Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/1nxz0cuRh1bbWRBwHeUoK8qV7Ag.roa
File: 1nxz0cuRh1bbWRBwHeUoK8qV7Ag.roa (raw, json)
Hash identifier: cJl0uLNxWIFkCwsrXzEZ1fzjYpWCkwS20YmjvsnXOuI=
Subject key identifier: D6:7C:73:D1:CB:91:87:56:DB:59:10:70:1D:E5:28:2B:CA:95:EC:08
Certificate issuer: /CN=c61953c08980adc94f2fa3a3c1ba95c40d21e7d3
Certificate serial: 019E96CC5B8A0ED5AED497BEA27A115ED15A
Authority key identifier: C6:19:53:C0:89:80:AD:C9:4F:2F:A3:A3:C1:BA:95:C4:0D:21:E7:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/1nxz0cuRh1bbWRBwHeUoK8qV7Ag.roa
Signing time: Fri 05 Jun 2026 08:00:35 +0000
ROA not before: Fri 05 Jun 2026 08:00:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 1820
IP address blocks: 31.172.136.0/21 maxlen: 32
31.223.224.0/21 maxlen: 32
80.92.224.0/20 maxlen: 32
82.117.244.0/24 maxlen: 32
85.90.211.0/24 maxlen: 32
85.90.223.0/24 maxlen: 32
91.226.1.0/24 maxlen: 32
91.231.127.0/24 maxlen: 32
92.60.176.0/20 maxlen: 32
92.119.220.0/22 maxlen: 32
128.0.168.0/21 maxlen: 32
185.16.228.0/22 maxlen: 32
185.38.208.0/23 maxlen: 32
185.39.196.0/22 maxlen: 32
185.45.244.0/22 maxlen: 32
185.45.244.0/24 maxlen: 32
185.45.247.0/24 maxlen: 32
185.170.192.0/22 maxlen: 32
193.16.47.0/24 maxlen: 32
193.104.182.0/24 maxlen: 32
193.111.0.0/23 maxlen: 32
193.111.48.0/22 maxlen: 32
193.239.216.0/24 maxlen: 32
195.66.93.0/24 maxlen: 32
195.177.72.0/22 maxlen: 32
212.110.129.0/24 maxlen: 32
212.110.130.0/23 maxlen: 32
212.110.134.0/23 maxlen: 32
212.110.136.0/22 maxlen: 32
212.110.140.0/23 maxlen: 32
212.110.142.0/23 maxlen: 32
212.110.152.0/23 maxlen: 32
217.20.160.0/19 maxlen: 32
217.20.160.0/20 maxlen: 32
217.20.176.0/20 maxlen: 32
2a01:6b0::/32 maxlen: 128
2a13:8800::/29 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/xhlTwImArclPL6OjwbqVxA0h59M.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/xhlTwImArclPL6OjwbqVxA0h59M.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 05:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:96:cc:5b:8a:0e:d5:ae:d4:97:be:a2:7a:11:5e:d1:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c61953c08980adc94f2fa3a3c1ba95c40d21e7d3
Validity
Not Before: Jun 5 08:00:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d67c73d1cb918756db5910701de5282bca95ec08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:76:7c:70:e1:6b:c4:7d:2d:9e:7a:5f:8d:67:
33:b5:47:a8:bb:c5:41:8b:ec:55:3b:eb:ed:26:67:
17:1d:6d:e1:ef:0c:04:98:4b:91:b3:9f:b2:e3:5d:
60:a2:a6:3c:4e:cc:78:3e:a2:77:9b:9e:90:9d:c1:
78:84:9e:48:3d:4b:8b:e9:ef:db:d0:9d:5f:4a:a1:
04:72:32:6b:aa:4f:6d:a0:75:11:24:6d:86:fd:cc:
2a:8d:41:5b:bc:67:9f:4a:20:48:b5:40:ce:bb:13:
46:f6:bb:b7:ef:b9:b9:70:4b:8e:16:2c:db:93:65:
5b:2b:f0:4c:93:b5:f6:1c:44:7c:c5:ba:5d:88:7c:
c5:55:13:bc:29:a9:3a:ea:b1:f6:af:02:cc:1b:05:
c3:2e:6f:e2:61:bb:1f:eb:e5:fa:75:74:90:4e:b1:
b2:cd:b9:0b:bd:0e:e2:05:34:cb:a6:b3:b0:8f:5c:
81:9a:0c:9f:0d:e2:8d:67:89:db:ea:c1:1a:4f:5c:
4b:e4:1f:3e:3d:ab:5a:63:11:65:a7:61:20:4a:94:
9d:2e:63:1e:14:b6:25:ba:e4:96:31:7b:27:7b:ae:
2c:df:b9:1a:17:87:14:07:5c:ec:c9:65:d9:32:37:
89:a5:ee:71:6f:17:52:4e:7f:95:e3:c3:34:c8:ed:
8f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:7C:73:D1:CB:91:87:56:DB:59:10:70:1D:E5:28:2B:CA:95:EC:08
X509v3 Authority Key Identifier:
keyid:C6:19:53:C0:89:80:AD:C9:4F:2F:A3:A3:C1:BA:95:C4:0D:21:E7:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/1nxz0cuRh1bbWRBwHeUoK8qV7Ag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/xhlTwImArclPL6OjwbqVxA0h59M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.136.0/21
