Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xYrERNE6B45Ebq-M-CfPi3Lhhas.roa
File: xYrERNE6B45Ebq-M-CfPi3Lhhas.roa (raw, json)
Hash identifier: o8OqpjnxEUPjgaGJYaieLP5A7H91cXV2Q9o4o6NX4EY=
Subject key identifier: C5:8A:C4:44:D1:3A:07:8E:44:6E:AF:8C:F8:27:CF:8B:72:E1:85:AB
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019A3A6B053840A53D454588B2C8ACE9246D
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xYrERNE6B45Ebq-M-CfPi3Lhhas.roa
Signing time: Fri 31 Oct 2025 13:18:03 +0000
ROA not before: Fri 31 Oct 2025 13:18:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205544
IP address blocks: 2a09:17c0:b19a::/48 maxlen: 48
2a0e:1a83:88::/48 maxlen: 48
2a0f:1206:77::/48 maxlen: 48
2a0f:14c0::/29 maxlen: 29
2a0f:1540::/29 maxlen: 29
2a0f:1640::/29 maxlen: 29
2a0f:1840::/29 maxlen: 29
2a0f:18c0::/29 maxlen: 29
2a0f:1940::/29 maxlen: 29
2a0f:1a40::/29 maxlen: 29
2a0f:1fc0::/29 maxlen: 29
2a0f:2840::/29 maxlen: 29
2a0f:28c0::/29 maxlen: 29
2a0f:2940::/29 maxlen: 29
2a0f:2a40::/29 maxlen: 29
2a0f:2d40::/29 maxlen: 29
2a0f:2dc0::/29 maxlen: 29
2a0f:2e40::/29 maxlen: 29
2a0f:30c0::/29 maxlen: 29
2a0f:3140::/29 maxlen: 29
2a0f:3540::/29 maxlen: 29
2a0f:36c0::/29 maxlen: 29
2a0f:3740::/29 maxlen: 29
2a0f:bc02::/32 maxlen: 32
2a0f:e1c0:3::/48 maxlen: 48
2a0f:e1c7:100::/48 maxlen: 48
2a0f:e200:5::/48 maxlen: 48
2a0f:e202:97::/48 maxlen: 48
2a0f:e440::/29 maxlen: 29
2a0f:ea40:8::/48 maxlen: 48
2a0f:ea44:88::/48 maxlen: 48
2a11:3240::/29 maxlen: 29
2a11:4800::/29 maxlen: 29
2a11:8700::/29 maxlen: 29
2a11:e580::/29 maxlen: 29
2a12:3f00::/29 maxlen: 29
2a12:4b00::/29 maxlen: 29
2a12:5900::/29 maxlen: 29
2a12:cd00::/29 maxlen: 29
2a12:ecc0:3::/48 maxlen: 48
2a13:cf00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:3a:6b:05:38:40:a5:3d:45:45:88:b2:c8:ac:e9:24:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 31 13:18:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c58ac444d13a078e446eaf8cf827cf8b72e185ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d1:51:16:7e:ab:b5:6b:49:a9:ca:05:18:71:
14:79:32:2f:79:56:68:45:02:39:4d:65:42:d1:c4:
ee:d6:ad:0d:20:83:c8:d2:77:a0:66:38:db:6a:e3:
d0:87:ae:ea:33:a8:c9:e3:43:3a:12:1e:f1:f3:09:
22:cc:26:0a:c6:65:53:84:27:63:6a:6e:31:e0:db:
33:3d:2e:d6:29:21:8d:45:21:3e:71:96:f1:45:d7:
c8:40:6d:85:a8:75:f5:6a:b2:83:3d:77:f1:64:11:
c5:34:86:f7:ab:59:ec:22:1a:ff:03:64:09:38:20:
dd:51:35:6b:92:ba:29:d3:01:82:56:7b:7d:58:61:
fb:5d:13:fa:63:a9:44:0e:5f:59:0d:6f:de:55:fd:
77:cf:45:70:10:9b:32:3e:6c:45:76:79:47:68:b2:
5e:91:03:8c:ee:d5:0d:dc:d6:91:e5:ff:c8:45:d2:
55:8c:40:5f:b4:23:f7:8a:6b:27:d4:6a:7a:39:fa:
a7:f3:df:f8:e5:b9:6a:d1:8b:5f:67:87:fe:88:38:
9a:6b:34:40:9f:dd:02:5a:c6:89:28:29:e6:52:eb:
bf:04:4a:fa:ef:fa:b6:ab:7c:1f:ac:01:aa:5b:9b:
6e:65:bb:45:bb:07:cd:8c:13:e4:bd:62:ac:d3:62:
89:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:8A:C4:44:D1:3A:07:8E:44:6E:AF:8C:F8:27:CF:8B:72:E1:85:AB
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xYrERNE6B45Ebq-M-CfPi3Lhhas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:17c0:b19a::/48
2a0e:1a83:88::/48
2a0f:1206:77::/48
2a0f:14c0::/29
2a0f:1540::/29
2a0f:1640::/29
