Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/xuyiv3EHF703LKy9rAkMAE90jUo.roa
File: xuyiv3EHF703LKy9rAkMAE90jUo.roa (raw, json)
Hash identifier: 1pk1j6aPc2psBVBbmgIDL+KUR8rqhlTyc2gxnnOOV0M=
Subject key identifier: C6:EC:A2:BF:71:07:17:BD:37:2C:AC:BD:AC:09:0C:00:4F:74:8D:4A
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 019C5767E8356F7020B9C22B7CE177EE7F58
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/xuyiv3EHF703LKy9rAkMAE90jUo.roa
Signing time: Fri 13 Feb 2026 14:29:13 +0000
ROA not before: Fri 13 Feb 2026 14:29:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213541
IP address blocks: 89.19.56.0/24 maxlen: 24
89.19.57.0/24 maxlen: 24
89.19.58.0/24 maxlen: 24
89.19.59.0/24 maxlen: 24
185.24.110.0/23 maxlen: 24
185.59.232.0/22 maxlen: 24
185.68.245.0/24 maxlen: 24
185.71.144.0/23 maxlen: 24
185.71.212.0/23 maxlen: 24
185.79.48.0/22 maxlen: 24
185.79.76.0/23 maxlen: 24
185.79.78.0/23 maxlen: 24
185.81.146.0/24 maxlen: 24
185.81.147.0/24 maxlen: 24
185.81.174.0/24 maxlen: 24
185.81.175.0/24 maxlen: 24
185.81.184.0/23 maxlen: 23
185.81.186.0/23 maxlen: 23
185.88.96.0/23 maxlen: 24
185.89.104.0/22 maxlen: 22
185.89.108.0/22 maxlen: 22
185.95.100.0/23 maxlen: 24
185.95.102.0/23 maxlen: 24
185.96.38.0/24 maxlen: 24
185.96.39.0/24 maxlen: 24
185.96.81.0/24 maxlen: 24
185.96.82.0/24 maxlen: 24
185.96.83.0/24 maxlen: 24
185.96.132.0/24 maxlen: 24
185.96.133.0/24 maxlen: 24
185.96.134.0/23 maxlen: 24
185.97.0.0/22 maxlen: 24
185.98.43.0/24 maxlen: 24
185.101.203.0/24 maxlen: 24
185.104.151.0/24 maxlen: 24
185.105.44.0/23 maxlen: 24
185.112.56.0/23 maxlen: 24
185.168.210.0/23 maxlen: 24
185.175.224.0/23 maxlen: 24
185.175.226.0/23 maxlen: 24
185.180.110.0/23 maxlen: 24
185.182.128.0/23 maxlen: 24
185.185.144.0/22 maxlen: 24
193.221.212.0/23 maxlen: 24
193.221.214.0/23 maxlen: 24
213.170.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:57:67:e8:35:6f:70:20:b9:c2:2b:7c:e1:77:ee:7f:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Feb 13 14:29:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c6eca2bf710717bd372cacbdac090c004f748d4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:6a:74:89:c5:73:ee:e2:b4:30:a7:cb:f3:26:
32:46:6a:8b:2b:02:31:88:4a:cf:bd:1f:37:bf:a3:
75:85:e7:fa:de:5b:88:14:fe:78:af:c1:98:c3:dd:
e5:f2:60:35:1e:1d:35:23:9b:9f:2b:31:61:d4:af:
4b:fa:d0:7e:0d:bf:25:77:75:16:ff:5e:f6:ba:a2:
79:3d:23:36:7e:27:1b:9d:69:0b:1f:86:92:6f:ea:
05:be:6b:6c:0e:3e:df:43:15:95:3a:81:d0:f7:8c:
36:d1:bc:11:17:73:58:6a:b7:ad:ee:3a:8a:a1:d1:
29:50:3f:d1:47:07:91:71:87:a0:cd:72:3d:4c:31:
e4:0e:31:f7:70:67:a9:46:76:4c:00:6f:46:f2:ce:
6c:6a:fe:60:c2:fc:1b:b8:87:cf:7f:ab:3d:dc:84:
15:eb:11:d7:8e:45:a8:44:f0:5c:aa:0d:72:83:6f:
3e:86:85:3a:2e:52:fe:28:3b:ae:50:6b:e7:f6:c8:
12:46:ac:bb:cd:ce:87:bd:c5:cd:87:9c:f4:36:d4:
3f:b0:12:98:24:ae:69:b2:73:6a:e5:e4:47:01:64:
90:c1:a7:a1:04:63:60:59:04:3a:89:ca:1c:3e:b4:
b8:d7:6b:7a:84:2d:b8:f0:da:5f:ff:ef:8a:9c:cb:
d0:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:EC:A2:BF:71:07:17:BD:37:2C:AC:BD:AC:09:0C:00:4F:74:8D:4A
