Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/2b2cdf-2ee5-4689-863b-3d13e9776ff7/1/XQvs_LeYh7n5lJNYbQ7IMsSxGfU.roa
File: XQvs_LeYh7n5lJNYbQ7IMsSxGfU.roa (raw, json)
Hash identifier: NEI+JeokcTnC/E33WRhCXxumi2TGWneCiQdh6c4jiDg=
Subject key identifier: 5D:0B:EC:FC:B7:98:87:B9:F9:94:93:58:6D:0E:C8:32:C4:B1:19:F5
Certificate issuer: /CN=f05a17dd3beb8dc848fbe7629061d6080141e7d4
Certificate serial: 0199A13A0093D82ECCD1E892D45DA5762692
Authority key identifier: F0:5A:17:DD:3B:EB:8D:C8:48:FB:E7:62:90:61:D6:08:01:41:E7:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8FoX3TvrjchI--dikGHWCAFB59Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/2b2cdf-2ee5-4689-863b-3d13e9776ff7/1/XQvs_LeYh7n5lJNYbQ7IMsSxGfU.roa
Signing time: Wed 01 Oct 2025 19:22:36 +0000
ROA not before: Wed 01 Oct 2025 19:22:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51351
IP address blocks: 164.138.96.0/24 maxlen: 24
164.138.97.0/24 maxlen: 24
164.138.98.0/24 maxlen: 24
194.31.10.0/24 maxlen: 24
2a11:ec00::/29 maxlen: 29
2a11:ec07::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/2b2cdf-2ee5-4689-863b-3d13e9776ff7/1/8FoX3TvrjchI--dikGHWCAFB59Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/2b2cdf-2ee5-4689-863b-3d13e9776ff7/1/8FoX3TvrjchI--dikGHWCAFB59Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/8FoX3TvrjchI--dikGHWCAFB59Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a1:3a:00:93:d8:2e:cc:d1:e8:92:d4:5d:a5:76:26:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f05a17dd3beb8dc848fbe7629061d6080141e7d4
Validity
Not Before: Oct 1 19:22:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d0becfcb79887b9f99493586d0ec832c4b119f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:29:9c:9b:17:7b:b9:e0:1f:a1:c7:bb:d1:f9:
86:26:06:1c:d9:05:78:24:0e:53:35:46:f3:8e:e5:
05:de:5a:6f:f4:8a:20:92:e3:36:1d:ce:2d:af:a2:
36:03:b2:fd:ab:b3:15:91:7b:0d:32:30:d7:4f:e1:
dc:97:93:f8:a2:0e:72:ee:34:84:22:6c:79:96:86:
50:4b:14:a4:41:0c:b3:2a:d4:a7:74:dc:e3:3b:b3:
6c:f8:44:39:b6:8b:68:e5:43:b6:e4:23:1a:58:ab:
0c:99:c8:fc:ba:a5:60:cc:c6:05:34:c6:65:e8:2d:
91:82:15:e9:9c:65:8a:f7:df:50:37:c9:0b:58:47:
73:ce:6e:10:43:14:3f:e3:c2:ba:2d:ea:99:16:ec:
a4:e4:b1:9b:36:0f:88:a6:b9:90:81:26:df:da:89:
57:9a:08:eb:a3:c3:9f:e9:b6:2d:c7:70:fb:65:39:
27:e6:e8:81:ac:93:ab:70:e0:cf:28:87:cd:73:56:
fe:89:f9:c5:f3:4d:e7:52:fd:38:d9:c9:87:bd:b3:
8c:19:f2:c3:e8:91:d7:18:ac:ab:d3:09:38:fe:63:
3d:86:fd:7a:23:e3:9e:ad:e7:be:3e:fb:09:85:f3:
e0:c3:3e:ac:72:d2:9d:86:59:60:34:05:e9:0b:76:
cd:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:0B:EC:FC:B7:98:87:B9:F9:94:93:58:6D:0E:C8:32:C4:B1:19:F5
X509v3 Authority Key Identifier:
keyid:F0:5A:17:DD:3B:EB:8D:C8:48:FB:E7:62:90:61:D6:08:01:41:E7:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8FoX3TvrjchI--dikGHWCAFB59Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2b2cdf-2ee5-4689-863b-3d13e9776ff7/1/XQvs_LeYh7n5lJNYbQ7IMsSxGfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2b2cdf-2ee5-4689-863b-3d13e9776ff7/1/8FoX3TvrjchI--dikGHWCAFB59Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.138.96.0-164.138.98.255
194.31.10.0/24
IPv6:
2a11:ec00::/29
Signature Algorithm: sha256WithRSAEncryption
22:76:e8:db:0f:34:4b:63:73:1e:94:a8:74:8b:c0:3c:26:ae:
90:85:74:42:11:8c:08:1b:f6:59:22:a9:47:19:d4:aa:f9:1e:
d0:da:f1:db:88:24:66:d5:56:96:9e:cc:08:1c:76:0a:56:57:
1d:49:40:08:31:8f:6e:ae:aa:3f:08:3b:b8:06:59:37:bd:48:
ce:ae:02:dc:98:c6:67:e4:7b:73:f5:33:a8:aa:98:f7:70:31:
cf:8f:b7:41:c8:91:0a:5b:91:0e:4b:e8:ca:f7:bc:bc:a6:d3:
a5:42:75:4d:98:75:5c:a5:b6:e2:20:b2:ca:bb:10:80:db:c0:
eb:30:46:c6:a2:eb:eb:74:02:3b:9c:d8:77:e8:a0:43:78:f5:
1c:56:3d:6a:a9:3c:da:e4:39:97:ed:93:85:f3:54:a3:d5:ec:
dc:30:90:ff:ba:d0:e0:cd:53:ba:ca:2f:8a:84:67:7d:f4:66:
1b:1e:ce:69:d4:81:3f:b4:5e:ce:c5:57:10:28:8e:53:06:26:
33:01:7f:69:f0:e8:cd:e0:b0:01:eb:de:c8:90:bb:fa:04:c0:
3d:68:db:76:6d:49:50:09:98:d3:90:80:02:f6:ce:56:e9:d0:
b9:6e:07:6b:61:31:0d:77:44:42:2e:f3:0e:45:75:50:8c:c7:
2b:ab:99:f0
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZmhOgCT2C7M0eiS1F2ldiaSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNWExN2RkM2JlYjhkYzg0OGZiZTc2MjkwNjFkNjA4MDE0
MWU3ZDQwHhcNMjUxMDAxMTkyMjM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDBiZWNmY2I3OTg4N2I5Zjk5NDkzNTg2ZDBlYzgzMmM0YjExOWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCmcmxd7ueAfoce70fmGJgYc2QV4
JA5TNUbzjuUF3lpv9IogkuM2Hc4tr6I2A7L9q7MVkXsNMjDXT+Hcl5P4og5y7jSE
Imx5loZQSxSkQQyzKtSndNzjO7Ns+EQ5toto5UO25CMaWKsMmcj8uqVgzMYFNMZl
6C2RghXpnGWK999QN8kLWEdzzm4QQxQ/48K6LeqZFuyk5LGbNg+IprmQgSbf2olX
mgjro8Of6bYtx3D7ZTkn5uiBrJOrcODPKIfNc1b+ifnF803nUv042cmHvbOMGfLD
6JHXGKyr0wk4/mM9hv16I+Oeree+PvsJhfPgwz6sctKdhllgNAXpC3bNXQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFF0L7Py3mIe5+ZSTWG0OyDLEsRn1MB8GA1UdIwQY
MBaAFPBaF907643ISPvnYpBh1ggBQefUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEZvWDNUdnJqY2hJLS1kaWtHSFdDQUZCNTlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yYjJjZGYtMmVlNS00Njg5LTg2M2It
M2QxM2U5Nzc2ZmY3LzEvWFF2c19MZVloN241bEpOWWJRN0lNc1N4R2ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yYjJjZGYtMmVlNS00Njg5LTg2M2ItM2QxM2U5Nzc2ZmY3
LzEvOEZvWDNUdnJqY2hJLS1kaWtHSFdDQUZCNTlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAWkimAD
BACkimIDBADCHwowDQQCAAIwBwMFAyoR7AAwDQYJKoZIhvcNAQELBQADggEBACJ2
6NsPNEtjcx6UqHSLwDwmrpCFdEIRjAgb9lkiqUcZ1Kr5HtDa8duIJGbVVpaezAgc
dgpWVx1JQAgxj26uqj8IO7gGWTe9SM6uAtyYxmfke3P1M6iqmPdwMc+Pt0HIkQpb
kQ5L6Mr3vLym06VCdU2YdVyltuIgssq7EIDbwOswRsai6+t0Ajuc2HfooEN49RxW
PWqpPNrkOZftk4XzVKPV7NwwkP+60ODNU7rKL4qEZ330ZhsezmnUgT+0Xs7FVxAo
jlMGJjMBf2nw6M3gsAHr3siQu/oEwD1o23ZtSVAJmNOQgAL2zlbp0LluB2thMQ13
REIu8w5FdVCMxyurmfA=
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:24:34 2025 by rpki-client