Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/26b47b-f2ce-4f2b-9d33-45579e418ff7/1/XhmVOxeypIhl-8QtBoFXZmkyOfo.roa
File: XhmVOxeypIhl-8QtBoFXZmkyOfo.roa (raw, json)
Hash identifier: NGVstEUWv/DepTwZpuQa7X5iSrpsHNmeXxcUSdEmq9U=
Subject key identifier: 5E:19:95:3B:17:B2:A4:88:65:FB:C4:2D:06:81:57:66:69:32:39:FA
Certificate issuer: /CN=d25622457a1be33a01258866a067e0447dfd8964
Certificate serial: 019995F2D25025235978E6FF8E8F8D7555B2
Authority key identifier: D2:56:22:45:7A:1B:E3:3A:01:25:88:66:A0:67:E0:44:7D:FD:89:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0lYiRXob4zoBJYhmoGfgRH39iWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/26b47b-f2ce-4f2b-9d33-45579e418ff7/1/XhmVOxeypIhl-8QtBoFXZmkyOfo.roa
Signing time: Mon 29 Sep 2025 14:49:02 +0000
ROA not before: Mon 29 Sep 2025 14:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 93.157.106.0/24 maxlen: 24
94.103.188.0/24 maxlen: 24
193.27.90.0/24 maxlen: 24
213.232.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/26b47b-f2ce-4f2b-9d33-45579e418ff7/1/0lYiRXob4zoBJYhmoGfgRH39iWQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/26b47b-f2ce-4f2b-9d33-45579e418ff7/1/0lYiRXob4zoBJYhmoGfgRH39iWQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/0lYiRXob4zoBJYhmoGfgRH39iWQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:95:f2:d2:50:25:23:59:78:e6:ff:8e:8f:8d:75:55:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d25622457a1be33a01258866a067e0447dfd8964
Validity
Not Before: Sep 29 14:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e19953b17b2a48865fbc42d06815766693239fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3e:cf:8a:0f:7d:0e:e4:65:43:70:f1:d9:ad:
cf:01:d7:aa:59:d9:fe:8c:dd:93:c6:ad:ca:f0:99:
3b:20:10:f1:b7:50:37:3a:d1:ea:b7:d6:7f:c5:04:
b9:d6:aa:f4:ca:cd:e3:3c:8a:ae:fd:35:e4:4d:10:
ef:8b:a0:53:17:17:2f:a7:21:62:e0:04:3b:df:a2:
35:30:d0:1d:28:e4:f8:7b:88:6b:82:8f:4d:99:e8:
fe:c7:95:e1:6f:2e:fa:5e:f8:6a:cd:6b:a1:7b:e3:
44:14:35:a8:cc:68:af:81:e7:51:c3:5a:ee:da:72:
c0:17:f1:66:32:6f:4d:f9:6d:27:45:84:a3:aa:51:
d4:06:32:93:e2:a3:9e:8b:4e:30:d4:06:b4:33:12:
8d:1b:41:b6:e5:e8:4f:e1:1d:e6:7d:2b:07:f8:62:
7e:48:95:c4:b6:22:31:aa:ad:0b:3b:87:04:b5:a7:
b4:2d:55:06:bc:f4:ef:4e:73:04:61:5b:ad:da:e5:
c9:57:57:3e:70:8a:35:fd:9f:d7:e1:df:64:9b:cd:
bb:41:36:68:7b:a2:55:07:0f:ff:b2:b5:2a:98:97:
e1:d6:ea:7b:d2:d0:9b:91:85:ab:88:39:d3:e5:40:
1b:66:0a:4a:98:b6:c1:87:b3:86:d2:89:a2:3c:a2:
2a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:19:95:3B:17:B2:A4:88:65:FB:C4:2D:06:81:57:66:69:32:39:FA
X509v3 Authority Key Identifier:
keyid:D2:56:22:45:7A:1B:E3:3A:01:25:88:66:A0:67:E0:44:7D:FD:89:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0lYiRXob4zoBJYhmoGfgRH39iWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/26b47b-f2ce-4f2b-9d33-45579e418ff7/1/XhmVOxeypIhl-8QtBoFXZmkyOfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/26b47b-f2ce-4f2b-9d33-45579e418ff7/1/0lYiRXob4zoBJYhmoGfgRH39iWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.157.106.0/24
