Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/XetavruOlmwPuDQkb37aWeTU5Gs.roa
File: XetavruOlmwPuDQkb37aWeTU5Gs.roa (raw, json)
Hash identifier: OVMRMjZpXUWp7zeiQKGZgTeIS0wuW8Tr2m6fFrqkMg0=
Subject key identifier: 5D:EB:5A:BE:BB:8E:96:6C:0F:B8:34:24:6F:7E:DA:59:E4:D4:E4:6B
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 019E28DD10544295F2758EB3E05C99BD456E
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/XetavruOlmwPuDQkb37aWeTU5Gs.roa
Signing time: Thu 14 May 2026 23:40:36 +0000
ROA not before: Thu 14 May 2026 23:40:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49074
IP address blocks: 85.255.112.0/22 maxlen: 22
91.228.140.0/22 maxlen: 22
91.234.56.0/22 maxlen: 22
91.239.164.0/22 maxlen: 22
151.248.95.0/24 maxlen: 24
178.212.207.0/24 maxlen: 24
194.40.204.0/22 maxlen: 22
2a04:2041::/32 maxlen: 32
2a04:2043::/32 maxlen: 32
2a04:2045::/32 maxlen: 32
2a04:2047::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.mft
rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Jun 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:28:dd:10:54:42:95:f2:75:8e:b3:e0:5c:99:bd:45:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: May 14 23:40:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5deb5abebb8e966c0fb834246f7eda59e4d4e46b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:16:d3:72:55:30:e1:9d:f0:bf:8e:5b:ad:4f:
d1:c0:f3:20:5b:d3:68:fd:c8:19:7c:97:6e:86:e4:
5f:a6:21:6d:14:29:74:29:bb:13:ae:35:22:29:bb:
55:f1:0a:af:e5:3b:48:82:ef:34:6e:61:2b:70:8a:
5c:16:eb:0f:17:04:7e:9b:45:44:f3:b4:6e:0e:95:
be:58:84:cc:b8:f9:4d:f6:4b:58:6d:9f:14:51:a5:
25:84:9e:7f:72:57:8b:d9:6b:06:55:cc:8e:32:ea:
e6:25:41:a4:17:48:e3:8b:2e:ad:31:dc:01:3e:c3:
af:65:15:27:95:24:57:10:6a:f8:b2:ba:ee:47:0e:
fb:55:d0:23:2c:01:73:ef:a9:e2:a6:27:35:2d:8c:
38:2b:a9:cd:28:36:d6:d6:30:71:f7:eb:66:90:bb:
62:9a:7b:61:34:66:a0:27:6c:00:0f:6b:0a:9a:54:
ee:19:00:a5:d1:86:b4:26:a7:ce:0c:66:e1:fc:c4:
80:cc:9f:f0:ba:6b:01:ae:1a:89:8f:14:22:41:65:
f8:91:4a:74:1d:59:ef:56:c3:8e:93:3b:1b:2f:2d:
f9:69:f6:d4:22:a8:3c:e2:39:4a:c4:3f:a6:fa:3b:
aa:78:a8:b8:10:18:a5:75:ca:5c:e7:69:ed:7d:66:
88:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:EB:5A:BE:BB:8E:96:6C:0F:B8:34:24:6F:7E:DA:59:E4:D4:E4:6B
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/XetavruOlmwPuDQkb37aWeTU5Gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.112.0/22
91.228.140.0/22
91.234.56.0/22
