Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/xpTG82WAvygwU1980tZbJy-4VWI.roa
File: xpTG82WAvygwU1980tZbJy-4VWI.roa (raw, json)
Hash identifier: 24TzHAnioYJA0NjqeaHw1acZCSVNR7w42ePz6kKrd88=
Subject key identifier: C6:94:C6:F3:65:80:BF:28:30:53:5F:7C:D2:D6:5B:27:2F:B8:55:62
Certificate issuer: /CN=64d4e8723450d0a710c32d90ffea18529104e538
Certificate serial: 0199EF2C413440BD39D0A628ABA31C39AEFD
Authority key identifier: 64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/xpTG82WAvygwU1980tZbJy-4VWI.roa
Signing time: Thu 16 Oct 2025 22:37:58 +0000
ROA not before: Thu 16 Oct 2025 22:37:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48031
IP address blocks: 91.207.60.0/24 maxlen: 24
91.217.91.0/24 maxlen: 24
91.226.212.0/24 maxlen: 24
91.226.213.0/24 maxlen: 24
176.103.48.0/20 maxlen: 20
176.103.48.0/21 maxlen: 21
176.103.56.0/22 maxlen: 22
176.103.60.0/23 maxlen: 23
176.103.62.0/23 maxlen: 23
193.169.86.0/23 maxlen: 23
2001:678:334::/48 maxlen: 48
2a13:f580::/48 maxlen: 48
2a13:f580:1::/48 maxlen: 48
2a13:f580:2::/48 maxlen: 48
2a13:f580:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 19:01:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ef:2c:41:34:40:bd:39:d0:a6:28:ab:a3:1c:39:ae:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d4e8723450d0a710c32d90ffea18529104e538
Validity
Not Before: Oct 16 22:37:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c694c6f36580bf2830535f7cd2d65b272fb85562
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:5f:85:2b:11:2c:a0:86:94:c5:12:41:a1:cc:
56:c1:5d:53:2b:9c:fb:c7:a2:ef:a2:e3:4e:34:60:
3e:df:20:95:dc:04:c6:9f:ab:01:8c:e7:16:dc:b1:
13:5c:5b:f7:4c:a7:5b:c9:9a:53:15:e0:d2:cb:40:
d7:11:4b:6c:2f:95:51:57:d7:13:6f:51:34:d8:3a:
02:6c:be:5a:83:ae:71:29:c8:24:2b:96:1b:34:9f:
66:20:fa:91:7a:5d:a2:f0:5b:3e:c1:02:38:99:c8:
12:11:3f:ed:0d:fa:fe:a8:ac:a2:8d:30:8e:4a:8d:
a9:37:e4:42:dd:c6:af:39:e2:a0:84:9e:c3:c6:80:
1e:f8:4a:b7:1f:e0:09:f3:0f:e5:e3:49:3f:15:37:
de:87:5e:ec:00:97:04:b2:b9:d0:f7:63:86:0a:7e:
ca:93:b8:fd:0f:b7:52:4c:c8:fd:0c:18:f8:5f:a1:
e9:a7:11:95:b7:fb:1f:f9:38:c8:53:8e:2e:5a:72:
70:1e:f8:39:66:54:60:c3:3e:d8:c1:c0:14:85:1b:
6b:f2:71:18:fc:9d:16:2e:13:80:87:03:4c:6e:89:
e3:99:11:9b:c1:c3:96:04:d5:23:3d:b3:a7:16:09:
2f:e5:42:20:aa:da:5a:ea:9c:33:51:40:9d:c4:97:
3a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:94:C6:F3:65:80:BF:28:30:53:5F:7C:D2:D6:5B:27:2F:B8:55:62
X509v3 Authority Key Identifier:
keyid:64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/xpTG82WAvygwU1980tZbJy-4VWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.60.0/24
91.217.91.0/24
91.226.212.0/23
