Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/XW_v4eTV1SNcUWsgWoPnoGpWufk.roa
File: XW_v4eTV1SNcUWsgWoPnoGpWufk.roa (raw, json)
Hash identifier: 6bYTQjfxR2mDMmk0pp6awco7t3sSTyRxFjq7e/ZXtFI=
Subject key identifier: 5D:6F:EF:E1:E4:D5:D5:23:5C:51:6B:20:5A:83:E7:A0:6A:56:B9:F9
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019D5EB5CD91844CBB0D4CB83F48CE66C08C
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/XW_v4eTV1SNcUWsgWoPnoGpWufk.roa
Signing time: Sun 05 Apr 2026 17:34:26 +0000
ROA not before: Sun 05 Apr 2026 17:34:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9009
IP address blocks: 45.8.195.0/24 maxlen: 24
45.8.197.0/24 maxlen: 24
45.8.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 19:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:5e:b5:cd:91:84:4c:bb:0d:4c:b8:3f:48:ce:66:c0:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Apr 5 17:34:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5d6fefe1e4d5d5235c516b205a83e7a06a56b9f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ed:e4:36:ed:70:7f:6f:3d:47:68:65:ab:eb:
23:86:ff:bc:ec:23:da:a1:9a:35:d3:11:11:bd:6c:
c4:17:85:4b:44:8b:25:15:d4:10:dc:dd:ca:73:bc:
64:c1:45:e1:ce:1f:a9:31:df:e4:02:a4:8b:b2:81:
bd:7a:58:99:ea:4b:50:56:c5:04:ab:11:02:11:6e:
45:94:9d:3c:b5:ac:3e:42:70:00:88:bd:05:1c:a9:
be:52:0b:fa:96:52:12:b1:0d:ee:9d:1f:00:c0:27:
0a:34:23:fe:f9:7d:05:ce:01:73:aa:05:c7:6e:a4:
b5:51:eb:e3:f2:50:f1:9c:03:b2:7b:c9:09:bd:13:
b1:74:c2:fd:a8:83:80:63:e1:a4:ee:d3:7a:4f:69:
c8:89:da:fd:06:a0:a0:34:50:e4:6a:30:29:8f:c8:
b5:fa:47:84:1d:42:3d:dc:4b:3c:3e:f7:11:05:03:
97:6e:7d:d0:22:32:ec:59:01:1c:23:8b:21:e9:be:
c9:67:aa:83:25:2d:42:3e:89:ba:69:15:40:b0:21:
c8:64:4d:37:05:96:c4:78:bd:27:36:09:cc:7e:1f:
97:90:6c:24:52:7f:4f:4e:cb:aa:18:7f:24:87:16:
9f:b9:98:a8:68:d6:f4:6c:a0:08:47:0e:34:78:fe:
1f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:6F:EF:E1:E4:D5:D5:23:5C:51:6B:20:5A:83:E7:A0:6A:56:B9:F9
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/XW_v4eTV1SNcUWsgWoPnoGpWufk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.195.0/24
45.8.197.0-45.8.198.255
Signature Algorithm: sha256WithRSAEncryption
b3:69:1e:e5:76:95:ee:56:1e:77:5d:14:74:67:9c:88:54:f3:
fc:68:99:07:fe:a1:29:e1:8c:01:db:9f:e9:5f:44:bc:9d:ba:
0b:fe:03:e0:fd:a5:c4:cd:bf:59:aa:b3:75:60:b5:51:59:4e:
3d:f2:08:b3:d4:ba:c2:1d:24:19:b5:29:5c:43:e0:f3:fb:59:
1e:49:f5:de:c8:ee:99:e3:b8:8d:02:41:55:1b:11:64:48:63:
5d:ed:a8:7c:aa:1c:dc:ed:bf:19:0a:ab:9d:d9:e9:e8:76:1f:
43:87:a9:02:63:33:e4:d7:e0:7b:69:50:aa:aa:38:1c:aa:54:
48:65:b6:7d:6e:a3:4f:16:f9:1d:40:bc:33:b7:71:75:4a:2d:
fe:b6:b8:86:4f:16:ad:f4:fd:6e:95:16:6f:30:bb:9d:af:b2:
f2:ab:9e:2c:25:b2:e2:e8:42:90:dd:05:8c:45:07:58:bc:78:
d3:b0:b7:aa:77:8e:f6:c4:2c:7e:8c:9f:d8:e7:ba:57:1d:47:
b7:ad:58:9d:3d:99:72:97:4c:82:90:d1:a0:56:2e:9e:47:df:
8d:dc:40:e1:62:c3:a7:9c:d3:16:1b:12:28:7e:86:0f:41:43:
c0:d9:5e:c2:86:e7:bf:4e:2d:93:09:31:93:69:77:a6:fc:75:
43:68:cc:79
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZ1etc2RhEy7DUy4P0jOZsCMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwNDA1MTczNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDZmZWZlMWU0ZDVkNTIzNWM1MTZiMjA1YTgzZTdhMDZhNTZiOWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAte3kNu1wf289R2hlq+sjhv+87CPa
oZo10xERvWzEF4VLRIslFdQQ3N3Kc7xkwUXhzh+pMd/kAqSLsoG9eliZ6ktQVsUE
qxECEW5FlJ08taw+QnAAiL0FHKm+Ugv6llISsQ3unR8AwCcKNCP++X0FzgFzqgXH
bqS1Uevj8lDxnAOye8kJvROxdML9qIOAY+Gk7tN6T2nIidr9BqCgNFDkajApj8i1
+keEHUI93Es8PvcRBQOXbn3QIjLsWQEcI4sh6b7JZ6qDJS1CPom6aRVAsCHIZE03
BZbEeL0nNgnMfh+XkGwkUn9PTsuqGH8khxafuZioaNb0bKAIRw40eP4fJwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFF1v7+Hk1dUjXFFrIFqD56BqVrn5MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvWFdfdjRlVFYxU05jVVdzZ1dvUG5vR3BXdWZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQALQjDMAwD
BAAtCMUDBAAtCMYwDQYJKoZIhvcNAQELBQADggEBALNpHuV2le5WHnddFHRnnIhU
8/xomQf+oSnhjAHbn+lfRLydugv+A+D9pcTNv1mqs3VgtVFZTj3yCLPUusIdJBm1
KVxD4PP7WR5J9d7I7pnjuI0CQVUbEWRIY13tqHyqHNztvxkKq53Z6eh2H0OHqQJj
M+TX4HtpUKqqOByqVEhltn1uo08W+R1AvDO3cXVKLf62uIZPFq30/W6VFm8wu52v
svKrniwlsuLoQpDdBYxFB1i8eNOwt6p3jvbELH6Mn9jnulcdR7etWJ09mXKXTIKQ
0aBWLp5H343cQOFiw6ec0xYbEih+hg9BQ8DZXsKG579OLZMJMZNpd6b8dUNozHk=
-----END CERTIFICATE-----
Generated at Fri Apr 17 04:34:29 2026 by rpki-client