
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/03cce3-e620-4483-b08b-6d8fd330e9aa/1/XDE5yWHym2A5ak6WQEhkh6UG6-E.roa
File: XDE5yWHym2A5ak6WQEhkh6UG6-E.roa (raw, json)
Hash identifier: ZtYfbKKZBHtlgDqAoKqJ/Mw8EPVT2w6fQRb3QDPCDXI=
Subject key identifier: 5C:31:39:C9:61:F2:9B:60:39:6A:4E:96:40:48:64:87:A5:06:EB:E1
Certificate issuer: /CN=f8f73c5c0f3a106a8ba7dff3e35c816d1078dc71
Certificate serial: 0199E218C4BBEDB63005D1F7726B4D8D9EF2
Authority key identifier: F8:F7:3C:5C:0F:3A:10:6A:8B:A7:DF:F3:E3:5C:81:6D:10:78:DC:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Pc8XA86EGqLp9_z41yBbRB43HE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/03cce3-e620-4483-b08b-6d8fd330e9aa/1/XDE5yWHym2A5ak6WQEhkh6UG6-E.roa
Signing time: Tue 14 Oct 2025 09:41:37 +0000
ROA not before: Tue 14 Oct 2025 09:41:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 31.14.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/03cce3-e620-4483-b08b-6d8fd330e9aa/1/1-Pc8XA86EGqLp9_z41yBbRB43HE.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/03cce3-e620-4483-b08b-6d8fd330e9aa/1/1-Pc8XA86EGqLp9_z41yBbRB43HE.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-Pc8XA86EGqLp9_z41yBbRB43HE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e2:18:c4:bb:ed:b6:30:05:d1:f7:72:6b:4d:8d:9e:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8f73c5c0f3a106a8ba7dff3e35c816d1078dc71
Validity
Not Before: Oct 14 09:41:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c3139c961f29b60396a4e9640486487a506ebe1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:65:73:d7:1e:7a:88:37:28:35:27:10:e8:95:
a6:1c:ec:3d:cf:1f:7f:9d:59:5e:26:b6:8c:f9:fb:
57:10:2a:73:3e:97:8e:39:27:c3:1d:8b:f2:52:ec:
f1:cb:d4:ca:b0:52:35:91:dd:4b:ff:2a:c0:63:d4:
6d:5a:7c:bc:56:f3:e0:a0:53:0c:db:d2:e4:9f:9f:
8d:5f:f0:db:0f:49:32:e5:aa:11:80:56:1d:04:39:
cc:83:a2:51:99:00:0b:5e:26:71:98:0b:9c:7f:fd:
1d:06:9b:53:be:92:5e:18:80:47:45:e6:2a:30:f8:
c2:e7:3d:9b:c0:73:52:5d:0e:84:bf:92:77:42:6b:
93:58:bf:36:ac:62:c0:75:19:53:23:4f:b8:1a:b5:
d7:65:8a:34:82:81:f5:a4:83:bf:c6:1a:fa:d1:15:
d7:9c:2b:89:d5:88:01:22:bf:60:9b:ba:75:98:a4:
2e:56:7c:2c:22:b9:2f:11:9f:d6:be:3c:ba:dd:a4:
1b:15:a0:e7:c7:a6:a9:f1:e2:ef:f4:61:25:2c:96:
b1:cc:68:dc:5c:ce:79:a5:3c:17:fd:93:e7:30:b2:
66:e9:6f:22:19:da:f4:a1:e0:1e:ec:81:de:80:41:
67:f6:da:d0:9b:69:6c:78:89:12:cc:ef:77:59:14:
e1:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:31:39:C9:61:F2:9B:60:39:6A:4E:96:40:48:64:87:A5:06:EB:E1
X509v3 Authority Key Identifier:
keyid:F8:F7:3C:5C:0F:3A:10:6A:8B:A7:DF:F3:E3:5C:81:6D:10:78:DC:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Pc8XA86EGqLp9_z41yBbRB43HE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/03cce3-e620-4483-b08b-6d8fd330e9aa/1/XDE5yWHym2A5ak6WQEhkh6UG6-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/03cce3-e620-4483-b08b-6d8fd330e9aa/1/1-Pc8XA86EGqLp9_z41yBbRB43HE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.72.0/24
