Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/xPzVH3JPXaMpFYktObofgCToREI.roa
File: xPzVH3JPXaMpFYktObofgCToREI.roa (raw, json)
Hash identifier: ajOIbPK1BFfO9MirAXI6JNCrOkKz69JTE3+jCSiykHI=
Subject key identifier: C4:FC:D5:1F:72:4F:5D:A3:29:15:89:2D:39:BA:1F:80:24:E8:44:42
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019EA8FE3504D5911A0B8CBBB6A4A1414857
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/xPzVH3JPXaMpFYktObofgCToREI.roa
Signing time: Mon 08 Jun 2026 20:48:12 +0000
ROA not before: Mon 08 Jun 2026 20:48:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 2.56.123.0/24 maxlen: 24
5.180.22.0/24 maxlen: 24
5.180.31.0/24 maxlen: 24
5.180.47.0/24 maxlen: 24
5.180.52.0/24 maxlen: 24
5.180.54.0/24 maxlen: 24
5.180.145.0/24 maxlen: 24
5.180.147.0/24 maxlen: 24
5.253.28.0/24 maxlen: 24
5.253.29.0/24 maxlen: 24
5.253.30.0/24 maxlen: 24
5.253.31.0/24 maxlen: 24
5.253.42.0/24 maxlen: 24
45.9.18.0/24 maxlen: 24
45.9.19.0/24 maxlen: 24
45.15.125.0/24 maxlen: 24
45.15.128.0/24 maxlen: 24
45.15.129.0/24 maxlen: 24
45.15.145.0/24 maxlen: 24
45.15.146.0/24 maxlen: 24
45.15.154.0/24 maxlen: 24
45.15.155.0/24 maxlen: 24
45.15.164.0/24 maxlen: 24
45.15.179.0/24 maxlen: 24
45.15.186.0/24 maxlen: 24
45.82.248.0/24 maxlen: 24
45.83.23.0/24 maxlen: 24
45.83.24.0/24 maxlen: 24
45.83.25.0/24 maxlen: 24
45.83.128.0/24 maxlen: 24
45.83.149.0/24 maxlen: 24
45.86.60.0/22 maxlen: 24
45.86.64.0/24 maxlen: 24
45.86.65.0/24 maxlen: 24
45.86.67.0/24 maxlen: 24
45.86.68.0/24 maxlen: 24
45.86.69.0/24 maxlen: 24
45.86.70.0/24 maxlen: 24
45.86.74.0/24 maxlen: 24
45.86.75.0/24 maxlen: 24
45.88.176.0/24 maxlen: 24
45.88.177.0/24 maxlen: 24
45.92.140.0/22 maxlen: 24
45.92.160.0/24 maxlen: 24
45.92.161.0/24 maxlen: 24
45.92.163.0/24 maxlen: 24
45.92.164.0/22 maxlen: 24
45.92.192.0/24 maxlen: 24
45.92.193.0/24 maxlen: 24
45.92.194.0/24 maxlen: 24
45.128.51.0/24 maxlen: 24
45.128.57.0/24 maxlen: 24
45.128.58.0/24 maxlen: 24
85.209.157.0/24 maxlen: 24
85.209.158.0/24 maxlen: 24
85.209.159.0/24 maxlen: 24
85.209.194.0/24 maxlen: 24
88.218.92.0/24 maxlen: 24
88.218.94.0/24 maxlen: 24
88.218.95.0/24 maxlen: 24
92.118.236.0/22 maxlen: 24
95.214.249.0/24 maxlen: 24
95.214.250.0/24 maxlen: 24
171.22.115.0/24 maxlen: 24
171.22.130.0/24 maxlen: 24
171.22.132.0/24 maxlen: 24
185.166.153.0/24 maxlen: 24
194.36.36.0/24 maxlen: 24
194.36.37.0/24 maxlen: 24
194.55.136.0/24 maxlen: 24
213.59.119.0/24 maxlen: 24
