Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/XfRZr4ZUmo8CviyR61d6BBYXeu0.roa
File: XfRZr4ZUmo8CviyR61d6BBYXeu0.roa (raw, json)
Hash identifier: V2gLjBN6JRs8c4eTuvOGyFpY8H58uor1l70khSIpYUk=
Subject key identifier: 5D:F4:59:AF:86:54:9A:8F:02:BE:2C:91:EB:57:7A:04:16:17:7A:ED
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 0198AC1FD61C8DE16D55B8ABDA760A98AF42
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/XfRZr4ZUmo8CviyR61d6BBYXeu0.roa
Signing time: Fri 15 Aug 2025 05:07:04 +0000
ROA not before: Fri 15 Aug 2025 05:07:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55201
IP address blocks: 84.247.59.0/24 maxlen: 24
86.104.8.0/24 maxlen: 24
89.42.40.0/24 maxlen: 24
192.200.192.0/19 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ac:1f:d6:1c:8d:e1:6d:55:b8:ab:da:76:0a:98:af:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Aug 15 05:07:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5df459af86549a8f02be2c91eb577a0416177aed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:53:c5:25:a2:87:74:81:7a:70:1b:03:05:65:
d8:51:89:d8:b9:86:d0:6d:c5:88:28:4a:08:55:44:
59:4c:86:21:0a:53:86:69:23:2d:43:39:53:c5:60:
b9:48:31:18:ee:5a:fa:7b:e8:a5:24:68:0e:77:4f:
f3:54:2a:b9:2e:92:9f:34:84:d8:25:a7:6d:b0:08:
5d:ad:12:ba:69:7a:df:4a:02:0e:95:6e:34:40:94:
af:55:1e:24:ff:db:39:c2:25:88:7d:b0:01:cd:3f:
56:41:f2:fc:33:e7:07:bb:6a:b2:ff:a6:bf:2d:ea:
0c:98:ac:a9:f7:53:34:b5:4a:fc:fb:02:15:9f:64:
6b:72:03:69:49:40:18:c7:09:9f:0b:97:d8:f7:d8:
30:c6:2e:a7:d6:bd:73:41:0f:11:44:a3:76:37:09:
16:15:6b:b8:fc:31:23:27:18:f2:26:9e:36:55:ad:
4b:c2:fa:f9:ce:29:b0:7a:a3:07:e4:a7:40:fb:58:
bb:17:fb:2b:7c:5b:c3:e6:dd:3a:eb:eb:ff:15:21:
a3:9c:e6:33:74:44:6d:2f:84:db:15:3f:8f:1f:3a:
f0:7e:26:de:4f:3d:46:78:0a:b7:0c:22:72:74:66:
6d:54:c7:e8:f5:27:06:98:bc:aa:72:e9:79:7a:ec:
0b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:F4:59:AF:86:54:9A:8F:02:BE:2C:91:EB:57:7A:04:16:17:7A:ED
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/XfRZr4ZUmo8CviyR61d6BBYXeu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.59.0/24
86.104.8.0/24
89.42.40.0/24
192.200.192.0/19
Signature Algorithm: sha256WithRSAEncryption
93:1a:ac:b6:24:00:85:6c:2f:f8:e8:4a:7e:0d:3d:f0:df:d4:
83:6a:2d:b1:f4:0b:3d:24:05:b9:c8:b7:55:7a:8b:60:6f:cf:
e4:44:ca:2e:b4:b0:7b:d2:c9:4a:4a:68:09:ea:01:01:52:97:
ef:ab:f9:45:86:82:38:c8:af:70:00:65:8b:63:24:d3:47:0c:
e4:89:4a:99:36:6e:a2:ca:42:c6:75:dc:94:26:9e:c3:50:b4:
c5:a1:47:cb:31:52:8f:d7:50:5a:7b:ea:dd:22:22:7e:89:df:
52:3c:f6:eb:9e:89:ff:e1:1e:6e:7a:4b:4a:6f:c5:b3:52:d5:
1b:fb:ee:5a:af:d9:40:0a:d9:05:55:76:b5:43:aa:7f:bc:b3:
9c:bc:83:3a:ce:8c:4d:ee:c7:9b:59:cf:f2:40:7c:df:fb:cb:
43:ed:86:a2:24:7d:2e:fd:03:fb:5d:da:bc:09:b1:30:e0:08:
5c:67:e8:bc:76:b4:08:42:eb:3f:c9:c5:81:3e:83:21:eb:ee:
15:aa:96:a7:06:ca:5c:11:56:d0:98:e0:26:e2:d7:cf:c2:6b:
24:07:d8:36:72:2e:18:67:83:51:6d:e9:08:22:7f:4c:21:7d:
a3:31:41:1e:c9:e3:62:5b:f5:d3:c7:aa:7e:18:e1:25:62:92:
cd:56:09:21
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZisH9YcjeFtVbir2nYKmK9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwODE1MDUwNzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGY0NTlhZjg2NTQ5YThmMDJiZTJjOTFlYjU3N2EwNDE2MTc3YWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1PFJaKHdIF6cBsDBWXYUYnYuYbQ
bcWIKEoIVURZTIYhClOGaSMtQzlTxWC5SDEY7lr6e+ilJGgOd0/zVCq5LpKfNITY
JadtsAhdrRK6aXrfSgIOlW40QJSvVR4k/9s5wiWIfbABzT9WQfL8M+cHu2qy/6a/
LeoMmKyp91M0tUr8+wIVn2RrcgNpSUAYxwmfC5fY99gwxi6n1r1zQQ8RRKN2NwkW
FWu4/DEjJxjyJp42Va1Lwvr5zimweqMH5KdA+1i7F/srfFvD5t066+v/FSGjnOYz
dERtL4TbFT+PHzrwfibeTz1GeAq3DCJydGZtVMfo9ScGmLyqcul5euwLhQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF30Wa+GVJqPAr4sketXegQWF3rtMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvWGZSWnI0WlVtbzhDdml5UjYxZDZCQllYZXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVPc7AwQA
VmgIAwQAWSooAwQFwMjAMA0GCSqGSIb3DQEBCwUAA4IBAQCTGqy2JACFbC/46Ep+
DT3w39SDai2x9As9JAW5yLdVeotgb8/kRMoutLB70slKSmgJ6gEBUpfvq/lFhoI4
yK9wAGWLYyTTRwzkiUqZNm6iykLGddyUJp7DULTFoUfLMVKP11Bae+rdIiJ+id9S
PPbrnon/4R5uektKb8WzUtUb++5ar9lACtkFVXa1Q6p/vLOcvIM6zoxN7sebWc/y
QHzf+8tD7YaiJH0u/QP7Xdq8CbEw4AhcZ+i8drQIQus/ycWBPoMh6+4VqpanBspc
EVbQmOAm4tfPwmskB9g2ci4YZ4NRbekIIn9MIX2jMUEeyeNiW/XTx6p+GOElYpLN
Vgkh
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:26:54 2025 by rpki-client