Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/9d5ce5-b6c9-48da-8e8a-6a3bb92443fc/1/Xd7ijHjwtfXf4zZiE_HQf8TmqP0.roa
File: Xd7ijHjwtfXf4zZiE_HQf8TmqP0.roa (raw, json)
Hash identifier: w9B2n3G58lCmyJiIUIJesOdWt7RmGyJHNmHtEsf7LS0=
Subject key identifier: 5D:DE:E2:8C:78:F0:B5:F5:DF:E3:36:62:13:F1:D0:7F:C4:E6:A8:FD
Certificate issuer: /CN=f260075c0944fb1634b628bb10b67f12c873e424
Certificate serial: 01999584F7076FAF89FDEECF6BEA3BCD10E3
Authority key identifier: F2:60:07:5C:09:44:FB:16:34:B6:28:BB:10:B6:7F:12:C8:73:E4:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8mAHXAlE-xY0tii7ELZ_Eshz5CQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/9d5ce5-b6c9-48da-8e8a-6a3bb92443fc/1/Xd7ijHjwtfXf4zZiE_HQf8TmqP0.roa
Signing time: Mon 29 Sep 2025 12:49:02 +0000
ROA not before: Mon 29 Sep 2025 12:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208008
IP address blocks: 91.216.114.0/24 maxlen: 24
2001:678:b48::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/9d5ce5-b6c9-48da-8e8a-6a3bb92443fc/1/8mAHXAlE-xY0tii7ELZ_Eshz5CQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/9d5ce5-b6c9-48da-8e8a-6a3bb92443fc/1/8mAHXAlE-xY0tii7ELZ_Eshz5CQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/8mAHXAlE-xY0tii7ELZ_Eshz5CQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 17:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:95:84:f7:07:6f:af:89:fd:ee:cf:6b:ea:3b:cd:10:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f260075c0944fb1634b628bb10b67f12c873e424
Validity
Not Before: Sep 29 12:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ddee28c78f0b5f5dfe3366213f1d07fc4e6a8fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:af:10:c7:c0:ec:33:d9:18:23:b3:d4:b2:eb:
5c:50:5f:3f:3a:6c:85:7e:c1:09:ce:54:39:21:da:
01:cf:bc:f0:de:1f:bb:3e:73:94:98:22:7b:71:fe:
da:a1:2d:80:ed:1f:13:f5:7f:cb:bd:5d:4c:20:12:
bd:25:e1:4c:12:46:31:49:1f:b5:94:61:32:df:a3:
a3:62:94:44:cf:46:9b:bb:86:87:41:89:c9:58:0a:
b0:42:fb:ad:bf:14:c1:30:2c:69:aa:46:05:90:5a:
8c:f1:0c:90:16:50:86:a6:ff:f2:2c:7c:b9:74:b8:
3e:42:b4:ab:ee:58:ab:62:92:cd:79:00:dd:60:70:
08:1f:4e:92:9c:7e:d2:7a:c6:bc:ba:92:d6:1d:c2:
06:a5:78:77:da:f3:78:58:16:96:53:50:de:34:48:
4d:f1:75:c6:01:7f:b3:3b:5f:63:09:05:de:06:14:
ce:89:2e:9d:f1:6a:47:4c:8a:93:9e:bc:99:ac:26:
a9:1c:b8:af:85:79:ca:10:28:56:48:f2:6c:9b:9a:
b6:0f:0a:0f:37:30:8e:2a:02:18:7a:75:02:dd:b7:
17:86:9d:16:40:ea:2a:87:f0:ce:d8:12:8c:20:da:
f2:b9:5f:fd:b1:92:60:12:da:f0:46:67:d9:f8:18:
3f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:DE:E2:8C:78:F0:B5:F5:DF:E3:36:62:13:F1:D0:7F:C4:E6:A8:FD
X509v3 Authority Key Identifier:
