Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/58315e-3663-4ca1-9dd1-23ac51343da5/1/XRhRqov_VqyHRFFYOkd67TDUlfI.roa
File: XRhRqov_VqyHRFFYOkd67TDUlfI.roa (raw, json)
Hash identifier: ML2iFZdBnrqeYBDgHkNF/6ovrR0UHPTGixgV/99EaNU=
Subject key identifier: 5D:18:51:AA:8B:FF:56:AC:87:44:51:58:3A:47:7A:ED:30:D4:95:F2
Certificate issuer: /CN=2b35f6a9857d7be02607a44d8952a88ca4ba6d3f
Certificate serial: 019C4D0F49173D20BEA70A6BC948BACF8238
Authority key identifier: 2B:35:F6:A9:85:7D:7B:E0:26:07:A4:4D:89:52:A8:8C:A4:BA:6D:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KzX2qYV9e-AmB6RNiVKojKS6bT8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/58315e-3663-4ca1-9dd1-23ac51343da5/1/XRhRqov_VqyHRFFYOkd67TDUlfI.roa
Signing time: Wed 11 Feb 2026 14:16:13 +0000
ROA not before: Wed 11 Feb 2026 14:16:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201474
IP address blocks: 46.19.48.0/24 maxlen: 24
46.19.49.0/24 maxlen: 24
178.157.2.0/23 maxlen: 23
185.96.128.0/22 maxlen: 22
213.159.26.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/58315e-3663-4ca1-9dd1-23ac51343da5/1/KzX2qYV9e-AmB6RNiVKojKS6bT8.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/58315e-3663-4ca1-9dd1-23ac51343da5/1/KzX2qYV9e-AmB6RNiVKojKS6bT8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KzX2qYV9e-AmB6RNiVKojKS6bT8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 08:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:4d:0f:49:17:3d:20:be:a7:0a:6b:c9:48:ba:cf:82:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b35f6a9857d7be02607a44d8952a88ca4ba6d3f
Validity
Not Before: Feb 11 14:16:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5d1851aa8bff56ac874451583a477aed30d495f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a7:21:c6:06:39:56:82:cf:ca:57:b9:51:fa:
ac:6f:93:08:12:15:59:a3:ab:c5:67:14:ec:62:da:
58:49:ad:c5:78:ad:17:71:49:79:35:f7:28:0c:50:
bf:76:08:a6:d2:ed:a3:57:2d:b6:bd:a9:32:25:f6:
b3:e5:e1:a4:14:fc:f4:57:89:98:f1:2e:26:16:ca:
66:5b:0e:59:f6:9e:d9:d5:c4:49:89:a7:21:2d:2a:
dd:03:69:bc:ad:6c:78:af:3e:fe:1f:f5:23:bf:58:
6a:28:67:d1:8c:2e:0a:89:43:7b:e7:9b:4b:d7:b5:
d1:f8:4b:cf:90:a2:42:e9:7f:21:57:d2:4a:05:dd:
71:89:5e:5b:ae:21:5b:46:b5:16:26:2d:e4:eb:8d:
7d:eb:98:17:a1:08:58:8e:2a:ee:ab:d5:bb:f2:63:
c0:37:39:b7:22:ee:be:86:a9:23:ee:d2:19:4c:05:
de:77:bc:aa:aa:61:18:f8:fc:cb:ce:39:0b:79:f9:
27:df:11:51:a6:c5:a3:37:28:cc:29:76:5a:6c:4d:
52:c2:b7:c2:f2:13:53:53:27:7b:94:ff:49:90:d3:
db:fe:99:61:ff:f7:a1:db:23:14:35:23:ac:62:10:
0a:99:c4:10:b6:d1:d0:16:3e:87:9d:9d:1a:31:46:
2e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:18:51:AA:8B:FF:56:AC:87:44:51:58:3A:47:7A:ED:30:D4:95:F2
X509v3 Authority Key Identifier:
keyid:2B:35:F6:A9:85:7D:7B:E0:26:07:A4:4D:89:52:A8:8C:A4:BA:6D:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KzX2qYV9e-AmB6RNiVKojKS6bT8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/58315e-3663-4ca1-9dd1-23ac51343da5/1/XRhRqov_VqyHRFFYOkd67TDUlfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/58315e-3663-4ca1-9dd1-23ac51343da5/1/KzX2qYV9e-AmB6RNiVKojKS6bT8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.48.0/23
178.157.2.0/23
185.96.128.0/22
213.159.26.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:25:a3:2f:23:d2:dc:ca:ac:9f:b2:a2:a3:ad:2b:b1:b8:3f:
ec:1f:62:23:16:5f:fc:90:da:a3:97:da:f2:49:c5:96:fe:d6:
17:a7:35:a6:37:d9:2f:db:51:1e:ec:be:f0:28:4f:95:b4:48:
d5:07:a5:aa:b4:f6:89:d6:a7:a0:63:06:17:c4:7e:76:53:04:
1d:bc:97:81:a9:41:40:4c:c8:d8:ce:e2:83:02:dc:67:db:fe:
cc:54:e6:64:ab:08:13:21:bb:ac:19:26:c1:f3:f3:ec:16:6d:
91:bd:d7:2f:17:1c:87:8e:33:43:5e:65:52:22:b0:d1:1d:ab:
40:cc:07:85:17:21:46:0d:c4:21:3d:b7:6c:47:c3:80:7f:25:
86:ce:fa:45:00:39:7f:cc:33:db:6a:13:de:0f:ba:78:e7:6d:
28:a1:8f:d3:a6:bc:6f:1e:33:8f:c3:9e:3d:b7:6e:66:78:e5:
d1:62:c3:0e:43:5a:59:cc:1e:d1:24:35:f7:54:09:7e:8e:27:
4b:79:64:d6:94:69:43:a9:b9:25:84:7b:cc:49:6d:7e:96:c2:
48:b6:c1:a5:80:55:7b:c4:15:b6:cd:34:e5:84:83:34:a5:63:
1a:96:8d:b2:03:66:56:5d:cd:7f:df:67:f0:41:de:b0:2a:be:
f9:5b:5b:34
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZxND0kXPSC+pwpryUi6z4I4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMzVmNmE5ODU3ZDdiZTAyNjA3YTQ0ZDg5NTJhODhjYTRi
YTZkM2YwHhcNMjYwMjExMTQxNjEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDE4NTFhYThiZmY1NmFjODc0NDUxNTgzYTQ3N2FlZDMwZDQ5NWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqchxgY5VoLPyle5Ufqsb5MIEhVZ
o6vFZxTsYtpYSa3FeK0XcUl5NfcoDFC/dgim0u2jVy22vakyJfaz5eGkFPz0V4mY
8S4mFspmWw5Z9p7Z1cRJiachLSrdA2m8rWx4rz7+H/Ujv1hqKGfRjC4KiUN755tL
17XR+EvPkKJC6X8hV9JKBd1xiV5briFbRrUWJi3k641965gXoQhYjiruq9W78mPA
Nzm3Iu6+hqkj7tIZTAXed7yqqmEY+PzLzjkLefkn3xFRpsWjNyjMKXZabE1SwrfC
8hNTUyd7lP9JkNPb/plh//eh2yMUNSOsYhAKmcQQttHQFj6HnZ0aMUYuvQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF0YUaqL/1ash0RRWDpHeu0w1JXyMB8GA1UdIwQY
MBaAFCs19qmFfXvgJgekTYlSqIykum0/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3pYMnFZVjllLUFtQjZSTmlWS29qS1M2YlQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS81ODMxNWUtMzY2My00Y2ExLTlkZDEt
MjNhYzUxMzQzZGE1LzEvWFJoUnFvdl9WcXlIUkZGWU9rZDY3VERVbGZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS81ODMxNWUtMzY2My00Y2ExLTlkZDEtMjNhYzUxMzQzZGE1
LzEvS3pYMnFZVjllLUFtQjZSTmlWS29qS1M2YlQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLhMwAwQB
sp0CAwQCuWCAAwQB1Z8aMA0GCSqGSIb3DQEBCwUAA4IBAQA7JaMvI9LcyqyfsqKj
rSuxuD/sH2IjFl/8kNqjl9ryScWW/tYXpzWmN9kv21Ee7L7wKE+VtEjVB6WqtPaJ
1qegYwYXxH52UwQdvJeBqUFATMjYzuKDAtxn2/7MVOZkqwgTIbusGSbB8/PsFm2R
vdcvFxyHjjNDXmVSIrDRHatAzAeFFyFGDcQhPbdsR8OAfyWGzvpFADl/zDPbahPe
D7p4520ooY/TprxvHjOPw549t25meOXRYsMOQ1pZzB7RJDX3VAl+jidLeWTWlGlD
qbklhHvMSW1+lsJItsGlgFV7xBW2zTTlhIM0pWMalo2yA2ZWXc1/32fwQd6wKr75
W1s0
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:03:31 2026 by rpki-client