Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/xxCdHGbqi9BUsWJXaMz_m1TrnuE.roa
File: xxCdHGbqi9BUsWJXaMz_m1TrnuE.roa (raw, json)
Hash identifier: L4jjc2kPv6vXdXBsXPS1uAcABPmSHbH3szWOqTwgc+w=
Subject key identifier: C7:10:9D:1C:66:EA:8B:D0:54:B1:62:57:68:CC:FF:9B:54:EB:9E:E1
Certificate issuer: /CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Certificate serial: 019E8D3B98065A7DA874DCC1DDACA75456D3
Authority key identifier: F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/xxCdHGbqi9BUsWJXaMz_m1TrnuE.roa
Signing time: Wed 03 Jun 2026 11:25:53 +0000
ROA not before: Wed 03 Jun 2026 11:25:53 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202468
IP address blocks: 95.38.112.0/21 maxlen: 23
95.38.160.0/21 maxlen: 21
95.38.160.0/23 maxlen: 23
95.38.162.0/23 maxlen: 23
95.38.164.0/23 maxlen: 23
95.38.166.0/23 maxlen: 23
95.38.176.0/20 maxlen: 20
95.38.176.0/23 maxlen: 23
95.38.178.0/23 maxlen: 23
95.38.180.0/23 maxlen: 23
95.38.182.0/23 maxlen: 23
95.38.184.0/23 maxlen: 23
95.38.186.0/23 maxlen: 23
95.38.188.0/23 maxlen: 23
95.38.190.0/23 maxlen: 23
95.38.232.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.mft
rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8d:3b:98:06:5a:7d:a8:74:dc:c1:dd:ac:a7:54:56:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Validity
Not Before: Jun 3 11:25:53 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c7109d1c66ea8bd054b1625768ccff9b54eb9ee1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:6a:19:f5:ea:ee:a5:8d:b8:f4:7e:31:59:16:
af:c8:0e:83:92:92:3f:1b:93:5f:7b:3b:7c:3b:4d:
a2:28:c8:1d:7a:f3:47:30:7b:d1:1d:9b:ff:9a:4b:
67:f3:11:33:23:c7:b4:29:a0:01:96:34:53:48:35:
45:54:8a:98:c6:cb:3a:05:4d:55:98:93:43:1e:fe:
fc:b3:71:32:47:d8:ab:5c:9d:d1:5f:1e:4f:ea:3f:
bc:72:a6:bd:99:ae:b7:f5:29:24:9c:2f:63:60:d5:
4a:5b:17:94:52:a5:87:23:00:4c:31:f8:78:4d:5c:
fe:25:ea:10:3c:f4:d2:0e:f3:fc:b9:cf:6f:be:8c:
3f:1f:26:00:fb:78:35:50:58:71:e0:20:39:e0:3f:
24:9a:3a:60:01:be:a6:b5:64:35:6c:d8:bd:8c:af:
8e:67:d1:45:57:9b:aa:eb:4b:8d:6d:66:18:a4:ab:
ed:6f:b2:9e:ee:d2:c4:6a:1f:68:66:47:4f:e9:ab:
c3:97:5e:08:93:3f:88:b3:2b:77:84:d4:c8:f8:8c:
bf:79:d9:94:5e:53:6b:78:72:37:f7:0a:f3:d8:a7:
39:84:25:05:1c:55:77:00:81:c1:49:05:a3:27:99:
d5:99:7d:30:e0:7b:09:70:2c:7e:84:ac:03:60:85:
46:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:10:9D:1C:66:EA:8B:D0:54:B1:62:57:68:CC:FF:9B:54:EB:9E:E1
X509v3 Authority Key Identifier:
keyid:F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/xxCdHGbqi9BUsWJXaMz_m1TrnuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.38.112.0/21
