Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/XgNu2RkWIrg-dXAuiT5cDAoRcao.roa
File: XgNu2RkWIrg-dXAuiT5cDAoRcao.roa (raw, json)
Hash identifier: YfBiHj8EXpBukiSHpuqnvbNrk3kYEDe/L+q9obAeqiA=
Subject key identifier: 5E:03:6E:D9:19:16:22:B8:3E:75:70:2E:89:3E:5C:0C:0A:11:71:AA
Certificate issuer: /CN=da0589dce63981870a1850906c8c2d1d96740096
Certificate serial: 019C8F15F53750124AE33EE3C4A12D0815DE
Authority key identifier: DA:05:89:DC:E6:39:81:87:0A:18:50:90:6C:8C:2D:1D:96:74:00:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/XgNu2RkWIrg-dXAuiT5cDAoRcao.roa
Signing time: Tue 24 Feb 2026 09:58:26 +0000
ROA not before: Tue 24 Feb 2026 09:58:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202045
IP address blocks: 31.177.0.0/22 maxlen: 22
31.177.0.0/23 maxlen: 23
31.177.2.0/23 maxlen: 23
31.177.4.0/24 maxlen: 24
31.177.5.0/24 maxlen: 24
31.177.6.0/23 maxlen: 23
45.145.122.0/23 maxlen: 23
94.199.5.0/24 maxlen: 24
95.111.132.0/24 maxlen: 24
171.22.144.0/24 maxlen: 24
185.180.152.0/22 maxlen: 22
193.138.240.0/24 maxlen: 24
193.138.241.0/24 maxlen: 24
2a13:7500:1000::/36 maxlen: 36
2a13:7500:1000::/48 maxlen: 48
2a13:7500:1200::/44 maxlen: 44
2a13:7500:1241::/48 maxlen: 48
2a13:7500:1242::/48 maxlen: 48
2a13:7500:1248::/48 maxlen: 48
2a13:7500:1320::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8f:15:f5:37:50:12:4a:e3:3e:e3:c4:a1:2d:08:15:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da0589dce63981870a1850906c8c2d1d96740096
Validity
Not Before: Feb 24 09:58:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5e036ed9191622b83e75702e893e5c0c0a1171aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1e:c2:f0:63:69:77:b5:a7:9a:3b:0a:c4:27:
08:84:f1:3c:7f:59:cb:e3:d7:06:58:e1:63:d7:dc:
2a:3e:61:5c:81:cf:da:c5:82:60:14:e3:83:fd:ef:
c6:39:ee:f5:53:41:13:58:b8:db:44:53:dd:3c:ed:
e6:cf:31:02:25:c7:8c:11:7f:19:47:21:42:8d:22:
d2:79:8c:0e:55:50:ed:4c:5f:3c:0e:c2:7d:5c:40:
4e:d8:72:0a:2a:6b:27:89:88:41:9d:62:b2:00:cc:
53:c9:1b:7d:1e:94:13:43:f2:53:5d:ca:b7:19:a8:
9f:e7:24:6d:1f:2f:33:a8:6c:d3:bb:ed:a7:80:d5:
1e:c0:b2:40:89:1e:00:99:ce:39:b7:72:8e:4e:9f:
dd:a6:b5:2e:ba:81:0c:92:0f:fe:c4:f0:a0:37:4c:
6b:fb:55:a6:d8:23:08:3b:2e:e6:73:1e:d3:48:57:
bd:4c:d1:9e:f0:98:11:3e:26:a8:a4:86:aa:ea:d1:
be:2c:95:34:3f:9c:0e:5e:95:41:15:a1:2d:9e:8e:
9e:39:b0:d8:87:7f:f9:50:a2:35:85:1c:20:13:bf:
89:7c:56:22:e1:45:d2:0a:45:ed:75:ae:8b:39:9b:
3a:e5:94:8c:07:f9:ee:40:d0:c5:a4:65:67:cd:2a:
9b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:03:6E:D9:19:16:22:B8:3E:75:70:2E:89:3E:5C:0C:0A:11:71:AA
X509v3 Authority Key Identifier:
keyid:DA:05:89:DC:E6:39:81:87:0A:18:50:90:6C:8C:2D:1D:96:74:00:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/XgNu2RkWIrg-dXAuiT5cDAoRcao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.0.0/21