keyid:F2:60:07:5C:09:44:FB:16:34:B6:28:BB:10:B6:7F:12:C8:73:E4:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8mAHXAlE-xY0tii7ELZ_Eshz5CQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/9d5ce5-b6c9-48da-8e8a-6a3bb92443fc/1/Xd7ijHjwtfXf4zZiE_HQf8TmqP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/9d5ce5-b6c9-48da-8e8a-6a3bb92443fc/1/8mAHXAlE-xY0tii7ELZ_Eshz5CQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.114.0/24
IPv6:
2001:678:b48::/48
Signature Algorithm: sha256WithRSAEncryption
41:0b:3e:d6:b2:e5:0e:de:04:62:1f:bc:0a:0d:70:4d:6f:c2:
23:96:4b:53:24:04:74:6a:20:80:69:bd:98:8e:da:1e:cc:d0:
bb:0c:0b:f5:86:ba:de:dc:08:b5:73:13:43:b2:a5:25:b0:6b:
24:e3:19:5a:00:63:52:55:06:02:93:d6:b8:a9:c1:ed:2a:dd:
af:2c:81:0f:fd:87:29:3e:48:11:e8:93:1a:e2:8c:1f:8a:32:
04:06:70:a0:76:46:b1:32:8c:bb:2d:7e:20:c5:8c:23:27:6a:
78:a0:d9:1d:f4:3a:75:7f:f0:9a:ba:32:f7:9e:5d:4f:f5:7a:
d7:e9:e8:56:39:0c:8e:2b:0f:af:8f:b5:6d:f5:60:6f:26:13:
9d:1d:ff:25:6b:2b:fe:a1:53:ca:28:a9:56:99:d6:43:02:f6:
b3:98:c7:5b:55:90:ab:37:42:8d:07:5a:e6:29:b6:48:e9:72:
32:89:f5:7f:c3:21:e3:28:82:95:a3:45:f4:3b:62:2d:b7:09:
6e:62:81:fd:47:da:80:58:d4:71:0b:09:44:7a:c1:05:49:f7:
40:59:d5:eb:c3:48:4e:5f:46:4c:00:10:51:db:b3:6e:2b:49:
3e:2a:1c:25:06:8d:1d:66:4f:75:61:e9:dc:7e:ed:b4:34:2b:
96:3c:07:74
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZmVhPcHb6+J/e7Pa+o7zRDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNjAwNzVjMDk0NGZiMTYzNGI2MjhiYjEwYjY3ZjEyYzg3
M2U0MjQwHhcNMjUwOTI5MTI0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGRlZTI4Yzc4ZjBiNWY1ZGZlMzM2NjIxM2YxZDA3ZmM0ZTZhOGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA668Qx8DsM9kYI7PUsutcUF8/OmyF
fsEJzlQ5IdoBz7zw3h+7PnOUmCJ7cf7aoS2A7R8T9X/LvV1MIBK9JeFMEkYxSR+1
lGEy36OjYpREz0abu4aHQYnJWAqwQvutvxTBMCxpqkYFkFqM8QyQFlCGpv/yLHy5
dLg+QrSr7lirYpLNeQDdYHAIH06SnH7Sesa8upLWHcIGpXh32vN4WBaWU1DeNEhN
8XXGAX+zO19jCQXeBhTOiS6d8WpHTIqTnryZrCapHLivhXnKEChWSPJsm5q2DwoP
NzCOKgIYenUC3bcXhp0WQOoqh/DO2BKMINryuV/9sZJgEtrwRmfZ+Bg/IwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF3e4ox48LX13+M2YhPx0H/E5qj9MB8GA1UdIwQY
MBaAFPJgB1wJRPsWNLYouxC2fxLIc+QkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG1BSFhBbEUteFkwdGlpN0VMWl9Fc2h6NUNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy85ZDVjZTUtYjZjOS00OGRhLThlOGEt
NmEzYmI5MjQ0M2ZjLzEvWGQ3aWpIand0ZlhmNHpaaUVfSFFmOFRtcVAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy85ZDVjZTUtYjZjOS00OGRhLThlOGEtNmEzYmI5MjQ0M2Zj
LzEvOG1BSFhBbEUteFkwdGlpN0VMWl9Fc2h6NUNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9hyMA8E
AgACMAkDBwAgAQZ4C0gwDQYJKoZIhvcNAQELBQADggEBAEELPtay5Q7eBGIfvAoN
cE1vwiOWS1MkBHRqIIBpvZiO2h7M0LsMC/WGut7cCLVzE0OypSWwayTjGVoAY1JV
BgKT1ripwe0q3a8sgQ/9hyk+SBHokxrijB+KMgQGcKB2RrEyjLstfiDFjCMnanig
2R30OnV/8Jq6MveeXU/1etfp6FY5DI4rD6+PtW31YG8mE50d/yVrK/6hU8ooqVaZ
1kMC9rOYx1tVkKs3Qo0HWuYptkjpcjKJ9X/DIeMogpWjRfQ7Yi23CW5igf1H2oBY
1HELCUR6wQVJ90BZ1evDSE5fRkwAEFHbs24rST4qHCUGjR1mT3Vh6dx+7bQ0K5Y8
B3Q=
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:18:45 2025 by rpki-client