Signature Algorithm: sha256WithRSAEncryption
32:64:e1:98:b8:05:00:36:41:30:a2:7e:78:d4:5d:0e:7f:a1:
d4:91:ee:62:9b:38:14:18:5b:f8:bd:8e:9a:3a:6a:36:fc:4a:
80:68:f5:fb:cb:05:08:7d:ef:4f:49:f7:7d:8d:a6:82:b6:04:
c4:99:73:82:95:22:2b:af:3d:31:ed:6a:5a:e0:4e:8f:fc:05:
ce:27:b3:dd:ad:ec:da:c6:67:08:f3:b5:f4:2f:ea:55:e9:75:
b9:1d:2b:50:ac:75:8a:29:96:91:1c:69:0f:7a:fe:aa:e2:e5:
a5:42:02:41:a4:70:15:fa:f8:ca:bd:80:09:9e:08:37:51:d7:
d1:a6:6b:5d:17:aa:6d:17:1e:6f:65:45:09:14:bf:c7:3d:bb:
e0:49:bb:8d:71:82:a5:67:c9:35:40:b6:0e:9c:4b:7f:4f:8d:
8e:96:49:1e:18:03:1f:5f:2d:68:5c:9d:54:99:88:a0:2b:e7:
99:f0:b1:87:34:42:87:b2:79:0c:ab:29:4f:98:8c:97:ee:12:
a8:6b:54:01:08:72:4a:12:9a:b3:d7:69:d6:18:fb:16:67:0a:
67:1b:ed:df:d7:c1:cb:04:fa:08:96:25:9f:58:7f:75:e8:b7:
51:d9:28:42:bd:48:ec:ab:2f:01:4e:47:25:a5:20:dc:0a:fb:
75:71:d0:18
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZniGMS77bYwBdH3cmtNjZ7yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZjczYzVjMGYzYTEwNmE4YmE3ZGZmM2UzNWM4MTZkMTA3
OGRjNzEwHhcNMjUxMDE0MDk0MTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzMxMzljOTYxZjI5YjYwMzk2YTRlOTY0MDQ4NjQ4N2E1MDZlYmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2Vz1x56iDcoNScQ6JWmHOw9zx9/
nVleJraM+ftXECpzPpeOOSfDHYvyUuzxy9TKsFI1kd1L/yrAY9RtWny8VvPgoFMM
29Lkn5+NX/DbD0ky5aoRgFYdBDnMg6JRmQALXiZxmAucf/0dBptTvpJeGIBHReYq
MPjC5z2bwHNSXQ6Ev5J3QmuTWL82rGLAdRlTI0+4GrXXZYo0goH1pIO/xhr60RXX
nCuJ1YgBIr9gm7p1mKQuVnwsIrkvEZ/Wvjy63aQbFaDnx6ap8eLv9GElLJaxzGjc
XM55pTwX/ZPnMLJm6W8iGdr0oeAe7IHegEFn9trQm2lseIkSzO93WRThLwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFwxOclh8ptgOWpOlkBIZIelBuvhMB8GA1UdIwQY
MBaAFPj3PFwPOhBqi6ff8+NcgW0QeNxxMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1QYzhYQTg2RUdxTHA5X3o0MXlCYlJCNDNIRS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYvMDNjY2UzLWU2MjAtNDQ4My1iMDhi
LTZkOGZkMzMwZTlhYS8xL1hERTV5V0h5bTJBNWFrNldRRWhraDZVRzYtRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjYvMDNjY2UzLWU2MjAtNDQ4My1iMDhiLTZkOGZkMzMwZTlh
YS8xLzEtUGM4WEE4NkVHcUxwOV96NDF5QmJSQjQzSEUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAfDkgw
DQYJKoZIhvcNAQELBQADggEBADJk4Zi4BQA2QTCifnjUXQ5/odSR7mKbOBQYW/i9
jpo6ajb8SoBo9fvLBQh9709J932NpoK2BMSZc4KVIiuvPTHtalrgTo/8Bc4ns92t
7NrGZwjztfQv6lXpdbkdK1CsdYoplpEcaQ96/qri5aVCAkGkcBX6+Mq9gAmeCDdR
19Gma10Xqm0XHm9lRQkUv8c9u+BJu41xgqVnyTVAtg6cS39PjY6WSR4YAx9fLWhc
nVSZiKAr55nwsYc0QoeyeQyrKU+YjJfuEqhrVAEIckoSmrPXadYY+xZnCmcb7d/X
wcsE+giWJZ9Yf3Xot1HZKEK9SOyrLwFORyWlINwK+3Vx0Bg=
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:44:54 2025 by rpki-client