Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/xncarj25crr8jheWMdTk_hHjDgA.roa
File: xncarj25crr8jheWMdTk_hHjDgA.roa (raw, json)
Hash identifier: faBPhFeokl7YpLGqkirAx40a8ze0nSMM/W/gUDbYpqs=
Subject key identifier: C6:77:1A:AE:3D:B9:72:BA:FC:8E:17:96:31:D4:E4:FE:11:E3:0E:00
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 0198D0F131C79DFD32A4E63E06C1E06F1375
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/xncarj25crr8jheWMdTk_hHjDgA.roa
Signing time: Fri 22 Aug 2025 08:42:04 +0000
ROA not before: Fri 22 Aug 2025 08:42:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 37.44.228.0/22 maxlen: 24
45.66.92.0/23 maxlen: 23
192.145.52.0/22 maxlen: 24
192.145.52.0/24 maxlen: 24
193.219.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d0:f1:31:c7:9d:fd:32:a4:e6:3e:06:c1:e0:6f:13:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Aug 22 08:42:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6771aae3db972bafc8e179631d4e4fe11e30e00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:eb:de:24:40:c8:90:99:8f:38:f5:a0:9b:a8:
6f:ab:9b:dd:87:25:4d:7e:c6:98:ec:94:11:09:3f:
eb:97:47:69:15:d4:45:da:fb:15:e4:ba:fb:8f:46:
2a:bf:d8:1a:3c:65:36:24:ce:f4:64:f0:21:f5:92:
65:66:01:4b:a0:62:d2:e7:77:d5:8f:f5:22:79:39:
c9:dc:4d:b5:db:63:94:cd:6e:e0:b6:72:bc:73:2c:
6b:0e:b4:56:04:f6:8f:4e:9b:e7:fd:ff:fd:bf:79:
20:d7:37:2f:f6:be:a4:7e:17:45:e3:29:e4:24:17:
04:16:81:bc:fc:40:09:93:2f:99:cf:79:2b:09:ea:
3f:e9:b0:5e:9d:88:55:1a:5d:2a:dc:5a:02:a5:94:
95:f0:00:75:53:e9:09:2b:d6:61:cc:b7:7d:51:e3:
d7:d7:1c:a5:99:82:bb:b3:7b:24:ad:71:88:7a:91:
2d:e3:99:6c:fe:d7:29:b4:8a:c2:de:49:45:bb:cd:
3c:f0:7c:d0:b8:15:0c:dc:75:3e:2a:c9:1e:c3:cf:
f8:fc:c5:68:82:80:3c:b6:f3:99:ef:c7:13:51:56:
ec:3c:4d:d6:4c:f9:b2:0a:f5:92:81:f1:03:a0:85:
f6:c2:37:37:2e:a1:4f:af:06:35:1f:93:2b:70:ba:
4b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:77:1A:AE:3D:B9:72:BA:FC:8E:17:96:31:D4:E4:FE:11:E3:0E:00
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/xncarj25crr8jheWMdTk_hHjDgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.228.0/22
45.66.92.0/23
192.145.52.0/22
193.219.99.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:f8:d9:f2:16:fe:16:04:a6:88:99:de:94:30:11:75:ab:de:
3a:48:a7:fc:06:3c:23:48:d9:08:cf:20:2c:b0:c5:7c:8a:19:
db:a7:e3:75:6a:f0:d2:8d:60:6a:3c:a5:5f:c3:16:fe:74:99:
07:89:8c:bc:f8:4c:7f:23:fc:c0:0e:10:78:51:c1:26:78:69:
b7:1d:4e:45:13:31:d6:7d:a7:9b:49:a6:bf:53:a1:e9:6d:63:
33:86:19:48:d0:9e:de:30:84:8e:57:f8:28:52:ad:34:7f:39:
e9:53:4e:f1:0a:c9:97:81:9a:64:a0:eb:55:80:53:6f:26:17:
54:64:46:d5:0b:62:1e:8b:0f:58:72:00:de:eb:a2:e7:d7:02:
07:d5:6d:d1:db:52:54:4e:6c:bf:c5:b8:b9:ef:da:8c:61:a0:
11:2f:a6:67:39:91:ba:3c:2a:8f:18:51:5b:82:4d:7c:35:7a:
38:a0:ab:c5:c2:19:50:8f:e1:c3:9c:7f:3c:f0:7b:a0:6c:39:
b5:fe:35:86:9f:59:f1:d7:bf:7b:ac:8d:36:f2:58:59:36:d5:
be:c9:bc:c9:d8:a0:cb:5b:dc:78:46:42:1c:90:91:fe:0c:16:
62:d9:09:24:e4:7d:2c:34:3a:eb:8c:e4:6c:1a:54:88:95:2c:
e2:3c:e2:01
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZjQ8THHnf0ypOY+BsHgbxN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjUwODIyMDg0MjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjc3MWFhZTNkYjk3MmJhZmM4ZTE3OTYzMWQ0ZTRmZTExZTMwZTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteveJEDIkJmPOPWgm6hvq5vdhyVN
fsaY7JQRCT/rl0dpFdRF2vsV5Lr7j0Yqv9gaPGU2JM70ZPAh9ZJlZgFLoGLS53fV
j/UieTnJ3E2122OUzW7gtnK8cyxrDrRWBPaPTpvn/f/9v3kg1zcv9r6kfhdF4ynk
JBcEFoG8/EAJky+Zz3krCeo/6bBenYhVGl0q3FoCpZSV8AB1U+kJK9ZhzLd9UePX
1xylmYK7s3skrXGIepEt45ls/tcptIrC3klFu8088HzQuBUM3HU+Kskew8/4/MVo
goA8tvOZ78cTUVbsPE3WTPmyCvWSgfEDoIX2wjc3LqFPrwY1H5MrcLpLuQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMZ3Gq49uXK6/I4XljHU5P4R4w4AMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEveG5jYXJqMjVjcnI4amhlV01kVGtfaEhqRGdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCJSzkAwQB
LUJcAwQCwJE0AwQAwdtjMA0GCSqGSIb3DQEBCwUAA4IBAQB6+NnyFv4WBKaImd6U
MBF1q946SKf8BjwjSNkIzyAssMV8ihnbp+N1avDSjWBqPKVfwxb+dJkHiYy8+Ex/
I/zADhB4UcEmeGm3HU5FEzHWfaebSaa/U6HpbWMzhhlI0J7eMISOV/goUq00fznp
U07xCsmXgZpkoOtVgFNvJhdUZEbVC2Ieiw9YcgDe66Ln1wIH1W3R21JUTmy/xbi5
79qMYaARL6ZnOZG6PCqPGFFbgk18NXo4oKvFwhlQj+HDnH888HugbDm1/jWGn1nx
1797rI028lhZNtW+ybzJ2KDLW9x4RkIckJH+DBZi2Qkk5H0sNDrrjORsGlSIlSzi
POIB
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:25:16 2025 by rpki-client