Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/4f54b4-009f-46ce-9ac0-36bac8d91e2e/1/XzNsr4B1xQ7pRfu1SBmIkDMW_8M.roa
File: XzNsr4B1xQ7pRfu1SBmIkDMW_8M.roa (raw, json)
Hash identifier: Mas1wyyTw8nAbUVSel719nCInFBkYipcPE55OkvIgQY=
Subject key identifier: 5F:33:6C:AF:80:75:C5:0E:E9:45:FB:B5:48:19:88:90:33:16:FF:C3
Certificate issuer: /CN=c65a1da1cb1c920ae2f9b748270fded8737a9184
Certificate serial: 019D52F7356EEB7E54B143382D1D2DDFACB8
Authority key identifier: C6:5A:1D:A1:CB:1C:92:0A:E2:F9:B7:48:27:0F:DE:D8:73:7A:91:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xlodocsckgri-bdIJw_e2HN6kYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/4f54b4-009f-46ce-9ac0-36bac8d91e2e/1/XzNsr4B1xQ7pRfu1SBmIkDMW_8M.roa
Signing time: Fri 03 Apr 2026 10:50:25 +0000
ROA not before: Fri 03 Apr 2026 10:50:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214238
IP address blocks: 135.106.1.0/24 maxlen: 24
135.106.27.0/24 maxlen: 24
135.106.36.0/24 maxlen: 24
135.106.45.0/24 maxlen: 24
135.106.64.0/24 maxlen: 24
135.106.65.0/24 maxlen: 24
135.106.83.0/24 maxlen: 24
135.106.84.0/24 maxlen: 24
135.106.100.0/24 maxlen: 24
136.234.149.0/24 maxlen: 24
136.234.220.0/24 maxlen: 24
136.234.233.0/24 maxlen: 24
136.234.247.0/24 maxlen: 24
138.16.14.0/24 maxlen: 24
138.16.24.0/24 maxlen: 24
138.16.25.0/24 maxlen: 24
138.16.104.0/24 maxlen: 24
138.16.105.0/24 maxlen: 24
138.16.116.0/24 maxlen: 24
138.16.124.0/24 maxlen: 24
141.133.12.0/24 maxlen: 24
141.133.13.0/24 maxlen: 24
141.133.14.0/24 maxlen: 24
141.133.15.0/24 maxlen: 24
141.133.16.0/24 maxlen: 24
141.133.17.0/24 maxlen: 24
141.133.18.0/24 maxlen: 24
141.133.19.0/24 maxlen: 24
141.133.111.0/24 maxlen: 24
141.133.112.0/24 maxlen: 24
141.133.113.0/24 maxlen: 24
141.133.114.0/24 maxlen: 24
141.133.115.0/24 maxlen: 24
141.133.116.0/24 maxlen: 24
141.133.117.0/24 maxlen: 24
153.80.1.0/24 maxlen: 24
153.80.5.0/24 maxlen: 24
153.80.10.0/24 maxlen: 24
153.80.32.0/24 maxlen: 24
153.80.33.0/24 maxlen: 24
153.80.45.0/24 maxlen: 24
153.80.46.0/24 maxlen: 24
153.80.74.0/24 maxlen: 24
153.80.95.0/24 maxlen: 24
153.80.96.0/24 maxlen: 24
153.80.110.0/24 maxlen: 24
153.80.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/4f54b4-009f-46ce-9ac0-36bac8d91e2e/1/xlodocsckgri-bdIJw_e2HN6kYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/4f54b4-009f-46ce-9ac0-36bac8d91e2e/1/xlodocsckgri-bdIJw_e2HN6kYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/xlodocsckgri-bdIJw_e2HN6kYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:52:f7:35:6e:eb:7e:54:b1:43:38:2d:1d:2d:df:ac:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c65a1da1cb1c920ae2f9b748270fded8737a9184
