Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Xqevdu1vmPKUUNGgaAabtwOgzOc.roa
File: Xqevdu1vmPKUUNGgaAabtwOgzOc.roa (raw, json)
Hash identifier: 5iQ7IUw6PgQ7J40Hyop4Dktnc8IJHigimR3MqZJmeRg=
Subject key identifier: 5E:A7:AF:76:ED:6F:98:F2:94:50:D1:A0:68:06:9B:B7:03:A0:CC:E7
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019EAE350A830566982745E7C7CBBD9AFF68
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Xqevdu1vmPKUUNGgaAabtwOgzOc.roa
Signing time: Tue 09 Jun 2026 21:06:12 +0000
ROA not before: Tue 09 Jun 2026 21:06:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199412
IP address blocks: 78.17.23.0/24 maxlen: 24
78.17.25.0/24 maxlen: 24
78.17.26.0/24 maxlen: 24
78.17.69.0/24 maxlen: 24
78.17.108.0/24 maxlen: 24
89.125.12.0/24 maxlen: 24
89.125.31.0/24 maxlen: 24
140.225.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ae:35:0a:83:05:66:98:27:45:e7:c7:cb:bd:9a:ff:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jun 9 21:06:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5ea7af76ed6f98f29450d1a068069bb703a0cce7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0f:9e:6f:27:da:d0:9b:b1:35:6e:a5:8b:e0:
0e:59:57:db:4d:ff:f3:f6:51:46:35:0f:6a:5d:2d:
54:75:43:58:d9:b4:ae:99:fb:d5:0f:9d:ce:40:11:
ee:81:26:54:95:97:3d:0f:99:75:8f:c2:7a:a3:fc:
e2:d1:f6:98:82:4c:8a:54:3e:25:cb:19:ab:49:e2:
e3:67:dd:a5:25:2c:f4:4d:4e:76:c5:3a:24:da:87:
da:2f:3f:3a:e9:4f:60:83:87:28:8d:36:0f:9e:b8:
bb:7f:ce:42:e5:bd:6f:89:16:5f:0f:df:a8:c4:28:
2c:5a:bc:12:2a:f0:e7:4b:9a:44:0c:41:0c:60:a5:
dd:6b:b8:65:38:8c:8e:f7:ad:7b:d4:a9:95:17:d2:
c0:51:cf:02:c6:12:e2:75:86:66:4c:da:e4:de:c6:
a3:0b:a8:83:c2:73:07:02:1c:c7:d9:5a:6b:ef:e8:
b0:9e:64:73:1c:b3:51:9d:20:61:ed:2e:55:27:84:
a7:88:b8:d1:41:55:21:0b:b5:d6:5c:e9:81:b6:ac:
59:1a:ca:ae:4e:d5:c4:f4:8c:57:b9:43:25:84:e0:
31:09:46:53:97:31:04:5e:2d:10:e3:52:75:fb:69:
8c:d4:d8:f9:ef:9d:c8:33:da:9a:b3:a0:fa:1a:5b:
36:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:A7:AF:76:ED:6F:98:F2:94:50:D1:A0:68:06:9B:B7:03:A0:CC:E7
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Xqevdu1vmPKUUNGgaAabtwOgzOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.17.23.0/24
78.17.25.0-78.17.26.255
78.17.69.0/24
78.17.108.0/24
89.125.12.0/24
89.125.31.0/24
140.225.192.0/24
Signature Algorithm: sha256WithRSAEncryption
97:cc:56:8d:99:da:9a:e3:f4:af:eb:bc:cc:01:46:63:db:f1:
6a:41:ca:13:9d:73:f3:13:b5:db:ee:e5:de:6a:18:78:e4:4c:
16:ed:7b:4a:0e:e6:39:47:98:e4:2a:e6:45:29:8e:0c:0b:35:
a5:85:d9:63:26:fa:1b:d4:28:95:68:14:86:2e:46:0d:8a:c6:
22:2a:a0:18:7b:5b:25:a1:b1:64:13:27:c8:77:e3:ec:85:e9:
31:b5:6c:89:6f:09:26:40:31:f2:9f:4c:14:9e:e6:33:56:35:
8e:aa:41:ec:a7:3b:0c:8b:ea:7e:69:b3:54:55:a0:5f:67:8b:
b6:39:47:b9:ce:7c:bf:0a:b0:e6:98:53:93:87:1a:29:e3:6c:
df:43:0c:55:c4:e9:b1:5d:e7:08:75:74:f3:77:f4:ab:df:32:
b9:eb:39:77:97:64:31:e2:b5:ab:6a:f1:73:c2:59:ae:ec:b5:
ed:c6:f5:eb:d4:83:67:ba:ea:40:df:6e:53:7c:57:9d:93:9e:
a8:d3:49:65:e5:e0:a2:5a:40:88:9e:7b:2e:4b:4c:f0:1c:db:
bc:d6:2c:df:1b:9f:04:24:4e:0c:02:2a:78:51:87:7c:48:7c:
a3:ef:42:3e:19:b2:88:8f:00:d5:d4:f1:f1:69:56:c1:8a:d1:
aa:03:9a:2a
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZ6uNQqDBWaYJ0Xnx8u9mv9oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwNjA5MjEwNjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWE3YWY3NmVkNmY5OGYyOTQ1MGQxYTA2ODA2OWJiNzAzYTBjY2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQ+ebyfa0JuxNW6li+AOWVfbTf/z
9lFGNQ9qXS1UdUNY2bSumfvVD53OQBHugSZUlZc9D5l1j8J6o/zi0faYgkyKVD4l
yxmrSeLjZ92lJSz0TU52xTok2ofaLz866U9gg4cojTYPnri7f85C5b1viRZfD9+o
xCgsWrwSKvDnS5pEDEEMYKXda7hlOIyO96171KmVF9LAUc8CxhLidYZmTNrk3saj
C6iDwnMHAhzH2Vpr7+iwnmRzHLNRnSBh7S5VJ4SniLjRQVUhC7XWXOmBtqxZGsqu
TtXE9IxXuUMlhOAxCUZTlzEEXi0Q41J1+2mM1Nj5753IM9qas6D6Gls20QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFF6nr3btb5jylFDRoGgGm7cDoMznMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvWHFldmR1MXZtUEtVVU5HZ2FBYWJ0d09nek9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAThEXMAwD
BABOERkDBABOERoDBABOEUUDBABOEWwDBABZfQwDBABZfR8DBACM4cAwDQYJKoZI
hvcNAQELBQADggEBAJfMVo2Z2prj9K/rvMwBRmPb8WpByhOdc/MTtdvu5d5qGHjk
TBbte0oO5jlHmOQq5kUpjgwLNaWF2WMm+hvUKJVoFIYuRg2KxiIqoBh7WyWhsWQT
J8h34+yF6TG1bIlvCSZAMfKfTBSe5jNWNY6qQeynOwyL6n5ps1RVoF9ni7Y5R7nO
fL8KsOaYU5OHGinjbN9DDFXE6bFd5wh1dPN39KvfMrnrOXeXZDHitatq8XPCWa7s
te3G9evUg2e66kDfblN8V52TnqjTSWXl4KJaQIieey5LTPAc27zWLN8bnwQkTgwC
KnhRh3xIfKPvQj4ZsoiPANXU8fFpVsGK0aoDmio=
-----END CERTIFICATE-----
Generated at Fri Jun 12 05:31:04 2026 by rpki-client