Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/85ef35-647a-4172-8c64-6db3caef73d9/1/xEEfHzO6g6rZeT9FwkUuiWjw_Xw.roa
File: xEEfHzO6g6rZeT9FwkUuiWjw_Xw.roa (raw, json)
Hash identifier: 0+Wkhje+So8WuPHD5PcbqywDfHJV+b9Sf51efUGfd24=
Subject key identifier: C4:41:1F:1F:33:BA:83:AA:D9:79:3F:45:C2:45:2E:89:68:F0:FD:7C
Certificate issuer: /CN=61e10dac1f773c55a244753346719e899f4d4432
Certificate serial: 019A0A8645F8454DABA6D9DE3E54AF700811
Authority key identifier: 61:E1:0D:AC:1F:77:3C:55:A2:44:75:33:46:71:9E:89:9F:4D:44:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YeENrB93PFWiRHUzRnGeiZ9NRDI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/85ef35-647a-4172-8c64-6db3caef73d9/1/xEEfHzO6g6rZeT9FwkUuiWjw_Xw.roa
Signing time: Wed 22 Oct 2025 06:06:03 +0000
ROA not before: Wed 22 Oct 2025 06:06:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31673
IP address blocks: 83.136.17.0/24 maxlen: 24
83.136.18.0/24 maxlen: 24
83.136.19.0/24 maxlen: 24
193.30.6.0/23 maxlen: 24
2a03:7000::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/85ef35-647a-4172-8c64-6db3caef73d9/1/YeENrB93PFWiRHUzRnGeiZ9NRDI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/85ef35-647a-4172-8c64-6db3caef73d9/1/YeENrB93PFWiRHUzRnGeiZ9NRDI.mft
rsync://rpki.ripe.net/repository/DEFAULT/YeENrB93PFWiRHUzRnGeiZ9NRDI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 12:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0a:86:45:f8:45:4d:ab:a6:d9:de:3e:54:af:70:08:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61e10dac1f773c55a244753346719e899f4d4432
Validity
Not Before: Oct 22 06:06:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4411f1f33ba83aad9793f45c2452e8968f0fd7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:be:55:f9:3b:9d:74:a3:01:55:83:65:a4:a4:
82:99:c5:85:a7:86:07:37:ad:52:fa:af:ff:b9:a7:
ab:57:c0:79:92:9d:88:16:2d:e6:6b:77:a6:0d:44:
96:c9:cb:cc:da:ec:b5:e9:34:77:7b:cc:f9:39:b9:
08:be:e9:94:41:a7:fc:13:5c:6d:e3:41:46:e6:38:
c7:14:5e:56:67:d5:cf:a9:9c:b9:22:d5:99:6f:05:
1f:82:41:69:0c:d3:bb:f8:74:25:97:2e:7d:86:8d:
0e:9d:5d:b3:45:e3:b4:0b:79:7d:8e:e2:40:a5:02:
62:97:de:5f:64:3d:a7:01:49:b8:5c:96:1f:1e:04:
77:b4:cf:b2:5e:5f:e8:35:f0:52:57:2e:c8:d1:75:
15:a4:51:61:47:d8:d7:ad:62:76:8f:14:a0:68:f3:
e1:7e:07:ea:aa:ef:26:32:44:26:72:67:31:35:dc:
82:4d:19:33:68:e0:e1:83:59:00:b8:e8:64:ce:c9:
84:71:db:9b:d0:cd:13:4f:b7:b0:b3:85:59:ca:39:
0e:a5:de:87:92:fd:18:be:d5:ea:18:0a:74:d9:1c:
15:f3:9f:9a:c5:38:ee:77:55:e8:31:71:a7:09:fe:
16:eb:93:0c:ba:2f:e6:4b:17:63:de:58:03:24:3c:
05:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:41:1F:1F:33:BA:83:AA:D9:79:3F:45:C2:45:2E:89:68:F0:FD:7C
X509v3 Authority Key Identifier:
keyid:61:E1:0D:AC:1F:77:3C:55:A2:44:75:33:46:71:9E:89:9F:4D:44:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YeENrB93PFWiRHUzRnGeiZ9NRDI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/85ef35-647a-4172-8c64-6db3caef73d9/1/xEEfHzO6g6rZeT9FwkUuiWjw_Xw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/85ef35-647a-4172-8c64-6db3caef73d9/1/YeENrB93PFWiRHUzRnGeiZ9NRDI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.17.0-83.136.19.255
193.30.6.0/23
IPv6:
2a03:7000::/32
Signature Algorithm: sha256WithRSAEncryption
79:d2:f6:70:ef:b7:94:49:a0:02:5b:a8:39:d1:c5:50:7a:d9:
ee:c0:24:f4:8d:6f:27:d5:d6:11:31:e4:d9:79:b8:eb:e2:f7:
5c:22:1b:a4:fc:e8:01:e2:0a:ae:fc:ed:9d:86:e2:f9:58:e0:
1d:5d:e1:30:8d:02:26:b2:42:f3:1e:be:0a:bf:80:43:44:95:
a2:24:68:af:f0:c2:72:90:7e:04:42:8a:cf:d6:74:16:49:ae:
64:03:01:d5:f5:b1:89:21:7d:b5:fd:6a:f2:7d:2c:3f:d2:96:
55:98:92:ce:a4:50:02:b0:35:52:bc:27:ef:38:11:be:34:bf:
83:59:3a:5b:42:3f:47:08:40:05:d8:46:23:01:a1:cf:88:ca:
e5:1e:d1:21:20:dd:2e:03:1e:ed:46:64:c2:c5:3c:eb:d2:a9:
7d:9b:37:10:59:1f:3c:41:71:4d:6f:bd:07:1f:ce:5b:87:0d:
d1:af:2c:e5:a6:52:19:fd:1e:03:e9:ea:74:8b:87:a9:f0:ca:
a3:d5:4a:a3:56:24:c6:70:48:91:11:02:f2:53:a9:12:d4:3c:
e7:fb:9a:1a:3e:a3:c7:73:2c:36:17:dc:eb:2b:bb:f6:28:06:
03:ad:19:bc:d5:20:9f:8f:07:7f:ad:e8:a0:cc:ed:7b:e9:2d:
41:6b:2a:f2
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZoKhkX4RU2rptnePlSvcAgRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxZTEwZGFjMWY3NzNjNTVhMjQ0NzUzMzQ2NzE5ZTg5OWY0
ZDQ0MzIwHhcNMjUxMDIyMDYwNjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDQxMWYxZjMzYmE4M2FhZDk3OTNmNDVjMjQ1MmU4OTY4ZjBmZDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhr5V+TuddKMBVYNlpKSCmcWFp4YH
N61S+q//uaerV8B5kp2IFi3ma3emDUSWycvM2uy16TR3e8z5ObkIvumUQaf8E1xt
40FG5jjHFF5WZ9XPqZy5ItWZbwUfgkFpDNO7+HQlly59ho0OnV2zReO0C3l9juJA
pQJil95fZD2nAUm4XJYfHgR3tM+yXl/oNfBSVy7I0XUVpFFhR9jXrWJ2jxSgaPPh
fgfqqu8mMkQmcmcxNdyCTRkzaODhg1kAuOhkzsmEcdub0M0TT7ews4VZyjkOpd6H
kv0YvtXqGAp02RwV85+axTjud1XoMXGnCf4W65MMui/mSxdj3lgDJDwFzQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFMRBHx8zuoOq2Xk/RcJFLolo8P18MB8GA1UdIwQY
MBaAFGHhDawfdzxVokR1M0ZxnomfTUQyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWVFTnJCOTNQRldpUkhVelJuR2VpWjlOUkRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS84NWVmMzUtNjQ3YS00MTcyLThjNjQt
NmRiM2NhZWY3M2Q5LzEveEVFZkh6TzZnNnJaZVQ5RndrVXVpV2p3X1h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS84NWVmMzUtNjQ3YS00MTcyLThjNjQtNmRiM2NhZWY3M2Q5
LzEvWWVFTnJCOTNQRldpUkhVelJuR2VpWjlOUkRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBABTiBED
BAJTiBADBAHBHgYwDQQCAAIwBwMFACoDcAAwDQYJKoZIhvcNAQELBQADggEBAHnS
9nDvt5RJoAJbqDnRxVB62e7AJPSNbyfV1hEx5Nl5uOvi91wiG6T86AHiCq787Z2G
4vlY4B1d4TCNAiayQvMevgq/gENElaIkaK/wwnKQfgRCis/WdBZJrmQDAdX1sYkh
fbX9avJ9LD/SllWYks6kUAKwNVK8J+84Eb40v4NZOltCP0cIQAXYRiMBoc+IyuUe
0SEg3S4DHu1GZMLFPOvSqX2bNxBZHzxBcU1vvQcfzluHDdGvLOWmUhn9HgPp6nSL
h6nwyqPVSqNWJMZwSJERAvJTqRLUPOf7mho+o8dzLDYX3Osru/YoBgOtGbzVIJ+P
B3+t6KDM7XvpLUFrKvI=
-----END CERTIFICATE-----
Generated at Mon Oct 27 16:55:22 2025 by rpki-client