31.223.224.0/21
80.92.224.0/20
82.117.244.0/24
85.90.211.0/24
85.90.223.0/24
91.226.1.0/24
91.231.127.0/24
92.60.176.0/20
92.119.220.0/22
128.0.168.0/21
185.16.228.0/22
185.38.208.0/23
185.39.196.0/22
185.45.244.0/22
185.170.192.0/22
193.16.47.0/24
193.104.182.0/24
193.111.0.0/23
193.111.48.0/22
193.239.216.0/24
195.66.93.0/24
195.177.72.0/22
212.110.129.0-212.110.131.255
212.110.134.0-212.110.143.255
212.110.152.0/23
217.20.160.0/19
IPv6:
2a01:6b0::/32
2a13:8800::/29
Signature Algorithm: sha256WithRSAEncryption
3d:81:74:07:56:88:19:f6:51:cb:5b:34:3c:9f:dd:4b:98:d4:
96:f2:89:c9:8f:7d:68:f2:97:93:cc:61:a9:b3:fe:4a:be:4b:
cf:ed:4a:00:1d:2d:ec:21:80:34:8d:c8:3a:a8:f2:0a:38:0d:
10:e5:8d:91:09:ed:fc:bd:99:1f:1d:54:ff:df:fa:db:95:eb:
42:a5:da:a3:3b:b5:b3:8c:0a:8f:29:43:5f:6c:30:17:30:2d:
ad:31:b9:e5:36:a7:22:b3:26:c7:11:8b:03:7e:cb:ce:0c:3a:
d8:2f:ef:54:0b:c4:52:91:a8:c2:da:c5:2b:0c:99:59:fd:30:
70:ee:78:5d:56:ac:07:ff:b1:49:c7:a0:f3:8f:c5:d4:c5:cd:
f8:4c:d6:3c:c8:ef:a0:9a:53:dd:ca:ff:6b:9d:4a:88:91:fc:
a8:1e:22:91:67:07:8b:50:77:c0:73:05:9d:e8:f5:8b:8c:2b:
ac:21:7d:e2:50:c3:11:7c:ec:e3:8d:83:ef:d3:be:5b:9f:fd:
0a:85:54:f7:d8:fc:bd:c6:c7:39:53:d5:33:3f:e3:6f:26:15:
69:16:aa:1c:1c:0e:9c:3c:51:e9:73:d8:29:ad:6c:c1:1a:62:
39:53:7e:af:52:d4:6a:10:ac:27:f8:79:1d:c3:6d:ff:28:5e:
c2:3b:f0:02
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAZ6WzFuKDtWu1Je+onoRXtFaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTk1M2MwODk4MGFkYzk0ZjJmYTNhM2MxYmE5NWM0MGQy
MWU3ZDMwHhcNMjYwNjA1MDgwMDM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjdjNzNkMWNiOTE4NzU2ZGI1OTEwNzAxZGU1MjgyYmNhOTVlYzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHZ8cOFrxH0tnnpfjWcztUeou8VB
i+xVO+vtJmcXHW3h7wwEmEuRs5+y411goqY8Tsx4PqJ3m56QncF4hJ5IPUuL6e/b
0J1fSqEEcjJrqk9toHURJG2G/cwqjUFbvGefSiBItUDOuxNG9ru377m5cEuOFizb
k2VbK/BMk7X2HER8xbpdiHzFVRO8Kak66rH2rwLMGwXDLm/iYbsf6+X6dXSQTrGy
zbkLvQ7iBTTLprOwj1yBmgyfDeKNZ4nb6sEaT1xL5B8+PataYxFlp2EgSpSdLmMe
FLYluuSWMXsne64s37kaF4cUB1zsyWXZMjeJpe5xbxdSTn+V48M0yO2PuwIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFNZ8c9HLkYdW21kQcB3lKCvKlewIMB8GA1UdIwQY
MBaAFMYZU8CJgK3JTy+jo8G6lcQNIefTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhsVHdJbUFyY2xQTDZPandicVZ4QTBoNTlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lMDEyODUtNjYwZC00Y2QyLWFkMWYt
NjI1MjQ1YTAwYWJmLzEvMW54ejBjdVJoMWJiV1JCd0hlVW9LOHFWN0FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lMDEyODUtNjYwZC00Y2QyLWFkMWYtNjI1MjQ1YTAwYWJm
LzEveGhsVHdJbUFyY2xQTDZPandicVZ4QTBoNTlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBuQQCAAEwgbIDBAMf
rIgDBAMf3+ADBARQXOADBABSdfQDBABVWtMDBABVWt8DBABb4gEDBABb538DBARc
PLADBAJcd9wDBAOAAKgDBAK5EOQDBAG5JtADBAK5J8QDBAK5LfQDBAK5qsADBADB
EC8DBADBaLYDBAHBbwADBALBbzADBADB79gDBADDQl0DBALDsUgwDAMEANRugQME
AtRugDAMAwQB1G6GAwQE1G6AAwQB1G6YAwQF2RSgMBQEAgACMA4DBQAqAQawAwUD
KhOIADANBgkqhkiG9w0BAQsFAAOCAQEAPYF0B1aIGfZRy1s0PJ/dS5jUlvKJyY99
aPKXk8xhqbP+Sr5Lz+1KAB0t7CGANI3IOqjyCjgNEOWNkQnt/L2ZHx1U/9/625Xr
QqXaozu1s4wKjylDX2wwFzAtrTG55TanIrMmxxGLA37Lzgw62C/vVAvEUpGowtrF
KwyZWf0wcO54XVasB/+xSceg84/F1MXN+EzWPMjvoJpT3cr/a51KiJH8qB4ikWcH
i1B3wHMFnej1i4wrrCF94lDDEXzs442D79O+W5/9CoVU99j8vcbHOVPVMz/jbyYV
aRaqHBwOnDxR6XPYKa1swRpiOVN+r1LUahCsJ/h5HcNt/yhewjvwAg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:53:31 2026 by rpki-client