Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/Xj_A199NkbA4oB5lsi3JmCrBoP4.roa
File: Xj_A199NkbA4oB5lsi3JmCrBoP4.roa (raw, json)
Hash identifier: +OWwse++4N61D9xbYuJP6NVpcWzpp5UMJCrwyvZ8Iik=
Subject key identifier: 5E:3F:C0:D7:DF:4D:91:B0:38:A0:1E:65:B2:2D:C9:98:2A:C1:A0:FE
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 01996273ACA347D13C1FA69D4EE06CAAED11
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/Xj_A199NkbA4oB5lsi3JmCrBoP4.roa
Signing time: Fri 19 Sep 2025 14:49:31 +0000
ROA not before: Fri 19 Sep 2025 14:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 45.93.82.0/24 maxlen: 24
45.131.51.0/24 maxlen: 24
80.64.27.0/24 maxlen: 24
80.64.29.0/24 maxlen: 24
185.210.136.0/24 maxlen: 24
188.64.162.0/24 maxlen: 24
213.139.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 22:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:62:73:ac:a3:47:d1:3c:1f:a6:9d:4e:e0:6c:aa:ed:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Sep 19 14:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e3fc0d7df4d91b038a01e65b22dc9982ac1a0fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:22:fa:c4:b8:20:4b:17:e8:61:c8:38:55:93:
33:c6:d8:3b:bd:8a:5c:88:83:13:63:4b:ac:fb:06:
ca:29:29:a1:63:95:ab:93:a8:e1:a6:b6:a5:08:01:
30:90:6e:45:57:86:44:17:9c:e6:b2:94:38:32:02:
af:20:3e:b8:c2:b0:3a:b0:73:7c:a8:72:82:17:21:
60:0b:41:c4:fe:1a:78:04:b5:e6:16:bd:76:60:2f:
10:7e:b2:ef:a0:b1:93:48:32:7f:f5:36:19:8f:d7:
97:05:65:cf:16:81:5a:a5:0c:e9:18:43:a6:b9:b9:
5b:62:c0:38:2e:2f:04:bb:45:f3:b5:48:3e:c8:d2:
b0:05:bd:0e:ae:86:2f:06:e9:b0:be:71:61:02:d5:
fe:c3:2a:c7:2b:f9:71:ee:a8:21:4b:91:34:ae:81:
51:8a:b7:4c:2c:3f:32:87:55:67:b4:af:79:e7:cb:
41:ea:2f:79:4f:ca:87:4a:32:15:43:ca:0d:6a:cc:
99:c7:58:52:34:7a:03:37:4c:b5:7a:8b:47:02:43:
b3:d5:23:1e:a7:3e:e1:fd:56:1b:93:27:00:b5:0d:
63:48:2b:f5:18:a9:c7:69:f0:6f:04:43:16:0c:26:
3e:33:27:92:67:75:60:4b:05:b2:8c:d9:e3:4e:6e:
76:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:3F:C0:D7:DF:4D:91:B0:38:A0:1E:65:B2:2D:C9:98:2A:C1:A0:FE
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/Xj_A199NkbA4oB5lsi3JmCrBoP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.82.0/24
45.131.51.0/24
80.64.27.0/24
80.64.29.0/24
185.210.136.0/24
188.64.162.0/24
213.139.202.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:10:d4:df:ea:1d:74:55:c7:38:d5:80:52:56:51:2c:73:57:
13:ac:d5:9f:d9:9b:b2:76:f0:61:42:7c:d2:47:5e:38:ca:16:
37:90:e3:d4:49:39:11:6b:1d:60:1e:87:73:75:20:c6:bd:05:
e1:39:5b:d0:5f:42:03:7f:c0:65:25:4a:40:dd:97:0c:5f:03:
69:38:b5:02:50:21:05:a0:4e:b7:d5:7c:0d:77:e0:ef:53:f7:
16:d0:de:60:0e:ee:45:c7:50:6e:01:40:57:3a:6b:41:5c:c9:
c8:19:4e:8c:37:6a:44:8f:1b:73:a2:08:31:94:15:45:93:5e:
7b:03:e5:d8:ed:f2:66:2d:82:d0:79:28:d1:a5:cc:57:d6:4d:
86:8b:27:1b:71:f0:22:6d:f2:e9:07:77:a9:af:d1:6a:d0:b2:
8f:e9:e1:2e:bb:0c:ec:66:bc:7a:ed:f3:8b:e3:04:0f:f6:10:
31:ea:37:ba:58:9a:0a:27:0d:ac:74:11:7b:38:51:84:19:10:
b4:de:5f:04:f1:9e:09:23:f9:37:81:b2:27:8f:93:69:f8:86:
8d:0d:6e:db:5a:31:88:df:73:73:e3:03:82:74:b8:25:55:7f:
5e:ac:47:6a:6c:39:cc:82:b2:a8:68:3d:a4:67:a9:7a:19:21:
95:25:97:bb
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZlic6yjR9E8H6adTuBsqu0RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjUwOTE5MTQ0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTNmYzBkN2RmNGQ5MWIwMzhhMDFlNjViMjJkYzk5ODJhYzFhMGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyL6xLggSxfoYcg4VZMzxtg7vYpc
iIMTY0us+wbKKSmhY5Wrk6jhpralCAEwkG5FV4ZEF5zmspQ4MgKvID64wrA6sHN8
qHKCFyFgC0HE/hp4BLXmFr12YC8QfrLvoLGTSDJ/9TYZj9eXBWXPFoFapQzpGEOm
ublbYsA4Li8Eu0XztUg+yNKwBb0OroYvBumwvnFhAtX+wyrHK/lx7qghS5E0roFR
irdMLD8yh1VntK9558tB6i95T8qHSjIVQ8oNasyZx1hSNHoDN0y1eotHAkOz1SMe
pz7h/VYbkycAtQ1jSCv1GKnHafBvBEMWDCY+MyeSZ3VgSwWyjNnjTm52+wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFF4/wNffTZGwOKAeZbItyZgqwaD+MB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvWGpfQTE5OU5rYkE0b0I1bHNpM0ptQ3JCb1A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALV1SAwQA
LYMzAwQAUEAbAwQAUEAdAwQAudKIAwQAvECiAwQA1YvKMA0GCSqGSIb3DQEBCwUA
A4IBAQAPENTf6h10Vcc41YBSVlEsc1cTrNWf2ZuydvBhQnzSR144yhY3kOPUSTkR
ax1gHodzdSDGvQXhOVvQX0IDf8BlJUpA3ZcMXwNpOLUCUCEFoE631XwNd+DvU/cW
0N5gDu5Fx1BuAUBXOmtBXMnIGU6MN2pEjxtzoggxlBVFk157A+XY7fJmLYLQeSjR
pcxX1k2GiycbcfAibfLpB3epr9Fq0LKP6eEuuwzsZrx67fOL4wQP9hAx6je6WJoK
Jw2sdBF7OFGEGRC03l8E8Z4JI/k3gbInj5Np+IaNDW7bWjGI33Nz4wOCdLglVX9e
rEdqbDnMgrKoaD2kZ6l6GSGVJZe7
-----END CERTIFICATE-----
Generated at Thu Oct 9 03:44:40 2025 by rpki-client