Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Xwk_gXBdw7pgiakT0Vvm9QjSx48.roa
File: Xwk_gXBdw7pgiakT0Vvm9QjSx48.roa (raw, json)
Hash identifier: gUPUEvQcEtkZ+sgDfTJL8l1z8aAQCpASipPL/Ybnpio=
Subject key identifier: 5F:09:3F:81:70:5D:C3:BA:60:89:A9:13:D1:5B:E6:F5:08:D2:C7:8F
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 019E403B1EE344CED10BD018E8EAA5B590E3
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Xwk_gXBdw7pgiakT0Vvm9QjSx48.roa
Signing time: Tue 19 May 2026 12:34:36 +0000
ROA not before: Tue 19 May 2026 12:34:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208258
IP address blocks: 45.141.204.0/23 maxlen: 24
45.144.244.0/23 maxlen: 24
45.144.246.0/24 maxlen: 24
45.151.156.0/23 maxlen: 24
45.151.156.0/24 maxlen: 24
45.151.158.0/24 maxlen: 24
45.151.159.0/24 maxlen: 24
45.154.238.0/24 maxlen: 24
45.154.239.0/24 maxlen: 24
45.159.192.0/23 maxlen: 23
45.159.194.0/24 maxlen: 24
109.206.248.0/22 maxlen: 22
185.208.208.0/24 maxlen: 24
185.208.210.0/24 maxlen: 24
185.227.82.0/24 maxlen: 24
185.228.80.0/24 maxlen: 24
185.228.83.0/24 maxlen: 24
185.243.112.0/24 maxlen: 24
185.243.113.0/24 maxlen: 24
194.146.48.0/24 maxlen: 24
195.26.6.0/24 maxlen: 24
195.26.7.0/24 maxlen: 24
195.88.226.0/23 maxlen: 23
213.185.86.0/23 maxlen: 23
213.185.88.0/22 maxlen: 22
2a0b:3c40:1::/48 maxlen: 48
2a0b:3c40:7::/48 maxlen: 48
2a0b:3c40:9::/48 maxlen: 48
2a0b:3c40:11::/48 maxlen: 48
2a0b:3c40:12::/48 maxlen: 48
2a0b:3c40:15::/48 maxlen: 48
2a0b:3c40:16::/48 maxlen: 48
2a0b:3c40:17::/48 maxlen: 48
2a0b:3c40:20::/48 maxlen: 48
2a0b:3c40:21::/48 maxlen: 48
2a0b:3c40:25::/48 maxlen: 48
2a0b:3c40:f1::/48 maxlen: 48
2a0b:3c40:fca6::/48 maxlen: 48
2a0e:5540::/48 maxlen: 48
2a0e:5540:10::/48 maxlen: 48
2a0e:5540:11::/48 maxlen: 48
2a0e:5540:12::/48 maxlen: 48
2a0e:5540:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:40:3b:1e:e3:44:ce:d1:0b:d0:18:e8:ea:a5:b5:90:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: May 19 12:34:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5f093f81705dc3ba6089a913d15be6f508d2c78f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:04:16:e1:cd:7f:1d:6f:9c:9c:94:ca:a1:47:
68:19:5d:a4:5d:65:74:c5:05:86:f1:54:d1:9a:e1:
d3:cb:77:9b:98:57:ea:e9:96:aa:85:f2:7a:dd:b1:
d7:7e:0c:72:22:c6:81:cc:76:ea:de:77:a3:36:37:
0e:a5:06:b4:df:f7:a7:67:a8:23:46:34:af:09:53:
0c:7d:05:77:81:1e:94:31:0c:fd:ac:3a:49:ed:8b:
0c:c0:18:49:46:3d:c6:49:f3:99:a1:2e:8a:d3:0a:
00:ce:df:73:0b:0e:47:1e:d6:2c:04:c6:eb:1e:58:
02:1a:d5:0d:8b:e1:e7:33:98:81:40:15:1b:82:95:
36:61:bc:5b:16:4a:e0:80:8b:3e:3d:d6:51:10:c9:
7d:42:77:18:88:d5:72:05:d7:1a:43:7f:5c:ec:df:
67:9d:fa:06:d9:5f:ab:0c:11:ae:22:ca:4f:32:2f:
e3:53:4e:f1:47:73:89:93:35:ec:09:c2:bd:30:8c:
c2:bb:d6:dd:97:dd:9e:89:d1:b2:aa:49:40:84:ae:
46:5e:32:55:df:b1:0b:54:a6:8e:a2:34:ef:fd:cf:
9e:d7:14:27:c1:84:6f:01:45:ec:7a:31:aa:fb:c6:
d7:d0:7e:67:b7:b9:55:d2:49:f1:3e:54:d0:80:0f:
3b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:09:3F:81:70:5D:C3:BA:60:89:A9:13:D1:5B:E6:F5:08:D2:C7:8F
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Xwk_gXBdw7pgiakT0Vvm9QjSx48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.204.0/23
45.144.244.0-45.144.246.255
