Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/XIE6pSr5Se_ddJ-sbF0LHvUWRNo.roa
File: XIE6pSr5Se_ddJ-sbF0LHvUWRNo.roa (raw, json)
Hash identifier: ksy2bMoShyEx+Z2LrrV0ovXdXkbwK/G4ElQgVhhEd+k=
Subject key identifier: 5C:81:3A:A5:2A:F9:49:EF:DD:74:9F:AC:6C:5D:0B:1E:F5:16:44:DA
Certificate issuer: /CN=c23642d1ab39d309ec5f33e4e8814adc3584825f
Certificate serial: 0199C839D86FDFB8B5C83E9A6D2E355376C8
Authority key identifier: C2:36:42:D1:AB:39:D3:09:EC:5F:33:E4:E8:81:4A:DC:35:84:82:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjZC0as50wnsXzPk6IFK3DWEgl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/XIE6pSr5Se_ddJ-sbF0LHvUWRNo.roa
Signing time: Thu 09 Oct 2025 09:07:37 +0000
ROA not before: Thu 09 Oct 2025 09:07:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39368
IP address blocks: 185.211.56.0/24 maxlen: 24
185.211.57.0/24 maxlen: 24
185.211.58.0/24 maxlen: 24
185.211.59.0/24 maxlen: 24
193.58.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/wjZC0as50wnsXzPk6IFK3DWEgl8.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/wjZC0as50wnsXzPk6IFK3DWEgl8.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjZC0as50wnsXzPk6IFK3DWEgl8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c8:39:d8:6f:df:b8:b5:c8:3e:9a:6d:2e:35:53:76:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c23642d1ab39d309ec5f33e4e8814adc3584825f
Validity
Not Before: Oct 9 09:07:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c813aa52af949efdd749fac6c5d0b1ef51644da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:47:f2:f9:a2:fe:6a:1b:17:04:a4:de:a7:10:
11:f7:36:5d:63:6a:68:39:b1:b3:3f:6e:d4:66:12:
ab:5d:3f:c8:46:9c:7f:40:7a:1c:98:7e:65:bc:b4:
99:10:03:ed:a7:67:1a:eb:98:4d:48:65:2a:d4:1a:
a1:1c:46:4f:eb:bf:97:6b:b2:c0:6d:aa:8e:21:47:
f7:b2:cb:8b:01:74:f7:fc:e6:8a:50:b3:41:47:94:
99:b1:af:8f:2a:f0:8c:12:61:1e:6c:d9:95:c1:c3:
93:b4:f8:0d:b1:38:cc:ee:12:7f:7e:98:26:40:79:
b6:5d:68:8d:62:dd:ec:f5:bf:77:86:dd:ff:7f:1e:
20:54:a9:de:90:86:f3:4a:9e:09:6b:06:fa:e3:80:
32:40:a9:2c:f2:fa:95:38:e2:75:70:7e:e6:1a:3b:
d2:36:82:d7:1d:e7:93:3a:97:8f:cd:5c:36:c2:cd:
74:86:4e:9e:60:c7:17:0f:12:fd:a4:e1:b0:7e:7b:
f4:c0:b0:a7:db:a2:fc:8b:2e:d0:2c:2b:1d:19:9b:
2d:a5:b0:ed:88:b3:d4:60:6f:57:39:f4:7a:14:46:
57:be:b7:ae:86:40:10:2d:85:7a:3a:49:63:10:b4:
02:d0:e9:f5:64:20:9c:1d:0b:7e:81:19:a8:8c:21:
ae:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:81:3A:A5:2A:F9:49:EF:DD:74:9F:AC:6C:5D:0B:1E:F5:16:44:DA
X509v3 Authority Key Identifier:
keyid:C2:36:42:D1:AB:39:D3:09:EC:5F:33:E4:E8:81:4A:DC:35:84:82:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjZC0as50wnsXzPk6IFK3DWEgl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/XIE6pSr5Se_ddJ-sbF0LHvUWRNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/wjZC0as50wnsXzPk6IFK3DWEgl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.56.0/22
