Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/xHmxHeGysZQx87yc0H9cuc2SvMo.roa
File: xHmxHeGysZQx87yc0H9cuc2SvMo.roa (raw, json)
Hash identifier: j+Tf8Fn3tMX9hr31g+uEJglcEihEnhqHnvGsVUVKf9k=
Subject key identifier: C4:79:B1:1D:E1:B2:B1:94:31:F3:BC:9C:D0:7F:5C:B9:CD:92:BC:CA
Certificate issuer: /CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Certificate serial: 01996B37824498C8D3416298B06E9B587FDA
Authority key identifier: FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/xHmxHeGysZQx87yc0H9cuc2SvMo.roa
Signing time: Sun 21 Sep 2025 07:40:23 +0000
ROA not before: Sun 21 Sep 2025 07:40:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25252
IP address blocks: 193.221.47.0/24 maxlen: 24
193.221.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.mft
rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:6b:37:82:44:98:c8:d3:41:62:98:b0:6e:9b:58:7f:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Validity
Not Before: Sep 21 07:40:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c479b11de1b2b19431f3bc9cd07f5cb9cd92bcca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6d:6b:a8:ee:7d:e7:8a:09:e3:03:83:5f:76:
c6:01:ed:cd:12:75:85:55:02:e7:11:48:72:06:b5:
d5:d8:bd:b9:5a:4f:54:60:d3:80:15:eb:46:82:a6:
90:30:2a:5c:78:c6:17:80:92:b5:fd:3e:ad:19:20:
2f:26:c7:6f:b8:07:6b:a9:0f:c2:2d:d0:6f:17:51:
62:26:63:3d:c5:e8:56:22:ba:3c:5d:b4:fb:b5:55:
ab:e6:9b:01:85:9b:ff:22:19:80:a8:b3:33:0d:c4:
89:d9:fe:52:52:d7:ec:56:5c:f9:06:a9:9c:51:4a:
62:d5:46:1e:da:c7:7c:0d:56:de:bc:c0:c4:ec:f3:
9c:a8:10:b1:b4:e9:5a:dd:42:2a:51:af:a9:40:98:
f4:e5:01:de:58:8e:5b:33:5b:3a:64:59:1b:35:34:
89:71:0e:e6:de:d4:de:ed:e5:58:98:6a:7b:f0:2e:
b9:6e:bb:23:6c:0f:22:ad:15:cc:fa:61:6d:12:45:
8c:03:d7:07:6a:7a:e5:69:e3:12:0e:c3:4e:97:43:
dc:b2:3c:3c:53:6e:9d:52:3c:bf:7a:66:b9:f1:ec:
2f:7b:6d:49:91:99:e8:10:9a:79:ed:d2:ad:5d:f5:
90:f7:ff:4e:8d:41:51:dc:6e:f9:33:4b:d8:d1:60:
f6:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:79:B1:1D:E1:B2:B1:94:31:F3:BC:9C:D0:7F:5C:B9:CD:92:BC:CA
X509v3 Authority Key Identifier:
keyid:FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/xHmxHeGysZQx87yc0H9cuc2SvMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.221.47.0/24
193.221.53.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:17:58:9a:9f:d8:72:7e:13:4c:36:e5:80:5f:c0:17:b6:89:
8f:10:f0:16:75:e9:ea:18:1d:b0:c2:58:cb:74:6a:28:eb:a8:
ac:c5:45:77:97:0f:69:d2:56:e8:12:bb:9a:0e:d0:7a:2d:ee:
2a:f7:6c:ad:9e:5e:9d:f0:ee:a5:67:b5:1f:c8:a2:16:51:74:
7f:83:3a:8b:6e:53:de:9b:a2:62:8b:74:cc:57:f2:bf:74:5c:
1c:23:79:69:4e:a4:f8:b5:6e:ca:ba:8d:a8:b0:28:f0:39:28:
ba:09:fe:c5:1c:f1:1a:38:3a:5b:44:3f:7b:1b:07:bf:ca:8f:
86:76:56:41:19:e4:12:00:28:cd:13:86:2f:30:79:46:64:e9:
7d:ff:15:53:05:33:d0:3c:9c:58:92:8b:15:59:70:89:69:1f:
c3:24:27:19:2c:68:ba:f4:f2:40:2f:65:49:49:ae:aa:53:0e:
af:2e:50:ae:75:de:26:36:4b:5e:6f:5e:79:54:6e:11:ec:5d:
65:21:13:19:36:01:7d:68:0f:5e:cd:63:5b:8f:72:88:c4:88:
cb:4f:97:9a:dc:9e:6a:c4:a2:f0:47:2d:1f:2a:bc:17:af:78:
c1:a6:cd:8a:3d:1b:fc:97:e6:39:60:4f:73:6a:3f:87:f5:45:
ba:e6:b9:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZlrN4JEmMjTQWKYsG6bWH/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTRhYjJkNDgxY2YxNjIyYTJjNTIxODNhYjRmNWE5MzBh
NGFlNDEwHhcNMjUwOTIxMDc0MDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDc5YjExZGUxYjJiMTk0MzFmM2JjOWNkMDdmNWNiOWNkOTJiY2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvW1rqO5954oJ4wODX3bGAe3NEnWF
VQLnEUhyBrXV2L25Wk9UYNOAFetGgqaQMCpceMYXgJK1/T6tGSAvJsdvuAdrqQ/C
LdBvF1FiJmM9xehWIro8XbT7tVWr5psBhZv/IhmAqLMzDcSJ2f5SUtfsVlz5Bqmc
UUpi1UYe2sd8DVbevMDE7POcqBCxtOla3UIqUa+pQJj05QHeWI5bM1s6ZFkbNTSJ
cQ7m3tTe7eVYmGp78C65brsjbA8irRXM+mFtEkWMA9cHanrlaeMSDsNOl0Pcsjw8
U26dUjy/ema58ewve21JkZnoEJp57dKtXfWQ9/9OjUFR3G75M0vY0WD2tQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMR5sR3hsrGUMfO8nNB/XLnNkrzKMB8GA1UdIwQY
MBaAFP5Uqy1IHPFiKixSGDq09akwpK5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYt
MWIxMzYyYjliNmEyLzEveEhteEhlR3lzWlF4ODd5YzBIOWN1YzJTdk1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYtMWIxMzYyYjliNmEy
LzEvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwd0vAwQA
wd01MA0GCSqGSIb3DQEBCwUAA4IBAQBdF1ian9hyfhNMNuWAX8AXtomPEPAWdenq
GB2wwljLdGoo66isxUV3lw9p0lboEruaDtB6Le4q92ytnl6d8O6lZ7UfyKIWUXR/
gzqLblPem6Jii3TMV/K/dFwcI3lpTqT4tW7Kuo2osCjwOSi6Cf7FHPEaODpbRD97
Gwe/yo+GdlZBGeQSACjNE4YvMHlGZOl9/xVTBTPQPJxYkosVWXCJaR/DJCcZLGi6
9PJAL2VJSa6qUw6vLlCudd4mNkteb155VG4R7F1lIRMZNgF9aA9ezWNbj3KIxIjL
T5ea3J5qxKLwRy0fKrwXr3jBps2KPRv8l+Y5YE9zaj+H9UW65rnX
-----END CERTIFICATE-----
Generated at Mon Oct 20 00:07:13 2025 by rpki-client