45.151.156.0/22
45.154.238.0/23
45.159.192.0-45.159.194.255
109.206.248.0/22
185.208.208.0/24
185.208.210.0/24
185.227.82.0/24
185.228.80.0/24
185.228.83.0/24
185.243.112.0/23
194.146.48.0/24
195.26.6.0/23
195.88.226.0/23
213.185.86.0-213.185.91.255
IPv6:
2a0b:3c40:1::/48
2a0b:3c40:7::/48
2a0b:3c40:9::/48
2a0b:3c40:11::-2a0b:3c40:12:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:15::-2a0b:3c40:17:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:20::/47
2a0b:3c40:25::/48
2a0b:3c40:f1::/48
2a0b:3c40:fca6::/48
2a0e:5540::/48
2a0e:5540:10::-2a0e:5540:12:ffff:ffff:ffff:ffff:ffff
2a0e:5540:100::/48
Signature Algorithm: sha256WithRSAEncryption
a5:4c:fe:bc:46:9d:08:62:f0:4c:92:ac:27:64:d2:1f:55:12:
8c:31:19:4c:6c:60:07:b5:53:3f:31:6a:ef:88:f9:9d:19:91:
ca:1c:53:65:99:57:ef:07:a9:40:c8:22:51:de:31:c4:fd:b4:
d8:c3:7a:9a:53:c8:2a:da:24:a5:9f:df:06:ba:db:70:86:3e:
a0:ed:b3:48:1f:82:d7:c8:4e:41:29:ca:ea:22:80:28:31:94:
89:28:30:24:b1:d6:b9:ee:de:55:0a:21:af:4f:b8:07:25:2f:
8a:61:d9:5b:f7:fc:db:67:31:5f:33:79:6c:7f:5d:5f:43:1a:
ce:86:49:80:34:24:9c:2c:35:b8:7e:12:ab:c0:ff:a3:7f:2d:
66:c9:43:7f:74:c3:55:a2:12:70:c2:86:fd:ae:77:51:3c:8c:
d8:fc:ed:20:f3:99:17:b2:f8:32:4f:6a:cc:e2:3c:99:0d:63:
35:68:de:cb:2f:50:a3:98:ca:77:cd:3d:2e:90:2a:41:50:2a:
ea:fc:9d:77:15:76:ed:92:d8:aa:ad:2a:4b:95:d2:e5:b4:fd:
a3:77:a4:fc:4c:a0:89:bb:d3:16:d4:6e:9e:32:4f:dc:8c:5d:
42:da:3e:b3:b5:07:d4:7e:bd:2d:be:9c:18:23:9a:94:3f:e9:
f6:36:26:b3
-----BEGIN CERTIFICATE-----
MIIGDDCCBPSgAwIBAgISAZ5AOx7jRM7RC9AY6OqltZDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjYwNTE5MTIzNDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjA5M2Y4MTcwNWRjM2JhNjA4OWE5MTNkMTViZTZmNTA4ZDJjNzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAQW4c1/HW+cnJTKoUdoGV2kXWV0
xQWG8VTRmuHTy3ebmFfq6ZaqhfJ63bHXfgxyIsaBzHbq3nejNjcOpQa03/enZ6gj
RjSvCVMMfQV3gR6UMQz9rDpJ7YsMwBhJRj3GSfOZoS6K0woAzt9zCw5HHtYsBMbr
HlgCGtUNi+HnM5iBQBUbgpU2YbxbFkrggIs+PdZREMl9QncYiNVyBdcaQ39c7N9n
nfoG2V+rDBGuIspPMi/jU07xR3OJkzXsCcK9MIzCu9bdl92eidGyqklAhK5GXjJV
37ELVKaOojTv/c+e1xQnwYRvAUXsejGq+8bX0H5nt7lV0knxPlTQgA87yQIDAQAB
o4IDGDCCAxQwHQYDVR0OBBYEFF8JP4FwXcO6YImpE9Fb5vUI0sePMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvWHdrX2dYQmR3N3BnaWFrVDBWdm05UWpTeDQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLAYIKwYBBQUHAQcBAf8EggEbMIIBFzB+BAIAATB4AwQB
LY3MMAwDBAItkPQDBAAtkPYDBAItl5wDBAEtmu4wDAMEBi2fwAMEAC2fwgMEAm3O
+AMEALnQ0AMEALnQ0gMEALnjUgMEALnkUAMEALnkUwMEAbnzcAMEAMKSMAMEAcMa
BgMEAcNY4jAMAwQB1blWAwQC1blYMIGUBAIAAjCBjQMHACoLPEAAAQMHACoLPEAA
BwMHACoLPEAACTASAwcAKgs8QAARAwcAKgs8QAASMBIDBwAqCzxAABUDBwMqCzxA
ABADBwEqCzxAACADBwAqCzxAACUDBwAqCzxAAPEDBwAqCzxA/KYDBwAqDlVAAAAw
EgMHBCoOVUAAEAMHACoOVUAAEgMHACoOVUABADANBgkqhkiG9w0BAQsFAAOCAQEA
pUz+vEadCGLwTJKsJ2TSH1USjDEZTGxgB7VTPzFq74j5nRmRyhxTZZlX7wepQMgi
Ud4xxP202MN6mlPIKtokpZ/fBrrbcIY+oO2zSB+C18hOQSnK6iKAKDGUiSgwJLHW
ue7eVQohr0+4ByUvimHZW/f822cxXzN5bH9dX0MazoZJgDQknCw1uH4Sq8D/o38t
ZslDf3TDVaIScMKG/a53UTyM2PztIPOZF7L4Mk9qzOI8mQ1jNWjeyy9Qo5jKd809
LpAqQVAq6vyddxV27ZLYqq0qS5XS5bT9o3ek/EygibvTFtRunjJP3IxdQto+s7UH
1H69Lb6cGCOalD/p9jYmsw==
-----END CERTIFICATE-----
Generated at Sat Jun 6 08:03:47 2026 by rpki-client