Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/XXSTcRkCx2FdQaklbV11MSDD0ZY.roa
File: XXSTcRkCx2FdQaklbV11MSDD0ZY.roa (raw, json)
Hash identifier: mmZMZr+HshOcyt7jbdu8TgJJ6khX6PBndh04iVbROEE=
Subject key identifier: 5D:74:93:71:19:02:C7:61:5D:41:A9:25:6D:5D:75:31:20:C3:D1:96
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 019DBF9C06DF8F22C152F24AC6DF689AB229
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/XXSTcRkCx2FdQaklbV11MSDD0ZY.roa
Signing time: Fri 24 Apr 2026 13:09:26 +0000
ROA not before: Fri 24 Apr 2026 13:09:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201341
IP address blocks: 189.81.18.0/23 maxlen: 23
189.81.42.0/23 maxlen: 23
189.81.50.0/23 maxlen: 23
189.81.52.0/23 maxlen: 23
189.81.110.0/23 maxlen: 23
189.81.128.0/23 maxlen: 23
189.81.138.0/23 maxlen: 23
189.81.146.0/23 maxlen: 23
189.81.154.0/23 maxlen: 23
189.81.172.0/23 maxlen: 23
189.81.176.0/23 maxlen: 23
189.81.190.0/23 maxlen: 23
189.81.200.0/23 maxlen: 23
189.81.208.0/23 maxlen: 23
189.81.240.0/23 maxlen: 23
189.81.244.0/23 maxlen: 23
189.81.252.0/23 maxlen: 23
189.104.24.0/23 maxlen: 23
189.104.26.0/23 maxlen: 23
189.104.40.0/23 maxlen: 23
189.104.58.0/23 maxlen: 23
189.104.62.0/23 maxlen: 23
189.104.76.0/23 maxlen: 23
189.104.82.0/23 maxlen: 23
189.104.88.0/23 maxlen: 23
189.104.176.0/23 maxlen: 23
189.104.194.0/23 maxlen: 23
189.104.206.0/23 maxlen: 23
189.104.216.0/23 maxlen: 23
189.104.228.0/23 maxlen: 23
189.104.232.0/23 maxlen: 23
189.104.240.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 04:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:bf:9c:06:df:8f:22:c1:52:f2:4a:c6:df:68:9a:b2:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: Apr 24 13:09:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5d7493711902c7615d41a9256d5d753120c3d196
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7a:5c:54:cd:3b:ab:48:db:9a:65:d9:03:98:
38:35:dd:81:08:bd:2a:66:e7:51:97:2f:77:67:b0:
a3:7c:6a:89:dd:54:10:65:fa:8f:f4:5c:10:75:e7:
7b:34:1a:7e:cc:1c:72:c5:52:a9:be:8f:36:05:c6:
ff:75:03:3f:7e:02:6a:85:97:17:2b:ad:a7:37:b6:
63:e6:ed:c0:44:c4:30:9d:79:f8:ed:62:ce:7e:f1:
4f:5b:93:51:c6:5d:67:9a:27:83:fa:8e:9b:67:b4:
ab:0d:4e:f8:77:10:83:b1:13:b0:99:b6:86:58:fc:
ae:87:a0:6b:eb:fe:e1:7d:e1:8b:99:ba:86:69:3d:
81:ee:2e:ff:20:1c:6f:0c:4d:c9:3b:e7:f8:d0:07:
b1:87:30:af:62:6f:98:30:a7:29:10:85:c3:e0:98:
b2:b5:f0:be:d2:6c:89:77:c9:c4:f8:7b:6b:ae:2f:
f8:4a:5e:51:e9:12:7f:7b:5d:f3:60:c3:94:51:59:
6c:60:24:b9:35:1e:d7:4e:53:e5:3d:10:82:a2:d6:
fa:c8:9f:a4:8b:c1:cb:cd:d0:3a:eb:80:97:13:4a:
6c:33:b7:71:34:50:06:e0:c1:75:aa:d5:f3:7a:85:
80:c4:e3:10:27:f2:93:73:ce:cd:42:8c:f4:23:6a:
e5:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:74:93:71:19:02:C7:61:5D:41:A9:25:6D:5D:75:31:20:C3:D1:96
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/XXSTcRkCx2FdQaklbV11MSDD0ZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
189.81.18.0/23
