
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/XtZEW_Ge-fj7ts452exDji_sEMc.roa
File: XtZEW_Ge-fj7ts452exDji_sEMc.roa (raw, json)
Hash identifier: Z3qqH40xAjBbJprbXnVydXKDBxTyDTfpQSqRlWz/dFs=
Subject key identifier: 5E:D6:44:5B:F1:9E:F9:F8:FB:B6:CE:39:D9:EC:43:8E:2F:EC:10:C7
Certificate issuer: /CN=ab83e64f72dd5889fb13dc218c683f6e2facf5b2
Certificate serial: 019861018F7832CDB61644BAC55C4238EB5A
Authority key identifier: AB:83:E6:4F:72:DD:58:89:FB:13:DC:21:8C:68:3F:6E:2F:AC:F5:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/XtZEW_Ge-fj7ts452exDji_sEMc.roa
Signing time: Thu 31 Jul 2025 15:02:28 +0000
ROA not before: Thu 31 Jul 2025 15:02:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58327
IP address blocks: 5.252.252.0/22 maxlen: 24
89.150.32.0/24 maxlen: 24
89.150.37.0/24 maxlen: 24
89.150.39.0/24 maxlen: 24
89.150.42.0/24 maxlen: 24
94.101.124.0/22 maxlen: 24
176.120.168.0/21 maxlen: 24
185.74.193.0/24 maxlen: 24
185.74.194.0/23 maxlen: 24
185.74.194.0/24 maxlen: 24
185.74.195.0/24 maxlen: 24
185.194.25.0/24 maxlen: 24
185.221.191.0/24 maxlen: 24
185.224.93.0/24 maxlen: 24
185.224.94.0/23 maxlen: 24
185.224.94.0/24 maxlen: 24
185.224.95.0/24 maxlen: 24
185.226.228.0/24 maxlen: 24
185.230.144.0/24 maxlen: 24
185.232.135.0/24 maxlen: 24
185.239.4.0/22 maxlen: 24
188.212.32.0/23 maxlen: 24
193.242.188.0/23 maxlen: 24
2a09:4e40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/q4PmT3LdWIn7E9whjGg_bi-s9bI.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/q4PmT3LdWIn7E9whjGg_bi-s9bI.mft
rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 20:46:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:61:01:8f:78:32:cd:b6:16:44:ba:c5:5c:42:38:eb:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab83e64f72dd5889fb13dc218c683f6e2facf5b2
Validity
Not Before: Jul 31 15:02:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ed6445bf19ef9f8fbb6ce39d9ec438e2fec10c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:97:84:9d:d4:5a:32:51:57:a6:96:6f:cb:13:
64:1b:0a:50:57:9e:c1:cd:5b:20:42:41:2e:b1:e9:
cf:97:99:ee:b4:0a:9d:90:8d:79:c3:4f:2f:46:27:
32:95:4c:66:7b:59:07:5c:00:cf:3f:2c:1c:46:a5:
b4:bf:15:06:6b:9d:cd:9e:37:86:f5:7e:79:7e:51:
b6:5c:91:06:9f:24:ff:d7:24:ae:80:72:40:25:1c:
e2:7e:a8:87:1b:59:86:3c:3c:b9:e0:53:97:fa:ba:
66:f9:3a:c3:a7:46:80:9b:cb:fb:2a:c3:9d:35:c0:
38:6a:94:08:c1:67:71:6f:d4:3a:e4:d7:53:0e:01:
be:95:98:01:26:e0:59:31:eb:f8:19:66:60:2b:6a:
04:a5:6f:55:c4:62:f3:98:21:16:7f:06:ec:dd:d3:
1e:ef:3e:9b:f8:7d:d5:92:1d:42:d5:97:25:a8:72:
8f:ec:9c:7f:76:1d:22:c1:ee:d7:f8:d7:04:77:c6:
44:f4:ca:4a:cc:cb:02:38:9e:0e:87:e1:32:13:65:
8f:ab:b7:98:a3:29:4b:96:b9:13:63:26:7e:6a:e4:
2a:c5:9c:24:52:ca:1a:6a:58:cc:05:34:70:9b:79:
9f:70:23:6f:48:2c:0f:15:4b:68:4d:fb:13:23:c8:
d3:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:D6:44:5B:F1:9E:F9:F8:FB:B6:CE:39:D9:EC:43:8E:2F:EC:10:C7
X509v3 Authority Key Identifier:
keyid:AB:83:E6:4F:72:DD:58:89:FB:13:DC:21:8C:68:3F:6E:2F:AC:F5:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/XtZEW_Ge-fj7ts452exDji_sEMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/q4PmT3LdWIn7E9whjGg_bi-s9bI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.252.0/22
