Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/xagYNcQM_GY3rQPrYx7xtNlirUc.roa
File: xagYNcQM_GY3rQPrYx7xtNlirUc.roa (raw, json)
Hash identifier: FmPepqhSIDsJAdNhCeAnXYdmF8cj/Njq5XOJxEH/oJk=
Subject key identifier: C5:A8:18:35:C4:0C:FC:66:37:AD:03:EB:63:1E:F1:B4:D9:62:AD:47
Certificate issuer: /CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Certificate serial: 0197A5E558C8F166FC2B729B0C9023582D8B
Authority key identifier: B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/xagYNcQM_GY3rQPrYx7xtNlirUc.roa
Signing time: Wed 25 Jun 2025 07:02:40 +0000
ROA not before: Wed 25 Jun 2025 07:02:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48108
IP address blocks: 31.222.227.0/24 maxlen: 24
94.247.137.0/24 maxlen: 24
176.53.146.0/23 maxlen: 23
176.116.0.0/24 maxlen: 24
185.235.230.0/24 maxlen: 24
2001:678:e30::/48 maxlen: 48
2a0a:2e80::/32 maxlen: 32
2a0a:2e81::/32 maxlen: 32
2a0a:2e81::/36 maxlen: 36
2a0a:2e82::/32 maxlen: 32
2a11:7e40::/48 maxlen: 48
2a11:7e40:1::/48 maxlen: 48
2a11:7e40:2::/48 maxlen: 48
2a11:7e40:3::/48 maxlen: 48
2a11:8480::/32 maxlen: 32
2a11:8481::/32 maxlen: 32
2a11:8482::/32 maxlen: 32
2a12:6702::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.mft
rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 04:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a5:e5:58:c8:f1:66:fc:2b:72:9b:0c:90:23:58:2d:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Validity
Not Before: Jun 25 07:02:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5a81835c40cfc6637ad03eb631ef1b4d962ad47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:50:43:62:16:69:a0:a0:ac:88:0c:68:ee:8e:
ec:90:37:50:ea:6b:77:3f:82:f2:b4:07:42:36:c0:
60:a8:a8:68:e5:67:f2:40:6e:aa:0d:26:7f:40:b9:
a8:38:17:03:9d:d8:ec:25:1c:b5:4f:a1:36:19:dd:
25:93:b2:10:96:56:c2:9d:39:82:cb:f1:6c:14:08:
2c:51:c2:82:e4:7f:d5:7f:65:a3:4d:f6:05:99:c1:
e9:cd:8f:46:3d:69:04:83:24:31:dd:df:f6:bd:2b:
98:dd:1d:33:7d:7a:30:ee:9d:32:6b:48:7f:77:96:
d3:f1:d5:54:f8:cc:56:31:28:06:54:72:f8:8b:45:
fa:3e:f7:c6:79:79:6e:53:ca:7b:a6:91:7b:1c:27:
f4:92:b2:13:de:05:66:39:f5:9a:60:e5:f5:33:3e:
14:c1:ce:d0:55:76:cf:cb:23:2e:19:22:96:6a:a2:
62:5e:0e:d5:7e:c5:e9:fe:76:c8:41:67:49:ab:9a:
9b:cc:02:e9:ec:a6:47:6e:f7:15:0c:92:92:36:ad:
c2:61:63:f7:e7:ee:80:55:73:7b:01:a6:4b:9c:a5:
4d:a5:1f:18:1d:b1:06:97:b6:1e:45:95:9b:8c:7c:
bd:66:a3:2f:92:2d:07:a1:69:95:14:76:d2:e1:1f:
54:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:A8:18:35:C4:0C:FC:66:37:AD:03:EB:63:1E:F1:B4:D9:62:AD:47
X509v3 Authority Key Identifier:
keyid:B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/xagYNcQM_GY3rQPrYx7xtNlirUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.227.0/24
94.247.137.0/24
