Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/1xZm-Pr5b-qFCpIwZikYlu9ZEe0.roa
File: 1xZm-Pr5b-qFCpIwZikYlu9ZEe0.roa (raw, json)
Hash identifier: 0QA48yd7mZICyUD51OT5TDfFE0FEjiyUGHhy9Tse6eg=
Subject key identifier: D7:16:66:F8:FA:F9:6F:EA:85:0A:92:30:66:29:18:96:EF:59:11:ED
Certificate issuer: /CN=c8d5e37178d8524c72660a1d796165999e586622
Certificate serial: 019EF99C97AF79FB32714147170ABEB333EB
Authority key identifier: C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/1xZm-Pr5b-qFCpIwZikYlu9ZEe0.roa
Signing time: Wed 24 Jun 2026 12:30:49 +0000
ROA not before: Wed 24 Jun 2026 12:30:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 2.57.180.0/22 maxlen: 22
2.58.146.0/23 maxlen: 23
2.59.116.0/24 maxlen: 24
45.12.44.0/22 maxlen: 22
45.67.44.0/22 maxlen: 22
45.86.192.0/22 maxlen: 22
45.92.212.0/22 maxlen: 22
45.95.140.0/22 maxlen: 22
45.130.204.0/22 maxlen: 22
45.136.60.0/22 maxlen: 22
45.145.192.0/22 maxlen: 22
45.151.204.0/22 maxlen: 22
45.152.40.0/22 maxlen: 22
79.99.140.0/22 maxlen: 22
91.239.15.0/24 maxlen: 24
103.82.160.0/22 maxlen: 22
153.56.192.0/21 maxlen: 21
185.39.11.0/24 maxlen: 24
185.57.176.0/22 maxlen: 22
185.157.123.0/24 maxlen: 24
185.232.89.0/24 maxlen: 24
193.3.158.0/24 maxlen: 24
194.99.66.0/23 maxlen: 23
212.52.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/yNXjcXjYUkxyZgodeWFlmZ5YZiI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/yNXjcXjYUkxyZgodeWFlmZ5YZiI.mft
rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 14:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:f9:9c:97:af:79:fb:32:71:41:47:17:0a:be:b3:33:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d5e37178d8524c72660a1d796165999e586622
Validity
Not Before: Jun 24 12:30:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d71666f8faf96fea850a923066291896ef5911ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:06:09:eb:bb:c1:6d:4c:ef:3b:12:32:3e:4e:
f8:bb:01:47:56:2c:24:26:b4:21:fc:5a:d0:de:8c:
1e:68:6f:06:60:5b:cc:9e:fd:2e:63:28:8d:ae:1c:
b7:17:48:aa:18:54:2c:08:89:97:d5:8a:fc:12:f5:
9b:c5:07:18:27:18:6d:90:22:b9:87:27:5f:83:34:
52:68:66:57:f1:4b:9b:43:96:d9:57:38:14:1e:3a:
41:09:14:c6:7f:95:04:04:1b:c0:a4:cc:b4:bb:7d:
d4:f9:fd:c2:42:a5:2c:1f:f7:10:33:ec:dc:f5:7e:
d7:c9:54:40:5a:6b:40:a7:4e:28:0c:db:5a:74:a6:
f7:4c:49:88:aa:ec:52:1b:2c:9f:c1:7d:18:dd:99:
83:a7:ea:38:ca:29:fe:6f:5f:fb:05:e2:f4:0d:bc:
96:fd:d8:18:f1:84:1b:66:0f:05:0b:a8:66:26:1e:
53:28:ae:45:6e:83:8a:a4:98:23:3c:f3:f3:87:03:
a9:88:58:80:09:e2:af:86:cb:94:93:65:4d:aa:5e:
f8:40:c2:45:8d:2a:ff:a4:b2:22:12:d1:13:9a:f9:
b3:74:8f:bc:45:bd:45:c4:2e:d9:2f:4b:7f:b7:7f:
40:a5:00:5f:b2:1f:32:50:fe:61:00:53:eb:cb:4d:
f6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:16:66:F8:FA:F9:6F:EA:85:0A:92:30:66:29:18:96:EF:59:11:ED
X509v3 Authority Key Identifier:
keyid:C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/1xZm-Pr5b-qFCpIwZikYlu9ZEe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/yNXjcXjYUkxyZgodeWFlmZ5YZiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.180.0/22
