Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/XQyVVxaL-SdHJ4wD0gRKxpiqWbc.roa
File: XQyVVxaL-SdHJ4wD0gRKxpiqWbc.roa (raw, json)
Hash identifier: xaYqQflJcYim9yjUKuHpULSvGoUaQ7dk6PnJOftMQeQ=
Subject key identifier: 5D:0C:95:57:16:8B:F9:27:47:27:8C:03:D2:04:4A:C6:98:AA:59:B7
Certificate issuer: /CN=4eef6aae6fba5c61a61739afcab55a62266e89ee
Certificate serial: 019D641A69737EF9982C324285D4629AC458
Authority key identifier: 4E:EF:6A:AE:6F:BA:5C:61:A6:17:39:AF:CA:B5:5A:62:26:6E:89:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tu9qrm-6XGGmFzmvyrVaYiZuie4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/XQyVVxaL-SdHJ4wD0gRKxpiqWbc.roa
Signing time: Mon 06 Apr 2026 18:42:25 +0000
ROA not before: Mon 06 Apr 2026 18:42:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206873
IP address blocks: 185.173.176.0/24 maxlen: 24
185.173.177.0/24 maxlen: 24
185.173.178.0/24 maxlen: 24
185.173.179.0/24 maxlen: 24
194.150.215.0/24 maxlen: 24
194.150.234.0/24 maxlen: 24
194.150.235.0/24 maxlen: 24
2a0b:6900::/48 maxlen: 48
2a0b:6900:1::/48 maxlen: 48
2a0b:6900:2::/48 maxlen: 48
2a0b:6900:3::/48 maxlen: 48
2a0b:6900:4::/48 maxlen: 48
2a0b:6900:5::/48 maxlen: 48
2a0b:6900:7::/48 maxlen: 48
2a0b:6900:8::/48 maxlen: 48
2a0b:6900:9::/48 maxlen: 48
2a0b:6900:10::/48 maxlen: 48
2a0b:6900:11::/48 maxlen: 48
2a0b:6900:1ad::/48 maxlen: 48
2a0b:6900:daf::/48 maxlen: 48
2a0b:6900:185d::/48 maxlen: 48
2a0b:6901:1::/48 maxlen: 48
2a0b:6901:2::/48 maxlen: 48
2a0b:6901:3::/48 maxlen: 48
2a0b:6901:4::/48 maxlen: 48
2a0b:6901:5::/48 maxlen: 48
2a0b:6901:6::/48 maxlen: 48
2a0b:6901:7::/48 maxlen: 48
2a0b:6901:8::/48 maxlen: 48
2a0b:6901:9::/48 maxlen: 48
2a0b:6901:10::/48 maxlen: 48
2a0b:6903::/48 maxlen: 48
2a0b:6903:fdb::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/Tu9qrm-6XGGmFzmvyrVaYiZuie4.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/Tu9qrm-6XGGmFzmvyrVaYiZuie4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tu9qrm-6XGGmFzmvyrVaYiZuie4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 06:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:64:1a:69:73:7e:f9:98:2c:32:42:85:d4:62:9a:c4:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4eef6aae6fba5c61a61739afcab55a62266e89ee
Validity
Not Before: Apr 6 18:42:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5d0c9557168bf92747278c03d2044ac698aa59b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:14:8e:57:60:b1:f1:4f:2d:51:97:48:d4:77:
51:38:54:38:d5:52:90:49:3c:93:d5:8f:be:29:5f:
be:48:35:c2:a1:0f:0e:b2:62:8d:06:c0:ad:a4:df:
7f:d1:97:12:62:4c:1e:48:cd:50:43:3d:0e:fa:36:
10:02:79:79:10:1d:7b:e5:f1:20:c7:db:3b:53:32:
33:82:f7:3a:98:f3:49:2d:64:b0:ca:87:9b:b6:b9:
52:fe:b0:82:50:f5:28:3f:6a:a4:a1:66:36:65:bf:
3f:f2:80:ec:4f:db:29:15:c3:c9:3c:ab:63:95:49:
2c:df:f3:c8:60:07:53:c2:5b:da:81:9d:29:57:df:
77:5a:6d:92:a6:c1:5e:7b:c8:54:eb:95:c5:79:35:
7f:54:73:9c:87:97:d4:72:2d:71:c5:f7:92:5f:8d:
6b:02:f0:ef:79:9d:23:f4:24:4d:bd:15:63:5e:4d:
f6:e4:ad:9d:aa:a4:0b:8a:e8:d7:de:9b:3d:07:3c:
12:b3:90:e4:4a:26:31:62:5a:e7:ca:4b:af:90:95:
39:e6:2d:ae:18:c7:cd:d3:35:b9:e1:01:e0:a3:36:
93:ef:46:ee:c7:d1:ec:32:28:ee:24:c0:31:fa:0e:
18:62:12:dc:c5:1e:42:86:3c:a8:ea:df:ac:e4:89:
74:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:0C:95:57:16:8B:F9:27:47:27:8C:03:D2:04:4A:C6:98:AA:59:B7
X509v3 Authority Key Identifier:
keyid:4E:EF:6A:AE:6F:BA:5C:61:A6:17:39:AF:CA:B5:5A:62:26:6E:89:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tu9qrm-6XGGmFzmvyrVaYiZuie4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/XQyVVxaL-SdHJ4wD0gRKxpiqWbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/Tu9qrm-6XGGmFzmvyrVaYiZuie4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.176.0/22
194.150.215.0/24
194.150.234.0/23
IPv6:
2a0b:6900::-2a0b:6900:5:ffff:ffff:ffff:ffff:ffff
2a0b:6900:7::-2a0b:6900:9:ffff:ffff:ffff:ffff:ffff
2a0b:6900:10::/47
2a0b:6900:1ad::/48
2a0b:6900:daf::/48
2a0b:6900:185d::/48
2a0b:6901:1::-2a0b:6901:9:ffff:ffff:ffff:ffff:ffff
2a0b:6901:10::/48
2a0b:6903::/48
2a0b:6903:fdb::/48
Signature Algorithm: sha256WithRSAEncryption
a4:92:8c:a8:c4:b4:b1:d9:74:40:79:6a:0d:67:9c:07:90:97:
ac:6e:8d:a3:b9:f9:34:c5:d1:85:8b:aa:01:bd:24:c6:10:6e:
c8:b9:6b:d1:b9:a3:0b:ca:5d:3d:27:6b:ad:36:4c:d5:d7:ec:
18:9d:8c:6d:bc:68:08:61:ab:65:67:bc:9d:6c:74:a9:7a:31:
f8:e4:46:5a:7d:af:71:b3:bb:82:dc:bb:f8:66:34:44:cc:d3:
13:31:bf:fd:ba:df:fb:54:ae:56:d0:e8:20:b8:09:d4:20:51:
a2:a5:f4:eb:9b:33:8d:ef:38:2e:ee:66:21:fe:35:bc:53:db:
c9:05:08:88:af:14:62:70:60:c5:82:cc:c6:d9:29:ba:17:ab:
b2:33:88:ea:95:31:2b:03:08:69:4f:ae:02:50:e2:fa:f5:26:
a7:d2:fe:b5:59:96:3e:70:10:2d:82:60:a3:a3:13:ae:d8:a5:
c1:16:24:6a:fb:a7:54:60:4e:63:74:73:8e:d8:d4:b5:49:8f:
a3:06:84:25:4c:9c:a5:a4:10:05:83:dc:dc:51:8a:cf:de:8d:
6e:ff:7f:73:b7:ec:00:16:64:36:77:c8:17:6b:0e:88:02:0c:
7c:96:59:62:f1:02:e2:12:b9:54:64:35:4f:b2:d6:5e:d3:3d:
8f:09:b1:10
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZ1kGmlzfvmYLDJChdRimsRYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZWY2YWFlNmZiYTVjNjFhNjE3MzlhZmNhYjU1YTYyMjY2
ZTg5ZWUwHhcNMjYwNDA2MTg0MjI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDBjOTU1NzE2OGJmOTI3NDcyNzhjMDNkMjA0NGFjNjk4YWE1OWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6xSOV2Cx8U8tUZdI1HdROFQ41VKQ
STyT1Y++KV++SDXCoQ8OsmKNBsCtpN9/0ZcSYkweSM1QQz0O+jYQAnl5EB175fEg
x9s7UzIzgvc6mPNJLWSwyoebtrlS/rCCUPUoP2qkoWY2Zb8/8oDsT9spFcPJPKtj
lUks3/PIYAdTwlvagZ0pV993Wm2SpsFee8hU65XFeTV/VHOch5fUci1xxfeSX41r
AvDveZ0j9CRNvRVjXk325K2dqqQLiujX3ps9BzwSs5DkSiYxYlrnykuvkJU55i2u
GMfN0zW54QHgozaT70bux9HsMijuJMAx+g4YYhLcxR5Chjyo6t+s5Il05wIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFF0MlVcWi/knRyeMA9IESsaYqlm3MB8GA1UdIwQY
MBaAFE7vaq5vulxhphc5r8q1WmImbonuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHU5cXJtLTZYR0dtRnptdnlyVmFZaVp1aWU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iOGU1YzQtMzhlYi00NDVmLWIwMzYt
YzM3NzkwZTZkNDgyLzEvWFF5VlZ4YUwtU2RISjR3RDBnUkt4cGlxV2JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iOGU1YzQtMzhlYi00NDVmLWIwMzYtYzM3NzkwZTZkNDgy
LzEvVHU5cXJtLTZYR0dtRnptdnlyVmFZaVp1aWU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjAYBAIAATASAwQCua2w
AwQAwpbXAwQBwpbqMH4EAgACMHgwDwMEACoLaQMHASoLaQAABDASAwcAKgtpAAAH
AwcBKgtpAAAIAwcBKgtpAAAQAwcAKgtpAAGtAwcAKgtpAA2vAwcAKgtpABhdMBID
BwAqC2kBAAEDBwEqC2kBAAgDBwAqC2kBABADBwAqC2kDAAADBwAqC2kDD9swDQYJ
KoZIhvcNAQELBQADggEBAKSSjKjEtLHZdEB5ag1nnAeQl6xujaO5+TTF0YWLqgG9
JMYQbsi5a9G5owvKXT0na602TNXX7BidjG28aAhhq2VnvJ1sdKl6MfjkRlp9r3Gz
u4Lcu/hmNETM0xMxv/263/tUrlbQ6CC4CdQgUaKl9OubM43vOC7uZiH+NbxT28kF
CIivFGJwYMWCzMbZKboXq7IziOqVMSsDCGlPrgJQ4vr1JqfS/rVZlj5wEC2CYKOj
E67YpcEWJGr7p1RgTmN0c47Y1LVJj6MGhCVMnKWkEAWD3NxRis/ejW7/f3O37AAW
ZDZ3yBdrDogCDHyWWWLxAuISuVRkNU+y1l7TPY8JsRA=
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:53:45 2026 by rpki-client