Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/c22c3f-91e6-45fb-af76-68a8089701f4/1/xu0lNnNgpgRxpTDG1h2JpwspWBg.roa
File: xu0lNnNgpgRxpTDG1h2JpwspWBg.roa (raw, json)
Hash identifier: CT74Gr1ktpZ4XprpILCL5l7k9j2cryovp9gU1z+Gj84=
Subject key identifier: C6:ED:25:36:73:60:A6:04:71:A5:30:C6:D6:1D:89:A7:0B:29:58:18
Certificate issuer: /CN=5814dbbab63e9117d0b02cbab56639e6fd0d40d9
Certificate serial: 0199B86525ED0BD4B306C0BB91C163A3E6BA
Authority key identifier: 58:14:DB:BA:B6:3E:91:17:D0:B0:2C:BA:B5:66:39:E6:FD:0D:40:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WBTburY-kRfQsCy6tWY55v0NQNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/c22c3f-91e6-45fb-af76-68a8089701f4/1/xu0lNnNgpgRxpTDG1h2JpwspWBg.roa
Signing time: Mon 06 Oct 2025 07:21:00 +0000
ROA not before: Mon 06 Oct 2025 07:21:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203258
IP address blocks: 178.21.32.0/24 maxlen: 24
178.21.33.0/24 maxlen: 24
178.21.34.0/24 maxlen: 24
178.21.38.0/24 maxlen: 24
178.21.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/c22c3f-91e6-45fb-af76-68a8089701f4/1/WBTburY-kRfQsCy6tWY55v0NQNk.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/c22c3f-91e6-45fb-af76-68a8089701f4/1/WBTburY-kRfQsCy6tWY55v0NQNk.mft
rsync://rpki.ripe.net/repository/DEFAULT/WBTburY-kRfQsCy6tWY55v0NQNk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 19:02:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b8:65:25:ed:0b:d4:b3:06:c0:bb:91:c1:63:a3:e6:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5814dbbab63e9117d0b02cbab56639e6fd0d40d9
Validity
Not Before: Oct 6 07:21:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6ed25367360a60471a530c6d61d89a70b295818
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:be:77:28:9d:cf:96:14:db:c8:17:b3:d1:ef:
92:bb:92:d7:f7:9f:64:41:13:4d:87:3f:d9:3d:a7:
73:dc:35:cf:34:c0:27:7e:ce:05:62:58:87:59:2c:
bd:31:cd:65:a8:99:c4:81:f8:67:cc:5e:7b:e2:ce:
6d:9b:64:30:ce:36:1c:02:59:c5:aa:59:a9:b1:9c:
24:fa:2f:d4:89:df:3a:32:6b:f0:9d:40:35:6b:51:
cf:f3:40:66:14:f6:ae:87:4a:fb:dd:df:72:19:2f:
ae:fa:bc:58:ed:d6:f7:4a:e3:3f:ce:8e:4b:57:89:
af:7f:28:d2:26:26:7c:08:24:87:7b:0e:7d:f6:ee:
15:cf:92:c8:16:e6:e2:66:0b:29:4c:0a:73:66:0d:
65:e8:1c:b5:5a:cb:5b:0c:d7:c3:87:43:24:62:de:
10:c5:af:b8:5f:32:79:a7:6b:c6:55:5b:12:41:b4:
08:a6:30:d6:78:f2:d6:9a:89:2d:88:d6:9e:af:88:
45:25:b1:3b:dd:50:85:01:07:ef:53:ae:0e:4c:48:
1f:30:a7:ed:d6:4b:91:5b:03:f8:78:c5:9b:47:78:
6f:3c:28:24:38:20:03:8a:7b:1c:5a:da:7c:2b:06:
25:f0:5e:d7:a3:6b:44:d7:e9:37:2a:fd:c5:db:54:
5c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:ED:25:36:73:60:A6:04:71:A5:30:C6:D6:1D:89:A7:0B:29:58:18
X509v3 Authority Key Identifier:
keyid:58:14:DB:BA:B6:3E:91:17:D0:B0:2C:BA:B5:66:39:E6:FD:0D:40:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WBTburY-kRfQsCy6tWY55v0NQNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/c22c3f-91e6-45fb-af76-68a8089701f4/1/xu0lNnNgpgRxpTDG1h2JpwspWBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/c22c3f-91e6-45fb-af76-68a8089701f4/1/WBTburY-kRfQsCy6tWY55v0NQNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.21.32.0-178.21.34.255
178.21.38.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:8e:1f:be:a6:ad:43:8f:2b:52:d2:71:ae:6a:94:55:f2:98:
ce:64:16:ae:b6:c1:c8:1b:e2:95:98:da:87:a2:16:ed:6b:16:
03:67:7a:fc:b3:43:2f:e5:82:88:46:64:3b:27:50:35:90:76:
64:7a:ce:8c:81:c4:d5:bc:7c:f4:7a:c1:56:c7:21:a5:b2:06:
84:b4:fa:ab:b3:3b:ed:0d:69:7c:88:9f:16:58:22:89:59:42:
e1:b0:61:5f:95:fc:fb:dd:d6:21:94:e4:29:f4:79:52:26:e4:
a6:84:33:ac:f1:ee:82:5a:e8:37:2f:7e:bd:9a:2c:5d:f5:70:
0d:47:29:c6:13:c3:6c:5f:18:f8:04:fe:75:25:f0:06:4e:f5:
45:fe:3d:12:b7:2e:10:b5:a8:86:ec:dd:4e:22:14:96:ab:ac:
19:0e:ab:cb:b8:aa:43:23:ba:b1:63:ea:fd:7b:15:bd:70:bf:
dd:03:a9:0d:95:ad:2c:94:1a:e1:9c:b4:52:ec:82:1a:da:ff:
16:db:29:57:e8:94:00:9c:1e:de:74:a8:36:70:27:52:af:54:
cb:9d:ec:29:54:97:ba:7b:16:4c:db:46:cf:b1:fa:0d:f8:8a:
33:92:ca:35:18:cc:50:8e:b4:69:19:d4:42:00:db:50:ac:6c:
ee:a1:79:d1
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZm4ZSXtC9SzBsC7kcFjo+a6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MTRkYmJhYjYzZTkxMTdkMGIwMmNiYWI1NjYzOWU2ZmQw
ZDQwZDkwHhcNMjUxMDA2MDcyMTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmVkMjUzNjczNjBhNjA0NzFhNTMwYzZkNjFkODlhNzBiMjk1ODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlr53KJ3PlhTbyBez0e+Su5LX959k
QRNNhz/ZPadz3DXPNMAnfs4FYliHWSy9Mc1lqJnEgfhnzF574s5tm2QwzjYcAlnF
qlmpsZwk+i/Uid86MmvwnUA1a1HP80BmFPauh0r73d9yGS+u+rxY7db3SuM/zo5L
V4mvfyjSJiZ8CCSHew599u4Vz5LIFubiZgspTApzZg1l6By1WstbDNfDh0MkYt4Q
xa+4XzJ5p2vGVVsSQbQIpjDWePLWmoktiNaer4hFJbE73VCFAQfvU64OTEgfMKft
1kuRWwP4eMWbR3hvPCgkOCADinscWtp8KwYl8F7Xo2tE1+k3Kv3F21RcsQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMbtJTZzYKYEcaUwxtYdiacLKVgYMB8GA1UdIwQY
MBaAFFgU27q2PpEX0LAsurVmOeb9DUDZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0JUYnVyWS1rUmZRc0N5NnRXWTU1djBOUU5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9jMjJjM2YtOTFlNi00NWZiLWFmNzYt
NjhhODA4OTcwMWY0LzEveHUwbE5uTmdwZ1J4cFRERzFoMkpwd3NwV0JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9jMjJjM2YtOTFlNi00NWZiLWFmNzYtNjhhODA4OTcwMWY0
LzEvV0JUYnVyWS1rUmZRc0N5NnRXWTU1djBOUU5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAWyFSAD
BACyFSIDBAGyFSYwDQYJKoZIhvcNAQELBQADggEBACqOH76mrUOPK1LSca5qlFXy
mM5kFq62wcgb4pWY2oeiFu1rFgNnevyzQy/lgohGZDsnUDWQdmR6zoyBxNW8fPR6
wVbHIaWyBoS0+quzO+0NaXyInxZYIolZQuGwYV+V/Pvd1iGU5Cn0eVIm5KaEM6zx
7oJa6Dcvfr2aLF31cA1HKcYTw2xfGPgE/nUl8AZO9UX+PRK3LhC1qIbs3U4iFJar
rBkOq8u4qkMjurFj6v17Fb1wv90DqQ2VrSyUGuGctFLsghra/xbbKVfolACcHt50
qDZwJ1KvVMud7ClUl7p7FkzbRs+x+g34ijOSyjUYzFCOtGkZ1EIA21CsbO6hedE=
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:18:08 2025 by rpki-client