2.58.146.0/23
2.59.116.0/24
45.12.44.0/22
45.67.44.0/22
45.86.192.0/22
45.92.212.0/22
45.95.140.0/22
45.130.204.0/22
45.136.60.0/22
45.145.192.0/22
45.151.204.0/22
45.152.40.0/22
79.99.140.0/22
91.239.15.0/24
103.82.160.0/22
153.56.192.0/21
185.39.11.0/24
185.57.176.0/22
185.157.123.0/24
185.232.89.0/24
193.3.158.0/24
194.99.66.0/23
212.52.3.0/24
Signature Algorithm: sha256WithRSAEncryption
69:9b:8e:75:06:86:59:d7:93:74:47:39:52:78:dd:60:49:b5:
6d:e8:01:6c:4f:da:2b:e3:d2:81:f7:a2:38:55:2c:a5:2d:4e:
a4:c0:e3:68:1c:e9:1c:c4:75:10:89:40:ed:29:41:1b:9f:0d:
3c:70:0c:f9:71:5d:bd:b1:bc:c9:fa:90:db:b2:68:7e:c3:e7:
03:4e:3e:ac:93:56:ce:13:e7:65:45:2d:ea:6f:37:b6:17:b5:
52:22:1f:d8:50:97:4a:dd:e6:48:65:7c:a0:1c:ef:ca:34:45:
e9:d7:bf:6f:5e:be:0f:23:70:fd:3f:f2:66:77:66:6a:5e:c6:
02:b0:f7:39:86:0e:cc:56:82:14:75:96:ef:d1:66:33:2d:38:
55:d5:b1:fc:41:59:0a:b9:ae:20:6e:2d:d1:d6:d6:24:21:e8:
ee:c5:8d:ef:02:e0:43:7b:48:a8:ef:ea:7c:12:a0:f3:17:c2:
b2:ec:2d:56:14:fe:3f:55:bc:2f:ff:1b:fa:08:f1:a7:31:ad:
21:63:4c:e5:fb:87:d8:5e:6d:57:28:2b:f5:cf:d4:55:23:32:
2d:04:be:41:e6:18:6c:65:1b:c6:60:c8:8b:ac:66:52:44:e9:
3e:26:ea:fe:37:51:39:32:27:22:6c:d2:f1:77:da:83:e1:02:
f7:76:32:ca
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZ75nJevefsycUFHFwq+szPrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZDVlMzcxNzhkODUyNGM3MjY2MGExZDc5NjE2NTk5OWU1
ODY2MjIwHhcNMjYwNjI0MTIzMDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzE2NjZmOGZhZjk2ZmVhODUwYTkyMzA2NjI5MTg5NmVmNTkxMWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9QYJ67vBbUzvOxIyPk74uwFHViwk
JrQh/FrQ3oweaG8GYFvMnv0uYyiNrhy3F0iqGFQsCImX1Yr8EvWbxQcYJxhtkCK5
hydfgzRSaGZX8UubQ5bZVzgUHjpBCRTGf5UEBBvApMy0u33U+f3CQqUsH/cQM+zc
9X7XyVRAWmtAp04oDNtadKb3TEmIquxSGyyfwX0Y3ZmDp+o4yin+b1/7BeL0DbyW
/dgY8YQbZg8FC6hmJh5TKK5FboOKpJgjPPPzhwOpiFiACeKvhsuUk2VNql74QMJF
jSr/pLIiEtETmvmzdI+8Rb1FxC7ZL0t/t39ApQBfsh8yUP5hAFPry032gQIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFNcWZvj6+W/qhQqSMGYpGJbvWRHtMB8GA1UdIwQY
MBaAFMjV43F42FJMcmYKHXlhZZmeWGYiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODIt
OWUwYWVkMmZiOGVjLzEvMXhabS1QcjViLXFGQ3BJd1ppa1lsdTlaRWUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODItOWUwYWVkMmZiOGVj
LzEveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAIC
ObQDBAECOpIDBAACO3QDBAItDCwDBAItQywDBAItVsADBAItXNQDBAItX4wDBAIt
gswDBAItiDwDBAItkcADBAItl8wDBAItmCgDBAJPY4wDBABb7w8DBAJnUqADBAOZ
OMADBAC5JwsDBAK5ObADBAC5nXsDBAC56FkDBADBA54DBAHCY0IDBADUNAMwDQYJ
KoZIhvcNAQELBQADggEBAGmbjnUGhlnXk3RHOVJ43WBJtW3oAWxP2ivj0oH3ojhV
LKUtTqTA42gc6RzEdRCJQO0pQRufDTxwDPlxXb2xvMn6kNuyaH7D5wNOPqyTVs4T
52VFLepvN7YXtVIiH9hQl0rd5khlfKAc78o0RenXv29evg8jcP0/8mZ3ZmpexgKw
9zmGDsxWghR1lu/RZjMtOFXVsfxBWQq5riBuLdHW1iQh6O7Fje8C4EN7SKjv6nwS
oPMXwrLsLVYU/j9VvC//G/oI8acxrSFjTOX7h9hebVcoK/XP1FUjMi0EvkHmGGxl
G8ZgyIusZlJE6T4m6v43UTkyJyJs0vF32oPhAvd2Mso=
-----END CERTIFICATE-----
Generated at Tue Jun 30 23:31:26 2026 by rpki-client