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/xuyiv3EHF703LKy9rAkMAE90jUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.19.56.0/22
185.24.110.0/23
185.59.232.0/22
185.68.245.0/24
185.71.144.0/23
185.71.212.0/23
185.79.48.0/22
185.79.76.0/22
185.81.146.0/23
185.81.174.0/23
185.81.184.0/22
185.88.96.0/23
185.89.104.0/21
185.95.100.0/22
185.96.38.0/23
185.96.81.0-185.96.83.255
185.96.132.0/22
185.97.0.0/22
185.98.43.0/24
185.101.203.0/24
185.104.151.0/24
185.105.44.0/23
185.112.56.0/23
185.168.210.0/23
185.175.224.0/22
185.180.110.0/23
185.182.128.0/23
185.185.144.0/22
193.221.212.0/22
213.170.223.0/24
Signature Algorithm: sha256WithRSAEncryption
81:9c:e2:32:d6:16:3f:9d:3f:9d:f5:6d:a3:1b:85:fd:6e:e2:
a2:49:0d:ee:d0:ed:41:f7:1e:0b:7f:bd:16:af:f5:c4:50:9a:
80:9e:54:ca:cd:b2:92:5a:e3:cc:5c:42:06:0f:59:82:79:f9:
d3:19:c1:4d:17:87:11:e3:c0:8d:bc:7c:42:95:28:08:36:87:
58:42:8e:be:62:7e:3e:98:16:b7:30:3e:67:51:12:42:69:b0:
d5:26:f5:ac:81:fb:4b:84:78:ef:3e:ba:20:33:83:7d:db:15:
84:84:f9:02:e6:3b:64:e7:99:12:64:fb:6d:90:42:97:29:28:
dc:71:f9:ef:3c:7b:f9:df:7b:00:2e:26:4c:23:42:88:21:c0:
5f:da:9e:47:09:12:95:a8:a7:d0:72:f0:62:20:34:10:b0:10:
99:4e:bc:bf:11:c1:f1:0d:af:17:6a:ed:b9:4d:84:57:68:d9:
41:b9:dc:2d:79:09:26:a8:1f:9c:9e:6a:ed:f0:08:03:65:49:
64:fe:75:12:d9:58:b4:7e:69:8f:31:dd:1d:38:14:a5:52:0e:
7e:d8:aa:12:01:65:58:60:6e:be:19:7d:1e:df:6e:a7:18:f4:
a8:ad:35:63:c8:23:2c:1b:91:f4:ed:8e:c1:38:8d:89:65:e7:
06:ab:35:91
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAZxXZ+g1b3AgucIrfOF37n9YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjYwMjEzMTQyOTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmVjYTJiZjcxMDcxN2JkMzcyY2FjYmRhYzA5MGMwMDRmNzQ4ZDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02p0icVz7uK0MKfL8yYyRmqLKwIx
iErPvR83v6N1hef63luIFP54r8GYw93l8mA1Hh01I5ufKzFh1K9L+tB+Db8ld3UW
/172uqJ5PSM2ficbnWkLH4aSb+oFvmtsDj7fQxWVOoHQ94w20bwRF3NYaret7jqK
odEpUD/RRweRcYegzXI9TDHkDjH3cGepRnZMAG9G8s5sav5gwvwbuIfPf6s93IQV
6xHXjkWoRPBcqg1yg28+hoU6LlL+KDuuUGvn9sgSRqy7zc6HvcXNh5z0NtQ/sBKY
JK5psnNq5eRHAWSQwaehBGNgWQQ6icocPrS412t6hC248Npf/++KnMvQfwIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFMbsor9xBxe9NyysvawJDABPdI1KMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEveHV5aXYzRUhGNzAzTEt5OXJBa01BRTkwalVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDBAJZ
EzgDBAG5GG4DBAK5O+gDBAC5RPUDBAG5R5ADBAG5R9QDBAK5TzADBAK5T0wDBAG5
UZIDBAG5Ua4DBAK5UbgDBAG5WGADBAO5WWgDBAK5X2QDBAG5YCYwDAMEALlgUQME
ArlgUAMEArlghAMEArlhAAMEALliKwMEALllywMEALlolwMEAblpLAMEAblwOAME
Abmo0gMEArmv4AMEAbm0bgMEAbm2gAMEArm5kAMEAsHd1AMEANWq3zANBgkqhkiG
9w0BAQsFAAOCAQEAgZziMtYWP50/nfVtoxuF/W7iokkN7tDtQfceC3+9Fq/1xFCa
gJ5Uys2yklrjzFxCBg9Zgnn50xnBTReHEePAjbx8QpUoCDaHWEKOvmJ+PpgWtzA+
Z1ESQmmw1Sb1rIH7S4R47z66IDODfdsVhIT5AuY7ZOeZEmT7bZBClyko3HH57zx7
+d97AC4mTCNCiCHAX9qeRwkSlain0HLwYiA0ELAQmU68vxHB8Q2vF2rtuU2EV2jZ
QbncLXkJJqgfnJ5q7fAIA2VJZP51EtlYtH5pjzHdHTgUpVIOftiqEgFlWGBuvhl9
Ht9upxj0qK01Y8gjLBuR9O2OwTiNiWXnBqs1kQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:59:20 2026 by rpki-client