Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/XU-ZGXems9JVAePj0VOyyhJiJ3I.roa
File: XU-ZGXems9JVAePj0VOyyhJiJ3I.roa (raw, json)
Hash identifier: dKYRP4jNV2pPtRpR5axIAuwELcT0t/UdI5isl8tzy6Q=
Subject key identifier: 5D:4F:99:19:77:A6:B3:D2:55:01:E3:E3:D1:53:B2:CA:12:62:27:72
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019E6958CD6EF1003EEE895F87AE28054CB3
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/XU-ZGXems9JVAePj0VOyyhJiJ3I.roa
Signing time: Wed 27 May 2026 12:11:27 +0000
ROA not before: Wed 27 May 2026 12:11:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49581
IP address blocks: 5.83.153.0/24 maxlen: 24
5.231.26.0/24 maxlen: 24
5.231.242.0/24 maxlen: 24
89.106.71.0/24 maxlen: 24
94.249.230.0/24 maxlen: 24
2a02:2fc0:11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 05:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:69:58:cd:6e:f1:00:3e:ee:89:5f:87:ae:28:05:4c:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 27 12:11:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5d4f991977a6b3d25501e3e3d153b2ca12622772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:97:59:87:b8:55:41:cf:a0:f2:e9:f3:04:ac:
09:a2:b5:6a:e4:74:d2:3e:d0:0d:e4:43:c5:ef:a2:
f7:cc:25:0e:9f:ba:fe:05:b2:52:82:7a:7c:4d:80:
1e:50:d1:3c:51:de:8e:60:65:cc:65:0b:93:15:2f:
8d:52:46:82:0b:03:39:e8:1c:6e:0a:c2:51:14:c2:
03:08:bf:7f:2f:ea:25:d3:1c:eb:b0:9c:99:29:1c:
83:46:d5:d6:f0:28:ad:7d:fe:fe:96:2e:5f:29:a8:
5a:d7:43:49:67:55:7a:1b:ac:47:e7:26:8b:98:3a:
29:b2:be:20:9a:25:a4:71:ab:fe:3c:46:ce:b2:c1:
05:91:de:40:1d:3f:3c:fe:bf:86:26:79:ce:35:a1:
6c:7f:6a:a1:d1:63:80:2f:e5:22:d8:cf:7b:d9:2a:
55:54:28:f6:22:15:c3:34:d1:d5:41:b4:26:df:08:
d1:1b:95:1e:fa:5c:08:82:8e:a6:2f:e2:6c:b0:df:
98:42:13:1d:d7:51:bf:85:d8:5e:76:c9:c5:94:b5:
4b:18:08:b5:a0:a2:3c:73:fe:6b:56:8f:15:8f:88:
6a:72:51:b1:49:64:bc:d9:6c:d5:5f:0a:0e:2c:01:
4d:d9:06:13:b6:d4:3b:c3:87:37:96:17:56:1a:3c:
93:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:4F:99:19:77:A6:B3:D2:55:01:E3:E3:D1:53:B2:CA:12:62:27:72
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/XU-ZGXems9JVAePj0VOyyhJiJ3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.153.0/24
5.231.26.0/24
5.231.242.0/24
89.106.71.0/24
94.249.230.0/24
IPv6:
2a02:2fc0:11::/48
Signature Algorithm: sha256WithRSAEncryption
ae:74:8d:31:fa:40:35:fb:26:2c:37:e7:f0:b9:97:47:7d:31:
c5:ec:34:6d:ae:cb:a9:1f:99:68:b3:06:44:05:07:51:7f:e9:
5e:4a:55:aa:56:f7:9a:84:3f:8e:9f:51:7d:27:75:85:dd:43:
40:0b:6e:6f:3f:40:db:58:ad:01:30:c1:09:a7:92:38:a2:ae:
af:71:05:05:27:60:29:73:02:a4:f2:33:0a:a9:dd:18:11:50:
93:c5:ba:22:73:4e:77:5b:d0:4f:1f:4e:60:cb:b9:0f:07:6f:
13:88:3d:05:f6:d3:fc:af:a7:df:4f:1f:64:11:1f:5b:87:39:
0d:52:d2:7e:41:bc:0c:50:6b:80:23:98:7e:d7:11:c2:ad:51:
15:d2:31:9d:a9:33:b4:d8:28:2e:07:63:01:bc:9c:5a:fb:50:
d6:05:d8:ae:25:20:52:14:a0:a9:bb:37:c7:4d:2a:6e:e9:40:
2a:86:01:31:f9:5c:e2:e0:73:fd:8a:f1:5a:b7:8f:6d:ec:55:
94:f0:46:4e:50:a5:66:1d:00:19:1d:48:ad:3f:87:99:f2:d7:
0e:a6:bb:c3:ec:9b:55:9a:32:6e:a5:54:2f:bb:e2:fb:38:2c:
67:f0:a5:39:a1:92:dd:a0:e8:35:c8:5c:4b:18:c3:d6:41:e9:
9a:66:9e:dc
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZ5pWM1u8QA+7olfh64oBUyzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwNTI3MTIxMTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDRmOTkxOTc3YTZiM2QyNTUwMWUzZTNkMTUzYjJjYTEyNjIyNzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpdZh7hVQc+g8unzBKwJorVq5HTS
PtAN5EPF76L3zCUOn7r+BbJSgnp8TYAeUNE8Ud6OYGXMZQuTFS+NUkaCCwM56Bxu
CsJRFMIDCL9/L+ol0xzrsJyZKRyDRtXW8Citff7+li5fKaha10NJZ1V6G6xH5yaL
mDopsr4gmiWkcav+PEbOssEFkd5AHT88/r+GJnnONaFsf2qh0WOAL+Ui2M972SpV
VCj2IhXDNNHVQbQm3wjRG5Ue+lwIgo6mL+JssN+YQhMd11G/hdhedsnFlLVLGAi1
oKI8c/5rVo8Vj4hqclGxSWS82WzVXwoOLAFN2QYTttQ7w4c3lhdWGjyTqwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFF1PmRl3prPSVQHj49FTssoSYidyMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvWFUtWkdYZW1zOUpWQWVQajBWT3l5aEppSjNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQABVOZAwQA
BecaAwQABefyAwQAWWpHAwQAXvnmMA8EAgACMAkDBwAqAi/AABEwDQYJKoZIhvcN
AQELBQADggEBAK50jTH6QDX7Jiw35/C5l0d9McXsNG2uy6kfmWizBkQFB1F/6V5K
VapW95qEP46fUX0ndYXdQ0ALbm8/QNtYrQEwwQmnkjiirq9xBQUnYClzAqTyMwqp
3RgRUJPFuiJzTndb0E8fTmDLuQ8HbxOIPQX20/yvp99PH2QRH1uHOQ1S0n5BvAxQ
a4AjmH7XEcKtURXSMZ2pM7TYKC4HYwG8nFr7UNYF2K4lIFIUoKm7N8dNKm7pQCqG
ATH5XOLgc/2K8Vq3j23sVZTwRk5QpWYdABkdSK0/h5ny1w6mu8Psm1WaMm6lVC+7
4vs4LGfwpTmhkt2g6DXIXEsYw9ZB6Zpmntw=
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:59:11 2026 by rpki-client