Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/xyh4ewGS3X-RUneITZFZqy5ymBg.roa
File: xyh4ewGS3X-RUneITZFZqy5ymBg.roa (raw, json)
Hash identifier: RIQZNdOJE7OlslKFhD4xmgJnjPOCBbdK+p0a5aIoxYY=
Subject key identifier: C7:28:78:7B:01:92:DD:7F:91:52:77:88:4D:91:59:AB:2E:72:98:18
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 0199A975F05868A6D4F2C24AC2AB4D3D9F92
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/xyh4ewGS3X-RUneITZFZqy5ymBg.roa
Signing time: Fri 03 Oct 2025 09:45:02 +0000
ROA not before: Fri 03 Oct 2025 09:45:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 812
IP address blocks: 195.40.110.0/23 maxlen: 24
195.172.114.0/23 maxlen: 24
195.172.116.0/23 maxlen: 24
195.172.196.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a9:75:f0:58:68:a6:d4:f2:c2:4a:c2:ab:4d:3d:9f:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Oct 3 09:45:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c728787b0192dd7f915277884d9159ab2e729818
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:13:18:2e:3d:68:58:6f:77:3f:e0:47:f6:b1:
06:04:b1:98:e9:4c:0c:13:84:a4:0f:c0:ed:67:22:
cb:d5:1f:4b:be:f9:c7:3e:3f:c5:9c:bb:d5:8f:bc:
1c:c4:db:27:25:3e:b9:66:c7:93:a8:b5:60:79:8e:
ad:13:f2:f4:79:f7:ed:c9:bb:7a:89:f4:36:92:fc:
7c:0d:d6:c3:45:69:f2:01:47:c5:1b:fa:b5:cd:8c:
5b:e3:c2:93:fd:a6:04:38:4d:42:ee:05:21:5d:3a:
9e:a3:15:00:bb:d9:bb:7c:9f:c6:80:f7:d4:84:51:
b6:03:32:e7:51:98:88:a1:8f:fc:d9:21:91:d8:12:
43:f2:c3:56:ea:69:ac:d9:84:67:bd:80:d7:1d:fa:
81:73:10:ea:4f:27:d3:29:fc:6f:c7:75:07:e7:22:
cf:07:c9:81:0e:6b:7c:b5:f2:8b:5c:d0:3b:fa:3e:
06:a3:80:b6:cf:2f:a0:17:1f:7f:ab:7f:18:48:15:
eb:70:12:aa:5d:6a:f9:97:8c:07:c6:51:ed:27:16:
ad:b3:03:b7:3d:0a:b1:df:18:ff:30:c4:4f:bb:c6:
61:c4:58:95:59:2a:cf:c5:86:8d:ca:21:10:ff:3e:
57:cf:d2:a5:42:fb:b1:01:db:b7:95:80:c4:66:e4:
d8:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:28:78:7B:01:92:DD:7F:91:52:77:88:4D:91:59:AB:2E:72:98:18
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/xyh4ewGS3X-RUneITZFZqy5ymBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.40.110.0/23
195.172.114.0-195.172.117.255
195.172.196.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:ba:39:15:cb:da:64:18:2b:64:c4:8f:58:ca:72:72:43:ca:
94:e6:76:cf:cf:cf:92:94:7b:6f:cc:62:5d:ea:46:a4:e9:25:
0d:67:9f:3f:9c:c4:df:da:50:b8:ba:21:cd:dd:b3:d2:6e:00:
a4:91:20:1e:44:d7:3d:42:be:6e:41:0a:bc:68:ef:ef:63:c9:
43:3d:1d:82:90:da:7a:1a:f9:e6:96:6d:98:c6:2b:aa:c6:41:
7b:88:e5:a0:10:76:6a:43:71:e6:de:ca:cb:78:52:19:6b:a6:
56:af:d9:1f:51:a8:45:a4:93:73:50:7f:c9:44:42:3d:3d:f3:
a4:92:78:e4:e2:e0:97:3f:b5:9b:f7:4b:59:44:19:be:12:c2:
d2:b6:a6:1d:2c:4a:15:9f:3c:f0:3f:46:90:00:ce:bc:05:7f:
30:ce:09:6d:54:aa:47:d3:24:57:e9:a2:0a:2e:a0:24:b4:bb:
f2:6b:fd:d0:bc:c1:ae:8a:bc:bf:ee:79:de:44:fe:a4:fd:15:
33:bc:2b:48:f8:26:13:19:4e:aa:25:4d:fd:03:45:4e:da:79:
ac:09:62:ab:6a:fd:32:82:09:35:ea:24:ba:ba:ee:98:20:02:
ab:71:29:ef:0c:13:31:d3:6f:1f:fe:5f:71:07:22:20:52:fb:
2d:05:5e:38
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZmpdfBYaKbU8sJKwqtNPZ+SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUxMDAzMDk0NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzI4Nzg3YjAxOTJkZDdmOTE1Mjc3ODg0ZDkxNTlhYjJlNzI5ODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxMYLj1oWG93P+BH9rEGBLGY6UwM
E4SkD8DtZyLL1R9LvvnHPj/FnLvVj7wcxNsnJT65ZseTqLVgeY6tE/L0efftybt6
ifQ2kvx8DdbDRWnyAUfFG/q1zYxb48KT/aYEOE1C7gUhXTqeoxUAu9m7fJ/GgPfU
hFG2AzLnUZiIoY/82SGR2BJD8sNW6mms2YRnvYDXHfqBcxDqTyfTKfxvx3UH5yLP
B8mBDmt8tfKLXNA7+j4Go4C2zy+gFx9/q38YSBXrcBKqXWr5l4wHxlHtJxatswO3
PQqx3xj/MMRPu8ZhxFiVWSrPxYaNyiEQ/z5Xz9KlQvuxAdu3lYDEZuTYvQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMcoeHsBkt1/kVJ3iE2RWasucpgYMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEveHloNGV3R1MzWC1SVW5lSVRaRlpxeTV5bUJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBwyhuMAwD
BAHDrHIDBAHDrHQDBAHDrMQwDQYJKoZIhvcNAQELBQADggEBAF26ORXL2mQYK2TE
j1jKcnJDypTmds/Pz5KUe2/MYl3qRqTpJQ1nnz+cxN/aULi6Ic3ds9JuAKSRIB5E
1z1Cvm5BCrxo7+9jyUM9HYKQ2noa+eaWbZjGK6rGQXuI5aAQdmpDcebeyst4Uhlr
plav2R9RqEWkk3NQf8lEQj0986SSeOTi4Jc/tZv3S1lEGb4SwtK2ph0sShWfPPA/
RpAAzrwFfzDOCW1UqkfTJFfpogouoCS0u/Jr/dC8wa6KvL/ued5E/qT9FTO8K0j4
JhMZTqolTf0DRU7aeawJYqtq/TKCCTXqJLq67pggAqtxKe8MEzHTbx/+X3EHIiBS
+y0FXjg=
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:08:23 2025 by rpki-client