Validity
Not Before: Apr 3 10:50:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5f336caf8075c50ee945fbb5481988903316ffc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:90:9f:32:20:7d:87:c7:cf:97:eb:a9:15:88:
70:ad:a0:b0:9e:34:2c:6d:02:9b:ba:05:fe:a7:49:
8b:b9:cd:b9:4e:02:4e:97:3f:63:ae:05:1e:1a:c9:
e8:a1:2c:d3:87:96:23:0b:a7:41:dd:9d:7d:db:45:
28:8a:fe:c2:b1:0a:b3:6a:fc:f9:1c:5c:46:e9:6b:
1c:9f:6f:99:37:9d:37:b7:c7:0d:fd:cd:47:b1:30:
09:a9:9a:4f:ad:d6:c1:67:c7:83:50:43:cb:da:0d:
91:f4:6d:95:5e:b3:9a:3d:5c:51:88:d1:cf:32:fa:
33:8f:59:af:40:fa:fb:b4:f8:f0:b3:ad:27:74:dc:
bf:41:31:d3:fb:98:ca:b3:b4:c9:fb:ed:8d:c6:7a:
c4:cb:90:fa:b3:f2:59:ec:64:7a:97:a0:d0:14:9d:
37:45:f1:ee:81:a6:25:4c:0d:76:b1:c3:68:cf:32:
a2:de:8c:09:9c:a8:7f:b8:2e:f0:17:e2:42:e3:86:
cf:be:ae:04:0f:ba:e4:37:5e:a8:9b:b2:94:a5:df:
21:fe:67:26:4e:05:3b:d9:f0:49:bd:f0:97:89:2f:
51:53:24:76:4d:f6:2d:c1:3a:3f:cd:be:1e:03:2b:
26:4d:d7:62:57:88:bf:1c:af:62:ad:a4:0e:3d:8b:
c6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:33:6C:AF:80:75:C5:0E:E9:45:FB:B5:48:19:88:90:33:16:FF:C3
X509v3 Authority Key Identifier:
keyid:C6:5A:1D:A1:CB:1C:92:0A:E2:F9:B7:48:27:0F:DE:D8:73:7A:91:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xlodocsckgri-bdIJw_e2HN6kYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/4f54b4-009f-46ce-9ac0-36bac8d91e2e/1/XzNsr4B1xQ7pRfu1SBmIkDMW_8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/4f54b4-009f-46ce-9ac0-36bac8d91e2e/1/xlodocsckgri-bdIJw_e2HN6kYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
135.106.1.0/24
135.106.27.0/24
135.106.36.0/24
135.106.45.0/24
135.106.64.0/23
135.106.83.0-135.106.84.255
135.106.100.0/24
136.234.149.0/24
136.234.220.0/24
136.234.233.0/24
136.234.247.0/24
138.16.14.0/24
138.16.24.0/23
138.16.104.0/23
138.16.116.0/24
138.16.124.0/24
141.133.12.0-141.133.19.255
141.133.111.0-141.133.117.255
153.80.1.0/24
153.80.5.0/24
153.80.10.0/24
153.80.32.0/23
153.80.45.0-153.80.46.255
153.80.74.0/24
153.80.95.0-153.80.96.255
153.80.110.0/24
153.80.137.0/24
Signature Algorithm: sha256WithRSAEncryption
21:08:3a:b0:62:25:f6:dd:3d:b1:0a:72:3c:4d:6f:26:b5:e4:
40:94:8e:91:ae:fb:fb:40:52:35:48:88:79:47:88:98:ce:fa:
25:60:eb:3b:0f:f1:8b:7f:25:a8:9a:79:7d:4f:5e:1c:dc:e7:
a8:22:98:01:be:c7:a6:eb:0b:e3:30:e0:e7:0d:08:26:1e:ac:
e7:bf:f5:dd:47:57:62:a4:ec:bd:d0:d2:69:49:47:0c:ba:22:
76:ef:e8:62:a8:0d:c0:c3:60:0f:fc:b1:95:0b:e8:2c:78:ae:
14:0a:c3:0c:1c:ad:0e:ec:34:30:8d:f3:82:55:61:1a:b5:bd:
3d:77:17:c3:7f:df:46:28:cc:83:5b:02:86:ab:71:da:8d:f6:
69:cb:e0:17:08:bb:66:eb:71:70:51:b7:dd:55:4f:2a:e0:9f:
f8:d9:6c:d5:91:5d:b6:31:40:1f:de:06:99:e8:0b:c8:91:44:
0d:23:68:78:fa:11:35:13:74:ad:94:d1:86:ee:87:88:c0:0e:
b8:2e:d3:84:39:e9:4f:f2:f7:8d:63:c8:92:a1:1a:a3:91:38:
4f:b1:a7:a7:c6:81:c6:ba:fe:65:ee:b3:83:5b:e8:bb:b7:ca:
7d:3f:d6:0f:87:f5:e6:40:b8:91:62:72:6b:a8:0d:86:6e:b7:
51:42:82:da
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAZ1S9zVu635UsUM4LR0t36y4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NWExZGExY2IxYzkyMGFlMmY5Yjc0ODI3MGZkZWQ4NzM3
YTkxODQwHhcNMjYwNDAzMTA1MDI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjMzNmNhZjgwNzVjNTBlZTk0NWZiYjU0ODE5ODg5MDMzMTZmZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJCfMiB9h8fPl+upFYhwraCwnjQs
bQKbugX+p0mLuc25TgJOlz9jrgUeGsnooSzTh5YjC6dB3Z1920Uoiv7CsQqzavz5
HFxG6Wscn2+ZN503t8cN/c1HsTAJqZpPrdbBZ8eDUEPL2g2R9G2VXrOaPVxRiNHP
Mvozj1mvQPr7tPjws60ndNy/QTHT+5jKs7TJ++2NxnrEy5D6s/JZ7GR6l6DQFJ03
RfHugaYlTA12scNozzKi3owJnKh/uC7wF+JC44bPvq4ED7rkN16om7KUpd8h/mcm
TgU72fBJvfCXiS9RUyR2TfYtwTo/zb4eAysmTddiV4i/HK9iraQOPYvGNwIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFF8zbK+AdcUO6UX7tUgZiJAzFv/DMB8GA1UdIwQY
MBaAFMZaHaHLHJIK4vm3SCcP3thzepGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGxvZG9jc2NrZ3JpLWJkSUp3X2UySE42a1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS80ZjU0YjQtMDA5Zi00NmNlLTlhYzAt
MzZiYWM4ZDkxZTJlLzEvWHpOc3I0QjF4UTdwUmZ1MVNCbUlrRE1XXzhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS80ZjU0YjQtMDA5Zi00NmNlLTlhYzAtMzZiYWM4ZDkxZTJl
LzEveGxvZG9jc2NrZ3JpLWJkSUp3X2UySE42a1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcoDBACH
agEDBACHahsDBACHaiQDBACHai0DBAGHakAwDAMEAIdqUwMEAIdqVAMEAIdqZAME
AIjqlQMEAIjq3AMEAIjq6QMEAIjq9wMEAIoQDgMEAYoQGAMEAYoQaAMEAIoQdAME
AIoQfDAMAwQCjYUMAwQCjYUQMAwDBACNhW8DBAGNhXQDBACZUAEDBACZUAUDBACZ
UAoDBAGZUCAwDAMEAJlQLQMEAJlQLgMEAJlQSjAMAwQAmVBfAwQAmVBgAwQAmVBu
AwQAmVCJMA0GCSqGSIb3DQEBCwUAA4IBAQAhCDqwYiX23T2xCnI8TW8mteRAlI6R
rvv7QFI1SIh5R4iYzvolYOs7D/GLfyWomnl9T14c3OeoIpgBvsem6wvjMODnDQgm
Hqznv/XdR1dipOy90NJpSUcMuiJ27+hiqA3Aw2AP/LGVC+gseK4UCsMMHK0O7DQw
jfOCVWEatb09dxfDf99GKMyDWwKGq3HajfZpy+AXCLtm63FwUbfdVU8q4J/42WzV
kV22MUAf3gaZ6AvIkUQNI2h4+hE1E3StlNGG7oeIwA64LtOEOelP8veNY8iSoRqj
kThPsaenxoHGuv5l7rODW+i7t8p9P9YPh/XmQLiRYnJrqA2GbrdRQoLa
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:50:58 2026 by rpki-client