Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/XOQaK_GcvgosQ-1gEy8zdGcnDE4.roa
File: XOQaK_GcvgosQ-1gEy8zdGcnDE4.roa (raw, json)
Hash identifier: /1qJIln2xy5SAZVHiFrngeaTP47oyUZG1S4pPcMhzyM=
Subject key identifier: 5C:E4:1A:2B:F1:9C:BE:0A:2C:43:ED:60:13:2F:33:74:67:27:0C:4E
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0199599056BE5A174DE548490607896B2DD0
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/XOQaK_GcvgosQ-1gEy8zdGcnDE4.roa
Signing time: Wed 17 Sep 2025 21:24:15 +0000
ROA not before: Wed 17 Sep 2025 21:24:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215439
IP address blocks: 64.188.64.0/22 maxlen: 24
77.239.125.0/24 maxlen: 24
144.31.30.0/24 maxlen: 24
144.31.164.0/22 maxlen: 24
144.31.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 21:24:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:59:90:56:be:5a:17:4d:e5:48:49:06:07:89:6b:2d:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Sep 17 21:24:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ce41a2bf19cbe0a2c43ed60132f337467270c4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f9:75:fe:03:c4:0d:d3:be:64:e2:0e:8c:4d:
47:91:4a:06:4f:8e:1f:09:2c:e0:74:97:38:17:26:
78:27:0a:ee:a2:94:e5:3f:a2:9e:9a:af:9b:97:10:
46:51:07:c9:c4:a1:bc:05:f2:dd:5d:bf:ea:0d:b6:
a1:9f:3d:a1:87:9c:64:4d:bb:e0:34:39:3e:b7:64:
88:fe:2e:89:c8:a0:39:1d:19:e9:2c:da:d2:53:52:
5d:21:6d:c0:71:88:dc:6c:49:da:d2:5e:fc:2d:89:
c5:f8:ef:ab:1e:bd:93:8b:e2:b4:9b:82:ae:1b:8b:
e6:2f:ad:66:81:51:5b:34:9e:02:26:99:42:02:20:
df:bf:05:78:84:49:3a:c1:00:ab:56:e0:fb:58:d4:
a6:58:42:95:2c:a2:d3:f3:cf:ea:b1:d8:91:88:6b:
27:14:5e:b1:a5:df:41:06:bd:5a:79:80:ee:e8:ea:
8c:15:e3:3d:6a:2e:fc:13:76:2a:c7:3a:cf:cf:b0:
e2:36:85:d7:7b:bc:17:4d:89:2b:4a:17:c4:39:29:
01:6a:5a:16:7a:fe:d3:e2:1f:3d:85:7d:c3:08:bc:
76:6b:0f:93:33:f9:b4:a5:aa:ab:5a:99:c2:9d:d8:
f4:c6:0f:d9:14:2d:4e:d1:ff:48:b7:7c:67:36:72:
bd:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:E4:1A:2B:F1:9C:BE:0A:2C:43:ED:60:13:2F:33:74:67:27:0C:4E
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/XOQaK_GcvgosQ-1gEy8zdGcnDE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.64.0/22
77.239.125.0/24
144.31.30.0/24
144.31.164.0/22
144.31.212.0/24
Signature Algorithm: sha256WithRSAEncryption
af:ff:6a:79:e2:65:53:b3:d5:a1:c1:01:54:99:b9:f5:13:c6:
32:c7:b7:b5:20:4c:1d:72:c8:7c:d5:eb:57:74:13:9e:ee:04:
44:dd:aa:82:8b:9f:d1:0c:61:c6:0a:b0:34:ff:dd:19:ed:d0:
84:ff:87:a9:ae:7e:fa:99:69:a4:00:b6:64:60:0e:8f:e3:4d:
97:bf:74:c5:04:11:04:8a:cb:90:40:ef:6d:1d:fd:00:c2:90:
9b:dd:f8:db:02:fc:31:1c:18:f3:d3:ae:1d:eb:5c:fa:8c:e1:
e4:03:23:ce:4c:a7:b2:90:05:12:07:cf:79:82:f8:39:97:a7:
51:f7:84:9c:77:b1:9e:b0:5f:a7:4d:34:66:e4:3c:1a:fb:ae:
d5:8c:be:7e:28:10:a1:9f:35:ef:26:68:8c:9d:50:0b:0a:49:
aa:82:0d:b5:7a:be:db:03:d0:d9:12:c0:aa:2c:ac:2e:d5:ef:
c8:7b:72:20:66:91:c9:10:15:7a:4c:9c:57:f3:78:1f:14:3b:
e4:5d:80:ff:c3:db:90:2b:6f:8f:b2:d7:7f:96:30:74:39:a0:
4a:02:70:b2:d5:eb:71:6e:de:5a:ae:eb:4f:f5:62:17:d3:f3:
de:dd:9a:55:e3:30:49:4d:78:89:72:a5:1f:54:71:a9:f0:3c:
6d:a7:15:1e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZlZkFa+WhdN5UhJBgeJay3QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwOTE3MjEyNDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2U0MWEyYmYxOWNiZTBhMmM0M2VkNjAxMzJmMzM3NDY3MjcwYzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvl1/gPEDdO+ZOIOjE1HkUoGT44f
CSzgdJc4FyZ4JwruopTlP6Kemq+blxBGUQfJxKG8BfLdXb/qDbahnz2hh5xkTbvg
NDk+t2SI/i6JyKA5HRnpLNrSU1JdIW3AcYjcbEna0l78LYnF+O+rHr2Ti+K0m4Ku
G4vmL61mgVFbNJ4CJplCAiDfvwV4hEk6wQCrVuD7WNSmWEKVLKLT88/qsdiRiGsn
FF6xpd9BBr1aeYDu6OqMFeM9ai78E3YqxzrPz7DiNoXXe7wXTYkrShfEOSkBaloW
ev7T4h89hX3DCLx2aw+TM/m0paqrWpnCndj0xg/ZFC1O0f9It3xnNnK9eQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFzkGivxnL4KLEPtYBMvM3RnJwxOMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvWE9RYUtfR2N2Z29zUS0xZ0V5OHpkR2NuREU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCQLxAAwQA
Te99AwQAkB8eAwQCkB+kAwQAkB/UMA0GCSqGSIb3DQEBCwUAA4IBAQCv/2p54mVT
s9WhwQFUmbn1E8Yyx7e1IEwdcsh81etXdBOe7gRE3aqCi5/RDGHGCrA0/90Z7dCE
/4eprn76mWmkALZkYA6P402Xv3TFBBEEisuQQO9tHf0AwpCb3fjbAvwxHBjz064d
61z6jOHkAyPOTKeykAUSB895gvg5l6dR94Scd7GesF+nTTRm5Dwa+67VjL5+KBCh
nzXvJmiMnVALCkmqgg21er7bA9DZEsCqLKwu1e/Ie3IgZpHJEBV6TJxX83gfFDvk
XYD/w9uQK2+Pstd/ljB0OaBKAnCy1etxbt5arutP9WIX0/Pe3ZpV4zBJTXiJcqUf
VHGp8DxtpxUe
-----END CERTIFICATE-----
Generated at Thu Sep 18 03:04:48 2025 by rpki-client