89.150.32.0/24
89.150.37.0/24
89.150.39.0/24
89.150.42.0/24
94.101.124.0/22
176.120.168.0/21
185.74.193.0-185.74.195.255
185.194.25.0/24
185.221.191.0/24
185.224.93.0-185.224.95.255
185.226.228.0/24
185.230.144.0/24
185.232.135.0/24
185.239.4.0/22
188.212.32.0/23
193.242.188.0/23
IPv6:
2a09:4e40::/29
Signature Algorithm: sha256WithRSAEncryption
24:37:7e:06:42:48:48:65:85:59:c8:9c:a0:86:55:1d:65:38:
8c:d9:a4:b6:e1:14:02:02:a5:e7:49:fd:9f:ee:08:95:79:f4:
30:2c:e0:76:99:20:c6:c7:4b:0f:80:7b:54:62:0d:8b:da:89:
e7:61:25:6b:c4:a3:99:92:80:a8:86:7e:e4:b3:12:ae:0d:d2:
40:cb:e9:8a:e1:ce:b0:3b:99:7d:eb:b9:5c:38:92:a4:ab:68:
d0:54:9a:9a:97:2e:b2:95:53:41:5e:ae:ed:47:00:d0:34:01:
49:56:21:0d:cd:01:e3:7b:bc:14:e9:89:b5:1d:ab:51:63:7a:
79:7a:6e:c1:03:38:38:e3:76:b4:6a:6a:02:67:cc:4c:17:6c:
28:44:83:e1:6d:f1:f2:35:a4:48:1a:03:a0:41:61:f1:9b:c1:
aa:fd:73:72:15:a1:30:72:2c:99:c6:89:cf:d8:4b:06:73:7a:
ee:83:51:de:14:94:ff:30:cf:d9:6a:af:66:c7:c0:83:f2:c7:
36:12:e5:19:a6:3d:1c:84:58:50:cd:5c:3a:f9:b8:06:3f:8c:
ec:71:bb:57:ce:c5:bb:51:5b:42:72:74:b6:e9:4c:28:8d:c3:
67:06:e1:92:74:3a:e9:90:19:ae:0f:b8:2d:52:3c:83:8f:69:
90:b7:ba:2a
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAZhhAY94Ms22FkS6xVxCOOtaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiODNlNjRmNzJkZDU4ODlmYjEzZGMyMThjNjgzZjZlMmZh
Y2Y1YjIwHhcNMjUwNzMxMTUwMjI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWQ2NDQ1YmYxOWVmOWY4ZmJiNmNlMzlkOWVjNDM4ZTJmZWMxMGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJeEndRaMlFXppZvyxNkGwpQV57B
zVsgQkEusenPl5nutAqdkI15w08vRicylUxme1kHXADPPywcRqW0vxUGa53NnjeG
9X55flG2XJEGnyT/1ySugHJAJRzifqiHG1mGPDy54FOX+rpm+TrDp0aAm8v7KsOd
NcA4apQIwWdxb9Q65NdTDgG+lZgBJuBZMev4GWZgK2oEpW9VxGLzmCEWfwbs3dMe
7z6b+H3Vkh1C1ZclqHKP7Jx/dh0iwe7X+NcEd8ZE9MpKzMsCOJ4Oh+EyE2WPq7eY
oylLlrkTYyZ+auQqxZwkUsoaaljMBTRwm3mfcCNvSCwPFUtoTfsTI8jT7wIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFF7WRFvxnvn4+7bOOdnsQ44v7BDHMB8GA1UdIwQY
MBaAFKuD5k9y3ViJ+xPcIYxoP24vrPWyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTRQbVQzTGRXSW43RTl3aGpHZ19iaS1zOWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS85ZDY2ZmMtMzFkNC00YWIxLThlYWUt
NTQxZjQ4OTI0OTUyLzEvWHRaRVdfR2UtZmo3dHM0NTJleERqaV9zRU1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS85ZDY2ZmMtMzFkNC00YWIxLThlYWUtNTQxZjQ4OTI0OTUy
LzEvcTRQbVQzTGRXSW43RTl3aGpHZ19iaS1zOWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB8BAIAATB2AwQCBfz8
AwQAWZYgAwQAWZYlAwQAWZYnAwQAWZYqAwQCXmV8AwQDsHioMAwDBAC5SsEDBAK5
SsADBAC5whkDBAC53b8wDAMEALngXQMEBbngQAMEALni5AMEALnmkAMEALnohwME
ArnvBAMEAbzUIAMEAcHyvDANBAIAAjAHAwUDKglOQDANBgkqhkiG9w0BAQsFAAOC
AQEAJDd+BkJISGWFWcicoIZVHWU4jNmktuEUAgKl50n9n+4IlXn0MCzgdpkgxsdL
D4B7VGINi9qJ52Ela8SjmZKAqIZ+5LMSrg3SQMvpiuHOsDuZfeu5XDiSpKto0FSa
mpcuspVTQV6u7UcA0DQBSVYhDc0B43u8FOmJtR2rUWN6eXpuwQM4OON2tGpqAmfM
TBdsKESD4W3x8jWkSBoDoEFh8ZvBqv1zchWhMHIsmcaJz9hLBnN67oNR3hSU/zDP
2WqvZsfAg/LHNhLlGaY9HIRYUM1cOvm4Bj+M7HG7V87Fu1FbQnJ0tulMKI3DZwbh
knQ66ZAZrg+4LVI8g49pkLe6Kg==
-----END CERTIFICATE-----
Generated at Thu Aug 7 03:22:35 2025 by rpki-client