Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Xb0RRUWz0xkGN2Vp1eomMmagen0.roa
File: Xb0RRUWz0xkGN2Vp1eomMmagen0.roa (raw, json)
Hash identifier: PSA+YFgLHzrxW4d3bzNCy6bqQPgBwyFxv+OKzBlV2wI=
Subject key identifier: 5D:BD:11:45:45:B3:D3:19:06:37:65:69:D5:EA:26:32:66:A0:7A:7D
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0198A8F01B1608FD6066956CE8303A03734A
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Xb0RRUWz0xkGN2Vp1eomMmagen0.roa
Signing time: Thu 14 Aug 2025 14:16:04 +0000
ROA not before: Thu 14 Aug 2025 14:16:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
93.115.106.0/24 maxlen: 24
94.177.106.0/24 maxlen: 24
167.17.180.0/24 maxlen: 24
193.124.36.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Aug 2025 23:01:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a8:f0:1b:16:08:fd:60:66:95:6c:e8:30:3a:03:73:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Aug 14 14:16:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5dbd114545b3d31906376569d5ea263266a07a7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:4c:5c:00:73:f3:f8:45:03:3b:90:bb:4a:42:
5e:62:2e:46:e3:37:4d:95:dd:2d:bc:e7:c2:de:eb:
88:40:e7:12:e9:3e:71:03:61:91:0d:37:b5:0d:28:
79:59:2f:a5:fa:41:c2:63:9b:90:0f:cb:f4:c1:b5:
ab:d9:1e:6d:c2:3f:42:3f:df:87:55:5a:9d:0d:ba:
35:d2:7c:d5:d4:81:43:d3:51:ca:18:2f:e0:0d:71:
19:87:6c:4c:50:2e:a8:c5:26:99:f9:11:9a:45:63:
e9:fb:8c:18:47:ef:e8:d1:74:9a:34:05:24:62:fe:
ec:20:4a:1f:4c:d6:ae:f7:61:cf:b8:a2:97:55:d1:
41:59:46:b3:f7:12:19:29:1a:01:eb:fb:b7:34:7d:
7e:71:03:d1:7a:aa:be:ef:50:0a:de:4f:98:23:d5:
fd:d7:1d:2a:96:34:8f:94:91:d0:60:7c:23:15:d2:
c1:13:95:81:b5:89:0f:58:c8:09:f4:db:f9:65:74:
e1:8f:c3:2b:24:5e:a8:eb:f6:4b:7e:fc:57:46:35:
e2:25:3b:4b:d7:85:fc:4a:db:cb:53:26:72:d0:be:
19:c8:09:9c:29:5e:a4:7e:5c:a5:57:69:cc:98:ca:
80:9a:bf:b4:54:e9:da:da:cd:ba:50:d4:0a:c7:49:
b0:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:BD:11:45:45:B3:D3:19:06:37:65:69:D5:EA:26:32:66:A0:7A:7D
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Xb0RRUWz0xkGN2Vp1eomMmagen0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
89.34.106.0/24
89.35.129.0/24
93.114.183.0/24
93.115.106.0/24
94.177.106.0/24
167.17.180.0/24
193.124.36.0/24
194.58.47.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:1a:a1:4f:09:6c:ad:0a:76:86:a7:1f:85:7a:e0:a7:b3:7e:
a8:3f:ef:e9:f4:f6:ed:b5:6d:96:69:b8:a6:9a:43:c1:44:cf:
6f:5a:dd:a7:19:e2:96:f8:c6:73:51:61:91:75:2b:50:37:6e:
e9:19:14:41:14:54:6e:4b:14:48:e9:01:fb:0d:03:b2:2a:f8:
fe:3d:ee:57:eb:f1:b3:91:6d:04:6e:4f:fd:7c:ed:7a:22:f7:
1e:a3:d6:11:ce:c6:03:e7:8e:0d:40:3d:21:fe:8e:44:90:aa:
58:f4:a6:09:64:cb:65:5b:2b:77:f3:69:a0:f6:73:41:29:e5:
d6:ad:26:d9:3f:62:26:11:2f:00:07:1c:61:5a:3a:03:a1:23:
0f:38:df:0e:22:ff:95:b5:91:c6:8e:94:55:b9:fe:8e:e0:cd:
b8:98:03:b2:9d:c2:6d:83:e2:a3:95:2e:30:d3:78:17:2e:a9:
a9:18:53:4c:99:3a:7b:20:65:d0:7e:6b:1c:5c:6f:37:ea:d5:
d5:cb:ab:84:d2:02:5e:22:9f:1e:bd:d6:58:36:8f:59:9b:2f:
86:15:fe:2d:35:cf:cc:87:2c:56:a2:8e:64:b6:88:f9:08:f3:
e3:bc:f7:eb:09:11:bf:25:9f:bc:32:f4:0a:fe:35:f4:c0:e5:
7c:2b:62:0a
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZio8BsWCP1gZpVs6DA6A3NKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwODE0MTQxNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGJkMTE0NTQ1YjNkMzE5MDYzNzY1NjlkNWVhMjYzMjY2YTA3YTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUxcAHPz+EUDO5C7SkJeYi5G4zdN
ld0tvOfC3uuIQOcS6T5xA2GRDTe1DSh5WS+l+kHCY5uQD8v0wbWr2R5twj9CP9+H
VVqdDbo10nzV1IFD01HKGC/gDXEZh2xMUC6oxSaZ+RGaRWPp+4wYR+/o0XSaNAUk
Yv7sIEofTNau92HPuKKXVdFBWUaz9xIZKRoB6/u3NH1+cQPReqq+71AK3k+YI9X9
1x0qljSPlJHQYHwjFdLBE5WBtYkPWMgJ9Nv5ZXThj8MrJF6o6/ZLfvxXRjXiJTtL
14X8StvLUyZy0L4ZyAmcKV6kflylV2nMmMqAmr+0VOna2s26UNQKx0mwIwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFF29EUVFs9MZBjdladXqJjJmoHp9MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvWGIwUlJVV3oweGtHTjJWcDFlb21NbWFnZW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBLYe2AwQA
WSJqAwQAWSOBAwQAXXK3AwQAXXNqAwQAXrFqAwQApxG0AwQAwXwkAwQAwjovMA0G
CSqGSIb3DQEBCwUAA4IBAQBbGqFPCWytCnaGpx+FeuCns36oP+/p9PbttW2Wabim
mkPBRM9vWt2nGeKW+MZzUWGRdStQN27pGRRBFFRuSxRI6QH7DQOyKvj+Pe5X6/Gz
kW0Ebk/9fO16Ivceo9YRzsYD544NQD0h/o5EkKpY9KYJZMtlWyt382mg9nNBKeXW
rSbZP2ImES8ABxxhWjoDoSMPON8OIv+VtZHGjpRVuf6O4M24mAOyncJtg+KjlS4w
03gXLqmpGFNMmTp7IGXQfmscXG836tXVy6uE0gJeIp8evdZYNo9Zmy+GFf4tNc/M
hyxWoo5ktoj5CPPjvPfrCRG/JZ+8MvQK/jX0wOV8K2IK
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:45:25 2025 by rpki-client