Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xNXfQtvFaW5Xuw_LQE6PZ-JaRro.roa
File: xNXfQtvFaW5Xuw_LQE6PZ-JaRro.roa (raw, json)
Hash identifier: fBAj0DoR5CBnYeqlxR014xGsvVdZoWG/sxGb4TqT+i4=
Subject key identifier: C4:D5:DF:42:DB:C5:69:6E:57:BB:0F:CB:40:4E:8F:67:E2:5A:46:BA
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019D6B5EB2C93A90922BAD1CE953482DC404
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xNXfQtvFaW5Xuw_LQE6PZ-JaRro.roa
Signing time: Wed 08 Apr 2026 04:34:21 +0000
ROA not before: Wed 08 Apr 2026 04:34:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
85.217.130.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.120.191.0/24 maxlen: 24
87.121.60.0/23 maxlen: 23
92.119.199.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
94.103.127.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
185.218.84.0/22 maxlen: 24
185.222.160.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Apr 2026 15:15:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6b:5e:b2:c9:3a:90:92:2b:ad:1c:e9:53:48:2d:c4:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 8 04:34:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c4d5df42dbc5696e57bb0fcb404e8f67e25a46ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4c:37:c8:3a:00:33:33:b3:1e:12:1c:59:b4:
44:27:13:6a:5b:ec:62:b0:2f:a9:eb:53:09:96:1a:
96:1f:0c:68:bf:55:42:21:c9:36:8b:df:5a:38:f3:
f6:ed:e8:b8:b9:91:74:a5:1d:d7:bd:05:32:3e:ae:
dd:92:1e:1e:ea:a6:98:14:c2:ee:f6:b4:af:cc:7f:
f2:eb:d7:fd:33:6a:e3:13:83:fb:a9:25:eb:26:f7:
23:91:71:eb:2c:79:40:95:7b:6e:6f:ef:c9:68:e3:
9d:c3:3d:a6:a6:27:1e:3b:ad:7f:b0:dc:23:5a:c7:
39:4c:41:cb:83:a7:7c:63:05:68:74:d8:6f:97:dc:
22:44:f7:94:5f:08:29:87:e2:c4:27:8d:63:80:c7:
ef:b4:9a:5b:4f:45:50:bc:a4:4a:1c:51:2e:ed:e9:
d8:8c:1e:b6:f1:9a:9a:30:7b:ca:ee:84:73:da:f2:
95:ad:a9:54:0b:8e:f2:55:c5:00:28:2b:9d:6a:68:
48:88:b1:bf:9e:20:e3:74:15:a2:54:7b:95:cb:91:
6b:aa:6e:1b:b9:1c:a3:7d:9a:cd:ec:17:e1:2d:3f:
99:d4:75:2c:23:14:6b:fc:68:79:bc:a2:28:0c:50:
05:aa:f7:35:83:bb:d6:d0:be:5e:b6:9f:bd:98:8c:
11:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:D5:DF:42:DB:C5:69:6E:57:BB:0F:CB:40:4E:8F:67:E2:5A:46:BA
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xNXfQtvFaW5Xuw_LQE6PZ-JaRro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.228.0/24
45.66.231.0/24
45.89.247.0/24
45.141.158.0/24
81.161.238.0/24
83.143.113.0/24
84.54.51.0/24
85.31.47.0/24
85.217.130.0/23
87.120.87.0/24
87.120.126.0/24
87.120.166.0/24
87.120.191.0/24
87.121.60.0/23