95.38.160.0/21
95.38.176.0/20
95.38.232.0/21
Signature Algorithm: sha256WithRSAEncryption
39:0c:a2:42:2c:c4:98:af:d5:51:15:f2:4b:58:4c:14:47:9d:
9f:e6:ee:17:b4:84:dd:d5:f0:7e:f8:75:38:88:ee:79:8f:c7:
8c:fc:a4:0f:ba:6d:9b:28:8b:50:02:42:ce:dd:01:b6:ea:fb:
ce:fb:3a:02:7e:9d:70:f6:8e:a7:98:1b:63:29:56:40:dc:f0:
27:ef:6b:1d:16:9b:90:61:49:5a:fa:aa:74:c7:b2:f6:14:d5:
15:bf:63:d6:3c:4e:e1:6c:ef:38:72:8b:4a:9c:8a:86:dd:97:
79:7d:59:35:d0:f7:2c:a0:45:a5:9f:84:6d:af:13:d4:95:2f:
b9:99:ba:16:42:18:7c:4f:1b:f0:fc:75:88:20:00:f1:c0:41:
c2:8c:0a:15:2b:22:76:95:5d:56:ee:9f:89:04:ca:f9:d6:b7:
79:64:40:a9:81:11:8d:05:43:5d:00:47:05:5d:f2:81:50:72:
50:fb:19:59:8b:a1:5b:16:cb:93:8d:a0:fd:b6:ae:8b:05:98:
db:b9:59:1b:50:8f:ea:be:20:f1:16:6c:39:9a:de:81:d6:c6:
c3:61:4f:50:fd:fe:6c:b3:df:e4:9c:68:33:00:15:be:75:59:
4f:2c:47:b8:fc:82:33:3f:b1:2c:ff:10:38:4f:52:e6:d2:9c:
15:d2:27:51
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ6NO5gGWn2odNzB3aynVFbTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzEwNDA0MTY5MWRjMzg0ZjNiMWE4Y2RmOTVjOTY2Mjhl
YTZkYWYwHhcNMjYwNjAzMTEyNTUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzEwOWQxYzY2ZWE4YmQwNTRiMTYyNTc2OGNjZmY5YjU0ZWI5ZWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8moZ9erupY249H4xWRavyA6DkpI/
G5Nfezt8O02iKMgdevNHMHvRHZv/mktn8xEzI8e0KaABljRTSDVFVIqYxss6BU1V
mJNDHv78s3EyR9irXJ3RXx5P6j+8cqa9ma639SkknC9jYNVKWxeUUqWHIwBMMfh4
TVz+JeoQPPTSDvP8uc9vvow/HyYA+3g1UFhx4CA54D8kmjpgAb6mtWQ1bNi9jK+O
Z9FFV5uq60uNbWYYpKvtb7Ke7tLEah9oZkdP6avDl14Ikz+Isyt3hNTI+Iy/edmU
XlNreHI39wrz2Kc5hCUFHFV3AIHBSQWjJ5nVmX0w4HsJcCx+hKwDYIVGmQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMcQnRxm6ovQVLFiV2jM/5tU657hMB8GA1UdIwQY
MBaAFPDBBAQWkdw4TzsajN+VyWYo6m2vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQt
NjkxNDIyMzExNzI5LzEveHhDZEhHYnFpOUJVc1dKWGFNel9tMVRybnVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQtNjkxNDIyMzExNzI5
LzEvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDXyZwAwQD
XyagAwQEXyawAwQDXyboMA0GCSqGSIb3DQEBCwUAA4IBAQA5DKJCLMSYr9VRFfJL
WEwUR52f5u4XtITd1fB++HU4iO55j8eM/KQPum2bKItQAkLO3QG26vvO+zoCfp1w
9o6nmBtjKVZA3PAn72sdFpuQYUla+qp0x7L2FNUVv2PWPE7hbO84cotKnIqG3Zd5
fVk10PcsoEWln4RtrxPUlS+5mboWQhh8Txvw/HWIIADxwEHCjAoVKyJ2lV1W7p+J
BMr51rd5ZECpgRGNBUNdAEcFXfKBUHJQ+xlZi6FbFsuTjaD9tq6LBZjbuVkbUI/q
viDxFmw5mt6B1sbDYU9Q/f5ss9/knGgzABW+dVlPLEe4/IIzP7Es/xA4T1Lm0pwV
0idR
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:54:06 2026 by rpki-client