Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/XcxcS9ldQu6VQrsTPyt-_lfXPao.roa
File: XcxcS9ldQu6VQrsTPyt-_lfXPao.roa (raw, json)
Hash identifier: 2Sl1d/YMvIvosyAajy76CYNHHCqrobuGrcDX5gv9Jos=
Subject key identifier: 5D:CC:5C:4B:D9:5D:42:EE:95:42:BB:13:3F:2B:7E:FE:57:D7:3D:AA
Certificate issuer: /CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Certificate serial: 01986E80C31C56DBCB7AA15C056FA9D48401
Authority key identifier: B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/XcxcS9ldQu6VQrsTPyt-_lfXPao.roa
Signing time: Sun 03 Aug 2025 05:56:29 +0000
ROA not before: Sun 03 Aug 2025 05:56:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57391
IP address blocks: 88.135.40.0/24 maxlen: 24
88.135.41.0/24 maxlen: 24
88.135.42.0/24 maxlen: 24
88.135.43.0/24 maxlen: 24
88.135.44.0/24 maxlen: 24
88.135.45.0/24 maxlen: 24
88.135.46.0/23 maxlen: 23
88.135.46.0/24 maxlen: 24
88.135.47.0/24 maxlen: 24
185.67.101.0/24 maxlen: 24
185.233.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/ttFBGNvSJymNqoDHrKsR7qbWPiE.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/ttFBGNvSJymNqoDHrKsR7qbWPiE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 08:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:6e:80:c3:1c:56:db:cb:7a:a1:5c:05:6f:a9:d4:84:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Validity
Not Before: Aug 3 05:56:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5dcc5c4bd95d42ee9542bb133f2b7efe57d73daa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a7:16:fa:4c:c3:61:11:0d:0c:30:a7:89:ad:
9e:fc:0f:b7:80:62:87:da:56:7f:7d:1c:67:26:68:
74:95:82:8e:30:4a:58:ea:34:dc:72:b1:d7:f5:84:
21:cb:80:2d:97:b7:3c:c6:22:d4:9e:67:01:58:1c:
cf:b7:61:2f:dd:20:40:af:d8:66:e3:96:a0:af:9a:
1f:5f:3f:19:28:90:a4:f6:75:27:d7:55:c1:74:bb:
b4:21:f9:d8:8d:17:0d:f4:54:dc:99:8f:0d:ad:38:
90:f9:82:a6:2c:bf:a1:82:5c:0d:f3:59:e7:60:c9:
34:9a:54:40:c3:54:4a:c0:46:3e:a0:dc:a8:ed:14:
74:67:5c:91:24:d7:81:3b:2e:42:8d:26:22:80:a1:
0c:6b:b0:0e:61:e1:46:c9:99:dd:16:1d:1a:c1:ff:
1c:9d:68:19:4d:3c:0b:a2:1f:28:a1:14:71:22:97:
b5:1c:16:38:be:cd:0c:e4:82:b7:16:85:dc:9e:ac:
02:86:c1:db:9c:d4:70:5a:5c:a8:af:1b:ed:c6:4b:
95:73:c4:d0:e3:9e:29:ec:8a:4b:d5:cb:24:0b:bf:
5a:2b:a6:20:af:59:f4:8c:49:78:5d:24:7b:59:89:
a1:7a:3f:73:e3:6e:66:28:a4:1b:1e:f4:6a:b5:46:
9f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:CC:5C:4B:D9:5D:42:EE:95:42:BB:13:3F:2B:7E:FE:57:D7:3D:AA
X509v3 Authority Key Identifier:
keyid:B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/XcxcS9ldQu6VQrsTPyt-_lfXPao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/ttFBGNvSJymNqoDHrKsR7qbWPiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.40.0/21
185.67.101.0/24
185.233.14.0/24
Signature Algorithm: sha256WithRSAEncryption
13:32:8f:c7:d5:0b:79:6a:b2:7c:61:dd:bc:d7:fe:86:50:26:
ef:79:51:80:24:32:a0:00:e3:f8:7a:c6:98:3e:04:0b:d1:bf:
65:c3:e6:c5:4b:36:29:71:6c:38:c9:5b:35:62:86:d5:db:d8:
00:f2:a2:8d:d3:6a:ae:94:55:97:28:ab:aa:79:cc:e1:4c:7e:
b6:5d:dc:7e:ee:25:7e:45:e5:22:59:99:72:35:5b:6b:8c:28:
1e:62:14:ed:f1:ea:3c:39:26:89:60:ed:72:82:c1:7a:a8:d6:
f8:27:29:15:f5:a8:0d:ac:70:d1:61:32:cb:d6:5e:bd:d8:ab:
f0:e3:a9:5e:ed:aa:a5:9d:25:4d:3f:8a:f1:8d:57:6f:8a:ef:
bf:8c:5e:b6:fb:b3:c9:96:57:8c:74:65:9a:04:aa:41:c3:61:
be:57:df:27:b1:93:8a:71:1f:f3:ee:3a:81:7c:09:65:a5:45:
e6:9a:68:df:16:e0:7d:66:e1:af:b2:6a:a0:a9:f3:a5:43:96:
7c:e6:8a:a3:a5:4b:55:85:c8:4a:c1:b9:0c:19:75:90:d8:e6:
a8:22:0c:4c:f5:88:2d:d3:76:93:bb:eb:0f:b6:d8:09:3d:0b:
ec:eb:69:61:fc:93:01:d5:73:61:71:eb:22:28:6c:84:3c:4a:
2c:e0:ac:8f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZhugMMcVtvLeqFcBW+p1IQBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZDE0MTE4ZGJkMjI3Mjk4ZGFhODBjN2FjYWIxMWVlYTZk
NjNlMjEwHhcNMjUwODAzMDU1NjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGNjNWM0YmQ5NWQ0MmVlOTU0MmJiMTMzZjJiN2VmZTU3ZDczZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqcW+kzDYRENDDCnia2e/A+3gGKH
2lZ/fRxnJmh0lYKOMEpY6jTccrHX9YQhy4Atl7c8xiLUnmcBWBzPt2Ev3SBAr9hm
45agr5ofXz8ZKJCk9nUn11XBdLu0IfnYjRcN9FTcmY8NrTiQ+YKmLL+hglwN81nn
YMk0mlRAw1RKwEY+oNyo7RR0Z1yRJNeBOy5CjSYigKEMa7AOYeFGyZndFh0awf8c
nWgZTTwLoh8ooRRxIpe1HBY4vs0M5IK3FoXcnqwChsHbnNRwWlyorxvtxkuVc8TQ
454p7IpL1cskC79aK6Ygr1n0jEl4XSR7WYmhej9z425mKKQbHvRqtUafhwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF3MXEvZXULulUK7Ez8rfv5X1z2qMB8GA1UdIwQY
MBaAFLbRQRjb0icpjaqAx6yrEe6m1j4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMt
MGUzN2UxMWQwZWMzLzEvWGN4Y1M5bGRRdTZWUXJzVFB5dC1fbGZYUGFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMtMGUzN2UxMWQwZWMz
LzEvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDWIcoAwQA
uUNlAwQAuekOMA0GCSqGSIb3DQEBCwUAA4IBAQATMo/H1Qt5arJ8Yd281/6GUCbv
eVGAJDKgAOP4esaYPgQL0b9lw+bFSzYpcWw4yVs1YobV29gA8qKN02qulFWXKKuq
eczhTH62Xdx+7iV+ReUiWZlyNVtrjCgeYhTt8eo8OSaJYO1ygsF6qNb4JykV9agN
rHDRYTLL1l692Kvw46le7aqlnSVNP4rxjVdviu+/jF62+7PJlleMdGWaBKpBw2G+
V98nsZOKcR/z7jqBfAllpUXmmmjfFuB9ZuGvsmqgqfOlQ5Z85oqjpUtVhchKwbkM
GXWQ2OaoIgxM9Ygt03aTu+sPttgJPQvs62lh/JMB1XNhcesiKGyEPEos4KyP
-----END CERTIFICATE-----
Generated at Thu Aug 7 12:50:25 2025 by rpki-client