176.103.48.0/20
193.169.86.0/23
IPv6:
2001:678:334::/48
2a13:f580::-2a13:f580:2:ffff:ffff:ffff:ffff:ffff
2a13:f580:4::/48
Signature Algorithm: sha256WithRSAEncryption
54:5f:af:30:69:f4:25:3c:53:54:b1:f5:71:20:64:8b:aa:e6:
b9:be:33:20:4e:96:dc:e7:e3:a2:b1:ca:2a:1f:a3:8a:e2:41:
b0:cb:c7:d2:4c:ce:ee:6d:14:7c:b5:35:83:38:1a:d6:12:ff:
c0:35:91:75:23:53:79:04:46:61:03:96:26:d7:68:23:ad:d5:
a5:07:bc:93:34:a9:db:6b:f5:f3:83:70:a1:34:5f:f7:32:ec:
e8:29:11:c4:0a:23:cc:28:74:00:93:a3:4e:38:15:49:df:97:
29:c7:84:19:4a:23:80:0f:21:d8:32:6c:83:b2:f1:bd:ff:be:
20:a9:b9:79:b7:1c:45:e0:6b:be:f0:89:5c:c8:44:71:16:53:
52:49:e6:57:23:a6:b5:8d:06:20:e3:19:ed:00:3a:f2:6f:62:
e4:ba:81:17:cc:2a:5d:fc:08:c9:5b:bc:8e:7f:8e:4b:d6:6a:
e2:9f:db:b0:5d:0c:46:c5:e8:54:b3:9f:dc:0f:4d:75:fe:ab:
d0:ef:e7:46:ea:5b:16:dc:42:40:a7:ec:7d:d6:1b:e1:a3:57:
cf:0a:7f:aa:2c:24:39:09:b5:ff:c3:fa:ee:29:b0:32:57:fe:
bf:09:59:b9:a3:3f:6c:1c:0e:ba:81:55:f5:4a:d1:3f:04:e7:
2a:e8:4f:bc
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZnvLEE0QL050KYoq6McOa79MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDRlODcyMzQ1MGQwYTcxMGMzMmQ5MGZmZWExODUyOTEw
NGU1MzgwHhcNMjUxMDE2MjIzNzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjk0YzZmMzY1ODBiZjI4MzA1MzVmN2NkMmQ2NWIyNzJmYjg1NTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA41+FKxEsoIaUxRJBocxWwV1TK5z7
x6LvouNONGA+3yCV3ATGn6sBjOcW3LETXFv3TKdbyZpTFeDSy0DXEUtsL5VRV9cT
b1E02DoCbL5ag65xKcgkK5YbNJ9mIPqRel2i8Fs+wQI4mcgSET/tDfr+qKyijTCO
So2pN+RC3cavOeKghJ7DxoAe+Eq3H+AJ8w/l40k/FTfeh17sAJcEsrnQ92OGCn7K
k7j9D7dSTMj9DBj4X6HppxGVt/sf+TjIU44uWnJwHvg5ZlRgwz7YwcAUhRtr8nEY
/J0WLhOAhwNMbonjmRGbwcOWBNUjPbOnFgkv5UIgqtpa6pwzUUCdxJc6RQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFMaUxvNlgL8oMFNffNLWWycvuFViMB8GA1UdIwQY
MBaAFGTU6HI0UNCnEMMtkP/qGFKRBOU4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzIt
NDIyYWVkM2E3NzAyLzEveHBURzgyV0F2eWd3VTE5ODB0WmJKeS00VldJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzItNDIyYWVkM2E3NzAy
LzEvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjAkBAIAATAeAwQAW888AwQA
W9lbAwQBW+LUAwQEsGcwAwQBwalWMCoEAgACMCQDBwAgAQZ4AzQwEAMFByoT9YAD
BwAqE/WAAAIDBwAqE/WAAAQwDQYJKoZIhvcNAQELBQADggEBAFRfrzBp9CU8U1Sx
9XEgZIuq5rm+MyBOltzn46Kxyiofo4riQbDLx9JMzu5tFHy1NYM4GtYS/8A1kXUj
U3kERmEDlibXaCOt1aUHvJM0qdtr9fODcKE0X/cy7OgpEcQKI8wodACTo044FUnf
lynHhBlKI4APIdgybIOy8b3/viCpuXm3HEXga77wiVzIRHEWU1JJ5lcjprWNBiDj
Ge0AOvJvYuS6gRfMKl38CMlbvI5/jkvWauKf27BdDEbF6FSzn9wPTXX+q9Dv50bq
WxbcQkCn7H3WG+GjV88Kf6osJDkJtf/D+u4psDJX/r8JWbmjP2wcDrqBVfVK0T8E
5yroT7w=
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:05:03 2025 by rpki-client