Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/xKRilO0vwgvjeykGWxxPZlep8IA.roa
File: xKRilO0vwgvjeykGWxxPZlep8IA.roa (raw, json)
Hash identifier: DWIP1iliS91BdTEgbVE4cDPtiHmdG7awTm/8ZCjAlzk=
Subject key identifier: C4:A4:62:94:ED:2F:C2:0B:E3:7B:29:06:5B:1C:4F:66:57:A9:F0:80
Certificate issuer: /CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Certificate serial: 0198C10AC1CA6E119F8186718FFB318552F4
Authority key identifier: 8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/xKRilO0vwgvjeykGWxxPZlep8IA.roa
Signing time: Tue 19 Aug 2025 06:36:04 +0000
ROA not before: Tue 19 Aug 2025 06:36:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39855
IP address blocks: 5.253.226.0/24 maxlen: 24
45.14.180.0/24 maxlen: 24
45.14.181.0/24 maxlen: 24
45.14.182.0/23 maxlen: 24
194.99.112.0/24 maxlen: 24
194.104.1.0/24 maxlen: 24
194.104.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/j8aWRkV6i_jvlWm5tCfp8sRi5W4.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/j8aWRkV6i_jvlWm5tCfp8sRi5W4.mft
rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 23:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c1:0a:c1:ca:6e:11:9f:81:86:71:8f:fb:31:85:52:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Validity
Not Before: Aug 19 06:36:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4a46294ed2fc20be37b29065b1c4f6657a9f080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ec:b1:12:43:a5:77:09:6c:06:84:33:43:67:
f1:5a:b9:a6:4b:b2:f9:ce:84:d3:b8:c7:d8:45:58:
28:82:17:ae:3a:d1:75:a9:52:03:ba:36:33:b2:3a:
37:7f:4f:6c:31:cc:bc:36:63:32:94:1a:98:be:61:
d1:9e:d5:f8:75:c8:cb:8d:b9:2b:12:f4:ae:51:03:
44:89:ab:81:6e:05:11:d8:90:4f:ba:31:5b:1b:cc:
39:b9:3c:9f:27:01:da:b9:6a:bc:e3:3d:89:a6:d4:
00:1e:fd:bc:65:bf:7a:03:61:48:ee:e2:bc:2b:cd:
89:d4:a8:e8:79:70:db:e6:b9:d4:cd:c6:00:2a:5f:
ea:90:b2:e1:ff:ff:91:cc:f3:76:a5:b4:a4:86:76:
d0:2f:e0:95:63:c1:ae:69:62:80:fb:db:3f:05:63:
74:ba:71:fa:4e:30:67:e0:12:a9:fd:8d:92:90:ea:
c2:4b:45:58:26:4f:f1:4e:44:eb:83:61:fd:15:69:
11:49:c2:4a:28:af:6d:38:4c:67:68:97:47:b1:ff:
26:17:81:8d:89:1a:59:66:cc:9a:f6:ef:02:f7:be:
0a:99:10:e9:56:39:43:3f:94:5b:5a:4a:04:1a:7c:
99:6f:8f:97:22:9a:19:84:e3:38:63:76:31:58:29:
b8:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:A4:62:94:ED:2F:C2:0B:E3:7B:29:06:5B:1C:4F:66:57:A9:F0:80
X509v3 Authority Key Identifier:
keyid:8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/xKRilO0vwgvjeykGWxxPZlep8IA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/j8aWRkV6i_jvlWm5tCfp8sRi5W4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.226.0/24
