
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/XqgLy6gwJVZ82-gJuZ9xWAlXJjE.roa
File: XqgLy6gwJVZ82-gJuZ9xWAlXJjE.roa (raw, json)
Hash identifier: HMLJjciahCgmKpfZsbLJ2ATK3yo3ihfBjB/9jkO1auA=
Subject key identifier: 5E:A8:0B:CB:A8:30:25:56:7C:DB:E8:09:B9:9F:71:58:09:57:26:31
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 0199F24605065691C81C551D949701604628
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/XqgLy6gwJVZ82-gJuZ9xWAlXJjE.roa
Signing time: Fri 17 Oct 2025 13:04:58 +0000
ROA not before: Fri 17 Oct 2025 13:04:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3356
IP address blocks: 157.25.130.0/23 maxlen: 23
157.25.174.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 10:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f2:46:05:06:56:91:c8:1c:55:1d:94:97:01:60:46:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Oct 17 13:04:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ea80bcba83025567cdbe809b99f715809572631
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:66:d7:37:60:d4:69:29:2e:8e:ea:aa:38:1d:
21:80:21:4c:ec:33:13:4b:b7:25:4e:90:0b:6d:64:
80:59:38:1e:b8:1f:c1:14:1b:6d:7e:4c:08:94:a1:
ab:12:4c:e5:7b:fd:c7:3a:b8:78:e5:af:0f:e2:50:
37:a5:6d:09:d7:bd:8b:0c:e2:c3:53:9e:43:8b:aa:
49:69:48:b9:fd:7e:21:39:54:b8:35:21:a8:f9:36:
d4:95:28:47:4f:97:98:32:0f:79:92:9f:80:cd:60:
3c:ff:59:aa:61:1e:07:f9:83:cf:0e:14:d6:88:13:
10:7d:5e:3a:a4:e4:3c:47:9d:37:50:c2:67:f1:ec:
27:87:0c:08:b9:13:4c:da:bb:49:d1:e3:02:87:26:
c3:09:ae:68:14:9e:ca:55:e8:e3:61:3a:46:ae:77:
5f:d7:a4:33:f8:32:b8:dc:08:2f:5a:28:af:1c:79:
0e:d4:19:86:3e:47:1c:e7:a3:da:29:ca:c8:31:70:
6e:71:8b:75:62:d3:97:17:fc:cd:71:36:b9:3f:56:
71:f5:e4:75:8d:da:05:b5:e2:68:9a:c1:59:3f:f2:
1e:ef:17:b3:ad:6f:53:8b:11:45:3f:c9:f2:cc:c9:
bc:2d:b9:94:ed:ce:ae:8e:ed:0e:91:02:e6:67:92:
6e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:A8:0B:CB:A8:30:25:56:7C:DB:E8:09:B9:9F:71:58:09:57:26:31
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/XqgLy6gwJVZ82-gJuZ9xWAlXJjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.25.130.0/23
157.25.174.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:d1:4e:b6:0e:ed:19:e2:22:d6:8d:d8:53:fb:92:23:69:1f:
3d:f4:37:9d:b3:a1:7a:07:fc:6a:8d:31:00:1b:cd:27:e9:89:
34:df:f6:c9:37:8e:f8:91:2f:b3:94:09:e9:3e:01:33:5c:c7:
42:8d:36:af:5f:fb:5d:4b:4b:b9:8e:e2:f6:d6:33:c0:66:1c:
e3:b3:9b:2f:aa:2d:dd:57:62:c8:1a:c6:f5:24:aa:c1:a1:04:
9d:14:f8:89:89:1b:81:0a:26:2e:85:84:d5:5d:d5:94:ff:a0:
13:22:b1:0b:4d:47:54:66:a8:f0:85:70:37:c4:16:e0:46:7c:
4a:a5:72:7a:ed:50:ef:9f:63:f8:15:f5:f0:f3:a6:86:08:e8:
b6:61:87:14:2a:f3:07:bb:ba:e6:a0:1f:e1:39:7e:5b:29:31:
67:a7:f5:fa:40:07:7d:fb:c7:3b:e2:86:8a:55:76:f8:8a:fb:
26:a7:8a:ff:ea:01:2f:d4:00:4f:10:a4:4d:8b:4e:a8:c9:3d:
eb:fb:08:79:ec:e4:2c:97:b2:d5:9d:fc:2e:2d:ab:cd:c2:64:
55:ec:21:d0:7e:79:f8:26:dd:1d:8d:00:a1:7a:ad:3c:73:58:
c8:15:41:c4:e0:72:ba:3b:fb:ce:44:16:ab:1c:82:c1:45:3c:
85:75:f9:7e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZnyRgUGVpHIHFUdlJcBYEYoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjUxMDE3MTMwNDU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWE4MGJjYmE4MzAyNTU2N2NkYmU4MDliOTlmNzE1ODA5NTcyNjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmbXN2DUaSkujuqqOB0hgCFM7DMT
S7clTpALbWSAWTgeuB/BFBttfkwIlKGrEkzle/3HOrh45a8P4lA3pW0J172LDOLD
U55Di6pJaUi5/X4hOVS4NSGo+TbUlShHT5eYMg95kp+AzWA8/1mqYR4H+YPPDhTW
iBMQfV46pOQ8R503UMJn8ewnhwwIuRNM2rtJ0eMChybDCa5oFJ7KVejjYTpGrndf
16Qz+DK43AgvWiivHHkO1BmGPkcc56PaKcrIMXBucYt1YtOXF/zNcTa5P1Zx9eR1
jdoFteJomsFZP/Ie7xezrW9TixFFP8nyzMm8LbmU7c6uju0OkQLmZ5JuoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF6oC8uoMCVWfNvoCbmfcVgJVyYxMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvWHFnTHk2Z3dKVlo4Mi1nSnVaOXhXQWxYSmpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBnRmCAwQB
nRmuMA0GCSqGSIb3DQEBCwUAA4IBAQAt0U62Du0Z4iLWjdhT+5IjaR899Deds6F6
B/xqjTEAG80n6Yk03/bJN474kS+zlAnpPgEzXMdCjTavX/tdS0u5juL21jPAZhzj
s5svqi3dV2LIGsb1JKrBoQSdFPiJiRuBCiYuhYTVXdWU/6ATIrELTUdUZqjwhXA3
xBbgRnxKpXJ67VDvn2P4FfXw86aGCOi2YYcUKvMHu7rmoB/hOX5bKTFnp/X6QAd9
+8c74oaKVXb4ivsmp4r/6gEv1ABPEKRNi06oyT3r+wh57OQsl7LVnfwuLavNwmRV
7CHQfnn4Jt0djQCheq08c1jIFUHE4HK6O/vORBarHILBRTyFdfl+
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:20:37 2025 by rpki-client