
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/e7da9a-932a-467b-b2d2-97042891eb99/1/XZxf4Vieor4fQv4nMmlm0UTMEOA.roa
File: XZxf4Vieor4fQv4nMmlm0UTMEOA.roa (raw, json)
Hash identifier: 4QQC4VkFb6jqbwrgCdyeDgHr05+4Pfao8xbDnSrY77M=
Subject key identifier: 5D:9C:5F:E1:58:9E:A2:BE:1F:42:FE:27:32:69:66:D1:44:CC:10:E0
Certificate issuer: /CN=f382cb13dde12658cdac18cacae91fbbf5c58090
Certificate serial: 019888F5C3B8128C65B8356C7562C718E242
Authority key identifier: F3:82:CB:13:DD:E1:26:58:CD:AC:18:CA:CA:E9:1F:BB:F5:C5:80:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/84LLE93hJljNrBjKyukfu_XFgJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/e7da9a-932a-467b-b2d2-97042891eb99/1/XZxf4Vieor4fQv4nMmlm0UTMEOA.roa
Signing time: Fri 08 Aug 2025 09:14:24 +0000
ROA not before: Fri 08 Aug 2025 09:14:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 153671
IP address blocks: 193.203.214.0/23 maxlen: 23
193.203.214.0/24 maxlen: 24
193.203.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/e7da9a-932a-467b-b2d2-97042891eb99/1/84LLE93hJljNrBjKyukfu_XFgJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/e7da9a-932a-467b-b2d2-97042891eb99/1/84LLE93hJljNrBjKyukfu_XFgJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/84LLE93hJljNrBjKyukfu_XFgJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Aug 2025 00:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:88:f5:c3:b8:12:8c:65:b8:35:6c:75:62:c7:18:e2:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f382cb13dde12658cdac18cacae91fbbf5c58090
Validity
Not Before: Aug 8 09:14:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d9c5fe1589ea2be1f42fe27326966d144cc10e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b9:8d:90:b3:af:64:13:4b:ce:bf:7a:7b:f5:
91:a6:11:ef:f4:12:bf:14:be:6e:d6:ad:32:21:2a:
2c:33:13:3b:af:34:7f:f7:d4:55:f7:f9:ea:36:ca:
f9:e5:5b:e8:4f:c2:21:a8:55:79:65:a7:d8:cd:98:
ff:42:8d:45:4b:6e:79:71:23:0b:af:02:36:69:6c:
21:ae:4a:65:f1:51:ef:8c:48:b7:f5:20:f8:08:2a:
b2:b6:1a:49:8c:6b:27:f3:41:78:d0:7e:1c:5c:b0:
bc:db:0d:5f:42:8b:cc:e1:21:29:53:88:ad:75:79:
c1:c0:57:28:bc:67:f7:52:32:08:83:71:74:bd:d4:
f7:1b:ee:85:76:7f:75:68:5a:a1:07:34:7f:64:9a:
21:9a:56:0f:e4:11:d1:2a:42:b9:8f:32:5a:c9:c3:
c1:03:cb:d5:56:26:e6:6d:ea:43:05:d2:e6:4f:78:
c7:db:ba:b5:b7:a2:2c:76:ce:00:8f:0e:94:f8:12:
12:c2:28:2d:9b:f0:61:a5:c5:5b:93:9a:3d:ca:4f:
f6:cf:f7:ef:69:31:09:9d:f8:fd:7c:19:f5:89:61:
9e:2c:62:0a:cb:e4:25:a1:5b:8b:11:b1:54:65:3a:
ac:56:26:ec:7b:8d:67:c7:0c:75:24:b4:ca:23:bc:
68:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:9C:5F:E1:58:9E:A2:BE:1F:42:FE:27:32:69:66:D1:44:CC:10:E0
X509v3 Authority Key Identifier:
keyid:F3:82:CB:13:DD:E1:26:58:CD:AC:18:CA:CA:E9:1F:BB:F5:C5:80:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/84LLE93hJljNrBjKyukfu_XFgJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/e7da9a-932a-467b-b2d2-97042891eb99/1/XZxf4Vieor4fQv4nMmlm0UTMEOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/e7da9a-932a-467b-b2d2-97042891eb99/1/84LLE93hJljNrBjKyukfu_XFgJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.214.0/23
Signature Algorithm: sha256WithRSAEncryption
77:25:bc:ac:52:ed:b6:8d:dd:79:01:5d:ba:08:92:10:a4:de:
d8:95:d4:24:fb:b8:7a:74:06:19:4a:8f:e9:fe:be:b6:74:0a:
e9:b1:2f:95:7c:29:1a:63:2e:8b:75:af:e9:16:a8:6c:9e:d2:
81:ea:c2:66:1b:e3:7c:71:80:5d:f7:cd:41:da:24:7f:21:00:
d3:dd:68:89:ac:46:c6:e7:c1:fb:f4:f8:1c:e1:58:04:b8:b1:
98:0c:93:04:49:d4:42:4b:93:69:3d:b3:96:b7:8e:e1:72:4e:
72:59:3b:f3:75:82:a1:bf:74:78:83:d3:22:ff:d2:a6:c0:10:
64:38:73:ee:b2:8f:81:35:46:7b:ce:40:f0:d8:28:75:09:72:
dc:8d:57:0c:d8:61:da:8a:07:ee:06:32:15:95:d0:e9:08:1e:
b4:09:83:d3:e9:2c:20:98:c8:4c:2f:3b:9d:dd:71:a2:7e:50:
92:2c:1b:ca:1d:6b:85:26:ac:49:be:55:b0:61:93:88:47:0e:
66:66:43:b6:4b:8c:20:34:f1:9e:f4:90:73:08:76:0d:c1:8a:
7b:14:d5:1a:6a:73:fc:3c:35:b9:83:a1:fb:00:08:66:34:98:
cd:44:bf:e8:ad:87:f9:09:98:c6:b9:c5:61:7c:bd:72:c8:ee:
2d:bc:9a:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZiI9cO4EoxluDVsdWLHGOJCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzODJjYjEzZGRlMTI2NThjZGFjMThjYWNhZTkxZmJiZjVj
NTgwOTAwHhcNMjUwODA4MDkxNDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDljNWZlMTU4OWVhMmJlMWY0MmZlMjczMjY5NjZkMTQ0Y2MxMGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7mNkLOvZBNLzr96e/WRphHv9BK/
FL5u1q0yISosMxM7rzR/99RV9/nqNsr55VvoT8IhqFV5ZafYzZj/Qo1FS255cSML
rwI2aWwhrkpl8VHvjEi39SD4CCqythpJjGsn80F40H4cXLC82w1fQovM4SEpU4it
dXnBwFcovGf3UjIIg3F0vdT3G+6Fdn91aFqhBzR/ZJohmlYP5BHRKkK5jzJaycPB
A8vVVibmbepDBdLmT3jH27q1t6Isds4Ajw6U+BISwigtm/BhpcVbk5o9yk/2z/fv
aTEJnfj9fBn1iWGeLGIKy+QloVuLEbFUZTqsVibse41nxwx1JLTKI7xoKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF2cX+FYnqK+H0L+JzJpZtFEzBDgMB8GA1UdIwQY
MBaAFPOCyxPd4SZYzawYysrpH7v1xYCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODRMTEU5M2hKbGpOckJqS3l1a2Z1X1hGZ0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9lN2RhOWEtOTMyYS00NjdiLWIyZDIt
OTcwNDI4OTFlYjk5LzEvWFp4ZjRWaWVvcjRmUXY0bk1tbG0wVVRNRU9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9lN2RhOWEtOTMyYS00NjdiLWIyZDItOTcwNDI4OTFlYjk5
LzEvODRMTEU5M2hKbGpOckJqS3l1a2Z1X1hGZ0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwcvWMA0G
CSqGSIb3DQEBCwUAA4IBAQB3JbysUu22jd15AV26CJIQpN7YldQk+7h6dAYZSo/p
/r62dArpsS+VfCkaYy6Lda/pFqhsntKB6sJmG+N8cYBd981B2iR/IQDT3WiJrEbG
58H79Pgc4VgEuLGYDJMESdRCS5NpPbOWt47hck5yWTvzdYKhv3R4g9Mi/9KmwBBk
OHPuso+BNUZ7zkDw2Ch1CXLcjVcM2GHaigfuBjIVldDpCB60CYPT6SwgmMhMLzud
3XGiflCSLBvKHWuFJqxJvlWwYZOIRw5mZkO2S4wgNPGe9JBzCHYNwYp7FNUaanP8
PDW5g6H7AAhmNJjNRL/orYf5CZjGucVhfL1yyO4tvJqI
-----END CERTIFICATE-----
Generated at Mon Aug 11 08:44:01 2025 by rpki-client