Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/005Xje174n_hWieGEJscY_X320Q.roa
File: 005Xje174n_hWieGEJscY_X320Q.roa (raw, json)
Hash identifier: nNDaklT/q84qqp315/arl8MJQ92H/8suuFbIismkQng=
Subject key identifier: D3:4E:57:8D:ED:7B:E2:7F:E1:5A:27:86:10:9B:1C:63:F5:F7:DB:44
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01991DA9667123E7D0E9F02961BF02C1D9C6
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/005Xje174n_hWieGEJscY_X320Q.roa
Signing time: Sat 06 Sep 2025 06:14:25 +0000
ROA not before: Sat 06 Sep 2025 06:14:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 37.202.194.0/24 maxlen: 24
151.243.7.0/24 maxlen: 24
151.243.228.0/24 maxlen: 24
151.243.231.0/24 maxlen: 24
151.244.54.0/24 maxlen: 24
151.244.167.0/24 maxlen: 24
151.244.180.0/24 maxlen: 24
151.244.224.0/24 maxlen: 24
151.244.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 06:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:1d:a9:66:71:23:e7:d0:e9:f0:29:61:bf:02:c1:d9:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Sep 6 06:14:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d34e578ded7be27fe15a2786109b1c63f5f7db44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e3:d7:ef:01:43:ad:d1:13:3a:30:ad:a1:a3:
ed:b5:1f:49:dc:c6:4e:46:93:99:e8:ed:5a:2b:a9:
d6:8c:2e:46:ea:a6:4d:f4:92:b4:59:8a:cf:ef:78:
52:30:05:05:ec:6b:8c:9b:a5:13:cb:ba:2e:d0:89:
19:a5:a4:3e:41:7b:3d:a0:20:f3:bf:5a:78:cd:79:
96:35:b0:d3:ba:a1:a5:18:f3:01:23:e1:f8:85:12:
3d:64:d2:07:c8:4e:cd:b7:db:b9:61:43:16:8c:37:
02:91:7f:30:6e:18:a4:4a:90:15:68:6b:4a:39:20:
9f:4b:08:40:75:79:f3:62:86:07:1e:13:7e:50:93:
ab:9c:71:97:c4:9e:e0:2c:be:45:ce:50:54:f3:a4:
a1:df:dd:8b:6d:cb:c6:d4:51:d8:c4:0d:e8:d4:6d:
58:2a:86:f8:e7:c3:6a:3c:92:34:29:0d:ce:ac:14:
b7:48:ad:f5:a7:3f:5e:31:ca:f5:0f:4c:4e:2d:5b:
b6:68:2b:8f:27:b6:56:28:9d:4a:50:c0:bc:7c:4f:
43:28:83:b5:19:5f:bd:62:65:34:c2:6d:28:c3:84:
71:30:b0:28:6c:8b:19:50:ba:78:0c:83:a0:61:4d:
5c:dc:f6:30:15:03:f1:bb:ce:17:5e:c2:1f:25:b3:
cb:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:4E:57:8D:ED:7B:E2:7F:E1:5A:27:86:10:9B:1C:63:F5:F7:DB:44
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/005Xje174n_hWieGEJscY_X320Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.194.0/24
151.243.7.0/24
151.243.228.0/24
151.243.231.0/24
151.244.54.0/24
151.244.167.0/24
151.244.180.0/24
151.244.224.0/24
151.244.235.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:6e:5e:b9:7d:0f:55:27:02:2a:5d:81:92:90:6f:8b:f2:a5:
15:b6:98:bf:66:ad:05:b5:db:7e:74:f2:ff:cb:88:7d:b2:f2:
ae:b5:8e:c2:b4:ac:60:01:06:3f:13:b7:a0:13:46:f3:6c:53:
22:dd:98:48:d7:d6:7e:b5:3e:e5:b0:13:5c:26:d9:51:67:87:
77:f3:3b:9e:3d:3e:49:0a:6f:ec:c9:81:19:f2:d1:a8:25:f9:
c2:b1:95:52:af:6b:2d:97:68:78:9d:34:43:1a:83:b5:62:e4:
56:c3:c1:9c:17:7b:c9:75:d5:ec:66:0c:83:78:f1:ce:3b:ff:
23:a7:4f:23:e3:c4:74:9a:d9:79:1b:9a:2d:b2:3a:46:28:15:
2a:55:68:4c:4b:5b:3d:85:fd:89:24:b7:6c:6c:9c:f5:5a:41:
69:78:f1:55:4c:f9:da:e9:16:5a:b0:d4:bb:8b:1a:f1:15:e3:
8a:d6:0c:1c:d0:83:14:3a:05:b7:f9:4a:9f:75:a7:22:20:49:
18:09:a8:43:8d:6f:5a:2d:92:19:e4:ec:36:be:43:f7:da:0b:
ff:15:49:b1:c8:0f:43:e5:d9:11:16:46:d8:53:fe:3e:c4:7b:
0e:c8:f8:06:9a:81:a0:f9:09:54:45:d5:49:d7:9b:c0:e8:99:
8a:6c:4a:c3
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZkdqWZxI+fQ6fApYb8CwdnGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwOTA2MDYxNDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzRlNTc4ZGVkN2JlMjdmZTE1YTI3ODYxMDliMWM2M2Y1ZjdkYjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruPX7wFDrdETOjCtoaPttR9J3MZO
RpOZ6O1aK6nWjC5G6qZN9JK0WYrP73hSMAUF7GuMm6UTy7ou0IkZpaQ+QXs9oCDz
v1p4zXmWNbDTuqGlGPMBI+H4hRI9ZNIHyE7Nt9u5YUMWjDcCkX8wbhikSpAVaGtK
OSCfSwhAdXnzYoYHHhN+UJOrnHGXxJ7gLL5FzlBU86Sh392LbcvG1FHYxA3o1G1Y
Kob458NqPJI0KQ3OrBS3SK31pz9eMcr1D0xOLVu2aCuPJ7ZWKJ1KUMC8fE9DKIO1
GV+9YmU0wm0ow4RxMLAobIsZULp4DIOgYU1c3PYwFQPxu84XXsIfJbPLLQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFNNOV43te+J/4VonhhCbHGP199tEMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMDA1WGplMTc0bl9oV2llR0VKc2NZX1gzMjBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAJcrCAwQA
l/MHAwQAl/PkAwQAl/PnAwQAl/Q2AwQAl/SnAwQAl/S0AwQAl/TgAwQAl/TrMA0G
CSqGSIb3DQEBCwUAA4IBAQBcbl65fQ9VJwIqXYGSkG+L8qUVtpi/Zq0Ftdt+dPL/
y4h9svKutY7CtKxgAQY/E7egE0bzbFMi3ZhI19Z+tT7lsBNcJtlRZ4d38zuePT5J
Cm/syYEZ8tGoJfnCsZVSr2stl2h4nTRDGoO1YuRWw8GcF3vJddXsZgyDePHOO/8j
p08j48R0mtl5G5otsjpGKBUqVWhMS1s9hf2JJLdsbJz1WkFpePFVTPna6RZasNS7
ixrxFeOK1gwc0IMUOgW3+UqfdaciIEkYCahDjW9aLZIZ5Ow2vkP32gv/FUmxyA9D
5dkRFkbYU/4+xHsOyPgGmoGg+QlURdVJ15vA6JmKbErD
-----END CERTIFICATE-----
Generated at Thu Sep 18 11:41:02 2025 by rpki-client