Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/ec3106-e7bf-4299-ae12-dbd91b111844/1/x3_1xiv-NQfFznfpCLWxiJi7a90.roa
File: x3_1xiv-NQfFznfpCLWxiJi7a90.roa (raw, json)
Hash identifier: Cqgk6ziv4FZVRmKg6qsSirIsfpT7hD739QyYsLmilF8=
Subject key identifier: C7:7F:F5:C6:2B:FE:35:07:C5:CE:77:E9:08:B5:B1:88:98:BB:6B:DD
Certificate issuer: /CN=d76d71d8845d2fe296a46d79176f590d8db4f16a
Certificate serial: 0199A43074048E35462592AB75E26A491CED
Authority key identifier: D7:6D:71:D8:84:5D:2F:E2:96:A4:6D:79:17:6F:59:0D:8D:B4:F1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/121x2IRdL-KWpG15F29ZDY208Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/ec3106-e7bf-4299-ae12-dbd91b111844/1/x3_1xiv-NQfFznfpCLWxiJi7a90.roa
Signing time: Thu 02 Oct 2025 09:11:02 +0000
ROA not before: Thu 02 Oct 2025 09:11:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21497
IP address blocks: 81.95.176.0/21 maxlen: 21
81.95.184.0/23 maxlen: 23
81.95.186.0/24 maxlen: 24
81.95.188.0/23 maxlen: 23
81.95.190.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/ec3106-e7bf-4299-ae12-dbd91b111844/1/121x2IRdL-KWpG15F29ZDY208Wo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/ec3106-e7bf-4299-ae12-dbd91b111844/1/121x2IRdL-KWpG15F29ZDY208Wo.mft
rsync://rpki.ripe.net/repository/DEFAULT/121x2IRdL-KWpG15F29ZDY208Wo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a4:30:74:04:8e:35:46:25:92:ab:75:e2:6a:49:1c:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76d71d8845d2fe296a46d79176f590d8db4f16a
Validity
Not Before: Oct 2 09:11:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c77ff5c62bfe3507c5ce77e908b5b18898bb6bdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b9:ba:ec:44:1c:b0:84:3c:72:5a:36:7b:77:
89:26:62:d9:97:78:90:f2:3d:87:eb:d6:a3:f9:cb:
0a:56:09:16:a4:7e:c3:ac:4f:46:04:7b:5f:07:39:
2d:19:16:7d:8f:52:6c:cc:65:78:08:9a:73:a5:8f:
b9:61:59:d1:98:9f:e6:6b:13:6f:3b:e2:67:1b:a9:
ed:b4:83:0c:ed:da:e6:e5:2f:05:51:35:50:ee:2f:
a7:88:53:54:05:0e:5d:39:69:f1:ab:df:98:97:84:
2c:ab:41:a8:7e:c6:aa:15:5a:fe:ee:10:bd:ea:fd:
84:89:60:0f:d9:4a:ce:ef:26:5f:68:75:c9:f9:75:
90:f8:10:f7:0f:ca:dc:ad:12:50:dc:83:48:6d:02:
e3:7c:c9:ae:87:58:c5:0b:2c:f0:62:7e:e4:de:9a:
fe:16:2e:f5:17:a5:f4:c2:08:24:be:93:fe:7f:04:
41:a8:a7:31:8d:f2:d5:28:49:13:e2:3e:58:2c:7c:
d8:81:84:c2:ed:68:63:83:42:23:55:0a:a4:06:9b:
97:15:7a:7d:7d:f9:ec:15:5f:c5:bb:82:29:fd:ad:
26:c1:f9:4b:c4:90:71:17:73:cc:64:a9:a8:aa:97:
2e:1e:0a:28:60:6d:73:63:fb:39:20:45:b4:e5:4e:
1b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:7F:F5:C6:2B:FE:35:07:C5:CE:77:E9:08:B5:B1:88:98:BB:6B:DD
X509v3 Authority Key Identifier:
keyid:D7:6D:71:D8:84:5D:2F:E2:96:A4:6D:79:17:6F:59:0D:8D:B4:F1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/121x2IRdL-KWpG15F29ZDY208Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/ec3106-e7bf-4299-ae12-dbd91b111844/1/x3_1xiv-NQfFznfpCLWxiJi7a90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/ec3106-e7bf-4299-ae12-dbd91b111844/1/121x2IRdL-KWpG15F29ZDY208Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.95.176.0-81.95.186.255
81.95.188.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:0f:b5:94:88:82:10:57:e1:07:0e:d9:61:2d:a2:7d:38:6b:
fc:bd:1e:8c:65:a7:d7:bb:65:a0:0d:79:c6:d0:51:89:7e:56:
9b:72:d9:2a:16:fb:19:16:21:29:4a:7c:e7:80:1d:e3:6e:fd:
85:d7:03:82:7c:d3:b9:60:9c:c4:92:04:dd:36:53:6e:47:13:
ea:72:f0:0d:00:d4:10:35:e7:12:fd:16:56:f4:fd:c5:72:60:
9e:71:b0:4c:2f:ec:a0:07:92:c8:df:ed:f6:4c:bc:60:3d:86:
00:f9:af:5d:06:ec:0a:74:e8:c4:92:05:7e:7f:f4:ba:fb:72:
77:d7:ce:31:6f:91:99:e5:6e:7d:46:a7:52:16:cf:1c:d0:07:
bb:7b:79:9a:e9:8d:44:2d:49:a5:d7:b9:17:9b:0e:a1:45:d7:
6b:b5:29:e6:11:80:24:05:d3:84:07:00:ba:06:4c:bc:24:41:
5d:7a:0a:b7:1f:84:19:0c:21:b8:3a:08:78:e1:36:9a:8e:52:
27:7b:cf:70:9e:ef:6f:e8:8c:8d:bd:b9:12:e8:39:5f:7d:ae:
95:18:95:24:be:1f:74:3c:a7:af:08:dc:ab:40:23:7a:79:8f:
ab:28:11:07:0b:26:13:0d:40:f5:ee:f7:60:2c:e6:bd:15:2e:
3c:bd:27:e3
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZmkMHQEjjVGJZKrdeJqSRztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmQ3MWQ4ODQ1ZDJmZTI5NmE0NmQ3OTE3NmY1OTBkOGRi
NGYxNmEwHhcNMjUxMDAyMDkxMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzdmZjVjNjJiZmUzNTA3YzVjZTc3ZTkwOGI1YjE4ODk4YmI2YmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rm67EQcsIQ8clo2e3eJJmLZl3iQ
8j2H69aj+csKVgkWpH7DrE9GBHtfBzktGRZ9j1JszGV4CJpzpY+5YVnRmJ/maxNv
O+JnG6nttIMM7drm5S8FUTVQ7i+niFNUBQ5dOWnxq9+Yl4Qsq0GofsaqFVr+7hC9
6v2EiWAP2UrO7yZfaHXJ+XWQ+BD3D8rcrRJQ3INIbQLjfMmuh1jFCyzwYn7k3pr+
Fi71F6X0wggkvpP+fwRBqKcxjfLVKEkT4j5YLHzYgYTC7Whjg0IjVQqkBpuXFXp9
ffnsFV/Fu4Ip/a0mwflLxJBxF3PMZKmoqpcuHgooYG1zY/s5IEW05U4bPQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMd/9cYr/jUHxc536Qi1sYiYu2vdMB8GA1UdIwQY
MBaAFNdtcdiEXS/ilqRteRdvWQ2NtPFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTIxeDJJUmRMLUtXcEcxNUYyOVpEWTIwOFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lYzMxMDYtZTdiZi00Mjk5LWFlMTIt
ZGJkOTFiMTExODQ0LzEveDNfMXhpdi1OUWZGem5mcENMV3hpSmk3YTkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lYzMxMDYtZTdiZi00Mjk5LWFlMTItZGJkOTFiMTExODQ0
LzEvMTIxeDJJUmRMLUtXcEcxNUYyOVpEWTIwOFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBARRX7AD
BABRX7oDBAJRX7wwDQYJKoZIhvcNAQELBQADggEBAF8PtZSIghBX4QcO2WEton04
a/y9Hoxlp9e7ZaANecbQUYl+Vpty2SoW+xkWISlKfOeAHeNu/YXXA4J807lgnMSS
BN02U25HE+py8A0A1BA15xL9Flb0/cVyYJ5xsEwv7KAHksjf7fZMvGA9hgD5r10G
7Ap06MSSBX5/9Lr7cnfXzjFvkZnlbn1Gp1IWzxzQB7t7eZrpjUQtSaXXuRebDqFF
12u1KeYRgCQF04QHALoGTLwkQV16CrcfhBkMIbg6CHjhNpqOUid7z3Ce72/ojI29
uRLoOV99rpUYlSS+H3Q8p68I3KtAI3p5j6soEQcLJhMNQPXu92As5r0VLjy9J+M=
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:03:21 2025 by rpki-client