176.53.146.0/23
176.116.0.0/24
185.235.230.0/24
IPv6:
2001:678:e30::/48
2a0a:2e80::-2a0a:2e82:ffff:ffff:ffff:ffff:ffff:ffff
2a11:7e40::/46
2a11:8480::-2a11:8482:ffff:ffff:ffff:ffff:ffff:ffff
2a12:6702::/32
Signature Algorithm: sha256WithRSAEncryption
5c:08:a8:fd:cc:f4:ce:59:d4:7d:4d:50:e9:ec:59:7b:fd:23:
b4:94:2f:b5:79:30:10:aa:21:0b:bb:c9:32:60:cd:9e:c7:2c:
38:c6:0e:95:b0:12:18:8e:85:a1:4e:cd:9c:83:7b:a4:d8:50:
8c:aa:b7:e5:c5:ba:67:61:99:80:88:0e:05:4d:09:74:ef:55:
8a:b8:75:3b:6c:4c:d6:81:ca:69:c6:d1:de:ed:bd:1b:03:6d:
56:60:83:e4:25:b2:52:d4:ac:96:bb:0f:b2:2c:fc:ca:d4:05:
d1:af:1e:ec:dd:e3:e3:e7:16:55:d5:e1:45:9f:11:90:59:6d:
d9:64:3e:60:e0:ad:cc:e5:94:5c:c3:24:ed:2f:9e:41:a8:4c:
e6:fa:bc:77:9b:68:9a:de:33:43:57:63:c7:cc:76:72:c8:9f:
8f:69:80:88:6e:f8:ad:0f:7d:a6:fc:b1:93:63:ee:1c:23:8a:
31:b0:8a:10:3d:25:ff:cc:cc:fa:76:a0:2d:c1:0f:ec:7d:ba:
0e:78:e8:80:cd:77:55:8b:53:fa:5f:96:14:c6:5e:81:57:d1:
c7:01:fd:e9:e2:43:80:c4:d6:a1:fc:ac:db:5c:94:e3:d9:9a:
6c:b6:83:bf:ae:90:46:cc:c7:d5:ab:e2:a2:cb:f8:57:a4:82:
9e:7f:64:60
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZel5VjI8Wb8K3KbDJAjWC2LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTAwMmJhMDg4ZDViZDA5YzE1NTNkY2VkNWIwYmYzOTA3
ZmY3MzYwHhcNMjUwNjI1MDcwMjQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWE4MTgzNWM0MGNmYzY2MzdhZDAzZWI2MzFlZjFiNGQ5NjJhZDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1FBDYhZpoKCsiAxo7o7skDdQ6mt3
P4LytAdCNsBgqKho5WfyQG6qDSZ/QLmoOBcDndjsJRy1T6E2Gd0lk7IQllbCnTmC
y/FsFAgsUcKC5H/Vf2WjTfYFmcHpzY9GPWkEgyQx3d/2vSuY3R0zfXow7p0ya0h/
d5bT8dVU+MxWMSgGVHL4i0X6PvfGeXluU8p7ppF7HCf0krIT3gVmOfWaYOX1Mz4U
wc7QVXbPyyMuGSKWaqJiXg7VfsXp/nbIQWdJq5qbzALp7KZHbvcVDJKSNq3CYWP3
5+6AVXN7AaZLnKVNpR8YHbEGl7YeRZWbjHy9ZqMvki0HoWmVFHbS4R9UywIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFMWoGDXEDPxmN60D62Me8bTZYq1HMB8GA1UdIwQY
MBaAFLNQAroIjVvQnBVT3O1bC/OQf/c2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2Ut
YWYxZWYxZDdhZmI4LzEveGFnWU5jUU1fR1kzclFQcll4N3h0TmxpclVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2UtYWYxZWYxZDdhZmI4
LzEvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzAkBAIAATAeAwQAH97jAwQA
XveJAwQBsDWSAwQAsHQAAwQAuevmMD8EAgACMDkDBwAgAQZ4DjAwDgMFByoKLoAD
BQAqCi6CAwcCKhF+QAAAMA4DBQcqEYSAAwUAKhGEggMFACoSZwIwDQYJKoZIhvcN
AQELBQADggEBAFwIqP3M9M5Z1H1NUOnsWXv9I7SUL7V5MBCqIQu7yTJgzZ7HLDjG
DpWwEhiOhaFOzZyDe6TYUIyqt+XFumdhmYCIDgVNCXTvVYq4dTtsTNaBymnG0d7t
vRsDbVZgg+QlslLUrJa7D7Is/MrUBdGvHuzd4+PnFlXV4UWfEZBZbdlkPmDgrczl
lFzDJO0vnkGoTOb6vHebaJreM0NXY8fMdnLIn49pgIhu+K0Pfab8sZNj7hwjijGw
ihA9Jf/MzPp2oC3BD+x9ug546IDNd1WLU/pflhTGXoFX0ccB/eniQ4DE1qH8rNtc
lOPZmmy2g7+ukEbMx9Wr4qLL+Fekgp5/ZGA=
-----END CERTIFICATE-----
Generated at Mon Jun 30 09:02:22 2025 by rpki-client