45.14.180.0/22
194.99.112.0/24
194.104.1.0/24
194.104.85.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:8b:93:46:27:5b:56:b1:34:2a:97:0d:86:dc:d7:33:2d:1a:
e2:10:cd:6a:82:97:f0:31:fd:f9:c7:2d:89:89:5b:b4:05:4d:
8f:0b:4b:3e:47:10:07:fd:8b:3e:83:aa:53:82:ba:8a:d2:56:
22:7b:74:86:ba:d5:c0:c7:d4:fd:eb:4a:92:60:0f:77:42:65:
6d:72:9f:d5:54:52:cb:b2:b9:5e:28:bc:92:73:56:aa:26:71:
52:c8:d2:9b:3e:3b:c0:1b:6f:df:67:35:03:06:12:89:db:c0:
d6:96:a7:37:90:5f:28:78:95:74:05:28:40:90:22:e7:b7:c9:
5c:fa:a5:8c:34:f0:5f:fb:82:8a:da:77:33:2d:be:bf:f2:35:
7a:91:a1:c5:66:15:b0:26:ce:ac:1f:a4:7a:18:b6:d7:a5:f2:
b3:26:19:ac:38:52:a4:39:44:b7:fe:09:cf:12:c7:52:e7:5d:
08:65:c9:ce:31:99:56:d8:94:6d:f9:3d:24:63:d9:2a:73:b5:
2b:80:9b:4b:3f:1e:d3:ed:80:7d:2d:70:ef:6b:98:fb:ed:e4:
40:15:54:3b:f3:7f:a8:8c:79:33:53:ac:5b:37:cb:5b:f7:79:
77:d9:c2:54:25:93:0d:48:72:14:23:26:78:b7:a3:b2:37:a7:
a2:1a:a7:47
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZjBCsHKbhGfgYZxj/sxhVL0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYzY5NjQ2NDU3YThiZjhlZjk1NjliOWI0MjdlOWYyYzQ2
MmU1NmUwHhcNMjUwODE5MDYzNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGE0NjI5NGVkMmZjMjBiZTM3YjI5MDY1YjFjNGY2NjU3YTlmMDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOyxEkOldwlsBoQzQ2fxWrmmS7L5
zoTTuMfYRVgogheuOtF1qVIDujYzsjo3f09sMcy8NmMylBqYvmHRntX4dcjLjbkr
EvSuUQNEiauBbgUR2JBPujFbG8w5uTyfJwHauWq84z2JptQAHv28Zb96A2FI7uK8
K82J1KjoeXDb5rnUzcYAKl/qkLLh//+RzPN2pbSkhnbQL+CVY8GuaWKA+9s/BWN0
unH6TjBn4BKp/Y2SkOrCS0VYJk/xTkTrg2H9FWkRScJKKK9tOExnaJdHsf8mF4GN
iRpZZsya9u8C974KmRDpVjlDP5RbWkoEGnyZb4+XIpoZhOM4Y3YxWCm4qQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMSkYpTtL8IL43spBlscT2ZXqfCAMB8GA1UdIwQY
MBaAFI/GlkZFeov475VpubQn6fLEYuVuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTkt
YjBiMzVhMzRlMzg4LzEveEtSaWxPMHZ3Z3ZqZXlrR1d4eFBabGVwOElBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTktYjBiMzVhMzRlMzg4
LzEvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABf3iAwQC
LQ60AwQAwmNwAwQAwmgBAwQAwmhVMA0GCSqGSIb3DQEBCwUAA4IBAQB9i5NGJ1tW
sTQqlw2G3NczLRriEM1qgpfwMf35xy2JiVu0BU2PC0s+RxAH/Ys+g6pTgrqK0lYi
e3SGutXAx9T960qSYA93QmVtcp/VVFLLsrleKLySc1aqJnFSyNKbPjvAG2/fZzUD
BhKJ28DWlqc3kF8oeJV0BShAkCLnt8lc+qWMNPBf+4KK2nczLb6/8jV6kaHFZhWw
Js6sH6R6GLbXpfKzJhmsOFKkOUS3/gnPEsdS510IZcnOMZlW2JRt+T0kY9kqc7Ur
gJtLPx7T7YB9LXDva5j77eRAFVQ783+ojHkzU6xbN8tb93l32cJUJZMNSHIUIyZ4
t6OyN6eiGqdH
-----END CERTIFICATE-----
Generated at Sun Aug 24 07:02:49 2025 by rpki-client