Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/c5ee7d-e544-421a-af47-f6395860fc98/1/xfo8mbGixdxPwuOxfgy37itZ-zw.roa
File: xfo8mbGixdxPwuOxfgy37itZ-zw.roa (raw, json)
Hash identifier: 5hlO0kp7ybupPRVntdJPeq0yh6uYaub3TjIoPpRbwZ0=
Subject key identifier: C5:FA:3C:99:B1:A2:C5:DC:4F:C2:E3:B1:7E:0C:B7:EE:2B:59:FB:3C
Certificate issuer: /CN=6d579d1d5fa7fd2a445b5dd8ee8f2637b41f0d40
Certificate serial: 0198BDD3B1BD94DC0FB798A0218CD61B83E5
Authority key identifier: 6D:57:9D:1D:5F:A7:FD:2A:44:5B:5D:D8:EE:8F:26:37:B4:1F:0D:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bVedHV-n_SpEW13Y7o8mN7QfDUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/c5ee7d-e544-421a-af47-f6395860fc98/1/xfo8mbGixdxPwuOxfgy37itZ-zw.roa
Signing time: Mon 18 Aug 2025 15:37:04 +0000
ROA not before: Mon 18 Aug 2025 15:37:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49565
IP address blocks: 185.204.155.0/24 maxlen: 24
2a14:2180:1::/48 maxlen: 48
2a14:2180:2::/48 maxlen: 48
2a14:2180:3::/48 maxlen: 48
2a14:2180:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/c5ee7d-e544-421a-af47-f6395860fc98/1/bVedHV-n_SpEW13Y7o8mN7QfDUA.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/c5ee7d-e544-421a-af47-f6395860fc98/1/bVedHV-n_SpEW13Y7o8mN7QfDUA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bVedHV-n_SpEW13Y7o8mN7QfDUA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:bd:d3:b1:bd:94:dc:0f:b7:98:a0:21:8c:d6:1b:83:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d579d1d5fa7fd2a445b5dd8ee8f2637b41f0d40
Validity
Not Before: Aug 18 15:37:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5fa3c99b1a2c5dc4fc2e3b17e0cb7ee2b59fb3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:49:9b:e4:c4:2e:d5:f5:ba:3e:85:22:e6:1a:
2e:d6:06:10:4f:a7:03:30:be:b7:95:8d:a9:09:18:
5c:97:3d:e6:14:24:7a:3b:dd:f7:e9:b5:20:85:f0:
49:f7:a6:be:fc:b6:5f:f4:13:93:ff:31:99:06:a2:
12:ab:2b:9b:cc:fc:85:67:8d:16:42:3d:6d:cf:9a:
9c:6e:9e:ba:72:e1:6c:07:b0:2e:85:4b:ae:20:c1:
f3:78:36:69:b7:be:75:b2:f3:c7:46:84:26:ff:18:
f9:ad:30:19:f5:1c:cd:68:33:c8:04:04:16:a1:3e:
64:9b:2c:6d:a0:18:b4:5d:5e:e5:ed:b6:3f:3e:15:
99:c9:55:8f:3d:d1:a5:2c:17:28:98:5a:32:66:15:
f3:5f:e5:c4:68:a9:ee:c2:48:06:32:4e:27:5a:5d:
4f:6f:44:17:48:e2:c9:aa:fa:b4:38:44:08:9b:c7:
7c:d1:13:73:6a:55:d1:be:4c:e7:83:59:13:76:e0:
5d:10:0c:27:54:28:f6:d6:d9:44:56:f5:40:33:b3:
ba:77:1d:f5:aa:79:87:10:71:eb:9d:f6:c5:de:2a:
3d:35:41:8c:06:b9:12:d3:cd:16:f3:d9:6b:1a:d3:
c4:f5:f3:ae:2c:a9:76:0f:9e:57:e1:a3:b7:41:74:
14:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:FA:3C:99:B1:A2:C5:DC:4F:C2:E3:B1:7E:0C:B7:EE:2B:59:FB:3C
X509v3 Authority Key Identifier:
keyid:6D:57:9D:1D:5F:A7:FD:2A:44:5B:5D:D8:EE:8F:26:37:B4:1F:0D:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bVedHV-n_SpEW13Y7o8mN7QfDUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/c5ee7d-e544-421a-af47-f6395860fc98/1/xfo8mbGixdxPwuOxfgy37itZ-zw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/c5ee7d-e544-421a-af47-f6395860fc98/1/bVedHV-n_SpEW13Y7o8mN7QfDUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.155.0/24
IPv6:
2a14:2180:1::-2a14:2180:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
99:fc:d1:e2:f7:6b:fa:e4:c1:f2:70:9c:98:f5:66:f9:ab:96:
3f:79:cd:1c:b2:80:e8:38:c5:50:be:b5:0b:d7:1a:22:d2:b1:
31:16:c0:a9:98:63:d2:19:7c:78:28:46:b3:38:d9:3e:55:6d:
17:a7:57:82:82:c0:a5:83:a0:14:d0:e0:ac:88:ad:22:cd:70:
dc:f8:62:cd:48:8f:50:d5:5c:58:19:a9:e9:2d:0a:ba:e3:c1:
7e:83:08:57:0c:25:25:80:e5:53:9c:db:80:29:37:41:04:e6:
0d:1b:4f:b2:65:f0:96:61:75:78:e0:cc:6a:c6:72:e7:b4:27:
62:bf:dc:e8:b1:67:98:ad:80:c4:68:0b:d1:73:50:fd:57:b9:
97:2a:10:1f:07:a4:b4:d4:30:15:eb:9f:fb:ee:43:83:1e:c0:
25:dc:b5:2a:77:68:6c:65:cb:41:cd:06:d2:ce:ba:0c:b9:ae:
73:ff:95:e5:d4:6a:a3:80:2d:8c:27:4c:d0:ee:16:e8:87:0f:
c3:1c:09:3d:76:3c:d4:7c:ea:9a:b8:d2:23:16:e7:a5:7c:a4:
56:e6:84:26:3c:dc:00:f3:dc:9c:97:d5:b2:ea:d0:0c:26:c4:
5e:8b:9c:c9:9f:ee:b8:16:ea:30:c9:77:8f:ea:22:77:f6:ab:
28:11:dd:7a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZi907G9lNwPt5igIYzWG4PlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNTc5ZDFkNWZhN2ZkMmE0NDViNWRkOGVlOGYyNjM3YjQx
ZjBkNDAwHhcNMjUwODE4MTUzNzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWZhM2M5OWIxYTJjNWRjNGZjMmUzYjE3ZTBjYjdlZTJiNTlmYjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEmb5MQu1fW6PoUi5hou1gYQT6cD
ML63lY2pCRhclz3mFCR6O9336bUghfBJ96a+/LZf9BOT/zGZBqISqyubzPyFZ40W
Qj1tz5qcbp66cuFsB7AuhUuuIMHzeDZpt751svPHRoQm/xj5rTAZ9RzNaDPIBAQW
oT5kmyxtoBi0XV7l7bY/PhWZyVWPPdGlLBcomFoyZhXzX+XEaKnuwkgGMk4nWl1P
b0QXSOLJqvq0OEQIm8d80RNzalXRvkzng1kTduBdEAwnVCj21tlEVvVAM7O6dx31
qnmHEHHrnfbF3io9NUGMBrkS080W89lrGtPE9fOuLKl2D55X4aO3QXQUdwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFMX6PJmxosXcT8LjsX4Mt+4rWfs8MB8GA1UdIwQY
MBaAFG1XnR1fp/0qRFtd2O6PJje0Hw1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlZlZEhWLW5fU3BFVzEzWTdvOG1ON1FmRFVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9jNWVlN2QtZTU0NC00MjFhLWFmNDct
ZjYzOTU4NjBmYzk4LzEveGZvOG1iR2l4ZHhQd3VPeGZneTM3aXRaLXp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9jNWVlN2QtZTU0NC00MjFhLWFmNDctZjYzOTU4NjBmYzk4
LzEvYlZlZEhWLW5fU3BFVzEzWTdvOG1ON1FmRFVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAucybMBoE
AgACMBQwEgMHACoUIYAAAQMHACoUIYAABDANBgkqhkiG9w0BAQsFAAOCAQEAmfzR
4vdr+uTB8nCcmPVm+auWP3nNHLKA6DjFUL61C9caItKxMRbAqZhj0hl8eChGszjZ
PlVtF6dXgoLApYOgFNDgrIitIs1w3PhizUiPUNVcWBmp6S0KuuPBfoMIVwwlJYDl
U5zbgCk3QQTmDRtPsmXwlmF1eODMasZy57QnYr/c6LFnmK2AxGgL0XNQ/Ve5lyoQ
HwektNQwFeuf++5Dgx7AJdy1KndobGXLQc0G0s66DLmuc/+V5dRqo4AtjCdM0O4W
6IcPwxwJPXY81HzqmrjSIxbnpXykVuaEJjzcAPPcnJfVsurQDCbEXoucyZ/uuBbq
MMl3j+oid/arKBHdeg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:32:24 2025 by rpki-client