Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/xkBXp7rwmSNtGrPWn7O7LK3eIPc.roa
File: xkBXp7rwmSNtGrPWn7O7LK3eIPc.roa (raw, json)
Hash identifier: ruZb0fyLFNIK8oCJZQCr0uOvP96aIH6PYR41YcREAHc=
Subject key identifier: C6:40:57:A7:BA:F0:99:23:6D:1A:B3:D6:9F:B3:BB:2C:AD:DE:20:F7
Certificate issuer: /CN=efa5b62347a1b64cea49a2ab3ab4983c34861fb2
Certificate serial: 019EB3072954D5A68F39BFA3FDBD92823120
Authority key identifier: EF:A5:B6:23:47:A1:B6:4C:EA:49:A2:AB:3A:B4:98:3C:34:86:1F:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/xkBXp7rwmSNtGrPWn7O7LK3eIPc.roa
Signing time: Wed 10 Jun 2026 19:34:11 +0000
ROA not before: Wed 10 Jun 2026 19:34:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215120
IP address blocks: 91.227.33.0/24 maxlen: 24
91.244.70.0/24 maxlen: 24
91.244.71.0/24 maxlen: 24
93.157.138.0/24 maxlen: 24
93.157.139.0/24 maxlen: 24
157.173.28.0/24 maxlen: 24
193.178.186.0/24 maxlen: 24
2a07:cec0:5::/48 maxlen: 48
2a07:cec0:4300::/48 maxlen: 48
2a07:cec0:4500::/48 maxlen: 48
2a07:cec0:4600::/48 maxlen: 48
2a07:cec4::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.mft
rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b3:07:29:54:d5:a6:8f:39:bf:a3:fd:bd:92:82:31:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efa5b62347a1b64cea49a2ab3ab4983c34861fb2
Validity
Not Before: Jun 10 19:34:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c64057a7baf099236d1ab3d69fb3bb2cadde20f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:b3:5d:b9:c5:c9:9f:ed:bb:ec:37:95:6e:de:
10:a2:9b:f8:cb:e7:2e:4a:31:3c:a7:6d:32:ff:ed:
fe:25:30:a1:37:3e:12:64:42:2e:fa:57:b5:80:26:
14:ab:12:3d:5a:03:9e:89:75:8c:68:fa:60:25:56:
7e:df:80:e4:5e:b8:19:e7:c4:33:ca:e0:53:43:22:
55:c3:77:7b:f3:a9:86:71:f2:3d:70:b7:77:82:6f:
1b:a5:ef:58:c2:9c:87:87:fb:12:de:52:af:28:54:
be:72:4f:ea:35:f0:84:b3:2e:c9:25:07:40:21:b2:
e8:59:ad:45:69:0d:97:fd:35:c4:60:49:1b:2e:e9:
b9:d0:0e:8a:dd:f9:1a:2c:99:62:25:5a:24:9e:4f:
9e:3b:e7:9a:6e:51:76:56:98:65:9e:4d:5d:36:2d:
61:cd:ef:35:46:d2:28:3e:b9:de:62:b7:91:cf:fc:
76:cf:e0:f4:8b:80:fe:a9:7d:0d:25:0d:25:56:70:
49:f4:dd:53:c0:f8:b0:3f:59:b9:fa:8e:eb:ef:47:
06:ec:62:a3:b5:1d:6d:c9:bc:07:82:65:48:78:a4:
89:0a:57:25:9b:5c:65:07:62:2b:05:25:00:1c:c6:
cd:c4:a0:6d:22:53:51:65:39:84:c1:ba:71:20:6b:
38:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:40:57:A7:BA:F0:99:23:6D:1A:B3:D6:9F:B3:BB:2C:AD:DE:20:F7
X509v3 Authority Key Identifier:
keyid:EF:A5:B6:23:47:A1:B6:4C:EA:49:A2:AB:3A:B4:98:3C:34:86:1F:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/xkBXp7rwmSNtGrPWn7O7LK3eIPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.33.0/24
91.244.70.0/23
93.157.138.0/23
157.173.28.0/24
193.178.186.0/24
IPv6:
2a07:cec0:5::/48
