
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/XoElMCWSXeZbJRYtXiEJ_Emiz2A.roa
File: XoElMCWSXeZbJRYtXiEJ_Emiz2A.roa (raw, json)
Hash identifier: LbkB9E2yx3Leo0MqKyox9NLbqbqscRyng+tbBGiff/4=
Subject key identifier: 5E:81:25:30:25:92:5D:E6:5B:25:16:2D:5E:21:09:FC:49:A2:CF:60
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 019943C8C723E97A0E1AC93E40A6BAD5D4E2
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/XoElMCWSXeZbJRYtXiEJ_Emiz2A.roa
Signing time: Sat 13 Sep 2025 15:54:15 +0000
ROA not before: Sat 13 Sep 2025 15:54:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209372
IP address blocks: 89.185.79.0/24 maxlen: 24
92.240.204.0/24 maxlen: 24
92.240.215.0/24 maxlen: 24
92.240.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.mft
rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:43:c8:c7:23:e9:7a:0e:1a:c9:3e:40:a6:ba:d5:d4:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: Sep 13 15:54:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e81253025925de65b25162d5e2109fc49a2cf60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:de:98:4e:69:36:71:9b:36:f9:fb:bb:1d:66:
ce:71:e0:9d:c0:b7:f6:ec:8a:27:e5:23:28:f2:87:
1f:59:c7:55:b7:de:d6:51:c6:57:db:70:13:a1:4d:
c2:b3:95:4d:1d:aa:ac:3d:f7:20:94:85:9f:77:1b:
77:7a:5d:fd:7b:b1:0e:6e:ab:0c:e1:41:37:ce:0e:
6d:a8:b4:a1:d3:67:5d:be:71:eb:4e:b2:be:a4:52:
e6:06:65:5c:0f:94:c6:32:dd:93:04:90:50:51:54:
62:db:40:33:68:c5:81:96:aa:17:61:8e:b0:25:4d:
9c:a3:ad:42:4d:cb:68:a9:4d:24:b9:6e:61:e9:69:
70:2f:2a:f0:89:91:5c:17:08:ef:d4:dc:e8:f8:d1:
9c:88:ad:84:7c:63:4f:21:fc:1c:55:45:76:ee:7e:
f6:ca:ab:2f:32:b2:27:32:43:e9:82:13:71:13:ba:
fe:1d:25:03:92:37:69:58:5e:4b:19:b7:d5:d3:a7:
9d:9d:b7:2c:c3:3e:3c:eb:1d:a9:f4:06:14:f7:b1:
6c:89:64:7c:08:ed:9d:19:b1:c7:92:9d:55:6b:b9:
d9:f9:ce:d2:d8:be:f8:24:37:9f:b4:23:86:f2:f3:
d7:69:bc:59:39:07:df:b0:a8:fe:c6:c5:24:f1:ab:
9c:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:81:25:30:25:92:5D:E6:5B:25:16:2D:5E:21:09:FC:49:A2:CF:60
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/XoElMCWSXeZbJRYtXiEJ_Emiz2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.79.0/24
92.240.204.0/24
92.240.215.0/24
92.240.217.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:07:a1:1f:13:12:36:4b:36:db:25:da:9b:ea:49:ac:6d:fa:
39:a5:d4:e7:d9:a3:5e:bd:9e:4c:9a:2c:a5:6a:e3:dc:c3:98:
58:20:f2:de:a2:07:02:0b:88:1e:6f:2a:65:55:ec:f7:02:b0:
c5:53:8d:d3:c9:84:e2:56:60:14:79:35:fd:6c:27:14:27:be:
5b:a6:ce:30:9c:c0:51:1a:22:9e:18:0f:a6:d8:f9:5b:52:4b:
e2:63:3b:a4:ec:9a:c9:50:2a:bc:96:a5:be:11:6b:39:13:ab:
6f:37:b1:fe:67:5a:32:51:f3:1f:4b:37:b4:a1:3f:97:65:2a:
3b:d4:7a:82:85:74:b4:c9:65:10:f6:f8:fc:c2:d7:45:17:78:
cc:5c:03:fa:29:e0:70:23:11:4e:50:03:e9:2a:a3:10:f2:d5:
e1:b6:7a:9d:8c:32:08:65:84:d3:f1:8e:f0:a9:07:17:ae:be:
8a:88:0e:79:34:bc:58:ed:1b:31:f2:4b:4e:82:9f:5d:0b:43:
c6:01:ee:92:6d:d6:1f:f9:89:9d:ee:20:14:09:84:52:cd:ff:
7a:3e:2d:df:4a:8f:8c:1e:70:25:26:bb:5e:2a:30:e7:72:66:
51:bf:73:bd:38:a5:dd:18:e2:91:7a:98:58:86:1e:2c:e4:27:
2f:77:04:80
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZlDyMcj6XoOGsk+QKa61dTiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjUwOTEzMTU1NDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTgxMjUzMDI1OTI1ZGU2NWIyNTE2MmQ1ZTIxMDlmYzQ5YTJjZjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0N6YTmk2cZs2+fu7HWbOceCdwLf2
7Ion5SMo8ocfWcdVt97WUcZX23AToU3Cs5VNHaqsPfcglIWfdxt3el39e7EObqsM
4UE3zg5tqLSh02ddvnHrTrK+pFLmBmVcD5TGMt2TBJBQUVRi20AzaMWBlqoXYY6w
JU2co61CTctoqU0kuW5h6WlwLyrwiZFcFwjv1Nzo+NGciK2EfGNPIfwcVUV27n72
yqsvMrInMkPpghNxE7r+HSUDkjdpWF5LGbfV06ednbcswz486x2p9AYU97FsiWR8
CO2dGbHHkp1Va7nZ+c7S2L74JDeftCOG8vPXabxZOQffsKj+xsUk8aucMQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF6BJTAlkl3mWyUWLV4hCfxJos9gMB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvWG9FbE1DV1NYZVpiSlJZdFhpRUpfRW1pejJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0
LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWblPAwQA
XPDMAwQAXPDXAwQAXPDZMA0GCSqGSIb3DQEBCwUAA4IBAQC3B6EfExI2SzbbJdqb
6kmsbfo5pdTn2aNevZ5MmiylauPcw5hYIPLeogcCC4gebyplVez3ArDFU43TyYTi
VmAUeTX9bCcUJ75bps4wnMBRGiKeGA+m2PlbUkviYzuk7JrJUCq8lqW+EWs5E6tv
N7H+Z1oyUfMfSze0oT+XZSo71HqChXS0yWUQ9vj8wtdFF3jMXAP6KeBwIxFOUAPp
KqMQ8tXhtnqdjDIIZYTT8Y7wqQcXrr6KiA55NLxY7Rsx8ktOgp9dC0PGAe6SbdYf
+Ymd7iAUCYRSzf96Pi3fSo+MHnAlJrteKjDncmZRv3O9OKXdGOKRephYhh4s5Ccv
dwSA
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:22:47 2025 by rpki-client