Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/5Xz9E7C6BAcx16iIMjwvM4HlgAw.roa
File: 5Xz9E7C6BAcx16iIMjwvM4HlgAw.roa (raw, json)
Hash identifier: O79+vzMdI2uDnbGewEwtLl1GFqHouBivbXJnQ4WHjFs=
Subject key identifier: E5:7C:FD:13:B0:BA:04:07:31:D7:A8:88:32:3C:2F:33:81:E5:80:0C
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 0198A318716107B97FD058C8E93771401AB7
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/5Xz9E7C6BAcx16iIMjwvM4HlgAw.roa
Signing time: Wed 13 Aug 2025 11:02:24 +0000
ROA not before: Wed 13 Aug 2025 11:02:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401838
IP address blocks: 91.225.225.0/24 maxlen: 24
91.225.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.mft
rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a3:18:71:61:07:b9:7f:d0:58:c8:e9:37:71:40:1a:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Aug 13 11:02:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e57cfd13b0ba040731d7a888323c2f3381e5800c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e9:22:53:5f:d9:73:fb:43:64:7c:8b:28:0c:
37:63:cf:e1:8c:3e:77:eb:b5:ea:fe:b4:7a:85:b0:
87:63:26:9a:49:3d:b6:ad:c9:f7:27:c1:cf:24:d9:
bd:50:9a:25:11:84:ff:98:de:f2:15:f4:7b:16:31:
7f:0b:ae:1e:9f:e1:a2:45:2a:70:7e:f4:c8:5d:5b:
13:66:56:2d:8b:9b:5f:7f:5c:39:bf:82:d0:94:ee:
64:3d:46:d5:e0:a6:6b:8f:cb:6e:45:97:58:bf:62:
97:b6:4b:e0:e7:8d:19:6b:b6:2f:a4:6a:4f:c1:61:
af:60:98:a2:66:2b:af:dd:a9:07:8e:2d:7c:18:66:
cc:ad:49:1c:1b:c9:30:70:43:05:de:1c:ac:a8:bd:
f7:82:3a:a5:a3:38:4b:7a:e3:fb:5d:5e:6d:7a:ff:
76:5d:6a:c7:c5:7d:1a:cd:e6:aa:1a:1f:4c:18:a4:
ec:42:45:03:0c:37:06:a7:6f:c2:eb:3e:ac:24:97:
bd:01:59:07:29:d3:17:f1:fd:aa:47:e8:a9:67:e5:
75:11:62:3c:00:a2:96:54:89:5c:e6:13:11:5b:0d:
72:75:35:7e:40:dd:3b:c8:a8:c0:75:91:27:d4:fc:
c8:61:97:83:bd:40:b6:a9:c1:15:38:2c:f6:94:5e:
94:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:7C:FD:13:B0:BA:04:07:31:D7:A8:88:32:3C:2F:33:81:E5:80:0C
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/5Xz9E7C6BAcx16iIMjwvM4HlgAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.225.0-91.225.226.255
Signature Algorithm: sha256WithRSAEncryption
5a:08:6e:42:56:1f:bf:45:6d:f8:b7:59:4f:88:ee:68:25:43:
87:a7:26:9c:18:d7:63:ea:a2:3c:f2:54:da:14:23:ed:2c:dc:
de:f7:8b:59:e2:49:ae:a8:fb:69:21:e7:b3:8b:43:0e:a6:6c:
26:3e:f9:e7:19:9a:c2:23:44:e6:2f:e3:3f:7a:38:04:f8:0c:
95:c2:27:64:5e:fc:f9:fd:a6:d6:52:48:a6:f6:f2:16:c7:de:
d7:5f:12:fd:f8:bc:9a:c9:ec:4d:c7:fa:8a:91:81:92:39:fa:
f8:15:60:f8:a4:c3:28:09:9f:c1:a8:89:36:5e:26:a7:14:03:
9e:dc:ed:02:cf:67:85:4d:b3:dc:86:ed:39:08:67:f1:92:21:
31:07:08:0d:58:9e:e7:8c:a6:5a:fe:23:63:82:25:08:4d:96:
5b:5a:ca:0e:c7:50:e2:12:34:f8:ec:13:56:02:30:ca:0b:9f:
c2:8d:42:35:21:93:06:86:25:d2:6d:77:15:8a:8f:ba:6b:16:
1e:44:d1:1f:8a:2a:63:48:e4:55:9d:02:11:f8:e6:bf:b0:62:
9e:b3:ac:c9:a4:57:f1:ee:04:8e:d8:bc:d0:62:8f:1d:f1:e0:
0d:88:08:c5:cd:59:5d:b1:5f:74:53:0c:bb:69:12:e9:0f:b1:
7a:0c:be:93
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZijGHFhB7l/0FjI6TdxQBq3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjUwODEzMTEwMjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTdjZmQxM2IwYmEwNDA3MzFkN2E4ODgzMjNjMmYzMzgxZTU4MDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArukiU1/Zc/tDZHyLKAw3Y8/hjD53
67Xq/rR6hbCHYyaaST22rcn3J8HPJNm9UJolEYT/mN7yFfR7FjF/C64en+GiRSpw
fvTIXVsTZlYti5tff1w5v4LQlO5kPUbV4KZrj8tuRZdYv2KXtkvg540Za7YvpGpP
wWGvYJiiZiuv3akHji18GGbMrUkcG8kwcEMF3hysqL33gjqlozhLeuP7XV5tev92
XWrHxX0azeaqGh9MGKTsQkUDDDcGp2/C6z6sJJe9AVkHKdMX8f2qR+ipZ+V1EWI8
AKKWVIlc5hMRWw1ydTV+QN07yKjAdZEn1PzIYZeDvUC2qcEVOCz2lF6U3wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOV8/ROwugQHMdeoiDI8LzOB5YAMMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvNVh6OUU3QzZCQWN4MTZpSU1qd3ZNNEhsZ0F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABb4eED
BABb4eIwDQYJKoZIhvcNAQELBQADggEBAFoIbkJWH79Fbfi3WU+I7mglQ4enJpwY
12PqojzyVNoUI+0s3N73i1niSa6o+2kh57OLQw6mbCY++ecZmsIjROYv4z96OAT4
DJXCJ2Re/Pn9ptZSSKb28hbH3tdfEv34vJrJ7E3H+oqRgZI5+vgVYPikwygJn8Go
iTZeJqcUA57c7QLPZ4VNs9yG7TkIZ/GSITEHCA1YnueMplr+I2OCJQhNlltayg7H
UOISNPjsE1YCMMoLn8KNQjUhkwaGJdJtdxWKj7prFh5E0R+KKmNI5FWdAhH45r+w
Yp6zrMmkV/HuBI7YvNBijx3x4A2ICMXNWV2xX3RTDLtpEukPsXoMvpM=
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:00:37 2025 by rpki-client