Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XxjpUl8BL7JiBH6fsU1KymBJJVg.roa
File: XxjpUl8BL7JiBH6fsU1KymBJJVg.roa (raw, json)
Hash identifier: uhbcRmaXPR/SutCX0iGONBuxanLwEOqy/t71sT/koXE=
Subject key identifier: 5F:18:E9:52:5F:01:2F:B2:62:04:7E:9F:B1:4D:4A:CA:60:49:25:58
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019D67B5E9BEAD4BF88FDCF817B8051E8C88
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XxjpUl8BL7JiBH6fsU1KymBJJVg.roa
Signing time: Tue 07 Apr 2026 11:31:08 +0000
ROA not before: Tue 07 Apr 2026 11:31:08 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 61317
IP address blocks: 185.206.248.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.36.0/23 maxlen: 24
185.210.152.0/24 maxlen: 24
185.210.153.0/24 maxlen: 24
185.210.155.0/24 maxlen: 24
185.218.102.0/24 maxlen: 24
185.223.76.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.227.145.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.238.228.0/22 maxlen: 24
185.240.120.0/23 maxlen: 24
185.251.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Apr 2026 15:15:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:67:b5:e9:be:ad:4b:f8:8f:dc:f8:17:b8:05:1e:8c:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 7 11:31:08 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5f18e9525f012fb262047e9fb14d4aca60492558
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ed:0f:17:b7:69:38:2a:7f:a6:88:f0:7b:63:
a1:bc:6e:1b:ec:ea:6c:ac:96:05:52:1c:d5:66:d2:
98:0e:a7:d5:da:33:ec:67:c6:56:2e:cd:f5:66:f7:
c8:11:e6:5d:2f:1b:52:76:76:73:95:be:da:d9:30:
e8:05:21:c8:0d:32:b1:62:99:ba:38:51:73:dd:ce:
28:cf:ba:6f:79:9a:d1:4b:f9:a1:af:32:00:4e:c9:
1a:83:db:86:f8:60:47:de:dc:e1:1b:53:9c:65:f0:
12:68:f7:29:6d:1f:38:1a:d6:81:a5:94:21:a6:e9:
4f:68:d9:50:9c:10:60:08:32:c8:be:67:58:e7:7d:
98:c5:2e:8a:03:33:8c:80:40:87:cc:ab:fd:6c:7e:
9f:58:fc:b1:f5:44:e3:8a:0f:c5:4d:47:3d:8a:11:
27:7e:9e:ad:16:05:9d:25:73:89:43:24:af:6e:04:
97:50:75:d4:d6:b5:1b:a2:87:cf:22:95:8a:5b:85:
34:33:a1:48:07:f9:c8:53:fa:bd:e4:45:a4:50:a1:
bd:8c:e9:43:34:8c:66:85:ad:d6:1a:d3:f9:9e:71:
7e:40:8f:4c:15:12:ac:92:54:05:aa:68:b7:19:35:
a5:6b:9e:db:02:b0:ae:9d:5d:5c:ef:ec:43:da:fc:
3e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:18:E9:52:5F:01:2F:B2:62:04:7E:9F:B1:4D:4A:CA:60:49:25:58
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XxjpUl8BL7JiBH6fsU1KymBJJVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.248.0/24
185.206.251.0/24
185.209.36.0/23
185.210.152.0/23
185.210.155.0/24
185.218.102.0/24
185.223.76.0/24
185.225.2.0/24
185.227.145.0/24
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:6d:47:b9:e0:b2:13:f2:d8:a5:ad:8f:0b:af:19:7e:ba:89:
77:f5:5f:df:97:c3:ba:1c:a4:c1:e1:3e:79:45:77:d8:a0:4e:
2b:4a:b5:18:a0:64:8e:67:18:e1:bf:73:c3:34:d3:5a:95:79:
57:14:20:be:57:41:b0:5a:7c:09:7f:5e:5a:4f:85:b7:c3:54:
38:51:db:53:f5:c7:c8:60:1e:1b:e1:97:60:83:d2:5e:fc:63:
bd:51:0e:2a:8f:be:20:35:5d:47:14:84:64:bc:07:1c:b7:0d:
c7:6d:d9:06:3c:6e:ca:ee:7f:a1:89:11:8c:e0:24:65:df:bb:
2f:58:a2:ad:26:05:f1:0c:a5:95:96:2f:5d:c6:43:c0:ca:84:
d0:bc:74:fd:b3:de:d1:6d:8f:82:35:c7:5a:12:eb:39:f7:c7:
cd:97:ab:7b:f1:c3:6a:56:24:6b:6e:3b:a2:be:f8:ed:ec:49:
be:61:34:96:f3:60:c6:d9:62:61:71:c3:ad:3a:16:68:bd:e6:
d4:31:4b:30:a0:04:1b:09:3b:9c:16:92:20:0b:81:2e:d8:79:
58:d4:1d:8f:70:0c:4b:e2:90:fe:f3:21:11:6e:2f:26:73:1b:
19:6b:81:f6:9e:2e:31:36:01:5a:c4:98:4b:73:fe:e0:0c:72:
13:fb:56:6e
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZ1ntem+rUv4j9z4F7gFHoyIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwNDA3MTEzMTA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjE4ZTk1MjVmMDEyZmIyNjIwNDdlOWZiMTRkNGFjYTYwNDkyNTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAru0PF7dpOCp/pojwe2OhvG4b7Ops
rJYFUhzVZtKYDqfV2jPsZ8ZWLs31ZvfIEeZdLxtSdnZzlb7a2TDoBSHIDTKxYpm6
OFFz3c4oz7pveZrRS/mhrzIATskag9uG+GBH3tzhG1OcZfASaPcpbR84GtaBpZQh
pulPaNlQnBBgCDLIvmdY532YxS6KAzOMgECHzKv9bH6fWPyx9UTjig/FTUc9ihEn
fp6tFgWdJXOJQySvbgSXUHXU1rUboofPIpWKW4U0M6FIB/nIU/q95EWkUKG9jOlD
NIxmha3WGtP5nnF+QI9MFRKsklQFqmi3GTWla57bArCunV1c7+xD2vw+bQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFF8Y6VJfAS+yYgR+n7FNSspgSSVYMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvWHhqcFVsOEJMN0ppQkg2ZnNVMUt5bUJKSlZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAuc74AwQA
uc77AwQBudEkAwQBudKYAwQAudKbAwQAudpmAwQAud9MAwQAueECAwQAueORAwQC
ueoUAwQCue7kAwQBufB4AwQAufvnMA0GCSqGSIb3DQEBCwUAA4IBAQAubUe54LIT
8tilrY8Lrxl+uol39V/fl8O6HKTB4T55RXfYoE4rSrUYoGSOZxjhv3PDNNNalXlX
FCC+V0GwWnwJf15aT4W3w1Q4UdtT9cfIYB4b4Zdgg9Je/GO9UQ4qj74gNV1HFIRk
vAcctw3HbdkGPG7K7n+hiRGM4CRl37svWKKtJgXxDKWVli9dxkPAyoTQvHT9s97R
bY+CNcdaEus598fNl6t78cNqViRrbjuivvjt7Em+YTSW82DG2WJhccOtOhZovebU
MUswoAQbCTucFpIgC4Eu2HlY1B2PcAxL4pD+8yERbi8mcxsZa4H2ni4xNgFaxJhL
c/7gDHIT+1Zu
-----END CERTIFICATE-----
Generated at Wed Apr 8 23:05:28 2026 by rpki-client