91.239.164.0/22
151.248.95.0/24
178.212.207.0/24
194.40.204.0/22
IPv6:
2a04:2041::/32
2a04:2043::/32
2a04:2045::/32
2a04:2047::/32
Signature Algorithm: sha256WithRSAEncryption
7e:df:ff:ff:cd:38:04:ea:6d:4c:5f:59:32:34:8d:cb:20:d0:
ba:cd:eb:a1:ab:ba:c1:98:c9:cd:53:17:4e:f8:77:72:83:fc:
56:c4:b8:34:31:dd:cd:45:aa:7c:0a:87:40:8b:01:2f:e0:c8:
01:40:8b:44:90:ec:65:6d:ba:1d:48:8b:30:49:9a:39:2c:f9:
d9:73:01:69:b3:ae:3e:d0:73:26:8b:dd:f0:0a:d4:db:38:78:
2a:9a:ba:37:ea:60:76:b5:b1:d1:db:4c:27:ca:b6:e9:88:a4:
74:9a:d6:ae:62:cf:03:d1:28:6c:e0:60:21:81:bc:80:db:5d:
c8:9f:ee:96:ff:3d:19:56:19:87:e8:2d:35:46:e5:9a:42:24:
12:29:a0:c6:d8:d3:66:f3:28:9a:f2:32:8d:d3:47:4e:fc:29:
a2:82:d4:16:40:54:70:a2:72:e4:a2:97:80:3b:bb:d0:4a:15:
3d:b0:e1:cf:e2:0b:37:ab:a2:25:49:8c:c2:7a:22:f9:bb:3c:
ac:f0:e2:5c:8f:28:79:e1:67:f6:e7:2d:57:c5:8f:09:52:83:
c0:5b:c9:73:01:48:fc:a2:8d:80:e2:93:e2:1f:84:22:43:9f:
4e:22:c7:86:67:68:69:ed:e0:8e:53:6b:9e:aa:d7:05:08:7d:
92:88:34:e1
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZ4o3RBUQpXydY6z4FyZvUVuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjYwNTE0MjM0MDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGViNWFiZWJiOGU5NjZjMGZiODM0MjQ2ZjdlZGE1OWU0ZDRlNDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxbTclUw4Z3wv45brU/RwPMgW9No
/cgZfJduhuRfpiFtFCl0KbsTrjUiKbtV8Qqv5TtIgu80bmErcIpcFusPFwR+m0VE
87RuDpW+WITMuPlN9ktYbZ8UUaUlhJ5/cleL2WsGVcyOMurmJUGkF0jjiy6tMdwB
PsOvZRUnlSRXEGr4srruRw77VdAjLAFz76nipic1LYw4K6nNKDbW1jBx9+tmkLti
mnthNGagJ2wAD2sKmlTuGQCl0Ya0JqfODGbh/MSAzJ/wumsBrhqJjxQiQWX4kUp0
HVnvVsOOkzsbLy35afbUIqg84jlKxD+m+juqeKi4EBildcpc52ntfWaITQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFF3rWr67jpZsD7g0JG9+2lnk1ORrMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvWGV0YXZydU9sbXdQdURRa2IzN2FXZVRVNUdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjAwBAIAATAqAwQCVf9wAwQC
W+SMAwQCW+o4AwQCW++kAwQAl/hfAwQAstTPAwQCwijMMCIEAgACMBwDBQAqBCBB
AwUAKgQgQwMFACoEIEUDBQAqBCBHMA0GCSqGSIb3DQEBCwUAA4IBAQB+3///zTgE
6m1MX1kyNI3LINC6zeuhq7rBmMnNUxdO+Hdyg/xWxLg0Md3NRap8CodAiwEv4MgB
QItEkOxlbbodSIswSZo5LPnZcwFps64+0HMmi93wCtTbOHgqmro36mB2tbHR20wn
yrbpiKR0mtauYs8D0Shs4GAhgbyA213In+6W/z0ZVhmH6C01RuWaQiQSKaDG2NNm
8yia8jKN00dO/CmigtQWQFRwonLkopeAO7vQShU9sOHP4gs3q6IlSYzCeiL5uzys
8OJcjyh54Wf25y1XxY8JUoPAW8lzAUj8oo2A4pPiH4QiQ59OIseGZ2hp7eCOU2ue
qtcFCH2SiDTh
-----END CERTIFICATE-----
Generated at Wed Jun 17 09:57:01 2026 by rpki-client