Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/cXCTm2w_D8O78pMdDLtLkh1z68Y.roa
File: cXCTm2w_D8O78pMdDLtLkh1z68Y.roa (raw, json)
Hash identifier: rBxkoFIMMhd79l6Qjzckgi/OE9+fMyC44zhiafSVQeg=
Subject key identifier: 71:70:93:9B:6C:3F:0F:C3:BB:F2:93:1D:0C:BB:4B:92:1D:73:EB:C6
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0199EDD4EF125A78EE5978EDFC991D60E419
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/cXCTm2w_D8O78pMdDLtLkh1z68Y.roa
Signing time: Thu 16 Oct 2025 16:22:59 +0000
ROA not before: Thu 16 Oct 2025 16:22:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26548
IP address blocks: 80.71.150.0/24 maxlen: 24
80.71.152.0/24 maxlen: 24
80.71.159.0/24 maxlen: 24
91.240.71.0/24 maxlen: 24
194.105.158.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ed:d4:ef:12:5a:78:ee:59:78:ed:fc:99:1d:60:e4:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Oct 16 16:22:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7170939b6c3f0fc3bbf2931d0cbb4b921d73ebc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:7c:03:6a:09:49:35:f2:26:40:c1:c5:b4:69:
95:35:95:6b:3d:d1:6c:c6:9e:14:68:c5:bf:ce:f3:
26:4b:80:ad:27:75:24:90:4e:d8:19:49:1d:a2:55:
56:ff:b1:16:fa:75:a1:65:8b:45:81:1a:2b:59:88:
e0:b9:13:8c:ef:c6:52:bc:79:31:14:3c:52:ce:a0:
8c:33:63:61:f6:7c:71:35:19:7a:ac:16:33:58:30:
d6:b2:6b:62:7f:3e:c9:d9:af:24:5a:b1:91:96:e3:
05:e7:36:81:3f:d1:d2:56:40:55:35:a3:e9:07:31:
71:1d:24:ba:be:ab:0c:21:88:22:e4:ba:d6:6d:97:
b4:7a:68:f5:32:04:8d:bb:a3:02:f9:f4:5a:3a:20:
89:99:00:24:fd:6e:09:0e:48:b0:1f:18:ad:8f:72:
c7:30:e5:46:04:39:c6:9d:8f:2f:36:ed:b9:01:96:
c0:ce:8c:10:fb:48:5d:af:2a:49:c0:0a:37:9a:f3:
19:1a:4e:bc:0c:9a:b1:0e:92:aa:db:e9:d8:7b:32:
76:90:f8:4a:ed:7d:60:ce:bc:a5:a7:db:5f:c2:56:
7c:cf:86:56:19:68:0d:19:e7:ae:52:1e:10:58:6a:
de:6a:f3:bf:08:a7:84:40:f2:c1:13:6a:c8:a1:ce:
fe:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:70:93:9B:6C:3F:0F:C3:BB:F2:93:1D:0C:BB:4B:92:1D:73:EB:C6
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/cXCTm2w_D8O78pMdDLtLkh1z68Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.150.0/24
80.71.152.0/24
80.71.159.0/24
91.240.71.0/24
194.105.158.0/23
Signature Algorithm: sha256WithRSAEncryption
77:13:a5:9a:fb:7b:61:a5:89:0d:a9:5e:40:c2:09:a5:78:34:
02:5d:42:8b:8a:2e:f4:a5:93:e8:21:31:73:05:b4:58:01:b2:
17:2c:41:00:ed:6f:81:7c:9d:d0:9f:9e:49:96:1f:97:e0:c9:
55:c2:8e:d8:cb:ac:68:30:c0:df:7c:3e:b6:aa:d4:be:e6:03:
71:02:59:d7:8d:a1:26:1a:c4:d2:38:f3:0e:a9:22:67:43:54:
09:b9:97:40:dc:44:94:e0:2b:52:a9:96:26:c6:72:40:e9:93:
10:b1:c0:d0:d8:bd:f0:0c:a6:a5:85:1e:b9:9c:c0:dc:87:c4:
0e:a4:44:0d:f4:5e:7e:0f:e2:ba:9e:8f:a5:1c:58:06:ef:3b:
e7:1b:80:c3:73:86:27:cd:9e:e6:22:8a:99:db:b3:a9:21:dc:
ec:7c:99:2f:be:25:84:d4:02:e5:bd:e3:1b:90:96:dd:0a:2e:
9f:75:74:c0:cc:f8:de:0a:90:10:8d:65:24:4a:6e:c2:0b:9a:
76:d8:84:83:c3:b6:cd:2e:3b:3a:e5:36:73:31:f4:59:f7:b4:
fe:57:d7:0e:86:0b:5f:61:b9:9b:a8:b2:90:e7:ed:9e:53:a5:
0e:19:02:42:4f:aa:d3:84:ce:9a:8b:ac:3f:10:d0:a2:89:f3:
a4:05:51:2e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZnt1O8SWnjuWXjt/JkdYOQZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUxMDE2MTYyMjU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTcwOTM5YjZjM2YwZmMzYmJmMjkzMWQwY2JiNGI5MjFkNzNlYmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23wDaglJNfImQMHFtGmVNZVrPdFs
xp4UaMW/zvMmS4CtJ3UkkE7YGUkdolVW/7EW+nWhZYtFgRorWYjguROM78ZSvHkx
FDxSzqCMM2Nh9nxxNRl6rBYzWDDWsmtifz7J2a8kWrGRluMF5zaBP9HSVkBVNaPp
BzFxHSS6vqsMIYgi5LrWbZe0emj1MgSNu6MC+fRaOiCJmQAk/W4JDkiwHxitj3LH
MOVGBDnGnY8vNu25AZbAzowQ+0hdrypJwAo3mvMZGk68DJqxDpKq2+nYezJ2kPhK
7X1gzrylp9tfwlZ8z4ZWGWgNGeeuUh4QWGreavO/CKeEQPLBE2rIoc7+XQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHFwk5tsPw/Du/KTHQy7S5Idc+vGMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvY1hDVG0yd19EOE83OHBNZERMdExraDF6NjhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUEeWAwQA
UEeYAwQAUEefAwQAW/BHAwQBwmmeMA0GCSqGSIb3DQEBCwUAA4IBAQB3E6Wa+3th
pYkNqV5AwgmleDQCXUKLii70pZPoITFzBbRYAbIXLEEA7W+BfJ3Qn55Jlh+X4MlV
wo7Yy6xoMMDffD62qtS+5gNxAlnXjaEmGsTSOPMOqSJnQ1QJuZdA3ESU4CtSqZYm
xnJA6ZMQscDQ2L3wDKalhR65nMDch8QOpEQN9F5+D+K6no+lHFgG7zvnG4DDc4Yn
zZ7mIoqZ27OpIdzsfJkvviWE1ALlveMbkJbdCi6fdXTAzPjeCpAQjWUkSm7CC5p2
2ISDw7bNLjs65TZzMfRZ97T+V9cOhgtfYbmbqLKQ5+2eU6UOGQJCT6rThM6ai6w/
ENCiifOkBVEu
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:34:57 2025 by rpki-client