Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/XtPvBbw3BjE0wE-uEfwGoJNlY5U.roa
File: XtPvBbw3BjE0wE-uEfwGoJNlY5U.roa (raw, json)
Hash identifier: EIL0rVPKdiOLLbhxN/nqQx1m/0t3NwQlUppt8zWokoY=
Subject key identifier: 5E:D3:EF:05:BC:37:06:31:34:C0:4F:AE:11:FC:06:A0:93:65:63:95
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198D13F06579E676CB98C27F339DB947AE1
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/XtPvBbw3BjE0wE-uEfwGoJNlY5U.roa
Signing time: Fri 22 Aug 2025 10:07:05 +0000
ROA not before: Fri 22 Aug 2025 10:07:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216444
IP address blocks: 151.245.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 09:25:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d1:3f:06:57:9e:67:6c:b9:8c:27:f3:39:db:94:7a:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 22 10:07:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ed3ef05bc37063134c04fae11fc06a093656395
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:7a:c8:88:55:f0:fe:b1:a2:18:ac:6c:36:a5:
80:1f:f9:0a:94:97:a0:aa:55:dc:84:f5:b6:2a:5a:
f9:db:22:84:42:52:6a:5f:2f:f0:a0:3e:ac:a8:b9:
e5:e4:ee:d0:18:c6:94:74:f8:0d:22:3e:dd:40:3a:
f9:87:43:6d:6b:14:2a:9f:d7:28:df:c5:95:fb:a8:
ad:7f:6a:d8:20:48:85:94:e1:16:f2:4e:ab:78:83:
cc:a9:f9:c3:1f:da:ee:f6:66:76:39:9a:4b:e7:46:
84:50:58:75:c4:09:d5:c9:85:63:e0:43:2f:9d:45:
7a:f3:44:8a:e1:aa:ff:c8:d2:33:82:3e:72:49:d9:
a3:f6:de:dd:ce:71:49:9e:2f:6e:b1:e2:37:2a:6b:
6d:99:38:84:0f:f0:ab:f8:85:42:3c:d9:81:0f:64:
f3:9c:30:73:92:44:35:65:c2:f0:46:6b:9f:ad:24:
f0:cf:f3:6b:21:f0:88:9c:1e:3c:79:47:e3:fc:a9:
35:f8:a4:97:bd:8c:6b:91:dd:29:9b:0a:99:0e:d4:
a6:0c:10:4b:9e:05:ed:84:16:55:fd:46:4f:0c:66:
50:a6:fb:92:f5:11:41:ef:7e:04:7e:d2:c9:b6:3b:
a8:06:2c:21:e8:68:71:c3:30:a7:aa:8a:f0:5c:9f:
9a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:D3:EF:05:BC:37:06:31:34:C0:4F:AE:11:FC:06:A0:93:65:63:95
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/XtPvBbw3BjE0wE-uEfwGoJNlY5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.245.186.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:93:c2:4b:4c:2e:06:76:98:80:68:64:6f:f0:ed:35:bb:9c:
6c:56:12:d0:c4:39:5a:58:22:2b:ef:03:9f:6b:4e:fd:b7:de:
05:73:c3:a8:bb:f9:7c:27:d7:b5:6b:d1:5d:77:2c:57:3f:ea:
0e:e2:db:64:89:46:bd:24:ad:b1:11:e9:47:2c:b4:ba:87:bd:
4f:5f:b9:88:ee:fe:8b:66:fe:26:c3:97:f6:9a:e4:aa:8f:88:
ec:84:c6:be:b2:60:fa:5d:8e:fa:dc:c7:2f:d8:df:2d:af:15:
4d:84:f6:e2:88:4c:27:b8:d6:17:85:60:e6:f2:72:82:86:1b:
47:06:a1:1b:df:e6:ff:9f:24:88:4e:c8:ce:83:20:62:42:a8:
6d:b3:dc:b3:ff:65:6e:39:cc:9f:75:ca:b2:da:62:71:d1:bf:
ec:83:da:da:38:6e:32:7d:11:76:2a:d0:ae:e0:31:f2:39:e2:
6c:15:fa:34:59:d9:31:04:f7:c2:80:fa:95:0f:1e:34:8f:61:
02:bc:83:28:e3:ca:2e:fe:91:5b:5e:97:3c:7e:03:a4:d5:d1:
99:5d:7a:97:41:a3:11:5f:09:37:3c:b4:e8:3a:79:01:2d:e6:
cc:d6:b6:3b:32:3b:d9:70:ed:84:b2:34:70:74:d9:94:19:d4:
cf:7d:b4:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZjRPwZXnmdsuYwn8znblHrhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODIyMTAwNzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWQzZWYwNWJjMzcwNjMxMzRjMDRmYWUxMWZjMDZhMDkzNjU2Mzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnrIiFXw/rGiGKxsNqWAH/kKlJeg
qlXchPW2Klr52yKEQlJqXy/woD6sqLnl5O7QGMaUdPgNIj7dQDr5h0NtaxQqn9co
38WV+6itf2rYIEiFlOEW8k6reIPMqfnDH9ru9mZ2OZpL50aEUFh1xAnVyYVj4EMv
nUV680SK4ar/yNIzgj5ySdmj9t7dznFJni9useI3KmttmTiED/Cr+IVCPNmBD2Tz
nDBzkkQ1ZcLwRmufrSTwz/NrIfCInB48eUfj/Kk1+KSXvYxrkd0pmwqZDtSmDBBL
ngXthBZV/UZPDGZQpvuS9RFB734EftLJtjuoBiwh6GhxwzCnqorwXJ+aUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF7T7wW8NwYxNMBPrhH8BqCTZWOVMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvWHRQdkJidzNCakUwd0UtdUVmd0dvSk5sWTVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/W6MA0G
CSqGSIb3DQEBCwUAA4IBAQBsk8JLTC4GdpiAaGRv8O01u5xsVhLQxDlaWCIr7wOf
a079t94Fc8Oou/l8J9e1a9FddyxXP+oO4ttkiUa9JK2xEelHLLS6h71PX7mI7v6L
Zv4mw5f2muSqj4jshMa+smD6XY763Mcv2N8trxVNhPbiiEwnuNYXhWDm8nKChhtH
BqEb3+b/nySITsjOgyBiQqhts9yz/2VuOcyfdcqy2mJx0b/sg9raOG4yfRF2KtCu
4DHyOeJsFfo0WdkxBPfCgPqVDx40j2ECvIMo48ou/pFbXpc8fgOk1dGZXXqXQaMR
Xwk3PLToOnkBLebM1rY7MjvZcO2EsjRwdNmUGdTPfbRb
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:14:04 2025 by rpki-client