Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/0be7f2-638d-4f45-b697-3b318e47276d/1/XPrFj5zrogqrQA0ZGMw9Cj_3tIM.roa
File: XPrFj5zrogqrQA0ZGMw9Cj_3tIM.roa (raw, json)
Hash identifier: y5bDj30kHbVlnej3Qo9ZyWbBqUGtip3DeFT5c1pzf8I=
Subject key identifier: 5C:FA:C5:8F:9C:EB:A2:0A:AB:40:0D:19:18:CC:3D:0A:3F:F7:B4:83
Certificate issuer: /CN=864106540f30a9dcdf8ef9be72ffef8bd8a72e5c
Certificate serial: 0198EB59599753085C8B31DCA2249B92AFAB
Authority key identifier: 86:41:06:54:0F:30:A9:DC:DF:8E:F9:BE:72:FF:EF:8B:D8:A7:2E:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkEGVA8wqdzfjvm-cv_vi9inLlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/0be7f2-638d-4f45-b697-3b318e47276d/1/XPrFj5zrogqrQA0ZGMw9Cj_3tIM.roa
Signing time: Wed 27 Aug 2025 11:45:58 +0000
ROA not before: Wed 27 Aug 2025 11:45:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42061
IP address blocks: 195.8.212.0/23 maxlen: 23
2001:67c:1d0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/0be7f2-638d-4f45-b697-3b318e47276d/1/hkEGVA8wqdzfjvm-cv_vi9inLlw.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/0be7f2-638d-4f45-b697-3b318e47276d/1/hkEGVA8wqdzfjvm-cv_vi9inLlw.mft
rsync://rpki.ripe.net/repository/DEFAULT/hkEGVA8wqdzfjvm-cv_vi9inLlw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:eb:59:59:97:53:08:5c:8b:31:dc:a2:24:9b:92:af:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=864106540f30a9dcdf8ef9be72ffef8bd8a72e5c
Validity
Not Before: Aug 27 11:45:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5cfac58f9ceba20aab400d1918cc3d0a3ff7b483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:30:42:2f:08:be:34:c8:99:00:2f:ed:3b:06:
54:39:21:1b:be:a7:8f:75:cd:d9:28:8f:e8:29:26:
8a:a8:15:2b:5d:48:e2:c1:5d:cf:3d:4b:6b:b2:3c:
58:f6:e8:27:50:8c:0f:18:f0:d2:0c:10:84:9c:ec:
1b:17:98:c6:6f:31:62:df:5b:70:e7:e1:3f:b2:aa:
0f:67:03:75:cd:c6:8e:c8:d8:98:57:7a:12:7b:4f:
62:17:71:6f:27:72:10:8f:19:77:ef:23:7c:a1:00:
20:5e:72:15:f1:59:c8:0d:02:29:02:c6:2f:61:27:
82:dc:b8:d6:1f:f8:30:e6:d5:20:90:f3:e4:71:7e:
e7:55:64:25:de:b0:fe:1d:95:fc:fa:c1:47:e3:03:
56:6b:95:7a:63:e6:b0:66:0d:8c:5a:c2:ca:53:a1:
7b:04:17:b8:64:ad:1f:d0:86:12:f2:c7:e4:71:07:
50:40:9c:60:bc:60:8e:8b:81:4a:e6:99:20:e3:68:
58:04:8d:d0:e1:30:45:dd:a1:9f:50:f6:00:89:bc:
84:60:1d:ac:6d:ea:ec:44:66:89:b6:18:69:9c:68:
53:09:6c:02:bf:97:20:25:7d:77:5d:3b:ec:44:8f:
67:8d:c8:62:e4:ae:87:57:7b:b1:41:0c:4b:56:9c:
19:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:FA:C5:8F:9C:EB:A2:0A:AB:40:0D:19:18:CC:3D:0A:3F:F7:B4:83
X509v3 Authority Key Identifier:
keyid:86:41:06:54:0F:30:A9:DC:DF:8E:F9:BE:72:FF:EF:8B:D8:A7:2E:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkEGVA8wqdzfjvm-cv_vi9inLlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/0be7f2-638d-4f45-b697-3b318e47276d/1/XPrFj5zrogqrQA0ZGMw9Cj_3tIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/0be7f2-638d-4f45-b697-3b318e47276d/1/hkEGVA8wqdzfjvm-cv_vi9inLlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.8.212.0/23
