Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/XZ2qSxG6IIfUP5-D5xqkxEFuop0.roa
File: XZ2qSxG6IIfUP5-D5xqkxEFuop0.roa (raw, json)
Hash identifier: EQYHe9fPUNXtaun67LEYjoKIUgIs6p0S+2q0WI8Ef+w=
Subject key identifier: 5D:9D:AA:4B:11:BA:20:87:D4:3F:9F:83:E7:1A:A4:C4:41:6E:A2:9D
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 0198B54FD42F12167B69D2095D897B8ED96B
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/XZ2qSxG6IIfUP5-D5xqkxEFuop0.roa
Signing time: Sat 16 Aug 2025 23:56:04 +0000
ROA not before: Sat 16 Aug 2025 23:56:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 10103
IP address blocks: 178.255.244.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b5:4f:d4:2f:12:16:7b:69:d2:09:5d:89:7b:8e:d9:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Aug 16 23:56:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d9daa4b11ba2087d43f9f83e71aa4c4416ea29d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e8:9f:e1:08:05:2d:d5:eb:aa:11:a4:37:c0:
d9:90:98:94:02:ad:d1:29:5b:09:70:8d:fd:8a:25:
aa:aa:43:83:02:e6:38:7b:3e:2e:e3:14:ab:c8:41:
d3:dd:93:2e:e9:6d:67:d8:3f:a4:26:8a:c0:a8:99:
35:00:a2:d9:90:8f:16:b2:36:31:7f:e0:97:4b:d6:
16:ac:c4:ae:d1:dd:5d:93:ff:45:69:4c:ed:28:1c:
5a:1c:4d:6c:2a:7d:1f:e8:57:25:d1:a1:e5:aa:97:
02:5a:1a:13:dc:c3:2e:ba:09:93:08:45:40:3e:87:
ad:f1:15:a2:7c:6f:2c:c6:57:a5:56:e2:d2:ed:97:
4d:e5:80:84:ce:85:23:a5:63:f4:1e:9d:0e:64:d6:
90:28:85:5f:ef:a7:f6:7b:e2:ff:93:a9:c8:ae:e6:
ae:bc:6e:f0:27:14:99:70:79:5f:73:5f:72:66:8b:
c8:eb:d5:b9:fd:f6:67:c7:9b:df:a0:70:2c:f9:a7:
bf:6b:cb:aa:6a:b1:ab:b3:a1:32:d2:d6:0a:6f:6f:
c5:e8:ea:fe:66:28:a6:b5:75:39:2e:d0:a0:44:7e:
07:59:02:39:b6:c3:4b:f3:fb:59:24:73:c9:ab:fc:
71:ff:05:75:cd:02:7c:52:89:97:cf:cb:0a:9d:47:
11:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:9D:AA:4B:11:BA:20:87:D4:3F:9F:83:E7:1A:A4:C4:41:6E:A2:9D
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/XZ2qSxG6IIfUP5-D5xqkxEFuop0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.244.0/23
Signature Algorithm: sha256WithRSAEncryption
00:9a:8c:17:ab:5c:b9:5e:a2:a2:5e:b9:2e:79:f3:2a:4c:a7:
6f:29:b1:01:ca:78:29:21:84:b8:2e:90:90:89:f2:7f:01:57:
03:64:33:c4:09:e8:8d:77:78:db:77:9d:90:db:7d:e2:4d:3a:
f7:05:d4:e9:62:d3:42:e6:79:de:92:99:d6:d2:25:ea:6f:bb:
ca:b2:64:cb:75:ae:38:a1:63:55:ae:fb:04:96:fc:90:ad:93:
b4:8c:53:29:e8:8f:de:b4:26:d5:60:a3:96:25:3d:b7:46:f8:
bb:81:23:89:bc:4d:0a:25:fe:08:39:58:bc:4c:4a:ff:55:98:
b6:6b:9b:53:7a:8d:0c:29:87:b6:54:06:cc:9c:a4:bd:c2:2b:
bb:cc:98:9a:1d:70:56:cf:35:b4:06:59:9c:b8:e2:04:29:13:
3e:d2:f6:c5:5c:b8:e7:61:44:56:9f:49:e4:dc:d7:b6:4b:b7:
2e:26:ac:62:71:ae:f1:64:5a:ae:b2:06:72:40:46:7c:de:62:
26:49:29:53:1e:79:76:37:35:82:f7:5e:48:65:6a:9a:54:20:
bd:d3:51:22:2a:df:a3:f2:cb:25:d5:1c:6f:64:17:1d:f8:76:
af:fc:7f:d2:00:59:fa:fd:4e:64:b0:80:ec:4a:12:e4:e2:a4:
8b:14:13:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZi1T9QvEhZ7adIJXYl7jtlrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwODE2MjM1NjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDlkYWE0YjExYmEyMDg3ZDQzZjlmODNlNzFhYTRjNDQxNmVhMjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuif4QgFLdXrqhGkN8DZkJiUAq3R
KVsJcI39iiWqqkODAuY4ez4u4xSryEHT3ZMu6W1n2D+kJorAqJk1AKLZkI8WsjYx
f+CXS9YWrMSu0d1dk/9FaUztKBxaHE1sKn0f6Fcl0aHlqpcCWhoT3MMuugmTCEVA
Poet8RWifG8sxlelVuLS7ZdN5YCEzoUjpWP0Hp0OZNaQKIVf76f2e+L/k6nIruau
vG7wJxSZcHlfc19yZovI69W5/fZnx5vfoHAs+ae/a8uqarGrs6Ey0tYKb2/F6Or+
ZiimtXU5LtCgRH4HWQI5tsNL8/tZJHPJq/xx/wV1zQJ8UomXz8sKnUcR/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF2dqksRuiCH1D+fg+capMRBbqKdMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvWFoycVN4RzZJSWZVUDUtRDV4cWt4RUZ1b3AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsv/0MA0G
CSqGSIb3DQEBCwUAA4IBAQAAmowXq1y5XqKiXrkuefMqTKdvKbEByngpIYS4LpCQ
ifJ/AVcDZDPECeiNd3jbd52Q233iTTr3BdTpYtNC5nnekpnW0iXqb7vKsmTLda44
oWNVrvsElvyQrZO0jFMp6I/etCbVYKOWJT23Rvi7gSOJvE0KJf4IOVi8TEr/VZi2
a5tTeo0MKYe2VAbMnKS9wiu7zJiaHXBWzzW0BlmcuOIEKRM+0vbFXLjnYURWn0nk
3Ne2S7cuJqxica7xZFqusgZyQEZ83mImSSlTHnl2NzWC915IZWqaVCC901EiKt+j
8ssl1RxvZBcd+Hav/H/SAFn6/U5ksIDsShLk4qSLFBMv
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:51:54 2025 by rpki-client