Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/XOmZZnyi2xTRcmBTURdRxnLp9Sw.roa
File: XOmZZnyi2xTRcmBTURdRxnLp9Sw.roa (raw, json)
Hash identifier: JZHtweLNGop+fWQROQPvT2MiNILQcItBwQClayK9iZ0=
Subject key identifier: 5C:E9:99:66:7C:A2:DB:14:D1:72:60:53:51:17:51:C6:72:E9:F5:2C
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 0199AA30B524F9D7C52CB251DDD4BA543BE0
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/XOmZZnyi2xTRcmBTURdRxnLp9Sw.roa
Signing time: Fri 03 Oct 2025 13:09:02 +0000
ROA not before: Fri 03 Oct 2025 13:09:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202309
IP address blocks: 62.68.70.0/24 maxlen: 24
78.128.123.0/24 maxlen: 24
79.124.42.0/23 maxlen: 24
80.72.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 19:02:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:aa:30:b5:24:f9:d7:c5:2c:b2:51:dd:d4:ba:54:3b:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Oct 3 13:09:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ce999667ca2db14d1726053511751c672e9f52c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:61:86:39:d6:17:e8:4f:43:00:f5:bf:23:26:
89:e2:42:ea:2f:e0:e4:e5:a8:9b:4f:f1:74:ec:f6:
b0:42:79:50:63:fb:38:79:a5:9b:a3:8a:0e:3e:a1:
6b:ba:3c:ed:52:fd:3a:b9:30:75:68:13:4c:4e:7a:
d1:ed:fd:75:0f:1a:36:bc:ed:9b:25:99:43:f4:4c:
99:33:1a:b4:25:7a:f3:de:50:16:50:40:aa:aa:a1:
f2:18:66:43:91:10:74:26:4f:b1:12:a7:20:65:b3:
28:6b:84:81:e8:be:2a:ba:7c:34:0f:97:bf:3d:c0:
62:5a:6d:9a:2f:b9:6a:b5:56:da:4a:9d:7d:c1:20:
97:d0:4e:12:71:b5:00:1e:1e:35:79:85:ba:30:51:
b0:14:3a:ff:91:e6:b8:41:ed:8e:50:71:b5:4a:b5:
4a:f4:3f:a3:9d:e6:f4:31:66:0d:ef:86:09:4a:21:
81:10:3e:42:2d:e6:e3:a9:6c:60:47:74:ff:2f:47:
ae:1b:d7:d6:1d:1d:f7:e3:e2:32:1c:cd:f6:57:e9:
45:71:fc:04:3a:50:18:48:0f:1e:3e:f2:4a:11:f8:
13:01:ef:0e:6c:21:0b:51:a4:ff:2b:8c:97:f5:a3:
db:af:7e:c9:50:62:6e:28:e0:20:f3:da:24:35:9b:
bc:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:E9:99:66:7C:A2:DB:14:D1:72:60:53:51:17:51:C6:72:E9:F5:2C
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/XOmZZnyi2xTRcmBTURdRxnLp9Sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.68.70.0/24
78.128.123.0/24
79.124.42.0/23
80.72.78.0/24
Signature Algorithm: sha256WithRSAEncryption
68:d5:01:6c:a8:7d:1b:03:eb:84:87:a1:ed:a6:ab:cc:85:12:
25:ce:62:f6:93:e7:4d:cd:e2:75:f4:3e:d9:cc:b3:eb:bc:09:
6d:3e:30:cb:89:0a:4f:dc:30:7c:c2:8e:6e:c5:8d:7b:89:d5:
12:fc:d9:01:55:cf:36:7c:c1:5c:04:88:c0:a4:39:3c:37:9f:
b1:18:67:73:69:65:44:59:d8:47:bb:39:6b:ce:f5:a4:ad:98:
d2:8b:ad:a2:ff:e6:45:e0:76:84:77:c2:14:9a:46:05:92:e7:
fd:ae:2f:eb:73:9a:93:68:2a:30:75:2b:1c:5c:72:08:18:dd:
b1:21:3b:8b:7c:e3:0e:37:4e:87:58:06:a0:3f:42:cf:a3:3f:
c8:78:0a:d3:24:4b:9d:91:90:f7:f5:e8:20:f9:2c:a3:03:cf:
6e:66:c0:14:5b:4c:7e:1c:14:37:e0:45:5c:ec:f6:05:21:bb:
09:93:a6:ce:4c:b7:e0:58:1d:88:c9:f4:0a:ac:50:11:66:f0:
6c:85:14:c3:c2:eb:82:a0:60:6e:a3:a6:04:57:31:81:72:0c:
ff:a3:ad:80:5d:cf:06:75:a9:f1:6b:72:af:79:67:0a:ed:8e:
af:92:89:c1:25:9a:4e:27:0e:6d:b7:60:51:b2:0f:65:c3:da:
49:35:93:35
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZmqMLUk+dfFLLJR3dS6VDvgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUxMDAzMTMwOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2U5OTk2NjdjYTJkYjE0ZDE3MjYwNTM1MTE3NTFjNjcyZTlmNTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2GGOdYX6E9DAPW/IyaJ4kLqL+Dk
5aibT/F07PawQnlQY/s4eaWbo4oOPqFrujztUv06uTB1aBNMTnrR7f11Dxo2vO2b
JZlD9EyZMxq0JXrz3lAWUECqqqHyGGZDkRB0Jk+xEqcgZbMoa4SB6L4qunw0D5e/
PcBiWm2aL7lqtVbaSp19wSCX0E4ScbUAHh41eYW6MFGwFDr/kea4Qe2OUHG1SrVK
9D+jneb0MWYN74YJSiGBED5CLebjqWxgR3T/L0euG9fWHR334+IyHM32V+lFcfwE
OlAYSA8ePvJKEfgTAe8ObCELUaT/K4yX9aPbr37JUGJuKOAg89okNZu8uQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFzpmWZ8otsU0XJgU1EXUcZy6fUsMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvWE9tWlpueWkyeFRSY21CVFVSZFJ4bkxwOVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPkRGAwQA
ToB7AwQBT3wqAwQAUEhOMA0GCSqGSIb3DQEBCwUAA4IBAQBo1QFsqH0bA+uEh6Ht
pqvMhRIlzmL2k+dNzeJ19D7ZzLPrvAltPjDLiQpP3DB8wo5uxY17idUS/NkBVc82
fMFcBIjApDk8N5+xGGdzaWVEWdhHuzlrzvWkrZjSi62i/+ZF4HaEd8IUmkYFkuf9
ri/rc5qTaCowdSscXHIIGN2xITuLfOMON06HWAagP0LPoz/IeArTJEudkZD39egg
+SyjA89uZsAUW0x+HBQ34EVc7PYFIbsJk6bOTLfgWB2IyfQKrFARZvBshRTDwuuC
oGBuo6YEVzGBcgz/o62AXc8Gdanxa3KveWcK7Y6vkonBJZpOJw5tt2BRsg9lw9pJ
NZM1
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:49:38 2025 by rpki-client