Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/exq4u1SZfA7x1zIrKqzjzge4W3E.roa
File: exq4u1SZfA7x1zIrKqzjzge4W3E.roa (raw, json)
Hash identifier: 6hKC5aSxn1eYqBHCVJ0qgpvsfeNY0GeupedGw9IKcyA=
Subject key identifier: 7B:1A:B8:BB:54:99:7C:0E:F1:D7:32:2B:2A:AC:E3:CE:07:B8:5B:71
Certificate issuer: /CN=c592786ced6ce597585468bb4f36b31cf6acec6e
Certificate serial: 0198BBDC27FD82CB76B1E6E3947666CD0469
Authority key identifier: C5:92:78:6C:ED:6C:E5:97:58:54:68:BB:4F:36:B3:1C:F6:AC:EC:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZJ4bO1s5ZdYVGi7TzazHPas7G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/exq4u1SZfA7x1zIrKqzjzge4W3E.roa
Signing time: Mon 18 Aug 2025 06:27:04 +0000
ROA not before: Mon 18 Aug 2025 06:27:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29300
IP address blocks: 81.88.77.0/24 maxlen: 24
82.148.160.0/21 maxlen: 21
93.184.120.0/21 maxlen: 21
109.169.96.0/20 maxlen: 20
2a02:2828::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/xZJ4bO1s5ZdYVGi7TzazHPas7G4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/xZJ4bO1s5ZdYVGi7TzazHPas7G4.mft
rsync://rpki.ripe.net/repository/DEFAULT/xZJ4bO1s5ZdYVGi7TzazHPas7G4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 22:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:bb:dc:27:fd:82:cb:76:b1:e6:e3:94:76:66:cd:04:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c592786ced6ce597585468bb4f36b31cf6acec6e
Validity
Not Before: Aug 18 06:27:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b1ab8bb54997c0ef1d7322b2aace3ce07b85b71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:cc:d4:2e:c2:6c:ea:85:d0:2c:d4:92:e1:9d:
77:46:da:0f:35:ec:af:0c:9c:7d:5e:71:38:c4:f1:
7e:6b:ab:1b:60:35:94:47:e5:4c:2a:a3:4d:d7:e3:
ae:6c:f5:e7:7c:64:bb:dd:23:d2:8c:92:ee:0f:4d:
ae:87:13:5b:b3:50:c8:6c:d1:4a:24:72:f0:a2:7b:
cd:fb:69:48:c5:4a:3a:ba:89:60:fc:b5:d7:f1:7d:
d3:ec:79:ed:a6:03:1a:e9:5a:a6:49:c0:f9:7a:b9:
16:9d:b9:3e:05:73:8e:ca:31:88:9b:5e:8c:1c:a3:
d6:fd:3a:5c:03:29:6b:d0:27:8d:ec:da:63:70:49:
c4:47:99:11:cc:1a:7d:20:0e:ae:ea:bb:6f:ee:2c:
ee:29:38:06:30:47:55:08:19:66:6b:c9:44:82:d9:
bd:48:e7:1c:ea:ed:fe:9b:13:e0:a6:e8:53:27:c7:
26:2a:b1:ea:1d:dd:72:14:f5:5f:0b:7e:db:e4:96:
ba:09:64:64:e8:b9:2c:17:75:34:11:6a:b6:e9:f9:
49:10:d1:72:46:92:bf:23:9c:42:7c:78:bd:33:e1:
79:a3:fc:41:69:95:02:12:9e:94:da:36:08:fe:62:
9b:10:47:6c:5a:2a:eb:f0:b2:bb:ee:58:39:ec:49:
02:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:1A:B8:BB:54:99:7C:0E:F1:D7:32:2B:2A:AC:E3:CE:07:B8:5B:71
X509v3 Authority Key Identifier:
keyid:C5:92:78:6C:ED:6C:E5:97:58:54:68:BB:4F:36:B3:1C:F6:AC:EC:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZJ4bO1s5ZdYVGi7TzazHPas7G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/exq4u1SZfA7x1zIrKqzjzge4W3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/xZJ4bO1s5ZdYVGi7TzazHPas7G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.88.77.0/24
