Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/07d0c7-dc1e-4089-bd48-7ee0e60bb053/1/Xo_7x8gM362sNUx9u7YODuCsWN0.roa
File: Xo_7x8gM362sNUx9u7YODuCsWN0.roa (raw, json)
Hash identifier: kMd99CyUtMJl4Cu76HE19siKUa5sAjH27qVIWnJGM5I=
Subject key identifier: 5E:8F:FB:C7:C8:0C:DF:AD:AC:35:4C:7D:BB:B6:0E:0E:E0:AC:58:DD
Certificate issuer: /CN=a1e5fc635a1a775574b779aea9ccd6524cc4d0f9
Certificate serial: 01995C97E95E668866BDEDA3A197680CE3A5
Authority key identifier: A1:E5:FC:63:5A:1A:77:55:74:B7:79:AE:A9:CC:D6:52:4C:C4:D0:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oeX8Y1oad1V0t3muqczWUkzE0Pk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/07d0c7-dc1e-4089-bd48-7ee0e60bb053/1/Xo_7x8gM362sNUx9u7YODuCsWN0.roa
Signing time: Thu 18 Sep 2025 11:31:23 +0000
ROA not before: Thu 18 Sep 2025 11:31:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34530
IP address blocks: 194.126.216.0/24 maxlen: 24
213.222.192.0/24 maxlen: 24
213.222.198.0/24 maxlen: 24
213.222.199.0/24 maxlen: 24
213.222.220.0/22 maxlen: 22
213.222.221.0/24 maxlen: 24
213.222.222.0/24 maxlen: 24
213.222.223.0/24 maxlen: 24
2a03:7580:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/07d0c7-dc1e-4089-bd48-7ee0e60bb053/1/oeX8Y1oad1V0t3muqczWUkzE0Pk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/07d0c7-dc1e-4089-bd48-7ee0e60bb053/1/oeX8Y1oad1V0t3muqczWUkzE0Pk.mft
rsync://rpki.ripe.net/repository/DEFAULT/oeX8Y1oad1V0t3muqczWUkzE0Pk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 14:01:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:5c:97:e9:5e:66:88:66:bd:ed:a3:a1:97:68:0c:e3:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1e5fc635a1a775574b779aea9ccd6524cc4d0f9
Validity
Not Before: Sep 18 11:31:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e8ffbc7c80cdfadac354c7dbbb60e0ee0ac58dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d3:c9:28:04:b8:cf:91:c5:bd:53:98:b1:bc:
16:3e:ef:22:65:79:a0:68:b2:57:fd:f3:61:e2:9e:
91:a8:88:06:e4:0b:95:37:2a:45:c8:a7:de:65:6e:
b9:14:48:73:0f:c7:db:25:e0:75:94:c9:a2:ff:1b:
64:af:a7:5d:7d:e5:b9:f8:e2:4e:f6:13:b4:87:c0:
bb:4c:5b:b4:31:5e:8a:e2:d1:4d:8b:a1:28:6a:3b:
e7:ce:88:7c:8a:54:12:ad:97:e1:78:e8:4d:0e:1e:
55:ca:f2:ed:6a:39:2d:8a:5d:75:31:76:a2:75:f6:
da:ca:50:b7:14:4d:82:87:d4:c5:b6:1a:5e:7b:0d:
e3:19:40:ee:d7:e7:9c:bb:09:cb:9b:61:49:2d:c7:
9f:99:c8:18:e5:69:4e:1b:2e:7d:5d:5f:84:fe:1c:
9c:7c:e6:04:4c:69:88:9f:c4:1c:b7:84:43:a2:50:
c7:93:24:c5:08:e2:89:e4:d2:6d:62:1c:29:24:1d:
53:dc:3f:fe:d2:82:0f:04:c6:35:63:25:9f:88:89:
98:28:3d:59:24:8d:4f:89:ec:4b:33:28:d7:b3:45:
94:96:05:8d:1f:d0:0e:99:83:f4:24:34:9b:67:a2:
ce:78:9c:ff:96:2e:73:3e:66:5a:b1:b4:a5:a4:8f:
0f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:8F:FB:C7:C8:0C:DF:AD:AC:35:4C:7D:BB:B6:0E:0E:E0:AC:58:DD
X509v3 Authority Key Identifier:
keyid:A1:E5:FC:63:5A:1A:77:55:74:B7:79:AE:A9:CC:D6:52:4C:C4:D0:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oeX8Y1oad1V0t3muqczWUkzE0Pk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/07d0c7-dc1e-4089-bd48-7ee0e60bb053/1/Xo_7x8gM362sNUx9u7YODuCsWN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/07d0c7-dc1e-4089-bd48-7ee0e60bb053/1/oeX8Y1oad1V0t3muqczWUkzE0Pk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.126.216.0/24
213.222.192.0/24
213.222.198.0/23
213.222.220.0/22
IPv6:
2a03:7580:4000::/40
Signature Algorithm: sha256WithRSAEncryption
60:42:83:9b:59:2a:33:a7:34:79:7e:5a:c8:a2:b0:0f:8d:99:
2f:60:0e:53:45:b4:99:82:3b:65:91:b5:f3:77:06:01:c0:b4:
bb:3f:0a:77:0f:4d:69:37:08:3a:bf:84:ef:35:23:75:91:c6:
6a:02:f8:67:20:87:f6:24:be:ec:68:a4:d9:df:4e:60:76:6c:
8a:6d:7a:06:c1:2c:ca:f0:a3:34:6e:21:dd:d6:b5:51:90:26:
95:66:1d:78:e6:6e:ff:eb:ef:b3:f3:26:bc:1f:6e:a3:4a:83:
be:99:53:ea:1b:ed:61:c4:5b:dc:cf:cc:73:47:7b:0e:d5:c3:
79:4a:2c:99:2e:2c:c6:8b:8f:70:d3:ca:ea:b1:51:01:60:66:
96:4b:7f:da:cb:e9:3d:d2:ad:5a:e7:17:8b:5e:46:59:f2:4f:
d3:2b:60:cf:6f:2c:e4:f3:53:f8:f4:e1:d3:57:e6:6d:23:d8:
2c:48:a5:4a:a0:38:7b:80:2d:66:67:e5:ed:02:af:14:85:c9:
61:46:c3:ea:10:7b:6e:ba:56:2c:8c:cd:d8:3d:25:6a:ed:b0:
82:1c:87:91:ce:e4:d9:f8:a2:3a:f8:85:d0:44:9f:53:f6:93:
85:e9:0d:e6:5c:3b:fd:68:3d:6e:3a:14:44:62:58:06:b5:a5:
61:db:6c:ae
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZlcl+leZohmve2joZdoDOOlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZTVmYzYzNWExYTc3NTU3NGI3NzlhZWE5Y2NkNjUyNGNj
NGQwZjkwHhcNMjUwOTE4MTEzMTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZThmZmJjN2M4MGNkZmFkYWMzNTRjN2RiYmI2MGUwZWUwYWM1OGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstPJKAS4z5HFvVOYsbwWPu8iZXmg
aLJX/fNh4p6RqIgG5AuVNypFyKfeZW65FEhzD8fbJeB1lMmi/xtkr6ddfeW5+OJO
9hO0h8C7TFu0MV6K4tFNi6Eoajvnzoh8ilQSrZfheOhNDh5VyvLtajktil11MXai
dfbaylC3FE2Ch9TFthpeew3jGUDu1+ecuwnLm2FJLcefmcgY5WlOGy59XV+E/hyc
fOYETGmIn8Qct4RDolDHkyTFCOKJ5NJtYhwpJB1T3D/+0oIPBMY1YyWfiImYKD1Z
JI1PiexLMyjXs0WUlgWNH9AOmYP0JDSbZ6LOeJz/li5zPmZasbSlpI8PBwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFF6P+8fIDN+trDVMfbu2Dg7grFjdMB8GA1UdIwQY
MBaAFKHl/GNaGndVdLd5rqnM1lJMxND5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2VYOFkxb2FkMVYwdDNtdXFjeldVa3pFMFBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8wN2QwYzctZGMxZS00MDg5LWJkNDgt
N2VlMGU2MGJiMDUzLzEvWG9fN3g4Z00zNjJzTlV4OXU3WU9EdUNzV04wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8wN2QwYzctZGMxZS00MDg5LWJkNDgtN2VlMGU2MGJiMDUz
LzEvb2VYOFkxb2FkMVYwdDNtdXFjeldVa3pFMFBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQAwn7YAwQA
1d7AAwQB1d7GAwQC1d7cMA4EAgACMAgDBgAqA3WAQDANBgkqhkiG9w0BAQsFAAOC
AQEAYEKDm1kqM6c0eX5ayKKwD42ZL2AOU0W0mYI7ZZG183cGAcC0uz8Kdw9NaTcI
Or+E7zUjdZHGagL4ZyCH9iS+7Gik2d9OYHZsim16BsEsyvCjNG4h3da1UZAmlWYd
eOZu/+vvs/MmvB9uo0qDvplT6hvtYcRb3M/Mc0d7DtXDeUosmS4sxouPcNPK6rFR
AWBmlkt/2svpPdKtWucXi15GWfJP0ytgz28s5PNT+PTh01fmbSPYLEilSqA4e4At
Zmfl7QKvFIXJYUbD6hB7brpWLIzN2D0lau2wghyHkc7k2fiiOviF0ESfU/aThekN
5lw7/Wg9bjoURGJYBrWlYdtsrg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:22:05 2025 by rpki-client