92.119.199.0/24
92.249.50.0/24
93.123.109.0/24
94.103.127.0/24
147.78.101.0/24
185.218.84.0/22
185.222.160.0/24
193.25.216.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
92:67:b6:0d:ca:db:f2:5a:5b:d1:fe:7c:07:4d:1b:26:d8:08:
d6:ff:cc:90:24:9c:88:f5:df:31:59:29:10:80:e7:5e:ab:0d:
e4:e9:53:dd:b8:58:d8:a6:38:e9:63:9f:cf:92:ae:69:fa:ed:
86:f9:31:34:f4:06:b5:30:0a:af:35:a8:7c:d4:17:36:e7:ad:
97:39:40:4d:7f:5e:03:a3:cb:99:86:34:15:f5:eb:8e:2a:67:
d8:39:96:23:cd:b7:3e:a6:cd:6a:e8:74:ce:10:29:d8:7a:00:
de:e2:53:69:17:69:53:80:8c:7e:37:ae:42:93:58:c4:cf:dc:
73:f8:71:2e:75:8b:2e:3d:27:e2:b6:a6:90:de:73:ab:5a:d0:
a4:f7:52:21:db:91:a7:3d:5e:27:a9:e9:b1:98:55:93:21:60:
10:d8:cb:db:22:64:13:c7:a7:3b:76:32:54:8e:74:1f:07:ab:
49:28:cf:a2:a7:26:25:d5:6e:99:b1:55:73:95:a8:85:d1:44:
12:7c:eb:f1:f6:16:06:7d:44:50:cd:de:1c:f0:f0:0c:c4:2e:
88:7e:be:67:a3:87:19:1c:01:0f:42:03:0b:1d:0d:c6:e6:fc:
ac:63:8d:96:f3:92:e0:9b:a9:4f:58:0f:c2:f2:54:09:48:88:
f9:ae:d6:03
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZ1rXrLJOpCSK60c6VNILcQEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNDA4MDQzNDIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGQ1ZGY0MmRiYzU2OTZlNTdiYjBmY2I0MDRlOGY2N2UyNWE0NmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUw3yDoAMzOzHhIcWbREJxNqW+xi
sC+p61MJlhqWHwxov1VCIck2i99aOPP27ei4uZF0pR3XvQUyPq7dkh4e6qaYFMLu
9rSvzH/y69f9M2rjE4P7qSXrJvcjkXHrLHlAlXtub+/JaOOdwz2mpiceO61/sNwj
Wsc5TEHLg6d8YwVodNhvl9wiRPeUXwgph+LEJ41jgMfvtJpbT0VQvKRKHFEu7enY
jB628ZqaMHvK7oRz2vKVralUC47yVcUAKCudamhIiLG/niDjdBWiVHuVy5Frqm4b
uRyjfZrN7BfhLT+Z1HUsIxRr/Gh5vKIoDFAFqvc1g7vW0L5etp+9mIwRKQIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFMTV30LbxWluV7sPy0BOj2fiWka6MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveE5YZlF0dkZhVzVYdXdfTFFFNlBaLUphUnJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAAt
QuQDBAAtQucDBAAtWfcDBAAtjZ4DBABRoe4DBABTj3EDBABUNjMDBABVHy8DBAFV
2YIDBABXeFcDBABXeH4DBABXeKYDBABXeL8DBAFXeTwDBABcd8cDBABc+TIDBABd
e20DBABeZ38DBACTTmUDBAK52lQDBAC53qADBADBGdgDBADCN7oDBADCqa8wDQYJ
KoZIhvcNAQELBQADggEBAJJntg3K2/JaW9H+fAdNGybYCNb/zJAknIj13zFZKRCA
516rDeTpU924WNimOOljn8+Srmn67Yb5MTT0BrUwCq81qHzUFzbnrZc5QE1/XgOj
y5mGNBX1644qZ9g5liPNtz6mzWrodM4QKdh6AN7iU2kXaVOAjH43rkKTWMTP3HP4
cS51iy49J+K2ppDec6ta0KT3UiHbkac9Xiep6bGYVZMhYBDYy9siZBPHpzt2MlSO
dB8Hq0koz6KnJiXVbpmxVXOVqIXRRBJ86/H2FgZ9RFDN3hzw8AzELoh+vmejhxkc
AQ9CAwsdDcbm/KxjjZbzkuCbqU9YD8LyVAlIiPmu1gM=
-----END CERTIFICATE-----
Generated at Wed Apr 8 23:14:23 2026 by rpki-client