Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/XPqNLDSioTBbUphggaW_qiKHxQM.roa
File: XPqNLDSioTBbUphggaW_qiKHxQM.roa (raw, json)
Hash identifier: u77od1+BFXbLHFmFQ0ohdLmIQae78vCNTKOMpKBDO4A=
Subject key identifier: 5C:FA:8D:2C:34:A2:A1:30:5B:52:98:60:81:A5:BF:AA:22:87:C5:03
Certificate issuer: /CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Certificate serial: 019F1211ADEC1BBAEAE9FF645B3D5454A111
Authority key identifier: B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/XPqNLDSioTBbUphggaW_qiKHxQM.roa
Signing time: Mon 29 Jun 2026 06:29:36 +0000
ROA not before: Mon 29 Jun 2026 06:29:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 174
IP address blocks: 80.174.114.0/24 maxlen: 24
80.174.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.mft
rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 03:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:12:11:ad:ec:1b:ba:ea:e9:ff:64:5b:3d:54:54:a1:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Validity
Not Before: Jun 29 06:29:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5cfa8d2c34a2a1305b52986081a5bfaa2287c503
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:13:73:cb:fd:6e:92:09:f2:82:2f:35:7a:7c:
aa:dc:d8:91:39:d7:55:4a:43:ab:9d:3f:93:8c:42:
fb:bf:fd:2b:7a:88:2e:c1:76:0e:77:b7:fb:2a:1a:
80:ea:b2:e5:22:f9:c2:59:38:99:3c:4d:9b:c9:fe:
b7:76:71:bc:08:b9:aa:b1:91:44:18:b1:eb:63:d8:
52:77:80:b3:2f:bd:d9:30:34:be:22:d5:01:85:ff:
4d:92:22:44:d9:ae:9f:49:61:ef:b8:23:4b:a4:d9:
b1:14:9a:34:a3:5c:51:4f:4d:ec:3f:89:05:e2:3b:
84:02:61:2d:b5:fe:21:5b:b3:61:19:48:08:37:b6:
67:cf:ff:70:2f:a5:97:b0:97:a2:6d:61:b3:62:6b:
65:87:80:16:ce:3c:be:1d:7f:1b:56:8b:fc:cf:60:
b5:93:e0:62:5b:60:63:4b:6c:74:5c:e3:75:b3:0b:
c6:73:b5:40:0c:42:7e:ef:43:e9:1f:03:73:5c:db:
3a:bb:87:55:d7:75:71:79:26:fc:c6:9d:2b:17:3f:
a2:8b:17:6e:48:f5:1a:5f:20:27:da:62:a3:05:9e:
bf:e6:31:ed:95:3c:69:4e:ce:1e:4f:02:8b:d8:ea:
65:f8:2d:94:3c:16:56:ad:3b:9c:69:b1:3d:d5:04:
c8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:FA:8D:2C:34:A2:A1:30:5B:52:98:60:81:A5:BF:AA:22:87:C5:03
X509v3 Authority Key Identifier:
keyid:B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/XPqNLDSioTBbUphggaW_qiKHxQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.174.114.0/24
80.174.123.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:07:02:e6:7c:8b:ab:37:dc:57:7e:c7:cc:47:cb:ef:ca:b9:
06:bb:03:0e:60:90:7d:09:09:d9:91:6e:5c:df:1e:75:5d:43:
99:f1:e5:cf:b9:fe:d1:8c:70:5e:79:bb:e1:11:f5:a5:0d:7c:
64:e5:36:c0:10:39:44:e9:1b:48:94:dc:85:85:b0:e1:4c:0b:
74:dc:83:0d:57:8d:a7:4d:4e:01:df:b3:c1:a6:85:fa:88:52:
57:50:18:56:bf:43:f3:5b:ba:4c:38:22:e4:22:e3:bf:ef:19:
c7:9b:f0:b9:3c:d6:3e:e5:00:36:63:c1:99:e9:9e:4e:ba:d5:
1c:be:73:f6:ce:db:d3:b7:b6:a7:2a:e0:f7:f0:a3:e0:31:42:
45:40:cd:4e:f2:ae:00:ee:be:f3:19:c3:e2:63:87:27:6a:00:
ff:5b:79:ab:ca:ea:11:08:4f:6a:3d:fe:0e:56:7b:04:6c:6b:
7f:c8:60:ba:4d:4d:02:dd:2c:c6:57:bd:85:c0:52:6b:ea:48:
a5:e0:83:36:1b:9d:70:54:84:90:95:01:a5:b5:2a:8c:91:38:
57:0f:f0:06:9a:dd:06:96:36:78:17:68:92:e3:01:38:80:6c:
f0:ad:6a:32:90:93:16:a0:9c:84:4d:a9:97:01:7f:5f:d4:74:
b8:e2:70:9a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ8SEa3sG7rq6f9kWz1UVKERMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTk5OTg5OWY3NmQyZTJlNGNjZGZjODE3Zjk4NzljZmFj
MDZiYmUwHhcNMjYwNjI5MDYyOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2ZhOGQyYzM0YTJhMTMwNWI1Mjk4NjA4MWE1YmZhYTIyODdjNTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRNzy/1ukgnygi81enyq3NiROddV
SkOrnT+TjEL7v/0reoguwXYOd7f7KhqA6rLlIvnCWTiZPE2byf63dnG8CLmqsZFE
GLHrY9hSd4CzL73ZMDS+ItUBhf9NkiJE2a6fSWHvuCNLpNmxFJo0o1xRT03sP4kF
4juEAmEttf4hW7NhGUgIN7Znz/9wL6WXsJeibWGzYmtlh4AWzjy+HX8bVov8z2C1
k+BiW2BjS2x0XON1swvGc7VADEJ+70PpHwNzXNs6u4dV13VxeSb8xp0rFz+iixdu
SPUaXyAn2mKjBZ6/5jHtlTxpTs4eTwKL2Opl+C2UPBZWrTucabE91QTIowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFz6jSw0oqEwW1KYYIGlv6oih8UDMB8GA1UdIwQY
MBaAFLRZmYmfdtLi5MzfyBf5h5z6wGu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUt
NzM0MjhmOWM3YmZmLzEvWFBxTkxEU2lvVEJiVXBoZ2dhV19xaUtIeFFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUtNzM0MjhmOWM3YmZm
LzEvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUK5yAwQA
UK57MA0GCSqGSIb3DQEBCwUAA4IBAQBvBwLmfIurN9xXfsfMR8vvyrkGuwMOYJB9
CQnZkW5c3x51XUOZ8eXPuf7RjHBeebvhEfWlDXxk5TbAEDlE6RtIlNyFhbDhTAt0
3IMNV42nTU4B37PBpoX6iFJXUBhWv0PzW7pMOCLkIuO/7xnHm/C5PNY+5QA2Y8GZ
6Z5OutUcvnP2ztvTt7anKuD38KPgMUJFQM1O8q4A7r7zGcPiY4cnagD/W3mryuoR
CE9qPf4OVnsEbGt/yGC6TU0C3SzGV72FwFJr6kil4IM2G51wVISQlQGltSqMkThX
D/AGmt0GljZ4F2iS4wE4gGzwrWoykJMWoJyETamXAX9f1HS44nCa
-----END CERTIFICATE-----
Generated at Tue Jun 30 10:15:30 2026 by rpki-client