45.145.122.0/23
94.199.5.0/24
95.111.132.0/24
171.22.144.0/24
185.180.152.0/22
193.138.240.0/23
IPv6:
2a13:7500:1000::/36
Signature Algorithm: sha256WithRSAEncryption
79:57:0f:e9:a0:9f:f0:45:c2:0f:2c:46:9b:76:e1:b0:d8:db:
c0:13:f9:26:42:2e:87:d5:d2:67:1b:1b:2f:4a:95:e5:38:9d:
60:51:80:62:fe:bb:bf:22:64:be:4e:10:5e:97:62:4e:f5:7f:
63:17:b4:ea:45:c4:73:46:1e:ab:92:aa:7f:ea:4b:20:77:19:
1b:ff:86:31:84:fb:fb:00:0d:0b:ae:27:ad:af:70:85:26:2b:
d3:b0:29:6f:12:b4:ee:06:67:f7:65:58:72:40:cc:85:65:d9:
20:42:13:1e:2e:85:69:29:3d:25:56:81:73:b1:e7:7d:b3:f3:
63:7d:77:14:42:72:6e:d5:80:6e:af:3d:d7:9d:69:7c:81:0b:
ec:6c:c0:4c:77:40:a9:43:e4:da:8b:fe:8b:47:71:73:ba:44:
35:98:f0:73:82:c6:30:cb:0c:68:79:a8:78:b3:e9:fb:99:89:
d9:e5:82:ec:a1:3b:8c:31:aa:54:22:10:59:15:4f:c7:39:9f:
0a:5e:95:72:30:f9:f7:02:d5:d5:9e:75:d1:bb:51:a1:7a:e7:
7d:6a:34:59:a6:70:95:85:c7:20:47:b3:cc:4c:c8:84:61:a9:
4a:6f:e4:3e:9e:88:e6:4c:30:ab:3f:04:86:b0:c2:14:76:fe:
17:87:44:26
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZyPFfU3UBJK4z7jxKEtCBXeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDU4OWRjZTYzOTgxODcwYTE4NTA5MDZjOGMyZDFkOTY3
NDAwOTYwHhcNMjYwMjI0MDk1ODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTAzNmVkOTE5MTYyMmI4M2U3NTcwMmU4OTNlNWMwYzBhMTE3MWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyR7C8GNpd7WnmjsKxCcIhPE8f1nL
49cGWOFj19wqPmFcgc/axYJgFOOD/e/GOe71U0ETWLjbRFPdPO3mzzECJceMEX8Z
RyFCjSLSeYwOVVDtTF88DsJ9XEBO2HIKKmsniYhBnWKyAMxTyRt9HpQTQ/JTXcq3
Gaif5yRtHy8zqGzTu+2ngNUewLJAiR4Amc45t3KOTp/dprUuuoEMkg/+xPCgN0xr
+1Wm2CMIOy7mcx7TSFe9TNGe8JgRPiaopIaq6tG+LJU0P5wOXpVBFaEtno6eObDY
h3/5UKI1hRwgE7+JfFYi4UXSCkXtda6LOZs65ZSMB/nuQNDFpGVnzSqbNQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFF4DbtkZFiK4PnVwLok+XAwKEXGqMB8GA1UdIwQY
MBaAFNoFidzmOYGHChhQkGyMLR2WdACWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdXSjNPWTVnWWNLR0ZDUWJJd3RIWlowQUpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC82MzI2YmItYmEzMy00MzM5LWI4YzYt
MTRlM2MyMDE3OTY5LzEvWGdOdTJSa1dJcmctZFhBdWlUNWNEQW9SY2FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC82MzI2YmItYmEzMy00MzM5LWI4YzYtMTRlM2MyMDE3OTY5
LzEvMmdXSjNPWTVnWWNLR0ZDUWJJd3RIWlowQUpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAwBAIAATAqAwQDH7EAAwQB
LZF6AwQAXscFAwQAX2+EAwQAqxaQAwQCubSYAwQBwYrwMA4EAgACMAgDBgQqE3UA
EDANBgkqhkiG9w0BAQsFAAOCAQEAeVcP6aCf8EXCDyxGm3bhsNjbwBP5JkIuh9XS
ZxsbL0qV5TidYFGAYv67vyJkvk4QXpdiTvV/Yxe06kXEc0Yeq5Kqf+pLIHcZG/+G
MYT7+wANC64nra9whSYr07ApbxK07gZn92VYckDMhWXZIEITHi6FaSk9JVaBc7Hn
fbPzY313FEJybtWAbq89151pfIEL7GzATHdAqUPk2ov+i0dxc7pENZjwc4LGMMsM
aHmoeLPp+5mJ2eWC7KE7jDGqVCIQWRVPxzmfCl6VcjD59wLV1Z510btRoXrnfWo0
WaZwlYXHIEezzEzIhGGpSm/kPp6I5kwwqz8EhrDCFHb+F4dEJg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:50:19 2026 by rpki-client