193.58.119.0/24
Signature Algorithm: sha256WithRSAEncryption
00:cd:ab:e9:3a:95:80:d7:c1:6c:ec:16:54:f9:0c:75:30:c1:
91:34:38:53:34:d3:33:80:cc:31:7d:e0:58:0d:81:71:b8:e9:
25:cc:08:87:72:13:35:c8:4e:b9:63:8c:4b:30:7a:ed:60:f1:
10:d1:1d:73:f4:4d:26:b8:e1:0c:b7:1e:68:38:ae:42:d4:7a:
20:08:6d:02:56:a3:30:6f:61:0f:67:33:9b:7a:4b:10:72:f5:
b5:90:db:c1:72:7a:c9:89:1c:49:c9:58:21:a2:cd:b0:5a:cf:
31:1c:a6:4d:8f:b1:70:48:2e:0a:98:2f:61:24:74:b1:60:35:
d8:a4:5d:b4:08:fc:6f:6e:1f:03:8b:88:52:8d:cb:d9:59:63:
e5:01:d4:09:11:cb:6e:62:af:f7:09:53:1e:88:f0:2c:5d:39:
95:66:2e:4f:c6:2b:92:6a:dd:94:d5:7c:2a:e4:6c:f9:65:91:
2e:e7:83:1e:fc:8c:a0:d1:2d:fe:a5:69:24:47:57:59:c7:13:
6d:b8:1c:dc:0e:06:56:6a:3a:35:3a:b0:84:f0:4e:5b:ed:6f:
58:ff:04:d1:3b:c8:df:80:ac:ae:b6:3f:77:1f:90:ee:fc:be:
66:6d:8a:a5:80:db:6a:f2:1a:dd:65:21:38:93:ba:e1:66:d7:
00:64:e0:de
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZnIOdhv37i1yD6abS41U3bIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMzY0MmQxYWIzOWQzMDllYzVmMzNlNGU4ODE0YWRjMzU4
NDgyNWYwHhcNMjUxMDA5MDkwNzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzgxM2FhNTJhZjk0OWVmZGQ3NDlmYWM2YzVkMGIxZWY1MTY0NGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEfy+aL+ahsXBKTepxAR9zZdY2po
ObGzP27UZhKrXT/IRpx/QHocmH5lvLSZEAPtp2ca65hNSGUq1BqhHEZP67+Xa7LA
baqOIUf3ssuLAXT3/OaKULNBR5SZsa+PKvCMEmEebNmVwcOTtPgNsTjM7hJ/fpgm
QHm2XWiNYt3s9b93ht3/fx4gVKnekIbzSp4Jawb644AyQKks8vqVOOJ1cH7mGjvS
NoLXHeeTOpePzVw2ws10hk6eYMcXDxL9pOGwfnv0wLCn26L8iy7QLCsdGZstpbDt
iLPUYG9XOfR6FEZXvreuhkAQLYV6OkljELQC0On1ZCCcHQt+gRmojCGuAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFyBOqUq+Unv3XSfrGxdCx71FkTaMB8GA1UdIwQY
MBaAFMI2QtGrOdMJ7F8z5OiBStw1hIJfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2paQzBhczUwd25zWHpQazZJRkszRFdFZ2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9lNDE2OTgtZTdhYy00MThjLWI5MWQt
MjI2Nzk2OGI2NTJmLzEvWElFNnBTcjVTZV9kZEotc2JGMExIdlVXUk5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9lNDE2OTgtZTdhYy00MThjLWI5MWQtMjI2Nzk2OGI2NTJm
LzEvd2paQzBhczUwd25zWHpQazZJRkszRFdFZ2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCudM4AwQA
wTp3MA0GCSqGSIb3DQEBCwUAA4IBAQAAzavpOpWA18Fs7BZU+Qx1MMGRNDhTNNMz
gMwxfeBYDYFxuOklzAiHchM1yE65Y4xLMHrtYPEQ0R1z9E0muOEMtx5oOK5C1Hog
CG0CVqMwb2EPZzObeksQcvW1kNvBcnrJiRxJyVghos2wWs8xHKZNj7FwSC4KmC9h
JHSxYDXYpF20CPxvbh8Di4hSjcvZWWPlAdQJEctuYq/3CVMeiPAsXTmVZi5PxiuS
at2U1Xwq5Gz5ZZEu54Me/Iyg0S3+pWkkR1dZxxNtuBzcDgZWajo1OrCE8E5b7W9Y
/wTRO8jfgKyutj93H5Du/L5mbYqlgNtq8hrdZSE4k7rhZtcAZODe
-----END CERTIFICATE-----
Generated at Mon Oct 20 00:04:47 2025 by rpki-client