
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/xFqNQVTFpMj4W5rVLw1d0wYhCxE.roa
File: xFqNQVTFpMj4W5rVLw1d0wYhCxE.roa (raw, json)
Hash identifier: mLkdYkxMk/c37ut0f2/D21fKPmTDjz49mB9Qq74dOX8=
Subject key identifier: C4:5A:8D:41:54:C5:A4:C8:F8:5B:9A:D5:2F:0D:5D:D3:06:21:0B:11
Certificate issuer: /CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be
Certificate serial: 01994845C3FBD541C25A79C9B806AEEFB248
Authority key identifier: 1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/xFqNQVTFpMj4W5rVLw1d0wYhCxE.roa
Signing time: Sun 14 Sep 2025 12:49:15 +0000
ROA not before: Sun 14 Sep 2025 12:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198981
IP address blocks: 2a01:ecc0:2000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.mft
rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:48:45:c3:fb:d5:41:c2:5a:79:c9:b8:06:ae:ef:b2:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be
Validity
Not Before: Sep 14 12:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c45a8d4154c5a4c8f85b9ad52f0d5dd306210b11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:db:33:0c:f9:be:da:34:55:24:f2:7a:72:3c:
43:87:3a:f2:b0:0f:43:cf:ab:5c:9c:b9:3e:0b:17:
8b:6e:3c:07:05:f6:d0:eb:bc:b3:5a:18:06:f8:4a:
e9:f9:4a:5c:4e:21:78:f5:2c:4e:9f:3f:81:e4:14:
77:37:3f:32:50:33:fd:d2:42:87:eb:bb:6d:58:b1:
ae:2e:05:d1:19:ab:50:f3:8a:02:a5:f7:a1:47:ed:
3f:cd:cf:dc:24:9f:dd:60:39:32:42:d8:ba:62:5c:
bd:3e:10:23:de:53:07:a8:4d:32:0d:bb:5a:b1:98:
08:fb:64:79:56:17:49:cb:58:b0:9f:de:7e:54:be:
a7:21:37:c9:14:f2:fe:78:9e:04:dc:4d:73:be:a7:
a0:20:07:54:1c:e4:22:27:ae:86:7d:3f:f3:d1:3b:
59:7a:d9:9f:5f:fa:5c:75:7f:09:0a:06:9f:be:c8:
5c:0a:6b:17:06:e1:c8:a6:ad:97:58:60:29:29:9e:
f0:04:36:23:73:66:0d:70:cf:89:9a:43:33:1a:01:
cc:d2:60:42:37:43:01:ef:c2:e6:71:5a:20:bd:7d:
7e:ac:a5:79:1f:93:25:b2:f5:bc:3e:3b:92:80:a9:
49:92:94:6c:a0:be:e2:55:61:4f:6f:a1:6a:62:27:
f2:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:5A:8D:41:54:C5:A4:C8:F8:5B:9A:D5:2F:0D:5D:D3:06:21:0B:11
X509v3 Authority Key Identifier:
keyid:1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/xFqNQVTFpMj4W5rVLw1d0wYhCxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:ecc0:2000::/36
Signature Algorithm: sha256WithRSAEncryption
8e:67:0b:0f:7e:e5:92:7c:94:2d:31:14:f6:da:51:d9:6c:64:
7b:07:0e:cc:e3:60:1d:35:2f:90:eb:19:55:dd:25:da:6d:d6:
b8:b6:59:37:23:79:7a:98:4f:0a:57:6e:b3:f7:7e:0e:e5:f7:
bf:3b:e2:eb:9a:ad:b4:a2:4d:5d:19:68:e6:37:b2:94:a6:1e:
c0:90:00:11:c9:e4:ab:f1:30:38:e4:54:6c:dd:66:f4:e2:70:
35:2a:0f:83:4d:af:15:23:93:de:87:d2:a9:b4:76:1f:e0:fc:
ac:55:fc:37:4b:af:d2:b0:e9:c6:60:a0:09:56:e3:cf:be:b7:
b3:89:6a:1e:d5:1f:a4:5f:f9:19:c8:63:1c:40:1a:9a:ce:8b:
b4:d5:b3:43:a9:31:4a:c3:43:87:2e:af:fd:0e:e6:c4:77:5a:
36:cc:67:7a:e6:cb:99:e2:a2:aa:2d:c7:4a:24:cc:28:05:e2:
c3:79:90:01:c8:36:95:36:bc:c6:6c:ff:e4:d0:50:07:45:67:
24:3e:c3:61:32:d1:17:a8:0c:e4:e6:08:7f:24:c8:a2:9a:4a:
98:e0:5e:e8:1e:ca:df:75:3d:97:d8:b6:6a:af:2c:83:02:42:
33:2e:86:20:5c:e3:1c:61:64:31:66:a7:cf:a1:e8:1a:91:24:
e2:df:0c:c5
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZlIRcP71UHCWnnJuAau77JIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNDNhMjQ4NDU2OWQyMGUzZjUzYzE3YmU3YjlmYjI5YzM0
ZWU1YmUwHhcNMjUwOTE0MTI0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDVhOGQ0MTU0YzVhNGM4Zjg1YjlhZDUyZjBkNWRkMzA2MjEwYjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntszDPm+2jRVJPJ6cjxDhzrysA9D
z6tcnLk+CxeLbjwHBfbQ67yzWhgG+Erp+UpcTiF49SxOnz+B5BR3Nz8yUDP90kKH
67ttWLGuLgXRGatQ84oCpfehR+0/zc/cJJ/dYDkyQti6Yly9PhAj3lMHqE0yDbta
sZgI+2R5VhdJy1iwn95+VL6nITfJFPL+eJ4E3E1zvqegIAdUHOQiJ66GfT/z0TtZ
etmfX/pcdX8JCgafvshcCmsXBuHIpq2XWGApKZ7wBDYjc2YNcM+JmkMzGgHM0mBC
N0MB78LmcVogvX1+rKV5H5MlsvW8PjuSgKlJkpRsoL7iVWFPb6FqYifyywIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMRajUFUxaTI+Fua1S8NXdMGIQsRMB8GA1UdIwQY
MBaAFB1DokhFadIOP1PBe+e5+ynDTuW+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjkt
NjM0NTE1NDg5NzlkLzEveEZxTlFWVEZwTWo0VzVyVkx3MWQwd1loQ3hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjktNjM0NTE1NDg5Nzlk
LzEvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgHswCAw
DQYJKoZIhvcNAQELBQADggEBAI5nCw9+5ZJ8lC0xFPbaUdlsZHsHDszjYB01L5Dr
GVXdJdpt1ri2WTcjeXqYTwpXbrP3fg7l97874uuarbSiTV0ZaOY3spSmHsCQABHJ
5KvxMDjkVGzdZvTicDUqD4NNrxUjk96H0qm0dh/g/KxV/DdLr9Kw6cZgoAlW48++
t7OJah7VH6Rf+RnIYxxAGprOi7TVs0OpMUrDQ4cur/0O5sR3WjbMZ3rmy5nioqot
x0okzCgF4sN5kAHINpU2vMZs/+TQUAdFZyQ+w2Ey0ReoDOTmCH8kyKKaSpjgXuge
yt91PZfYtmqvLIMCQjMuhiBc4xxhZDFmp8+h6BqRJOLfDMU=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:20:33 2025 by rpki-client