IPv6:
2001:67c:1d0::/48
Signature Algorithm: sha256WithRSAEncryption
24:16:8b:95:a2:2c:f5:fd:35:ae:57:d9:b6:2e:98:d6:a0:a2:
b5:e6:ea:f4:4c:92:92:c0:64:e5:95:61:bc:c0:8a:15:f2:e9:
a2:b9:46:da:8b:3a:b9:34:33:5d:57:61:72:83:c0:83:fd:6a:
79:bf:1b:61:01:71:fb:f3:fc:0d:81:fd:a8:06:ff:6b:68:42:
55:3b:76:da:ee:cd:e3:0d:0e:5b:dc:0d:21:f8:45:b1:e9:6a:
e1:5a:6f:23:bc:61:7b:11:5d:c1:84:c1:ee:9b:a9:5f:78:88:
cb:a4:d0:36:35:00:85:66:fd:a1:7d:25:00:37:2a:c3:5e:81:
1b:60:0c:9f:e6:1e:f7:31:72:d9:5f:1a:7b:61:34:74:31:b0:
e5:10:18:3f:c7:15:10:d6:ad:55:52:b8:2c:67:4c:5b:6a:cf:
28:e4:7c:5d:9b:25:da:3c:2f:f1:87:7e:46:3e:95:66:6d:06:
48:bb:a1:f0:cb:71:b7:e3:5f:88:96:b8:87:0d:c7:b8:be:19:
5c:c6:84:be:cf:8e:06:02:d9:5c:fc:20:7e:eb:84:25:cd:28:
b4:44:fb:7c:e1:2b:46:31:e0:b6:dc:1e:98:95:2d:cf:1b:96:
87:10:d1:34:51:12:01:e6:2f:66:ca:ee:4e:b9:ad:47:bb:4f:
d7:6a:61:c6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZjrWVmXUwhcizHcoiSbkq+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDEwNjU0MGYzMGE5ZGNkZjhlZjliZTcyZmZlZjhiZDhh
NzJlNWMwHhcNMjUwODI3MTE0NTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2ZhYzU4ZjljZWJhMjBhYWI0MDBkMTkxOGNjM2QwYTNmZjdiNDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTBCLwi+NMiZAC/tOwZUOSEbvqeP
dc3ZKI/oKSaKqBUrXUjiwV3PPUtrsjxY9ugnUIwPGPDSDBCEnOwbF5jGbzFi31tw
5+E/sqoPZwN1zcaOyNiYV3oSe09iF3FvJ3IQjxl37yN8oQAgXnIV8VnIDQIpAsYv
YSeC3LjWH/gw5tUgkPPkcX7nVWQl3rD+HZX8+sFH4wNWa5V6Y+awZg2MWsLKU6F7
BBe4ZK0f0IYS8sfkcQdQQJxgvGCOi4FK5pkg42hYBI3Q4TBF3aGfUPYAibyEYB2s
bersRGaJthhpnGhTCWwCv5cgJX13XTvsRI9njchi5K6HV3uxQQxLVpwZVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFz6xY+c66IKq0ANGRjMPQo/97SDMB8GA1UdIwQY
MBaAFIZBBlQPMKnc3475vnL/74vYpy5cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtFR1ZBOHdxZHpmanZtLWN2X3ZpOWluTGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8wYmU3ZjItNjM4ZC00ZjQ1LWI2OTct
M2IzMThlNDcyNzZkLzEvWFByRmo1enJvZ3FyUUEwWkdNdzlDal8zdElNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8wYmU3ZjItNjM4ZC00ZjQ1LWI2OTctM2IzMThlNDcyNzZk
LzEvaGtFR1ZBOHdxZHpmanZtLWN2X3ZpOWluTGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwwjUMA8E
AgACMAkDBwAgAQZ8AdAwDQYJKoZIhvcNAQELBQADggEBACQWi5WiLPX9Na5X2bYu
mNagorXm6vRMkpLAZOWVYbzAihXy6aK5RtqLOrk0M11XYXKDwIP9anm/G2EBcfvz
/A2B/agG/2toQlU7dtruzeMNDlvcDSH4RbHpauFabyO8YXsRXcGEwe6bqV94iMuk
0DY1AIVm/aF9JQA3KsNegRtgDJ/mHvcxctlfGnthNHQxsOUQGD/HFRDWrVVSuCxn
TFtqzyjkfF2bJdo8L/GHfkY+lWZtBki7ofDLcbfjX4iWuIcNx7i+GVzGhL7PjgYC
2Vz8IH7rhCXNKLRE+3zhK0Yx4LbcHpiVLc8blocQ0TRREgHmL2bK7k65rUe7T9dq
YcY=
-----END CERTIFICATE-----
Generated at Mon Oct 20 00:04:46 2025 by rpki-client