Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/XwhTClSP1UI8joFe2laQDXk_PGU.roa
File: XwhTClSP1UI8joFe2laQDXk_PGU.roa (raw, json)
Hash identifier: Vu9nNK134kjM8iGZdGpKi0T5ZrLtuDBr7FKT4joBB3w=
Subject key identifier: 5F:08:53:0A:54:8F:D5:42:3C:8E:81:5E:DA:56:90:0D:79:3F:3C:65
Certificate issuer: /CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Certificate serial: 0199C87903F79926A851BE76241E71FA2067
Authority key identifier: 32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/XwhTClSP1UI8joFe2laQDXk_PGU.roa
Signing time: Thu 09 Oct 2025 10:16:38 +0000
ROA not before: Thu 09 Oct 2025 10:16:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59741
IP address blocks: 45.141.53.0/24 maxlen: 24
185.73.240.0/24 maxlen: 24
185.73.241.0/24 maxlen: 24
185.73.242.0/24 maxlen: 24
2a05:4740::/32 maxlen: 32
2a05:4742::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft
rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 13:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c8:79:03:f7:99:26:a8:51:be:76:24:1e:71:fa:20:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Validity
Not Before: Oct 9 10:16:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f08530a548fd5423c8e815eda56900d793f3c65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ea:bb:8f:63:fb:8d:d2:84:b2:ca:3e:07:83:
fc:a7:3f:df:24:5e:f8:3b:a3:cf:3d:2b:d5:a8:42:
60:48:6a:b0:c3:e5:f3:89:5a:67:55:65:f3:7a:67:
9b:94:33:7a:69:9c:55:ed:e3:0a:fe:bf:42:2f:91:
6e:71:b9:c2:b3:09:a2:07:34:87:dd:a5:e4:34:f0:
58:e2:9f:dd:f6:4f:17:1d:a4:53:9f:4d:39:5e:0f:
37:2b:05:dc:5d:06:60:dd:7b:47:4d:b6:0f:ca:48:
d2:07:99:8a:09:0f:bb:68:32:f7:56:0a:e0:ea:41:
51:cd:84:f6:4d:ae:8d:ec:d4:7a:fa:c5:b8:44:ed:
17:5c:78:c8:85:57:13:72:3e:6e:b3:13:d4:f3:8d:
46:94:e0:c8:9d:53:94:46:f9:f9:78:3d:b1:b3:26:
ea:6d:86:f9:77:c7:9d:6e:c8:3f:10:4e:c7:b4:96:
28:0c:38:88:a6:ec:c6:23:ab:3c:57:e6:21:b7:8d:
e5:b4:23:2e:58:9a:6e:07:47:90:1c:c3:46:52:57:
73:95:35:2f:23:c0:86:d8:2b:22:f6:d3:d6:b4:be:
c9:49:0f:19:ca:a4:2e:47:cd:58:91:60:f4:24:ae:
6b:35:91:b8:08:e4:c8:32:1f:e7:46:dd:81:b7:57:
33:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:08:53:0A:54:8F:D5:42:3C:8E:81:5E:DA:56:90:0D:79:3F:3C:65
X509v3 Authority Key Identifier:
keyid:32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/XwhTClSP1UI8joFe2laQDXk_PGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.53.0/24
185.73.240.0-185.73.242.255
IPv6:
2a05:4740::/32
2a05:4742::/32
