Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/X0YGyVP66ZGqkiDVT4gjqfkDpbw.roa
File: X0YGyVP66ZGqkiDVT4gjqfkDpbw.roa (raw, json)
Hash identifier: 6i5H9KoMGNY5mA0wdWKUYrifDwq1Buv6W9ygAz3wN8s=
Subject key identifier: 5F:46:06:C9:53:FA:E9:91:AA:92:20:D5:4F:88:23:A9:F9:03:A5:BC
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 019925468A93483FAD5FEF7989A19E8A65F3
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/X0YGyVP66ZGqkiDVT4gjqfkDpbw.roa
Signing time: Sun 07 Sep 2025 17:43:24 +0000
ROA not before: Sun 07 Sep 2025 17:43:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41457
IP address blocks: 89.36.33.0/24 maxlen: 24
95.175.150.0/24 maxlen: 24
185.79.19.0/24 maxlen: 24
192.40.69.0/24 maxlen: 24
2a14:6780::/32 maxlen: 32
2a14:6780:2::/48 maxlen: 48
2a14:6780:3::/48 maxlen: 48
2a14:6780:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:25:46:8a:93:48:3f:ad:5f:ef:79:89:a1:9e:8a:65:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Sep 7 17:43:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f4606c953fae991aa9220d54f8823a9f903a5bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:87:70:69:e0:2c:97:13:72:71:85:21:65:76:
e5:eb:aa:3b:26:9e:d1:7b:37:49:5e:08:31:86:ab:
ad:07:0c:d4:65:29:9b:2e:42:20:b9:4d:52:9d:c5:
05:83:03:be:e2:b0:f3:e6:cc:45:f5:58:bc:a9:ee:
b4:78:f1:98:bf:6d:6f:be:83:90:5a:be:9d:f5:cc:
43:74:d1:af:be:c8:de:63:b7:9b:c7:18:12:97:b2:
cf:8a:55:f6:67:f3:0f:26:ef:39:17:63:ff:1e:19:
d0:f9:65:40:fa:de:9f:fa:0c:24:d7:2b:1f:81:ee:
39:a2:a7:36:85:d7:10:b7:6e:87:b7:e5:74:60:ee:
01:82:94:f3:5b:fb:b0:e9:14:d4:fe:b5:46:d9:f4:
4f:56:0e:56:6c:15:ad:34:b9:6b:f4:90:26:c5:98:
c7:4e:ba:24:7a:ef:10:e5:b7:ab:c4:97:6e:43:a0:
0c:8b:76:41:8d:9c:02:ae:2f:f9:90:eb:a9:69:a9:
97:4e:98:75:3b:8e:47:96:43:d5:44:ad:f3:80:18:
6e:1b:d2:79:ed:40:e4:65:44:a3:46:dc:de:37:21:
c2:44:fb:67:4c:b5:85:95:40:73:18:0f:66:d0:03:
88:47:44:36:b6:00:c0:e1:e5:e2:20:37:3b:18:58:
97:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:46:06:C9:53:FA:E9:91:AA:92:20:D5:4F:88:23:A9:F9:03:A5:BC
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/X0YGyVP66ZGqkiDVT4gjqfkDpbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.33.0/24
95.175.150.0/24
185.79.19.0/24
192.40.69.0/24
IPv6:
2a14:6780::/32
Signature Algorithm: sha256WithRSAEncryption
80:69:07:18:2c:82:a9:51:90:bd:bb:7b:1f:6d:fb:da:d7:06:
20:c6:52:01:09:b3:c2:c3:07:bd:be:9e:9f:32:e4:2c:a6:f6:
09:1e:64:1f:66:0c:7f:6f:d0:a5:f5:5d:11:fb:9c:a4:aa:b7:
55:f3:c9:a8:02:a0:05:bb:a5:bf:5f:f1:3f:89:44:4b:27:3f:
64:55:37:f7:90:03:94:dd:55:fc:ce:30:c2:d3:48:4d:b3:e1:
0a:af:05:f6:58:e1:04:47:5c:7f:9c:2c:7e:9c:79:2c:a2:87:
7e:a1:31:1e:08:aa:17:87:c4:8d:16:87:9f:84:d9:e2:be:6a:
5d:07:18:22:7b:be:67:66:76:3e:3a:da:b7:4c:dd:8a:9b:d8:
98:ac:28:7b:03:6d:56:eb:2a:ad:e9:f3:86:51:e8:2a:b0:6b:
fe:67:6f:52:61:84:a1:73:ff:e4:e3:1f:5d:d8:c9:93:82:20:
c2:d7:f7:56:b2:bf:57:22:0d:98:bf:0a:02:e8:92:2e:18:25:
84:fd:4b:3b:68:9b:4e:5d:f0:0b:19:75:fc:d8:4e:f0:8b:13:
0e:70:85:9e:52:07:8b:9c:4e:08:4d:3a:ce:fb:2f:7d:65:16:
e3:ae:c3:2b:bb:42:17:6f:9b:3f:f8:99:21:e8:6c:92:26:33:
85:4b:7a:5e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZklRoqTSD+tX+95iaGeimXzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjUwOTA3MTc0MzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjQ2MDZjOTUzZmFlOTkxYWE5MjIwZDU0Zjg4MjNhOWY5MDNhNWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIdwaeAslxNycYUhZXbl66o7Jp7R
ezdJXggxhqutBwzUZSmbLkIguU1SncUFgwO+4rDz5sxF9Vi8qe60ePGYv21vvoOQ
Wr6d9cxDdNGvvsjeY7ebxxgSl7LPilX2Z/MPJu85F2P/HhnQ+WVA+t6f+gwk1ysf
ge45oqc2hdcQt26Ht+V0YO4BgpTzW/uw6RTU/rVG2fRPVg5WbBWtNLlr9JAmxZjH
Trokeu8Q5berxJduQ6AMi3ZBjZwCri/5kOupaamXTph1O45HlkPVRK3zgBhuG9J5
7UDkZUSjRtzeNyHCRPtnTLWFlUBzGA9m0AOIR0Q2tgDA4eXiIDc7GFiXSQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFF9GBslT+umRqpIg1U+II6n5A6W8MB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvWDBZR3lWUDY2Wkdxa2lEVlQ0Z2pxZmtEcGJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAWSQhAwQA
X6+WAwQAuU8TAwQAwChFMA0EAgACMAcDBQAqFGeAMA0GCSqGSIb3DQEBCwUAA4IB
AQCAaQcYLIKpUZC9u3sfbfva1wYgxlIBCbPCwwe9vp6fMuQspvYJHmQfZgx/b9Cl
9V0R+5ykqrdV88moAqAFu6W/X/E/iURLJz9kVTf3kAOU3VX8zjDC00hNs+EKrwX2
WOEER1x/nCx+nHksood+oTEeCKoXh8SNFoefhNnivmpdBxgie75nZnY+Otq3TN2K
m9iYrCh7A21W6yqt6fOGUegqsGv+Z29SYYShc//k4x9d2MmTgiDC1/dWsr9XIg2Y
vwoC6JIuGCWE/Us7aJtOXfALGXX82E7wixMOcIWeUgeLnE4ITTrO+y99ZRbjrsMr
u0IXb5s/+Jkh6GySJjOFS3pe
-----END CERTIFICATE-----
Generated at Mon Oct 20 20:48:56 2025 by rpki-client