
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/6c7b22-b65f-4f37-a40e-a9917cc15e0a/1/xV8gMpC2ZlpVgs9mctOG60i8N9M.roa
File: xV8gMpC2ZlpVgs9mctOG60i8N9M.roa (raw, json)
Hash identifier: 4+rPE2A2/Gm76JYESuCkyPm8V8bnBXJ1IGMnwsuV4qk=
Subject key identifier: C5:5F:20:32:90:B6:66:5A:55:82:CF:66:72:D3:86:EB:48:BC:37:D3
Certificate issuer: /CN=6efa8c0fe62ec54accbde35c60bd8ad4b9014ff7
Certificate serial: 01991C0D65478B9265C17F52A45346582206
Authority key identifier: 6E:FA:8C:0F:E6:2E:C5:4A:CC:BD:E3:5C:60:BD:8A:D4:B9:01:4F:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bvqMD-YuxUrMveNcYL2K1LkBT_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/6c7b22-b65f-4f37-a40e-a9917cc15e0a/1/xV8gMpC2ZlpVgs9mctOG60i8N9M.roa
Signing time: Fri 05 Sep 2025 22:44:23 +0000
ROA not before: Fri 05 Sep 2025 22:44:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 134521
IP address blocks: 2a05:e580:f900::/40 maxlen: 40
2a05:e580:fa00::/40 maxlen: 40
2a05:e580:fb00::/40 maxlen: 40
2a05:e580:fc00::/40 maxlen: 40
2a05:e580:fd00::/40 maxlen: 40
2a05:e580:fe00::/40 maxlen: 40
2a05:e580:ff00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/6c7b22-b65f-4f37-a40e-a9917cc15e0a/1/bvqMD-YuxUrMveNcYL2K1LkBT_c.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/6c7b22-b65f-4f37-a40e-a9917cc15e0a/1/bvqMD-YuxUrMveNcYL2K1LkBT_c.mft
rsync://rpki.ripe.net/repository/DEFAULT/bvqMD-YuxUrMveNcYL2K1LkBT_c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:1c:0d:65:47:8b:92:65:c1:7f:52:a4:53:46:58:22:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6efa8c0fe62ec54accbde35c60bd8ad4b9014ff7
Validity
Not Before: Sep 5 22:44:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c55f203290b6665a5582cf6672d386eb48bc37d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:5e:8d:72:6e:75:75:4f:50:9e:00:da:df:c2:
c7:93:16:45:6a:5c:44:ea:bc:dc:d5:e1:fc:05:b1:
49:d5:25:35:f5:ce:eb:37:7b:24:5e:fa:38:ca:40:
aa:e9:96:89:cb:0a:55:26:b6:78:33:26:5e:64:7e:
74:f3:48:08:b5:5c:54:e6:ce:a2:23:de:d0:26:6b:
c2:79:1a:c4:30:ee:4f:f2:53:e6:db:50:53:e8:5a:
24:ca:a4:79:36:52:e2:60:20:3c:19:4a:a1:cb:e1:
66:3e:ef:11:66:67:08:6f:53:bc:79:ac:a7:bc:db:
cb:c1:51:ad:e8:15:ff:b9:81:92:2f:97:f3:51:0f:
e2:46:1e:d2:20:b7:12:93:9b:05:49:a8:d8:d1:eb:
60:14:2d:1a:5f:48:3c:bd:d9:00:3b:d9:e9:97:c3:
75:8b:4a:45:ea:5c:e7:44:d8:9b:4b:e7:69:fa:de:
48:35:6d:98:bc:0a:68:32:c4:ef:65:8c:65:a4:67:
7e:0b:f3:92:55:10:07:66:71:b9:e0:42:3d:f5:f6:
bf:67:fd:de:45:c0:64:16:ee:30:dd:40:23:5d:4d:
9c:eb:e0:6c:2a:4d:fc:bf:b6:a1:a8:4b:4d:82:f1:
29:3a:f1:76:42:46:1a:f8:36:1e:61:f4:f6:8d:c9:
df:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:5F:20:32:90:B6:66:5A:55:82:CF:66:72:D3:86:EB:48:BC:37:D3
X509v3 Authority Key Identifier:
keyid:6E:FA:8C:0F:E6:2E:C5:4A:CC:BD:E3:5C:60:BD:8A:D4:B9:01:4F:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bvqMD-YuxUrMveNcYL2K1LkBT_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/6c7b22-b65f-4f37-a40e-a9917cc15e0a/1/xV8gMpC2ZlpVgs9mctOG60i8N9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/6c7b22-b65f-4f37-a40e-a9917cc15e0a/1/bvqMD-YuxUrMveNcYL2K1LkBT_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:e580:f900::-2a05:e580:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
92:a6:ee:a4:a4:d7:03:3d:82:09:88:ce:c0:46:7e:45:2d:7b:
28:e6:90:e8:92:22:f7:96:09:b5:8b:bc:b0:ff:05:ce:d2:d4:
2d:a4:59:8e:b4:4e:05:af:f3:3c:b2:c8:11:a4:f6:91:59:e7:
d2:83:76:25:c6:9b:59:48:6a:45:e9:39:ce:b9:73:fb:d6:ce:
e6:30:bc:2e:b5:1d:20:26:1b:65:eb:24:33:82:89:09:b6:6b:
e6:5a:89:4d:ea:dc:59:a8:81:b4:64:55:82:67:2d:79:8e:b4:
c7:e6:a5:6d:ce:aa:44:b5:12:ea:bb:c2:4f:7c:56:59:e0:84:
d1:ca:72:76:0f:4a:13:f0:ab:b0:df:47:a2:b1:68:68:e8:a7:
e2:8f:85:81:17:de:21:0e:dd:92:59:f7:6b:75:76:07:cc:31:
4c:ec:5e:f5:45:ec:bf:f5:82:02:f3:5b:5d:0a:ef:66:f9:d3:
ac:b9:f4:7d:8b:27:a5:8c:57:1d:ab:89:da:3e:46:e3:52:0c:
60:4e:59:ee:b8:6b:ce:fc:94:f2:a8:69:19:8c:ec:78:c8:33:
57:4f:22:ba:ef:b5:5a:c2:e8:6c:a0:d1:f4:39:87:fa:af:29:
9e:61:52:8f:95:5e:a0:66:3c:db:1c:b3:4e:94:7f:a8:bb:d6:
7e:e2:5f:1c
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZkcDWVHi5JlwX9SpFNGWCIGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlZmE4YzBmZTYyZWM1NGFjY2JkZTM1YzYwYmQ4YWQ0Yjkw
MTRmZjcwHhcNMjUwOTA1MjI0NDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTVmMjAzMjkwYjY2NjVhNTU4MmNmNjY3MmQzODZlYjQ4YmMzN2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0V6Ncm51dU9QngDa38LHkxZFalxE
6rzc1eH8BbFJ1SU19c7rN3skXvo4ykCq6ZaJywpVJrZ4MyZeZH5080gItVxU5s6i
I97QJmvCeRrEMO5P8lPm21BT6FokyqR5NlLiYCA8GUqhy+FmPu8RZmcIb1O8eayn
vNvLwVGt6BX/uYGSL5fzUQ/iRh7SILcSk5sFSajY0etgFC0aX0g8vdkAO9npl8N1
i0pF6lznRNibS+dp+t5INW2YvApoMsTvZYxlpGd+C/OSVRAHZnG54EI99fa/Z/3e
RcBkFu4w3UAjXU2c6+BsKk38v7ahqEtNgvEpOvF2QkYa+DYeYfT2jcnf2QIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFMVfIDKQtmZaVYLPZnLThutIvDfTMB8GA1UdIwQY
MBaAFG76jA/mLsVKzL3jXGC9itS5AU/3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnZxTUQtWXV4VXJNdmVOY1lMMksxTGtCVF9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi82YzdiMjItYjY1Zi00ZjM3LWE0MGUt
YTk5MTdjYzE1ZTBhLzEveFY4Z01wQzJabHBWZ3M5bWN0T0c2MGk4TjlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi82YzdiMjItYjY1Zi00ZjM3LWE0MGUtYTk5MTdjYzE1ZTBh
LzEvYnZxTUQtWXV4VXJNdmVOY1lMMksxTGtCVF9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARMA8DBgAqBeWA
+QMFACoF5YAwDQYJKoZIhvcNAQELBQADggEBAJKm7qSk1wM9ggmIzsBGfkUteyjm
kOiSIveWCbWLvLD/Bc7S1C2kWY60TgWv8zyyyBGk9pFZ59KDdiXGm1lIakXpOc65
c/vWzuYwvC61HSAmG2XrJDOCiQm2a+ZaiU3q3FmogbRkVYJnLXmOtMfmpW3OqkS1
Euq7wk98VlnghNHKcnYPShPwq7DfR6KxaGjop+KPhYEX3iEO3ZJZ92t1dgfMMUzs
XvVF7L/1ggLzW10K72b506y59H2LJ6WMVx2rido+RuNSDGBOWe64a878lPKoaRmM
7HjIM1dPIrrvtVrC6Gyg0fQ5h/qvKZ5hUo+VXqBmPNscs06Uf6i71n7iXxw=
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:22:50 2025 by rpki-client