Signature Algorithm: sha256WithRSAEncryption
30:81:0a:bf:91:22:21:de:6b:73:03:f6:42:7e:66:c8:b9:84:
39:c7:29:92:90:f3:b1:f0:ea:fe:5b:f7:ee:62:25:dc:f3:7d:
77:e0:15:7e:45:dc:df:34:ad:9b:8a:44:a7:a8:1c:6a:34:fc:
fa:0a:ac:d9:44:62:6d:0a:13:81:9f:0e:95:10:b7:bc:25:33:
d2:fa:c5:f8:7b:8a:15:d2:0a:73:c7:1f:7f:08:f2:1a:46:76:
2f:d7:28:09:99:86:10:40:b4:94:28:57:71:cb:fb:84:86:47:
9e:cf:10:e0:a3:df:5e:58:6d:2a:72:35:b6:bd:e6:e5:7a:3c:
3b:b1:a7:6a:34:ff:18:8f:42:94:c6:0e:84:7a:e5:5c:ef:5c:
41:1d:7c:6f:da:4f:ee:e7:f6:a1:b8:8a:b3:e9:f1:1f:88:38:
e4:bb:ed:5b:99:07:f8:fe:2e:39:0d:ea:dc:ca:7c:ef:32:13:
c9:ab:66:19:5f:e3:b5:b4:be:de:5b:c1:c6:63:fe:8f:13:31:
31:d5:8a:29:83:91:9c:ca:85:f0:cf:aa:3e:c1:ed:dd:a4:10:
1e:d3:bc:f6:f2:0a:36:27:2c:a8:ca:f8:f6:8b:6d:b6:13:ab:
f2:84:26:67:9f:a1:72:7b:5c:d1:db:53:b7:c6:0e:8d:cc:8e:
05:c6:56:6c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZnIeQP3mSaoUb52JB5x+iBnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNDc0YWM3Y2E4NWUwOWMyZDQ4YjMzZTdiZjY2ZjhlZDc2
NGRlMGYwHhcNMjUxMDA5MTAxNjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjA4NTMwYTU0OGZkNTQyM2M4ZTgxNWVkYTU2OTAwZDc5M2YzYzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+q7j2P7jdKEsso+B4P8pz/fJF74
O6PPPSvVqEJgSGqww+XziVpnVWXzemeblDN6aZxV7eMK/r9CL5FucbnCswmiBzSH
3aXkNPBY4p/d9k8XHaRTn005Xg83KwXcXQZg3XtHTbYPykjSB5mKCQ+7aDL3Vgrg
6kFRzYT2Ta6N7NR6+sW4RO0XXHjIhVcTcj5usxPU841GlODInVOURvn5eD2xsybq
bYb5d8edbsg/EE7HtJYoDDiIpuzGI6s8V+Yht43ltCMuWJpuB0eQHMNGUldzlTUv
I8CG2Csi9tPWtL7JSQ8ZyqQuR81YkWD0JK5rNZG4COTIMh/nRt2Bt1czNQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFF8IUwpUj9VCPI6BXtpWkA15PzxlMB8GA1UdIwQY
MBaAFDJHSsfKheCcLUizPnv2b47XZN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzkt
MTJlYzIyYzljNWEyLzEvWHdoVENsU1AxVUk4am9GZTJsYVFEWGtfUEdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzktMTJlYzIyYzljNWEy
LzEvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAaBAIAATAUAwQALY01MAwD
BAS5SfADBAC5SfIwFAQCAAIwDgMFACoFR0ADBQAqBUdCMA0GCSqGSIb3DQEBCwUA
A4IBAQAwgQq/kSIh3mtzA/ZCfmbIuYQ5xymSkPOx8Or+W/fuYiXc83134BV+Rdzf
NK2bikSnqBxqNPz6CqzZRGJtChOBnw6VELe8JTPS+sX4e4oV0gpzxx9/CPIaRnYv
1ygJmYYQQLSUKFdxy/uEhkeezxDgo99eWG0qcjW2veblejw7sadqNP8Yj0KUxg6E
euVc71xBHXxv2k/u5/ahuIqz6fEfiDjku+1bmQf4/i45DercynzvMhPJq2YZX+O1
tL7eW8HGY/6PEzEx1Yopg5GcyoXwz6o+we3dpBAe07z28go2Jyyoyvj2i222E6vy
hCZnn6Fye1zR21O3xg6NzI4FxlZs
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:22:49 2025 by rpki-client