Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/1cfe5c-0546-4482-935a-cb386358d151/1/XbRIFdQP_RXO6IV-cEyYaj6kxNs.roa
File: XbRIFdQP_RXO6IV-cEyYaj6kxNs.roa (raw, json)
Hash identifier: 3o+QHeiT4KUONTiQxPqZMl4amlORzK8bXLG3POsUfAs=
Subject key identifier: 5D:B4:48:15:D4:0F:FD:15:CE:E8:85:7E:70:4C:98:6A:3E:A4:C4:DB
Certificate issuer: /CN=0194ab9a8f4a20e829dd4575a88c8125c1c8a67f
Certificate serial: 019975987FAFA92E4F7D9E7049FC412C4173
Authority key identifier: 01:94:AB:9A:8F:4A:20:E8:29:DD:45:75:A8:8C:81:25:C1:C8:A6:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AZSrmo9KIOgp3UV1qIyBJcHIpn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/1cfe5c-0546-4482-935a-cb386358d151/1/XbRIFdQP_RXO6IV-cEyYaj6kxNs.roa
Signing time: Tue 23 Sep 2025 08:02:32 +0000
ROA not before: Tue 23 Sep 2025 08:02:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51300
IP address blocks: 46.28.24.0/21 maxlen: 21
46.28.24.0/24 maxlen: 24
46.28.25.0/24 maxlen: 24
46.28.26.0/24 maxlen: 24
46.28.27.0/24 maxlen: 24
46.28.28.0/24 maxlen: 24
46.28.29.0/24 maxlen: 24
46.28.30.0/24 maxlen: 24
46.28.31.0/24 maxlen: 24
185.202.120.0/22 maxlen: 22
185.202.120.0/24 maxlen: 24
185.202.121.0/24 maxlen: 24
185.202.122.0/24 maxlen: 24
185.202.123.0/24 maxlen: 24
193.135.146.0/23 maxlen: 23
193.135.146.0/24 maxlen: 24
193.135.147.0/24 maxlen: 24
207.244.214.0/23 maxlen: 23
207.244.214.0/24 maxlen: 24
207.244.215.0/24 maxlen: 24
2a0a:1e40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/1cfe5c-0546-4482-935a-cb386358d151/1/AZSrmo9KIOgp3UV1qIyBJcHIpn8.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/1cfe5c-0546-4482-935a-cb386358d151/1/AZSrmo9KIOgp3UV1qIyBJcHIpn8.mft
rsync://rpki.ripe.net/repository/DEFAULT/AZSrmo9KIOgp3UV1qIyBJcHIpn8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 14:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:75:98:7f:af:a9:2e:4f:7d:9e:70:49:fc:41:2c:41:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0194ab9a8f4a20e829dd4575a88c8125c1c8a67f
Validity
Not Before: Sep 23 08:02:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5db44815d40ffd15cee8857e704c986a3ea4c4db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b5:6d:c8:84:dd:c7:8f:57:77:93:b0:e4:5e:
1b:a5:b5:24:b4:30:cb:99:48:2d:88:7a:17:2d:0b:
d0:1f:27:29:6f:2c:4e:3e:25:af:97:fc:91:48:43:
23:a1:63:6e:56:7c:cc:e8:f5:75:cd:f4:66:9d:f8:
81:f6:bf:43:3f:af:77:dd:8f:e8:5c:c6:38:14:d3:
8f:b9:d3:c9:c7:47:3d:64:6b:2c:45:91:09:5c:8e:
12:14:cc:06:2a:fb:a3:be:d9:50:0f:cd:70:61:ce:
48:be:ac:45:91:14:36:e9:89:cf:37:24:a3:61:e2:
69:49:ac:d9:1f:20:f6:03:9a:bd:2d:95:cf:c1:7c:
55:16:93:85:68:d0:5d:b1:96:2f:91:6b:4d:03:c3:
af:9d:54:ff:cf:a8:c7:dd:c5:b4:70:61:cd:c0:b9:
d1:bd:62:fa:a3:77:c0:ca:3a:bc:75:33:a8:19:9b:
df:24:44:56:d5:12:f1:8e:94:7a:c7:b3:d8:86:69:
5c:aa:4f:49:9e:02:64:a9:5a:ee:a7:db:38:5f:b8:
4b:12:49:c1:48:72:0d:3e:e8:21:95:d4:2c:b5:f8:
ef:7d:c6:f2:a6:cb:e9:79:d2:9d:f7:1e:f3:f0:47:
7f:86:0c:cd:ad:4e:4f:41:55:78:73:d1:d8:f0:f2:
d0:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:B4:48:15:D4:0F:FD:15:CE:E8:85:7E:70:4C:98:6A:3E:A4:C4:DB
X509v3 Authority Key Identifier:
keyid:01:94:AB:9A:8F:4A:20:E8:29:DD:45:75:A8:8C:81:25:C1:C8:A6:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AZSrmo9KIOgp3UV1qIyBJcHIpn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/1cfe5c-0546-4482-935a-cb386358d151/1/XbRIFdQP_RXO6IV-cEyYaj6kxNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/1cfe5c-0546-4482-935a-cb386358d151/1/AZSrmo9KIOgp3UV1qIyBJcHIpn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.24.0/21
185.202.120.0/22
193.135.146.0/23
207.244.214.0/23
IPv6:
2a0a:1e40::/32
Signature Algorithm: sha256WithRSAEncryption
8d:a3:d5:8e:6a:64:05:83:45:b2:0f:5c:5b:7b:5d:1b:8d:92:
a9:09:81:d2:9f:52:61:43:d2:2a:07:86:8c:f3:03:32:72:87:
59:a3:20:f9:66:b7:4b:ad:44:f6:7d:6d:34:e0:67:43:f1:ba:
3a:04:60:7a:b6:5a:8f:22:11:d6:78:11:39:33:2d:cd:10:15:
31:93:df:91:d6:d0:76:58:8b:e0:09:e0:1e:8e:04:b2:7b:a8:
fa:49:0f:99:61:34:c8:1e:bb:05:7f:32:11:fb:98:8c:d7:5c:
b7:7a:0f:9e:de:52:d4:3e:b4:63:0a:1d:19:7c:39:dd:e8:33:
f9:64:77:c7:fb:d4:c6:9e:6b:f7:b4:59:d9:8f:dc:3c:da:bb:
0b:44:04:1e:e0:a0:4b:dd:e5:e2:f7:0a:7f:76:8b:9a:25:a8:
c2:95:c1:20:0a:56:26:0d:7b:0b:ef:32:7f:06:aa:35:0c:3c:
32:88:e7:d2:e9:f6:9e:8f:18:90:4b:f8:e9:18:64:e9:0b:c2:
1b:93:3a:4c:40:23:70:e2:ff:ce:a2:ae:5a:74:de:2c:ef:3a:
eb:fd:0b:38:87:fc:0d:3c:ed:e5:35:98:1e:17:a0:30:3b:0d:
48:20:f5:c0:20:40:b7:ca:8f:55:7c:ba:fb:ed:b3:d5:63:6e:
0f:c6:a6:c7
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZl1mH+vqS5PfZ5wSfxBLEFzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxOTRhYjlhOGY0YTIwZTgyOWRkNDU3NWE4OGM4MTI1YzFj
OGE2N2YwHhcNMjUwOTIzMDgwMjMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGI0NDgxNWQ0MGZmZDE1Y2VlODg1N2U3MDRjOTg2YTNlYTRjNGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrVtyITdx49Xd5Ow5F4bpbUktDDL
mUgtiHoXLQvQHycpbyxOPiWvl/yRSEMjoWNuVnzM6PV1zfRmnfiB9r9DP6933Y/o
XMY4FNOPudPJx0c9ZGssRZEJXI4SFMwGKvujvtlQD81wYc5IvqxFkRQ26YnPNySj
YeJpSazZHyD2A5q9LZXPwXxVFpOFaNBdsZYvkWtNA8OvnVT/z6jH3cW0cGHNwLnR
vWL6o3fAyjq8dTOoGZvfJERW1RLxjpR6x7PYhmlcqk9JngJkqVrup9s4X7hLEknB
SHINPughldQstfjvfcbypsvpedKd9x7z8Ed/hgzNrU5PQVV4c9HY8PLQwwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFF20SBXUD/0VzuiFfnBMmGo+pMTbMB8GA1UdIwQY
MBaAFAGUq5qPSiDoKd1FdaiMgSXByKZ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVpTcm1vOUtJT2dwM1VWMXFJeUJKY0hJcG44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8xY2ZlNWMtMDU0Ni00NDgyLTkzNWEt
Y2IzODYzNThkMTUxLzEvWGJSSUZkUVBfUlhPNklWLWNFeVlhajZreE5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8xY2ZlNWMtMDU0Ni00NDgyLTkzNWEtY2IzODYzNThkMTUx
LzEvQVpTcm1vOUtJT2dwM1VWMXFJeUJKY0hJcG44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDLhwYAwQC
ucp4AwQBwYeSAwQBz/TWMA0EAgACMAcDBQAqCh5AMA0GCSqGSIb3DQEBCwUAA4IB
AQCNo9WOamQFg0WyD1xbe10bjZKpCYHSn1JhQ9IqB4aM8wMycodZoyD5ZrdLrUT2
fW004GdD8bo6BGB6tlqPIhHWeBE5My3NEBUxk9+R1tB2WIvgCeAejgSye6j6SQ+Z
YTTIHrsFfzIR+5iM11y3eg+e3lLUPrRjCh0ZfDnd6DP5ZHfH+9TGnmv3tFnZj9w8
2rsLRAQe4KBL3eXi9wp/douaJajClcEgClYmDXsL7zJ/Bqo1DDwyiOfS6faejxiQ
S/jpGGTpC8IbkzpMQCNw4v/Ooq5adN4s7zrr/Qs4h/wNPO3lNZgeF6AwOw1IIPXA
IEC3yo9VfLr77bPVY24PxqbH
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:28:45 2025 by rpki-client