189.81.42.0/23
189.81.50.0-189.81.53.255
189.81.110.0/23
189.81.128.0/23
189.81.138.0/23
189.81.146.0/23
189.81.154.0/23
189.81.172.0/23
189.81.176.0/23
189.81.190.0/23
189.81.200.0/23
189.81.208.0/23
189.81.240.0/23
189.81.244.0/23
189.81.252.0/23
189.104.24.0/22
189.104.40.0/23
189.104.58.0/23
189.104.62.0/23
189.104.76.0/23
189.104.82.0/23
189.104.88.0/23
189.104.176.0/23
189.104.194.0/23
189.104.206.0/23
189.104.216.0/23
189.104.228.0/23
189.104.232.0/23
189.104.240.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:95:07:62:49:cb:c4:b0:87:1a:dc:3b:a6:d1:9e:fb:8f:1d:
2f:fe:58:41:9a:12:6d:73:16:64:4e:3f:df:44:ac:11:b0:47:
bc:f8:27:3a:92:eb:9a:e8:27:a1:4a:ca:62:58:ce:e3:7f:c9:
ae:11:09:64:9c:b4:b6:33:90:54:4a:df:82:aa:7c:67:bc:c8:
07:1c:31:e7:d6:71:4a:30:f3:9b:83:9a:4b:f2:00:21:2d:cb:
e0:5e:b7:04:7d:1b:cb:4c:2b:41:00:94:03:56:a1:2d:9f:d5:
84:c3:01:6f:68:cb:ef:19:31:d5:15:8d:b1:e7:cb:81:d9:98:
ca:94:3d:1b:88:7c:93:90:76:22:e0:b4:a6:55:30:19:6f:61:
c3:59:c4:ba:0f:2e:8f:28:81:48:16:34:74:c7:a3:d7:c0:87:
1c:fb:08:3c:54:e0:c5:d7:ea:26:c9:98:66:cf:41:23:bd:a2:
aa:54:ed:e9:61:00:fb:bb:2c:5f:4c:6c:fe:2e:4a:d2:d5:bb:
a4:e7:c1:8b:16:f5:d1:1e:81:ce:6b:5e:b9:01:9a:ae:c9:14:
e1:bc:04:27:4f:7b:d7:e6:ca:78:b0:a9:e8:3f:78:92:3c:44:
94:04:71:08:64:6b:64:a4:d5:b7:b1:99:10:87:28:ec:28:b3:
be:57:de:5e
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAZ2/nAbfjyLBUvJKxt9omrIpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjYwNDI0MTMwOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDc0OTM3MTE5MDJjNzYxNWQ0MWE5MjU2ZDVkNzUzMTIwYzNkMTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynpcVM07q0jbmmXZA5g4Nd2BCL0q
ZudRly93Z7CjfGqJ3VQQZfqP9FwQded7NBp+zBxyxVKpvo82Bcb/dQM/fgJqhZcX
K62nN7Zj5u3ARMQwnXn47WLOfvFPW5NRxl1nmieD+o6bZ7SrDU74dxCDsROwmbaG
WPyuh6Br6/7hfeGLmbqGaT2B7i7/IBxvDE3JO+f40AexhzCvYm+YMKcpEIXD4Jiy
tfC+0myJd8nE+Htrri/4Sl5R6RJ/e13zYMOUUVlsYCS5NR7XTlPlPRCCotb6yJ+k
i8HLzdA664CXE0psM7dxNFAG4MF1qtXzeoWAxOMQJ/KTc87NQoz0I2rldwIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFF10k3EZAsdhXUGpJW1ddTEgw9GWMB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvWFhTVGNSa0N4MkZkUWFrbGJWMTFNU0REMFpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDBAG9
URIDBAG9USowDAMEAb1RMgMEAb1RNAMEAb1RbgMEAb1RgAMEAb1RigMEAb1RkgME
Ab1RmgMEAb1RrAMEAb1RsAMEAb1RvgMEAb1RyAMEAb1R0AMEAb1R8AMEAb1R9AME
Ab1R/AMEAr1oGAMEAb1oKAMEAb1oOgMEAb1oPgMEAb1oTAMEAb1oUgMEAb1oWAME
Ab1osAMEAb1owgMEAb1ozgMEAb1o2AMEAb1o5AMEAb1o6AMEAb1o8DANBgkqhkiG
9w0BAQsFAAOCAQEAH5UHYknLxLCHGtw7ptGe+48dL/5YQZoSbXMWZE4/30SsEbBH
vPgnOpLrmugnoUrKYljO43/JrhEJZJy0tjOQVErfgqp8Z7zIBxwx59ZxSjDzm4Oa
S/IAIS3L4F63BH0by0wrQQCUA1ahLZ/VhMMBb2jL7xkx1RWNsefLgdmYypQ9G4h8
k5B2IuC0plUwGW9hw1nEug8ujyiBSBY0dMej18CHHPsIPFTgxdfqJsmYZs9BI72i
qlTt6WEA+7ssX0xs/i5K0tW7pOfBixb10R6BzmteuQGarskU4bwEJ0971+bKeLCp
6D94kjxElARxCGRrZKTVt7GZEIco7CizvlfeXg==
-----END CERTIFICATE-----
Generated at Mon Apr 27 10:38:31 2026 by rpki-client