1UdIwQY
MBaAFFiz3l+a21D+QfbceP/QoskIbSUSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0xQZVg1cmJVUDVCOXR4NF85Q2l5UWh0SlJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82Yjc0OTAtZTEwYS00MmUwLTllMmUt
NTMyMWQ2OWQ5NzlkLzEvWHNQRm9qTXBFYkhEaTM0RFVLVElyYVFNOXRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82Yjc0OTAtZTEwYS00MmUwLTllMmUtNTMyMWQ2OWQ5Nzlk
LzEvV0xQZVg1cmJVUDVCOXR4NF85Q2l5UWh0SlJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhTDgAsw
DQYJKoZIhvcNAQELBQADggEBAEp503VDNgAx5QE+cIDykFVO/bmDuNnW+0gX/L+i
NCVBj1aFB0WzkrIfMVEWBu09PH3m6CP360QITBqVUzRx19nvMl6uRO0IspGcvFNk
FBIgyrOfHnqbNSxY7UQQrhnVSI/O6i81y41WtF2uwUtRiLmCD8pTXrDasXwnuFF9
YksSKiISdJ5LkOu5FQya/becDGxqqgBezVvgpC3tgiPGeqxrCGdTLXujPOmERZRW
MXBzWDIxemx67bLCLWkVnhgrutAEevT6xzBI7eXYI+MC9c6EsFNhLcwNMsHKyLCe
axLq0SzSPcG7pUXqGLZfs6jWGbIjpIWlk4/xh9wbaAAP5H8=
-----END CERTIFICATE-----
Generated at Tue Sep 9 07:58:35 2025 by rpki-client