82.148.160.0/21
93.184.120.0/21
109.169.96.0/20
IPv6:
2a02:2828::/32
Signature Algorithm: sha256WithRSAEncryption
1d:ca:e1:60:10:4a:0d:60:54:6d:97:67:5a:31:e8:9b:a5:a9:
91:8a:3d:87:ce:a1:a1:dc:c6:f5:8b:34:c7:c9:27:b0:47:13:
bd:8b:3f:c8:2b:f2:40:0f:d2:a7:ff:41:12:c2:00:3a:29:43:
60:45:f6:b9:41:39:68:76:bb:ec:42:a3:ad:4c:bf:3c:d2:9d:
3c:f1:6d:92:5a:53:10:f7:5b:94:e1:4b:d2:40:cf:47:ba:e7:
3c:30:a2:9d:95:ea:38:7a:ae:ca:a5:8e:98:b0:a3:cb:17:28:
cc:27:77:a6:5e:d3:50:c4:f8:d2:85:35:e9:67:52:0c:9b:f3:
53:69:df:94:98:e0:b5:c3:1f:ec:47:69:53:a8:f1:93:29:3e:
b3:8f:f8:b5:1c:aa:dd:dc:6b:62:c6:e9:08:f1:22:75:54:17:
18:fe:fc:9b:ec:4a:d8:11:8c:cb:7e:4e:2e:31:8f:19:07:f8:
5e:e1:22:17:3d:3d:18:f2:b7:56:de:f7:4e:2a:65:d2:72:9b:
a3:76:0d:fb:11:91:ce:32:0e:ec:95:87:39:de:24:11:f6:f1:
ef:a0:7b:58:2a:70:a5:07:a8:20:90:bf:a4:2e:cd:65:66:f1:
63:aa:4c:69:c3:5a:e6:76:5c:ab:1d:af:27:b0:a9:bc:49:e9:
3b:e9:b5:de
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZi73Cf9gst2sebjlHZmzQRpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OTI3ODZjZWQ2Y2U1OTc1ODU0NjhiYjRmMzZiMzFjZjZh
Y2VjNmUwHhcNMjUwODE4MDYyNzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjFhYjhiYjU0OTk3YzBlZjFkNzMyMmIyYWFjZTNjZTA3Yjg1YjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7szULsJs6oXQLNSS4Z13RtoPNeyv
DJx9XnE4xPF+a6sbYDWUR+VMKqNN1+OubPXnfGS73SPSjJLuD02uhxNbs1DIbNFK
JHLwonvN+2lIxUo6uolg/LXX8X3T7HntpgMa6VqmScD5erkWnbk+BXOOyjGIm16M
HKPW/TpcAylr0CeN7NpjcEnER5kRzBp9IA6u6rtv7izuKTgGMEdVCBlma8lEgtm9
SOcc6u3+mxPgpuhTJ8cmKrHqHd1yFPVfC37b5Ja6CWRk6LksF3U0EWq26flJENFy
RpK/I5xCfHi9M+F5o/xBaZUCEp6U2jYI/mKbEEdsWirr8LK77lg57EkCzwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHsauLtUmXwO8dcyKyqs484HuFtxMB8GA1UdIwQY
MBaAFMWSeGztbOWXWFRou082sxz2rOxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFpKNGJPMXM1WmRZVkdpN1R6YXpIUGFzN0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9hOWMwYjctYTIzYS00NThmLThmNjQt
YmEzNzUxMTQwNGMyLzEvZXhxNHUxU1pmQTd4MXpJcktxemp6Z2U0VzNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9hOWMwYjctYTIzYS00NThmLThmNjQtYmEzNzUxMTQwNGMy
LzEveFpKNGJPMXM1WmRZVkdpN1R6YXpIUGFzN0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAUVhNAwQD
UpSgAwQDXbh4AwQEbalgMA0EAgACMAcDBQAqAigoMA0GCSqGSIb3DQEBCwUAA4IB
AQAdyuFgEEoNYFRtl2daMeibpamRij2HzqGh3Mb1izTHySewRxO9iz/IK/JAD9Kn
/0ESwgA6KUNgRfa5QTlodrvsQqOtTL880p088W2SWlMQ91uU4UvSQM9Huuc8MKKd
leo4eq7KpY6YsKPLFyjMJ3emXtNQxPjShTXpZ1IMm/NTad+UmOC1wx/sR2lTqPGT
KT6zj/i1HKrd3GtixukI8SJ1VBcY/vyb7ErYEYzLfk4uMY8ZB/he4SIXPT0Y8rdW
3vdOKmXScpujdg37EZHOMg7slYc53iQR9vHvoHtYKnClB6ggkL+kLs1lZvFjqkxp
w1rmdlyrHa8nsKm8Sek76bXe
-----END CERTIFICATE-----
Generated at Sun Aug 24 04:52:15 2025 by rpki-client