Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/XiJB2B-dImNt6NmXDmv88K1JyEE.roa
File: XiJB2B-dImNt6NmXDmv88K1JyEE.roa (raw, json)
Hash identifier: taXJ29hJesSr7lHlGY2J6cbOuu8gPVXjqfcsXysGckc=
Subject key identifier: 5E:22:41:D8:1F:9D:22:63:6D:E8:D9:97:0E:6B:FC:F0:AD:49:C8:41
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 0199251345F6E78B6090B4ABB6AB81536AB2
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/XiJB2B-dImNt6NmXDmv88K1JyEE.roa
Signing time: Sun 07 Sep 2025 16:47:24 +0000
ROA not before: Sun 07 Sep 2025 16:47:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.95.226.0/24 maxlen: 24
45.140.58.0/24 maxlen: 24
212.81.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.mft
rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 04:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:25:13:45:f6:e7:8b:60:90:b4:ab:b6:ab:81:53:6a:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Sep 7 16:47:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e2241d81f9d22636de8d9970e6bfcf0ad49c841
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:06:27:18:1e:13:ab:9c:80:7b:e7:f2:cb:23:
95:bd:2e:0f:dc:b9:e5:49:a4:bf:d3:9d:03:2a:e0:
7f:76:19:4d:30:58:a1:52:b4:48:4a:bb:9a:b7:49:
11:f4:80:07:01:e6:c7:9a:7b:a6:ad:fd:51:0d:35:
e1:7b:0e:f2:fc:df:fd:21:e6:84:35:60:8f:2d:e6:
2d:dc:a2:d3:4b:fd:73:42:ea:1f:c0:ef:0f:60:eb:
45:8c:6e:0e:89:d5:49:43:83:24:9a:6b:eb:be:47:
60:5b:0f:98:a2:ca:0e:76:a5:85:90:f8:8a:50:8f:
23:b0:96:aa:a0:fd:11:d7:fc:f1:52:24:c2:9f:72:
54:7c:a8:d3:4f:f3:7f:3b:c9:a3:ae:0d:cf:5f:72:
c8:eb:94:3a:19:81:e3:36:36:cb:c4:ba:a8:6d:03:
c6:92:19:44:3c:09:b6:52:03:b1:60:b6:1c:22:32:
fe:7e:87:23:6d:cc:e6:e8:4a:60:2b:45:7b:02:75:
9d:9d:eb:22:8a:ad:91:da:fa:ca:87:fd:ae:f0:01:
29:b3:c3:a5:c6:ed:0a:4f:36:74:93:d7:da:89:a2:
ba:2a:d8:6a:f7:61:2b:a6:8c:60:90:5d:1f:4d:42:
93:e2:d8:83:ce:48:29:e8:ab:b6:8d:c3:f8:1e:7e:
e8:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:22:41:D8:1F:9D:22:63:6D:E8:D9:97:0E:6B:FC:F0:AD:49:C8:41
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/XiJB2B-dImNt6NmXDmv88K1JyEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.226.0/24
45.140.58.0/24
212.81.44.0/24
Signature Algorithm: sha256WithRSAEncryption
95:fd:eb:11:a1:44:28:0b:09:c5:25:f7:9d:19:61:ef:f6:e3:
83:c1:2c:5e:9f:18:40:58:31:dd:2f:e7:b3:13:93:63:08:12:
ac:97:9f:df:d4:2b:0b:d2:5b:52:27:ac:7b:e3:e0:22:45:69:
59:5c:71:c4:a3:bf:84:48:b0:6c:bd:04:9d:17:22:c8:53:ad:
48:dc:73:21:a6:aa:14:2f:9c:b2:e2:9f:a1:26:60:2e:9b:0b:
7d:f6:49:74:e6:d6:e1:f4:72:d2:d6:6d:3f:81:b9:f7:a3:c0:
dd:f5:50:06:74:84:67:45:f4:45:55:95:b6:63:ae:7f:ec:21:
be:3d:1e:c6:70:44:d3:8d:95:7b:84:ae:f8:85:30:b0:12:63:
72:99:ee:ec:21:b7:e7:6f:13:c3:ed:a9:3b:38:45:b8:b0:07:
04:d7:37:1a:f4:f1:95:b1:cf:51:3b:23:22:d5:62:d6:8e:f6:
68:74:b5:d9:33:10:b4:6d:50:c5:0d:c5:27:eb:ae:ca:11:74:
d5:7b:b2:3e:ff:f0:1d:7d:bf:be:71:0f:2e:bf:42:8a:e4:3a:
9c:a6:0d:e6:39:ba:a2:10:9c:41:8c:64:20:7e:84:f8:2d:97:
8b:d1:12:22:5b:8e:ca:25:14:cd:2b:46:b9:36:34:a0:1d:f1:
57:57:a0:d9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZklE0X254tgkLSrtquBU2qyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjUwOTA3MTY0NzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTIyNDFkODFmOWQyMjYzNmRlOGQ5OTcwZTZiZmNmMGFkNDljODQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQYnGB4Tq5yAe+fyyyOVvS4P3Lnl
SaS/050DKuB/dhlNMFihUrRISruat0kR9IAHAebHmnumrf1RDTXhew7y/N/9IeaE
NWCPLeYt3KLTS/1zQuofwO8PYOtFjG4OidVJQ4MkmmvrvkdgWw+YosoOdqWFkPiK
UI8jsJaqoP0R1/zxUiTCn3JUfKjTT/N/O8mjrg3PX3LI65Q6GYHjNjbLxLqobQPG
khlEPAm2UgOxYLYcIjL+focjbczm6EpgK0V7AnWdnesiiq2R2vrKh/2u8AEps8Ol
xu0KTzZ0k9faiaK6Kthq92ErpoxgkF0fTUKT4tiDzkgp6Ku2jcP4Hn7ooQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF4iQdgfnSJjbejZlw5r/PCtSchBMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvWGlKQjJCLWRJbU50Nk5tWERtdjg4SzFKeUVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALV/iAwQA
LYw6AwQA1FEsMA0GCSqGSIb3DQEBCwUAA4IBAQCV/esRoUQoCwnFJfedGWHv9uOD
wSxenxhAWDHdL+ezE5NjCBKsl5/f1CsL0ltSJ6x74+AiRWlZXHHEo7+ESLBsvQSd
FyLIU61I3HMhpqoUL5yy4p+hJmAumwt99kl05tbh9HLS1m0/gbn3o8Dd9VAGdIRn
RfRFVZW2Y65/7CG+PR7GcETTjZV7hK74hTCwEmNyme7sIbfnbxPD7ak7OEW4sAcE
1zca9PGVsc9ROyMi1WLWjvZodLXZMxC0bVDFDcUn667KEXTVe7I+//Adfb++cQ8u
v0KK5Dqcpg3mObqiEJxBjGQgfoT4LZeL0RIiW47KJRTNK0a5NjSgHfFXV6DZ
-----END CERTIFICATE-----
Generated at Thu Sep 18 12:03:37 2025 by rpki-client