213.59.120.0/24 maxlen: 24
213.59.126.0/24 maxlen: 24
213.59.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a8:fe:35:04:d5:91:1a:0b:8c:bb:b6:a4:a1:41:48:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jun 8 20:48:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c4fcd51f724f5da32915892d39ba1f8024e84442
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:77:3d:a1:67:d7:44:ca:fa:9b:27:b8:c0:c6:
5f:57:1e:71:c1:6f:70:ba:5e:ff:6d:5a:a1:07:24:
f1:f8:e0:32:09:82:c2:0f:c9:e0:d3:93:c8:af:b4:
e9:86:1b:94:a2:28:b8:e8:2e:7b:19:ca:50:39:98:
f4:41:e3:11:37:0c:f3:92:fa:11:7f:23:96:ea:f3:
1b:af:e9:97:40:29:f3:9d:c2:a0:66:6a:aa:c8:6a:
1e:bb:ea:66:53:03:65:93:d6:38:72:7f:07:2c:00:
4d:0b:e3:1a:59:b1:c8:d4:49:5a:ca:8d:98:9a:a9:
07:21:af:96:ef:24:d9:14:bc:20:fc:88:01:54:3f:
b2:dc:45:89:4e:40:50:32:26:8f:a2:45:58:b4:11:
71:24:ff:6d:1d:bc:49:7e:0e:4a:45:bc:f4:ce:2d:
7a:ff:80:d4:26:68:19:34:e0:79:c5:13:0d:6f:77:
1f:76:bc:e8:60:28:f6:13:78:c8:ba:4e:2f:22:51:
fa:f5:90:9a:58:d9:02:f5:50:e2:8c:c1:e9:73:d4:
37:cd:7e:40:2d:75:83:69:98:13:b2:93:47:36:c3:
5e:19:9e:ac:77:e0:09:80:84:1d:e8:9e:4b:f3:9a:
a6:fa:0d:83:0f:65:71:d1:24:9d:37:8b:e2:ba:79:
9b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:FC:D5:1F:72:4F:5D:A3:29:15:89:2D:39:BA:1F:80:24:E8:44:42
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/xPzVH3JPXaMpFYktObofgCToREI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.123.0/24
5.180.22.0/24
5.180.31.0/24
5.180.47.0/24
5.180.52.0/24
5.180.54.0/24
5.180.145.0/24
5.180.147.0/24
5.253.28.0/22
5.253.42.0/24
45.9.18.0/23
45.15.125.0/24
45.15.128.0/23
45.15.145.0-45.15.146.255
45.15.154.0/23
45.15.164.0/24
45.15.179.0/24
45.15.186.0/24
45.82.248.0/24
45.83.23.0-45.83.25.255
45.83.128.0/24
45.83.149.0/24
45.86.60.0-45.86.65.255
45.86.67.0-45.86.70.255
45.86.74.0/23
45.88.176.0/23
45.92.140.0/22
45.92.160.0/23
45.92.163.0-45.92.167.255
45.92.192.0-45.92.194.255
45.128.51.0/24
45.128.57.0-45.128.58.255
85.209.157.0-85.209.159.255
85.209.194.0/24
88.218.92.0/24
88.218.94.0/23
92.118.236.0/22
95.214.249.0-95.214.250.255
171.22.115.0/24
171.22.130.0/24
171.22.132.0/24
185.166.153.0/24
194.36.36.0/23
194.55.136.0/24
213.59.119.0-213.59.120.255
213.59.126.0/23
Signature Algorithm: sha256WithRSAEncryption
80:89:e0:30:15:ed:a1:54:2b:09:7b:3e:c7:61:f0:6b:33:f5:
0f:b9:24:b6:d4:c6:57:ab:fb:7c:c5:ac:19:df:82:bd:d1:d7:
f0:3e:34:c9:c7:02:d3:71:f8:d4:b7:6e:c0:8f:46:50:d5:f3:
40:df:de:ab:6c:ff:a6:49:87:eb:19:68:ff:03:20:ad:56:da:
2f:93:21:11:64:fd:a9:3e:e3:a1:95:f9:8c:d0:4b:72:6e:f3:
9f:e8:05:9b:5c:8e:1c:e2:e8:91:15:70:35:f0:89:8c:8d:68:
d9:1a:c9:4e:3c:7e:dd:de:1c:51:5e:eb:6c:9c:37:b7:35:fd:
57:ab:0f:c2:db:5b:20:3b:19:37:07:47:5b:6a:28:15:85:56:
10:ca:fb:cd:b8:b4:b5:8d:62:ea:36:ad:85:9d:f4:e5:98:e8:
61:ca:0a:35:df:bf:a8:6f:40:a4:24:81:1b:11:be:f0:9f:a4:
4a:ea:0a:25:0e:72:21:b3:5b:da:ca:33:d9:6d:0b:f7:e0:7a:
65:c9:9a:7f:68:0c:c6:47:f8:7f:83:49:2f:48:7a:22:b9:8f:
5c:bb:3a:d8:97:00:ee:7f:aa:ed:53:cb:24:d7:85:28:05:07:
18:4d:f7:69:29:dc:ca:7a:bd:20:9c:73:d3:86:81:43:fc:7b:
6d:6b:5c:14
-----BEGIN CERTIFICATE-----
MIIGZTCCBU2gAwIBAgISAZ6o/jUE1ZEaC4y7tqShQUhXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwNjA4MjA0ODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGZjZDUxZjcyNGY1ZGEzMjkxNTg5MmQzOWJhMWY4MDI0ZTg0NDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3c9oWfXRMr6mye4wMZfVx5xwW9w
ul7/bVqhByTx+OAyCYLCD8ng05PIr7TphhuUoii46C57GcpQOZj0QeMRNwzzkvoR
fyOW6vMbr+mXQCnzncKgZmqqyGoeu+pmUwNlk9Y4cn8HLABNC+MaWbHI1Elayo2Y
mqkHIa+W7yTZFLwg/IgBVD+y3EWJTkBQMiaPokVYtBFxJP9tHbxJfg5KRbz0zi16
/4DUJmgZNOB5xRMNb3cfdrzoYCj2E3jIuk4vIlH69ZCaWNkC9VDijMHpc9Q3zX5A
LXWDaZgTspNHNsNeGZ6sd+AJgIQd6J5L85qm+g2DD2Vx0SSdN4viunmblQIDAQAB
o4IDcTCCA20wHQYDVR0OBBYEFMT81R9yT12jKRWJLTm6H4Ak6ERCMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEveFB6VkgzSlBYYU1wRllrdE9ib2ZnQ1RvUkVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhQYIKwYBBQUHAQcBAf8EggF0MIIBcDCCAWwEAgABMIIB
ZAMEAAI4ewMEAAW0FgMEAAW0HwMEAAW0LwMEAAW0NAMEAAW0NgMEAAW0kQMEAAW0
kwMEAgX9HAMEAAX9KgMEAS0JEgMEAC0PfQMEAS0PgDAMAwQALQ+RAwQALQ+SAwQB
LQ+aAwQALQ+kAwQALQ+zAwQALQ+6AwQALVL4MAwDBAAtUxcDBAEtUxgDBAAtU4AD
BAAtU5UwDAMEAi1WPAMEAS1WQDAMAwQALVZDAwQALVZGAwQBLVZKAwQBLViwAwQC
LVyMAwQBLVygMAwDBAAtXKMDBAMtXKAwDAMEBi1cwAMEAC1cwgMEAC2AMzAMAwQA
LYA5AwQALYA6MAwDBABV0Z0DBAVV0YADBABV0cIDBABY2lwDBAFY2l4DBAJcduww
DAMEAF/W+QMEAF/W+gMEAKsWcwMEAKsWggMEAKsWhAMEALmmmQMEAcIkJAMEAMI3
iDAMAwQA1Tt3AwQA1Tt4AwQB1Tt+MA0GCSqGSIb3DQEBCwUAA4IBAQCAieAwFe2h
VCsJez7HYfBrM/UPuSS21MZXq/t8xawZ34K90dfwPjTJxwLTcfjUt27Aj0ZQ1fNA
396rbP+mSYfrGWj/AyCtVtovkyERZP2pPuOhlfmM0EtybvOf6AWbXI4c4uiRFXA1
8ImMjWjZGslOPH7d3hxRXutsnDe3Nf1Xqw/C21sgOxk3B0dbaigVhVYQyvvNuLS1
jWLqNq2FnfTlmOhhygo137+ob0CkJIEbEb7wn6RK6golDnIhs1vayjPZbQv34Hpl
yZp/aAzGR/h/g0kvSHoiuY9cuzrYlwDuf6rtU8sk14UoBQcYTfdpKdzKer0gnHPT
hoFD/Htta1wU
-----END CERTIFICATE-----
Generated at Sat Jun 13 12:55:03 2026 by rpki-client