Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/XvBJZwcn7VU_moTOvJdb6scRTKA.roa
File: XvBJZwcn7VU_moTOvJdb6scRTKA.roa (raw, json)
Hash identifier: qtP0FU9yzxkB6If5YZB4PVXGwxz8cr/TjgCYhAvSLVY=
Subject key identifier: 5E:F0:49:67:07:27:ED:55:3F:9A:84:CE:BC:97:5B:EA:C7:11:4C:A0
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: 019C9A1BBCA38E07D3E8BEF78341EC3CD936
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/XvBJZwcn7VU_moTOvJdb6scRTKA.roa
Signing time: Thu 26 Feb 2026 13:20:34 +0000
ROA not before: Thu 26 Feb 2026 13:20:34 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50098
IP address blocks: 88.218.240.0/22 maxlen: 24
91.192.80.0/24 maxlen: 24
93.189.58.0/24 maxlen: 24
93.189.63.0/24 maxlen: 24
95.81.70.0/24 maxlen: 24
95.81.71.0/24 maxlen: 24
95.81.106.0/24 maxlen: 24
95.81.111.0/24 maxlen: 24
185.131.64.0/24 maxlen: 24
185.131.67.0/24 maxlen: 24
185.246.154.0/24 maxlen: 24
195.211.220.0/24 maxlen: 24
195.211.221.0/24 maxlen: 24
195.211.222.0/24 maxlen: 24
195.211.223.0/24 maxlen: 24
213.111.132.0/23 maxlen: 24
213.183.32.0/24 maxlen: 24
213.183.33.0/24 maxlen: 24
213.183.41.0/24 maxlen: 24
213.183.45.0/24 maxlen: 24
213.183.48.0/24 maxlen: 24
213.183.53.0/24 maxlen: 24
213.183.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.mft
rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9a:1b:bc:a3:8e:07:d3:e8:be:f7:83:41:ec:3c:d9:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: Feb 26 13:20:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5ef049670727ed553f9a84cebc975beac7114ca0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ee:6e:fb:11:85:f1:aa:89:f9:ad:d5:0f:af:
bb:58:64:a1:70:92:8b:7b:a2:ed:ce:e0:6e:4b:90:
62:5d:bb:28:43:40:18:0d:b4:bc:fa:fb:de:61:27:
7f:40:79:48:90:0a:a2:d3:61:ed:33:eb:6d:94:bb:
c2:8a:40:95:a6:70:86:28:54:0b:2f:66:89:9b:b0:
be:7d:3c:e4:ff:af:5f:e0:6a:00:bb:c3:82:f7:8a:
40:d5:17:ed:3e:67:c9:04:a4:f8:2e:e6:6c:c3:21:
7b:92:69:28:ce:59:cb:d4:41:59:c3:c7:ba:33:ee:
9c:dd:8b:69:a2:52:be:21:a7:5e:db:23:b0:f9:64:
2e:70:90:8f:d7:8c:63:5a:6b:ab:c1:1d:f9:e3:ca:
26:ac:f5:4c:89:51:9a:d7:d9:87:91:74:2a:c2:c4:
2d:7c:4d:52:af:95:d9:10:b5:1d:1e:1b:9e:ef:55:
42:8f:32:cf:62:e7:1e:58:a7:61:93:39:39:ed:53:
73:ff:9b:c4:53:21:8d:c0:c4:f3:0e:0e:99:a5:73:
4a:59:a3:5a:14:81:87:75:89:3f:0d:56:12:a7:3f:
4b:ee:2d:85:39:51:7f:25:47:88:b4:b2:8e:61:39:
62:30:fd:0d:ee:ce:43:17:bc:f6:d1:ee:54:30:ce:
9a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F0:49:67:07:27:ED:55:3F:9A:84:CE:BC:97:5B:EA:C7:11:4C:A0
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/XvBJZwcn7VU_moTOvJdb6scRTKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.240.0/22
91.192.80.0/24
93.189.58.0/24