2a07:cec0:4300::/48
2a07:cec0:4500::/48
2a07:cec0:4600::/48
2a07:cec4::/30
Signature Algorithm: sha256WithRSAEncryption
92:87:1d:11:ec:3e:10:1f:19:99:69:7d:09:4e:d4:de:ef:0e:
5c:9c:f6:17:e7:ca:b4:1a:1f:13:c3:ae:22:c7:02:50:b2:b5:
74:67:87:14:b2:26:8f:17:14:1d:69:82:55:2a:9a:56:17:ba:
fc:dc:74:b3:64:e1:5a:cb:e9:b0:dd:92:32:2b:f7:16:42:99:
a7:ed:32:39:96:2c:af:84:34:b8:09:c2:55:87:75:79:a9:e7:
ff:29:96:47:df:f4:65:3a:30:26:bf:50:d6:cc:26:24:d0:65:
96:8c:f8:56:74:c2:8c:b5:73:7c:bd:2b:cc:13:21:a9:76:25:
cd:c3:c5:85:29:df:2f:65:bd:d8:d6:fc:8c:f5:fb:1e:4d:99:
b8:c3:59:28:f2:d8:31:4d:7f:ef:7b:42:39:51:95:d7:07:f4:
8f:f6:6c:ff:1d:36:1a:02:55:93:02:ee:8b:bc:5d:90:f9:e2:
50:2f:bc:37:5b:ed:05:67:c3:53:05:65:f1:f1:fc:8a:35:ae:
6d:f7:3a:ca:ff:b8:56:00:96:44:bb:df:48:93:50:ad:26:98:
5c:a2:9d:9b:c1:b4:65:da:d7:98:e5:e3:77:a6:bb:ca:e5:23:
bd:6f:4e:7e:6a:f6:59:ae:87:85:45:20:0b:4b:a4:1f:60:0d:
5e:84:66:e4
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZ6zBylU1aaPOb+j/b2SgjEgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYTViNjIzNDdhMWI2NGNlYTQ5YTJhYjNhYjQ5ODNjMzQ4
NjFmYjIwHhcNMjYwNjEwMTkzNDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjQwNTdhN2JhZjA5OTIzNmQxYWIzZDY5ZmIzYmIyY2FkZGUyMGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7LNducXJn+277DeVbt4Qopv4y+cu
SjE8p20y/+3+JTChNz4SZEIu+le1gCYUqxI9WgOeiXWMaPpgJVZ+34DkXrgZ58Qz
yuBTQyJVw3d786mGcfI9cLd3gm8bpe9YwpyHh/sS3lKvKFS+ck/qNfCEsy7JJQdA
IbLoWa1FaQ2X/TXEYEkbLum50A6K3fkaLJliJVoknk+eO+eablF2Vphlnk1dNi1h
ze81RtIoPrneYreRz/x2z+D0i4D+qX0NJQ0lVnBJ9N1TwPiwP1m5+o7r70cG7GKj
tR1tybwHgmVIeKSJClclm1xlB2IrBSUAHMbNxKBtIlNRZTmEwbpxIGs4FQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFMZAV6e68JkjbRqz1p+zuyyt3iD3MB8GA1UdIwQY
MBaAFO+ltiNHobZM6kmiqzq0mDw0hh+yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZXMkkwZWh0a3pxU2FLck9yU1lQRFNHSDdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yNGRiMjEtZWZiOS00MDdlLTk2YWQt
MDEzZDJhMTFjMGE1LzEveGtCWHA3cndtU050R3JQV243TzdMSzNlSVBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yNGRiMjEtZWZiOS00MDdlLTk2YWQtMDEzZDJhMTFjMGE1
LzEvNzZXMkkwZWh0a3pxU2FLck9yU1lQRFNHSDdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTAkBAIAATAeAwQAW+MhAwQB
W/RGAwQBXZ2KAwQAna0cAwQAwbK6MDEEAgACMCsDBwAqB87AAAUDBwAqB87AQwAD
BwAqB87ARQADBwAqB87ARgADBQIqB87EMA0GCSqGSIb3DQEBCwUAA4IBAQCShx0R
7D4QHxmZaX0JTtTe7w5cnPYX58q0Gh8Tw64ixwJQsrV0Z4cUsiaPFxQdaYJVKppW
F7r83HSzZOFay+mw3ZIyK/cWQpmn7TI5liyvhDS4CcJVh3V5qef/KZZH3/RlOjAm
v1DWzCYk0GWWjPhWdMKMtXN8vSvMEyGpdiXNw8WFKd8vZb3Y1vyM9fseTZm4w1ko
8tgxTX/ve0I5UZXXB/SP9mz/HTYaAlWTAu6LvF2Q+eJQL7w3W+0FZ8NTBWXx8fyK
Na5t9zrK/7hWAJZEu99Ik1CtJphcop2bwbRl2teY5eN3prvK5SO9b05+avZZroeF
RSALS6QfYA1ehGbk
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:54:12 2026 by rpki-client