Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/9a36cc-6dca-4a2a-bf6f-d47bd7d0192f/1/XSVXot1mrN9KrobWqSb7ZJcFIHo.roa
File: XSVXot1mrN9KrobWqSb7ZJcFIHo.roa (raw, json)
Hash identifier: XG35l+m4PstJ+C55dywjRW/YEAH7VQspHcuyVm5s0zE=
Subject key identifier: 5D:25:57:A2:DD:66:AC:DF:4A:AE:86:D6:A9:26:FB:64:97:05:20:7A
Certificate issuer: /CN=319eddb366919ed75f4660cfb0e0b6e5fc401613
Certificate serial: 019F0D9944E736DFD1A6224ADD1BF9F4182C
Authority key identifier: 31:9E:DD:B3:66:91:9E:D7:5F:46:60:CF:B0:E0:B6:E5:FC:40:16:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MZ7ds2aRntdfRmDPsOC25fxAFhM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/9a36cc-6dca-4a2a-bf6f-d47bd7d0192f/1/XSVXot1mrN9KrobWqSb7ZJcFIHo.roa
Signing time: Sun 28 Jun 2026 09:39:36 +0000
ROA not before: Sun 28 Jun 2026 09:39:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205771
IP address blocks: 85.8.196.0/24 maxlen: 24
2a13:740::/32 maxlen: 32
2a13:741::/32 maxlen: 32
2a13:742::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/9a36cc-6dca-4a2a-bf6f-d47bd7d0192f/1/MZ7ds2aRntdfRmDPsOC25fxAFhM.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/9a36cc-6dca-4a2a-bf6f-d47bd7d0192f/1/MZ7ds2aRntdfRmDPsOC25fxAFhM.mft
rsync://rpki.ripe.net/repository/DEFAULT/MZ7ds2aRntdfRmDPsOC25fxAFhM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 11:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:0d:99:44:e7:36:df:d1:a6:22:4a:dd:1b:f9:f4:18:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=319eddb366919ed75f4660cfb0e0b6e5fc401613
Validity
Not Before: Jun 28 09:39:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5d2557a2dd66acdf4aae86d6a926fb649705207a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:36:bf:ad:b5:c1:cf:9f:9f:f8:47:ae:2d:7c:
9c:72:87:fe:67:e5:c2:3d:20:96:e4:f1:c2:6c:94:
85:fc:b3:00:39:1f:96:d1:ea:f4:ab:8c:8d:b2:d0:
8e:c8:be:0c:6e:57:c9:3c:5b:d5:5b:66:87:03:32:
15:bf:42:10:43:2b:c5:e9:64:27:e1:22:8d:4d:51:
6c:bd:5e:b9:68:da:31:48:0c:f8:10:81:01:8a:8a:
f4:24:35:76:c3:fd:82:26:3f:16:f0:6a:80:a8:e8:
08:2f:73:b8:9c:b2:64:74:48:8c:a5:b1:e0:3e:96:
c4:c9:f0:23:0a:b2:cb:a7:9a:f6:e0:11:35:38:5b:
b1:9f:98:95:03:77:a3:1a:44:c1:36:d9:4a:6a:20:
61:03:93:17:8b:c2:c2:7e:a7:03:e3:1e:9f:14:93:
b4:e8:b0:01:b8:95:b3:d3:ab:f3:4a:6b:6d:d5:93:
2c:1c:3c:b0:2f:d1:cd:33:9a:ba:c6:9b:f4:e9:7c:
1e:45:a4:df:9c:a3:d4:2e:f1:84:d9:fd:99:e6:d7:
2b:cd:3c:e4:a7:6f:73:f8:54:35:5e:39:83:34:cf:
63:f4:ce:b4:76:ed:21:27:bf:ca:d9:87:6a:da:74:
63:49:98:e2:0d:cc:6f:49:70:9f:78:0f:12:e0:ed:
3f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:25:57:A2:DD:66:AC:DF:4A:AE:86:D6:A9:26:FB:64:97:05:20:7A
X509v3 Authority Key Identifier:
keyid:31:9E:DD:B3:66:91:9E:D7:5F:46:60:CF:B0:E0:B6:E5:FC:40:16:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MZ7ds2aRntdfRmDPsOC25fxAFhM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/9a36cc-6dca-4a2a-bf6f-d47bd7d0192f/1/XSVXot1mrN9KrobWqSb7ZJcFIHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/9a36cc-6dca-4a2a-bf6f-d47bd7d0192f/1/MZ7ds2aRntdfRmDPsOC25fxAFhM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.196.0/24
IPv6:
2a13:740::-2a13:742:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
31:83:b7:93:d0:3e:5b:25:31:54:b4:db:ee:8f:d7:ec:89:f5:
73:0a:0f:04:2f:64:84:eb:00:82:27:f2:6a:b6:2a:5e:fd:25:
2b:fd:f2:12:4a:ce:6b:49:06:a2:01:23:f8:54:90:e0:dd:d4:
26:50:dd:d3:ef:60:e1:86:cc:22:b5:2c:88:84:66:0e:a0:28:
46:b7:4a:9f:a6:6f:e9:61:d5:92:cf:28:60:ad:8f:b3:da:70:
69:e3:e7:71:6a:9b:7d:8e:f9:b1:9a:71:ed:8d:6f:ea:eb:df:
e7:36:4d:fa:40:79:ff:61:35:47:94:39:49:dd:ef:3c:dd:6c:
0f:a7:25:34:f3:f4:93:8b:10:02:39:75:27:90:49:df:0e:0b:
70:0d:12:c3:1d:c9:e5:d7:93:94:00:b7:38:f5:f7:48:bf:72:
08:0f:97:15:0e:4a:4f:1f:3e:c1:82:c3:a7:ae:9b:c1:9b:8c:
41:90:77:58:2a:8d:f5:3f:4d:cf:85:fb:d2:e8:4b:f8:a0:41:
08:16:19:6a:8e:51:dd:fc:d8:f0:b8:3d:71:19:d3:7a:56:28:
3c:30:91:a6:bb:a6:da:5f:5f:60:fd:d7:96:81:f7:c4:4c:cc:
4b:54:77:35:5a:92:f0:37:97:f4:35:b7:f4:ae:85:f1:44:e0:
ff:b0:e3:76
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ8NmUTnNt/RpiJK3Rv59BgsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxOWVkZGIzNjY5MTllZDc1ZjQ2NjBjZmIwZTBiNmU1ZmM0
MDE2MTMwHhcNMjYwNjI4MDkzOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDI1NTdhMmRkNjZhY2RmNGFhZTg2ZDZhOTI2ZmI2NDk3MDUyMDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ja/rbXBz5+f+EeuLXyccof+Z+XC
PSCW5PHCbJSF/LMAOR+W0er0q4yNstCOyL4MblfJPFvVW2aHAzIVv0IQQyvF6WQn
4SKNTVFsvV65aNoxSAz4EIEBior0JDV2w/2CJj8W8GqAqOgIL3O4nLJkdEiMpbHg
PpbEyfAjCrLLp5r24BE1OFuxn5iVA3ejGkTBNtlKaiBhA5MXi8LCfqcD4x6fFJO0
6LABuJWz06vzSmtt1ZMsHDywL9HNM5q6xpv06XweRaTfnKPULvGE2f2Z5tcrzTzk
p29z+FQ1XjmDNM9j9M60du0hJ7/K2Ydq2nRjSZjiDcxvSXCfeA8S4O0/FQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFF0lV6LdZqzfSq6G1qkm+2SXBSB6MB8GA1UdIwQY
MBaAFDGe3bNmkZ7XX0Zgz7DgtuX8QBYTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVo3ZHMyYVJudGRmUm1EUHNPQzI1ZnhBRmhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS85YTM2Y2MtNmRjYS00YTJhLWJmNmYt
ZDQ3YmQ3ZDAxOTJmLzEvWFNWWG90MW1yTjlLcm9iV3FTYjdaSmNGSUhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS85YTM2Y2MtNmRjYS00YTJhLWJmNmYtZDQ3YmQ3ZDAxOTJm
LzEvTVo3ZHMyYVJudGRmUm1EUHNPQzI1ZnhBRmhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAVQjEMBYE
AgACMBAwDgMFBioTB0ADBQAqEwdCMA0GCSqGSIb3DQEBCwUAA4IBAQAxg7eT0D5b
JTFUtNvuj9fsifVzCg8EL2SE6wCCJ/Jqtipe/SUr/fISSs5rSQaiASP4VJDg3dQm
UN3T72DhhswitSyIhGYOoChGt0qfpm/pYdWSzyhgrY+z2nBp4+dxapt9jvmxmnHt
jW/q69/nNk36QHn/YTVHlDlJ3e883WwPpyU08/STixACOXUnkEnfDgtwDRLDHcnl
15OUALc49fdIv3IID5cVDkpPHz7BgsOnrpvBm4xBkHdYKo31P03PhfvS6Ev4oEEI
FhlqjlHd/NjwuD1xGdN6Vig8MJGmu6baX19g/deWgffETMxLVHc1WpLwN5f0Nbf0
roXxROD/sON2
-----END CERTIFICATE-----
Generated at Mon Jun 29 14:32:09 2026 by rpki-client