93.189.63.0/24
95.81.70.0/23
95.81.106.0/24
95.81.111.0/24
185.131.64.0/24
185.131.67.0/24
185.246.154.0/24
195.211.220.0/22
213.111.132.0/23
213.183.32.0/23
213.183.41.0/24
213.183.45.0/24
213.183.48.0/24
213.183.53.0/24
213.183.58.0/24
Signature Algorithm: sha256WithRSAEncryption
43:42:88:b4:c3:05:f3:9f:d3:64:1c:f2:e8:1b:a6:07:56:1f:
ba:11:7f:2d:95:61:a0:75:8a:f7:05:82:df:79:57:68:69:30:
4c:ab:b5:5d:fb:33:b7:7d:31:91:2d:d2:93:dd:97:ad:74:81:
fc:47:c2:85:c4:a9:28:c5:9b:d9:1d:42:99:70:ca:43:16:b4:
2a:34:81:1b:a4:a9:38:76:a8:27:92:56:0d:ed:bb:0f:2e:f1:
23:83:77:8c:e8:bd:3e:bb:f8:d1:7c:60:08:26:db:f8:10:61:
2b:97:2c:63:84:8a:46:a3:76:01:cd:84:4f:07:a0:40:04:79:
60:a6:fa:e4:51:53:85:ff:82:67:95:ca:df:5d:94:5d:00:da:
31:93:c5:a0:81:6b:4a:35:cb:3c:27:74:1e:cd:15:67:d6:4b:
6e:22:f7:74:1f:50:12:66:5e:36:7c:a5:b6:01:3e:78:f5:fa:
c4:f4:fc:38:27:ed:a5:02:86:47:8f:59:56:a9:2a:ec:26:c7:
e1:c2:90:25:eb:5a:d0:8c:ea:df:7b:fd:6c:4a:42:fe:de:d8:
c5:d4:39:16:f7:d7:2d:30:1d:c2:0f:e0:e4:66:97:b9:16:f8:
c5:cf:dc:74:ed:5c:d6:67:27:3c:cc:66:8e:1d:e9:21:dd:d6:
84:50:a2:5c
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZyaG7yjjgfT6L73g0HsPNk2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3
NDIxYTYwHhcNMjYwMjI2MTMyMDM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWYwNDk2NzA3MjdlZDU1M2Y5YTg0Y2ViYzk3NWJlYWM3MTE0Y2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtu5u+xGF8aqJ+a3VD6+7WGShcJKL
e6LtzuBuS5BiXbsoQ0AYDbS8+vveYSd/QHlIkAqi02HtM+ttlLvCikCVpnCGKFQL
L2aJm7C+fTzk/69f4GoAu8OC94pA1RftPmfJBKT4LuZswyF7kmkozlnL1EFZw8e6
M+6c3YtpolK+Iade2yOw+WQucJCP14xjWmurwR3548omrPVMiVGa19mHkXQqwsQt
fE1Sr5XZELUdHhue71VCjzLPYuceWKdhkzk57VNz/5vEUyGNwMTzDg6ZpXNKWaNa
FIGHdYk/DVYSpz9L7i2FOVF/JUeItLKOYTliMP0N7s5DF7z20e5UMM6aUwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFF7wSWcHJ+1VP5qEzryXW+rHEUygMB8GA1UdIwQY
MBaAFA/r+/1vk3xa454+OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGIt
N2Q3MDM3NGQ3NmQyLzEvWHZCSlp3Y243VlVfbW9UT3ZKZGI2c2NSVEtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQy
LzEvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAlja8AME
AFvAUAMEAF29OgMEAF29PwMEAV9RRgMEAF9RagMEAF9RbwMEALmDQAMEALmDQwME
ALn2mgMEAsPT3AMEAdVvhAMEAdW3IAMEANW3KQMEANW3LQMEANW3MAMEANW3NQME
ANW3OjANBgkqhkiG9w0BAQsFAAOCAQEAQ0KItMMF85/TZBzy6BumB1YfuhF/LZVh
oHWK9wWC33lXaGkwTKu1Xfszt30xkS3Sk92XrXSB/EfChcSpKMWb2R1CmXDKQxa0
KjSBG6SpOHaoJ5JWDe27Dy7xI4N3jOi9Prv40XxgCCbb+BBhK5csY4SKRqN2Ac2E
TwegQAR5YKb65FFThf+CZ5XK312UXQDaMZPFoIFrSjXLPCd0Hs0VZ9ZLbiL3dB9Q
EmZeNnyltgE+ePX6xPT8OCftpQKGR49ZVqkq7CbH4cKQJeta0Izq33v9bEpC/t7Y
xdQ5FvfXLTAdwg/g5GaXuRb4xc/cdO1c1mcnPMxmjh3pId3WhFCiXA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:42:41 2026 by rpki-client