Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/xE9IyAhq0aHlL6_ym_xgvZ2_5uk.roa
File: xE9IyAhq0aHlL6_ym_xgvZ2_5uk.roa (raw, json)
Hash identifier: 1YgjglAtdi0WFBDpDXQ7veTTeatE49sPF4fCDK08QO0=
Subject key identifier: C4:4F:48:C8:08:6A:D1:A1:E5:2F:AF:F2:9B:FC:60:BD:9D:BF:E6:E9
Certificate issuer: /CN=69a4d6916b93159aa80984a9b3774683bb550ebd
Certificate serial: 0198D23E7141EEA74EF0B7D2B38F1C3B4D20
Authority key identifier: 69:A4:D6:91:6B:93:15:9A:A8:09:84:A9:B3:77:46:83:BB:55:0E:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aaTWkWuTFZqoCYSps3dGg7tVDr0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/xE9IyAhq0aHlL6_ym_xgvZ2_5uk.roa
Signing time: Fri 22 Aug 2025 14:46:04 +0000
ROA not before: Fri 22 Aug 2025 14:46:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41535
IP address blocks: 62.113.80.0/22 maxlen: 22
62.213.86.0/24 maxlen: 24
77.221.130.0/24 maxlen: 24
89.253.192.0/21 maxlen: 21
89.253.200.0/21 maxlen: 21
89.253.202.0/24 maxlen: 24
89.253.203.0/24 maxlen: 24
89.253.208.0/21 maxlen: 21
89.253.216.0/21 maxlen: 21
89.253.224.0/21 maxlen: 21
89.253.232.0/21 maxlen: 21
89.253.240.0/21 maxlen: 21
89.253.248.0/21 maxlen: 21
109.120.162.0/24 maxlen: 24
109.120.167.0/24 maxlen: 24
109.120.172.0/24 maxlen: 24
185.48.236.0/22 maxlen: 22
193.32.198.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/aaTWkWuTFZqoCYSps3dGg7tVDr0.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/aaTWkWuTFZqoCYSps3dGg7tVDr0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aaTWkWuTFZqoCYSps3dGg7tVDr0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 08:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d2:3e:71:41:ee:a7:4e:f0:b7:d2:b3:8f:1c:3b:4d:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69a4d6916b93159aa80984a9b3774683bb550ebd
Validity
Not Before: Aug 22 14:46:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c44f48c8086ad1a1e52faff29bfc60bd9dbfe6e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:70:72:81:5f:9d:94:93:37:23:9b:1d:bf:07:
0c:50:e4:97:02:f2:b7:f5:17:f7:bd:86:54:d3:55:
de:e6:62:e4:ff:a0:62:79:ab:7b:6a:c1:aa:f3:71:
c0:75:79:68:e5:5e:63:34:e1:d7:5e:14:cd:2f:da:
97:96:57:91:4c:39:12:bb:f2:65:d6:f1:88:d2:7a:
26:fe:ca:22:81:fa:80:0b:67:e3:6f:c2:ec:da:ee:
33:56:7f:cd:ef:9a:ca:f4:d7:0b:21:c1:ae:82:c1:
37:08:9f:5e:2c:e6:14:29:0e:53:a9:51:ea:40:d9:
b2:f9:4d:a1:9e:72:cb:31:7d:4c:9b:ac:1e:f7:95:
30:d6:47:d7:2d:e3:e9:9a:bd:54:f2:32:0d:11:07:
ae:91:f0:ae:3e:a9:62:5e:55:0c:bb:60:00:0b:2e:
8b:93:a1:80:2c:4f:12:5a:55:c6:86:dd:46:2f:20:
0e:81:dc:ce:d3:ef:20:c1:7a:34:5e:30:49:87:30:
9d:f3:08:ea:d0:1f:8d:f7:17:eb:50:dc:17:9a:86:
1a:1c:3d:13:e6:92:12:1a:14:e5:06:f5:3b:63:52:
f3:8d:19:65:6a:23:ec:e9:b3:64:22:97:a1:f4:62:
64:6a:55:32:4b:b9:53:ae:83:3d:9f:98:b2:cb:d7:
43:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:4F:48:C8:08:6A:D1:A1:E5:2F:AF:F2:9B:FC:60:BD:9D:BF:E6:E9
X509v3 Authority Key Identifier:
keyid:69:A4:D6:91:6B:93:15:9A:A8:09:84:A9:B3:77:46:83:BB:55:0E:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaTWkWuTFZqoCYSps3dGg7tVDr0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/xE9IyAhq0aHlL6_ym_xgvZ2_5uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/aaTWkWuTFZqoCYSps3dGg7tVDr0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.113.80.0/22
62.213.86.0/24
77.221.130.0/24
89.253.192.0/18
109.120.162.0/24
109.120.167.0/24
109.120.172.0/24
185.48.236.0/22
193.32.198.0/23
Signature Algorithm: sha256WithRSAEncryption
51:43:b1:de:21:ef:f0:29:2e:86:61:3b:8b:d7:4a:88:0f:48:
77:94:98:d8:32:cb:b3:01:ea:57:c1:28:d7:e7:fe:7f:b9:0e:
37:9d:99:92:6f:1c:73:a7:55:d8:7a:a6:cf:55:d8:fd:c5:c2:
1f:38:89:3f:a9:4e:a8:b4:2e:19:69:8e:71:22:6d:17:bd:7a:
22:38:c2:fe:40:95:a2:66:70:bb:4f:bf:4c:fb:8b:92:bf:8f:
a6:d3:3f:52:35:9d:d6:b6:7b:3f:e5:ff:db:e5:9e:4a:5f:ec:
1d:75:03:ad:6c:c3:a7:f9:47:b1:6d:24:01:da:83:84:e0:81:
d4:ef:e8:8a:30:10:db:64:61:65:c3:5b:d5:f5:e3:3e:57:37:
2e:d4:87:37:cb:e9:ce:36:47:1a:11:d9:3b:d5:aa:f7:56:d2:
23:a6:1c:32:ea:0c:1f:23:10:db:d4:77:71:40:3a:4a:61:04:
1c:07:37:f2:d5:c0:c9:8d:f8:c9:b9:a7:8f:e0:a1:36:8d:54:
22:0b:a2:a8:d9:ba:99:0c:9d:fc:b7:db:0a:ea:7a:89:f8:a1:
21:e9:22:f6:5e:0f:2c:31:db:cf:4a:fc:4c:d5:e1:d9:e8:d2:
3e:db:98:ff:76:88:5f:2f:d7:64:68:7d:23:1b:0d:83:82:d2:
76:68:4d:d2
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZjSPnFB7qdO8LfSs48cO00gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTRkNjkxNmI5MzE1OWFhODA5ODRhOWIzNzc0NjgzYmI1
NTBlYmQwHhcNMjUwODIyMTQ0NjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDRmNDhjODA4NmFkMWExZTUyZmFmZjI5YmZjNjBiZDlkYmZlNmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXBygV+dlJM3I5sdvwcMUOSXAvK3
9Rf3vYZU01Xe5mLk/6Bieat7asGq83HAdXlo5V5jNOHXXhTNL9qXlleRTDkSu/Jl
1vGI0nom/soigfqAC2fjb8Ls2u4zVn/N75rK9NcLIcGugsE3CJ9eLOYUKQ5TqVHq
QNmy+U2hnnLLMX1Mm6we95Uw1kfXLePpmr1U8jINEQeukfCuPqliXlUMu2AACy6L
k6GALE8SWlXGht1GLyAOgdzO0+8gwXo0XjBJhzCd8wjq0B+N9xfrUNwXmoYaHD0T
5pISGhTlBvU7Y1LzjRllaiPs6bNkIpeh9GJkalUyS7lTroM9n5iyy9dDBQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMRPSMgIatGh5S+v8pv8YL2dv+bpMB8GA1UdIwQY
MBaAFGmk1pFrkxWaqAmEqbN3RoO7VQ69MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFUV2tXdVRGWnFvQ1lTcHMzZEdnN3RWRHIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9jMDMxZTUtZmM2Ny00MWY1LThlYmUt
MzE5NzExMDA5N2M5LzEveEU5SXlBaHEwYUhsTDZfeW1feGd2WjJfNXVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9jMDMxZTUtZmM2Ny00MWY1LThlYmUtMzE5NzExMDA5N2M5
LzEvYWFUV2tXdVRGWnFvQ1lTcHMzZEdnN3RWRHIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCPnFQAwQA
PtVWAwQATd2CAwQGWf3AAwQAbXiiAwQAbXinAwQAbXisAwQCuTDsAwQBwSDGMA0G
CSqGSIb3DQEBCwUAA4IBAQBRQ7HeIe/wKS6GYTuL10qID0h3lJjYMsuzAepXwSjX
5/5/uQ43nZmSbxxzp1XYeqbPVdj9xcIfOIk/qU6otC4ZaY5xIm0XvXoiOML+QJWi
ZnC7T79M+4uSv4+m0z9SNZ3Wtns/5f/b5Z5KX+wddQOtbMOn+UexbSQB2oOE4IHU
7+iKMBDbZGFlw1vV9eM+Vzcu1Ic3y+nONkcaEdk71ar3VtIjphwy6gwfIxDb1Hdx
QDpKYQQcBzfy1cDJjfjJuaeP4KE2jVQiC6Ko2bqZDJ38t9sK6nqJ+KEh6SL2Xg8s
MdvPSvxM1eHZ6NI+25j/dohfL9dkaH0jGw2DgtJ2aE3S
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:39:48 2025 by rpki-client