94.103.188.0/24
193.27.90.0/24
213.232.235.0/24
Signature Algorithm: sha256WithRSAEncryption
44:31:5e:a2:ea:fe:bc:e5:5c:16:ee:23:cf:1b:09:4f:d1:85:
d9:61:dc:90:af:ee:a7:06:70:e1:19:27:e8:2d:07:bc:27:2c:
ac:ab:b0:ab:37:34:b2:e7:aa:dc:85:1a:93:6f:cd:e3:91:cd:
33:4e:23:76:03:4a:16:90:c4:ab:83:0c:88:d6:b6:d7:10:fc:
a3:32:20:d2:ba:d9:69:81:13:5b:3f:ff:f2:3c:c2:e8:fb:82:
9d:a6:18:d1:ae:77:89:ed:46:95:ed:0f:bc:e1:d2:e7:7e:b1:
6b:7c:e3:88:cc:31:18:a0:bc:8c:8d:d9:d0:2e:4a:18:9d:c9:
db:60:d6:cd:80:8b:60:40:00:03:fb:9f:04:d9:92:bd:b6:1f:
1a:5c:3a:79:0c:02:cb:a1:50:33:98:8a:42:31:8d:61:28:5d:
34:49:f7:33:ec:66:cd:d6:18:b5:0c:78:db:c7:ce:62:db:bf:
f4:8a:07:63:56:91:01:46:70:68:80:c7:aa:5d:86:6a:fc:92:
30:5b:25:91:3c:65:91:fa:0a:b7:c4:a6:fb:f6:f0:6f:de:51:
0e:e7:ba:d0:03:c5:a5:b6:fb:5e:d4:3b:ab:cf:90:96:29:ea:
8f:5f:21:be:2c:21:e7:8b:15:68:d1:2c:b6:6e:cd:c7:c7:41:
f2:d6:2d:69
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZmV8tJQJSNZeOb/jo+NdVWyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNTYyMjQ1N2ExYmUzM2EwMTI1ODg2NmEwNjdlMDQ0N2Rm
ZDg5NjQwHhcNMjUwOTI5MTQ0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTE5OTUzYjE3YjJhNDg4NjVmYmM0MmQwNjgxNTc2NjY5MzIzOWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuT7Pig99DuRlQ3Dx2a3PAdeqWdn+
jN2Txq3K8Jk7IBDxt1A3OtHqt9Z/xQS51qr0ys3jPIqu/TXkTRDvi6BTFxcvpyFi
4AQ736I1MNAdKOT4e4hrgo9Nmej+x5Xhby76XvhqzWuhe+NEFDWozGivgedRw1ru
2nLAF/FmMm9N+W0nRYSjqlHUBjKT4qOei04w1Aa0MxKNG0G25ehP4R3mfSsH+GJ+
SJXEtiIxqq0LO4cEtae0LVUGvPTvTnMEYVut2uXJV1c+cIo1/Z/X4d9km827QTZo
e6JVBw//srUqmJfh1up70tCbkYWriDnT5UAbZgpKmLbBh7OG0omiPKIqVwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF4ZlTsXsqSIZfvELQaBV2ZpMjn6MB8GA1UdIwQY
MBaAFNJWIkV6G+M6ASWIZqBn4ER9/YlkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGxZaVJYb2I0em9CSllobW9HZmdSSDM5aVdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8yNmI0N2ItZjJjZS00ZjJiLTlkMzMt
NDU1NzllNDE4ZmY3LzEvWGhtVk94ZXlwSWhsLThRdEJvRlhabWt5T2ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8yNmI0N2ItZjJjZS00ZjJiLTlkMzMtNDU1NzllNDE4ZmY3
LzEvMGxZaVJYb2I0em9CSllobW9HZmdSSDM5aVdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXZ1qAwQA
Xme8AwQAwRtaAwQA1ejrMA0GCSqGSIb3DQEBCwUAA4IBAQBEMV6i6v685VwW7iPP
GwlP0YXZYdyQr+6nBnDhGSfoLQe8Jyysq7CrNzSy56rchRqTb83jkc0zTiN2A0oW
kMSrgwyI1rbXEPyjMiDSutlpgRNbP//yPMLo+4KdphjRrneJ7UaV7Q+84dLnfrFr
fOOIzDEYoLyMjdnQLkoYncnbYNbNgItgQAAD+58E2ZK9th8aXDp5DALLoVAzmIpC
MY1hKF00Sfcz7GbN1hi1DHjbx85i27/0igdjVpEBRnBogMeqXYZq/JIwWyWRPGWR
+gq3xKb79vBv3lEO57rQA8Wltvte1Durz5CWKeqPXyG+LCHnixVo0Sy2bs3Hx0Hy
1i1p
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:14:17 2025 by rpki-client