2a0f:1840::/29
2a0f:18c0::/29
2a0f:1940::/29
2a0f:1a40::/29
2a0f:1fc0::/29
2a0f:2840::/29
2a0f:28c0::/29
2a0f:2940::/29
2a0f:2a40::/29
2a0f:2d40::/29
2a0f:2dc0::/29
2a0f:2e40::/29
2a0f:30c0::/29
2a0f:3140::/29
2a0f:3540::/29
2a0f:36c0::/29
2a0f:3740::/29
2a0f:bc02::/32
2a0f:e1c0:3::/48
2a0f:e1c7:100::/48
2a0f:e200:5::/48
2a0f:e202:97::/48
2a0f:e440::/29
2a0f:ea40:8::/48
2a0f:ea44:88::/48
2a11:3240::/29
2a11:4800::/29
2a11:8700::/29
2a11:e580::/29
2a12:3f00::/29
2a12:4b00::/29
2a12:5900::/29
2a12:cd00::/29
2a12:ecc0:3::/48
2a13:cf00::/29
Signature Algorithm: sha256WithRSAEncryption
17:53:89:de:db:e2:19:88:f4:9c:c0:5b:ab:a1:60:b1:9b:d8:
d9:38:2e:1b:0f:5e:ff:2d:47:d6:da:49:23:62:c5:b9:2f:f1:
c0:49:ce:e0:c6:b9:61:89:45:64:b3:4e:67:48:f3:29:07:4c:
6b:ba:f1:15:25:60:85:a4:4b:d0:41:4f:c6:91:66:bf:97:96:
8e:37:a9:d4:a8:ea:f1:32:d7:db:a3:2a:6c:1e:c4:5f:e2:e2:
e3:3c:a4:61:c4:bf:f7:7c:03:48:a8:3e:c5:12:b8:a3:14:93:
e9:1a:d2:fb:ad:80:6d:d1:7c:8c:1d:32:a0:74:de:69:c6:29:
73:c3:68:7e:d8:4c:31:b8:57:2f:32:0a:ba:c7:05:01:df:53:
e3:b1:55:97:8c:43:06:c9:8e:a3:e3:e5:62:08:53:d3:90:bf:
d0:a2:34:4d:ba:b3:4a:75:3d:13:1b:26:eb:5e:b1:7f:d3:d7:
fc:28:4b:62:e7:10:b1:1c:35:bc:99:e4:d8:2c:ac:9f:ec:58:
dd:3a:12:84:81:c4:f6:01:70:e3:83:f5:e9:e9:59:76:80:6a:
f7:1a:99:15:5b:87:34:f5:3a:be:05:ba:03:1f:d7:d0:6a:e3:
d8:f9:f0:58:e1:ae:71:ec:0e:ad:4a:e2:aa:57:cb:59:dc:9f:
50:b9:99:e0
-----BEGIN CERTIFICATE-----
MIIGNDCCBRygAwIBAgISAZo6awU4QKU9RUWIssis6SRtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUxMDMxMTMxODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNThhYzQ0NGQxM2EwNzhlNDQ2ZWFmOGNmODI3Y2Y4YjcyZTE4NWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNFRFn6rtWtJqcoFGHEUeTIveVZo
RQI5TWVC0cTu1q0NIIPI0negZjjbauPQh67qM6jJ40M6Eh7x8wkizCYKxmVThCdj
am4x4NszPS7WKSGNRSE+cZbxRdfIQG2FqHX1arKDPXfxZBHFNIb3q1nsIhr/A2QJ
OCDdUTVrkrop0wGCVnt9WGH7XRP6Y6lEDl9ZDW/eVf13z0VwEJsyPmxFdnlHaLJe
kQOM7tUN3NaR5f/IRdJVjEBftCP3imsn1Gp6Ofqn89/45blq0YtfZ4f+iDiaazRA
n90CWsaJKCnmUuu/BEr67/q2q3wfrAGqW5tuZbtFuwfNjBPkvWKs02KJIwIDAQAB
o4IDQDCCAzwwHQYDVR0OBBYEFMWKxETROgeORG6vjPgnz4ty4YWrMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEveFlyRVJORTZCNDVFYnEtTS1DZlBpM0xoaGFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVAYIKwYBBQUHAQcBAf8EggFDMIIBPzCCATsEAgACMIIB
MwMHACoJF8CxmgMHACoOGoMAiAMHACoPEgYAdwMFAyoPFMADBQMqDxVAAwUDKg8W
QAMFAyoPGEADBQMqDxjAAwUDKg8ZQAMFAyoPGkADBQMqDx/AAwUDKg8oQAMFAyoP
KMADBQMqDylAAwUDKg8qQAMFAyoPLUADBQMqDy3AAwUDKg8uQAMFAyoPMMADBQMq
DzFAAwUDKg81QAMFAyoPNsADBQMqDzdAAwUAKg+8AgMHACoP4cAAAwMHACoP4ccB
AAMHACoP4gAABQMHACoP4gIAlwMFAyoP5EADBwAqD+pAAAgDBwAqD+pEAIgDBQMq
ETJAAwUDKhFIAAMFAyoRhwADBQMqEeWAAwUDKhI/AAMFAyoSSwADBQMqElkAAwUD
KhLNAAMHACoS7MAAAwMFAyoTzwAwDQYJKoZIhvcNAQELBQADggEBABdTid7b4hmI
9JzAW6uhYLGb2Nk4LhsPXv8tR9baSSNixbkv8cBJzuDGuWGJRWSzTmdI8ykHTGu6
8RUlYIWkS9BBT8aRZr+Xlo43qdSo6vEy19ujKmwexF/i4uM8pGHEv/d8A0ioPsUS
uKMUk+ka0vutgG3RfIwdMqB03mnGKXPDaH7YTDG4Vy8yCrrHBQHfU+OxVZeMQwbJ
jqPj5WIIU9OQv9CiNE26s0p1PRMbJutesX/T1/woS2LnELEcNbyZ5NgsrJ/sWN06
EoSBxPYBcOOD9enpWXaAavcamRVbhzT1Or4FugMf19Bq49j58FjhrnHsDq1K4qpX
y1ncn1C5meA=
-----END CERTIFICATE-----
Generated at Wed Nov 5 14:47:37 2025 by rpki-client