Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/4dd06d-e7a6-4491-9e13-a288b41a50f6/1/XUYX3TKPDXOL9F-nbpIpGRvlG8w.roa
File: XUYX3TKPDXOL9F-nbpIpGRvlG8w.roa (raw, json)
Hash identifier: EXmgm0KKBubkjhoIVh+28P819hcnVjQyIk/PTDuS3ok=
Subject key identifier: 5D:46:17:DD:32:8F:0D:73:8B:F4:5F:A7:6E:92:29:19:1B:E5:1B:CC
Certificate issuer: /CN=0011fe2b2f67547ad712d6fc36ac67dd692f0e1e
Certificate serial: 019B783546263FEB46D52F42095BA3D4CCB5
Authority key identifier: 00:11:FE:2B:2F:67:54:7A:D7:12:D6:FC:36:AC:67:DD:69:2F:0E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ABH-Ky9nVHrXEtb8Nqxn3WkvDh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/4dd06d-e7a6-4491-9e13-a288b41a50f6/1/XUYX3TKPDXOL9F-nbpIpGRvlG8w.roa
Signing time: Thu 01 Jan 2026 06:18:35 +0000
ROA not before: Thu 01 Jan 2026 06:18:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39659
IP address blocks: 185.229.36.0/22 maxlen: 22
185.229.36.0/23 maxlen: 23
185.229.36.0/24 maxlen: 24
185.229.37.0/24 maxlen: 24
185.229.38.0/23 maxlen: 23
185.229.38.0/24 maxlen: 24
185.229.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/4dd06d-e7a6-4491-9e13-a288b41a50f6/1/ABH-Ky9nVHrXEtb8Nqxn3WkvDh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/4dd06d-e7a6-4491-9e13-a288b41a50f6/1/ABH-Ky9nVHrXEtb8Nqxn3WkvDh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/ABH-Ky9nVHrXEtb8Nqxn3WkvDh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 06:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:78:35:46:26:3f:eb:46:d5:2f:42:09:5b:a3:d4:cc:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0011fe2b2f67547ad712d6fc36ac67dd692f0e1e
Validity
Not Before: Jan 1 06:18:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5d4617dd328f0d738bf45fa76e9229191be51bcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:13:3d:97:6b:26:59:f7:d1:af:8a:f3:2d:96:
34:57:8b:3c:5b:43:37:f2:1f:a6:37:e6:a7:7e:4f:
3d:b6:9f:9a:43:b4:98:9a:af:83:8d:c0:c6:c5:02:
f5:28:30:56:ca:72:55:16:e7:51:9c:aa:8a:f8:90:
af:89:4e:2b:fa:50:85:68:95:bb:dd:f0:97:14:59:
9f:14:d7:16:e4:34:1c:3f:9f:96:e9:96:02:d6:da:
31:ac:9b:72:58:81:ae:da:b7:5b:c2:be:73:a3:da:
40:70:44:31:c6:89:5d:aa:73:61:da:cb:05:0a:09:
ae:6e:8d:c9:1a:31:15:7a:20:af:dc:b8:5f:b2:18:
93:8a:8b:03:2c:6d:4c:12:5e:48:0b:3c:10:b7:01:
91:16:06:2d:12:46:49:f0:85:cb:1c:dc:f7:19:17:
2b:c0:c6:34:04:73:b5:1f:3b:d9:cc:0f:bd:b8:e6:
36:98:cf:c0:a1:3a:cb:d6:86:8d:4c:56:0c:89:80:
c1:75:ac:94:59:cf:84:f2:04:83:85:eb:0c:fd:20:
64:cb:89:b0:30:6c:63:a5:3a:d9:ad:6a:34:7a:40:
7f:a6:d8:15:56:8b:35:32:80:a9:b3:77:bd:e2:e9:
ba:4e:a8:83:02:db:6f:31:2c:54:59:ea:b5:38:34:
bd:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:46:17:DD:32:8F:0D:73:8B:F4:5F:A7:6E:92:29:19:1B:E5:1B:CC
X509v3 Authority Key Identifier:
keyid:00:11:FE:2B:2F:67:54:7A:D7:12:D6:FC:36:AC:67:DD:69:2F:0E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ABH-Ky9nVHrXEtb8Nqxn3WkvDh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/4dd06d-e7a6-4491-9e13-a288b41a50f6/1/XUYX3TKPDXOL9F-nbpIpGRvlG8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/4dd06d-e7a6-4491-9e13-a288b41a50f6/1/ABH-Ky9nVHrXEtb8Nqxn3WkvDh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.36.0/22
Signature Algorithm: sha256WithRSAEncryption
24:3c:1b:61:16:ea:8d:ea:1e:76:50:88:d3:88:34:f9:7e:4c:
9c:9c:93:be:bb:b9:c1:08:c2:67:9e:0a:5a:73:03:56:3a:e6:
81:cf:f1:a9:31:54:d8:78:db:e4:e7:fb:a1:6e:9f:ed:98:0f:
64:bc:de:31:94:c8:7f:4c:8a:86:da:c2:7b:af:9e:f5:a3:e4:
cb:76:da:e3:1c:69:04:40:c2:24:ab:50:49:e9:ae:61:af:87:
12:6d:98:c5:bf:37:53:e1:37:2c:49:52:50:1f:bf:42:6b:7a:
c4:cc:ac:ce:d8:4f:e5:b7:47:b6:f5:40:be:ce:52:c2:36:9a:
f7:19:bc:c6:65:ce:6e:b0:5d:b3:be:4c:d8:2a:b1:0f:18:4c:
52:56:52:93:af:de:f0:f8:30:e1:ab:c4:0e:e1:bf:ee:dd:1d:
ed:8f:92:bf:39:3b:80:48:50:ce:67:eb:52:7b:0d:c8:0b:38:
db:ac:61:c1:45:86:d6:65:b7:52:40:47:02:af:f7:ae:db:d5:
d0:47:14:8a:2f:81:f3:54:6f:e0:7f:b4:69:a0:d1:70:07:7a:
eb:1c:fa:43:f0:93:81:2d:06:a1:97:55:d3:ae:21:a8:32:27:
2a:8e:d5:73:1f:71:f9:4e:e3:b2:67:10:31:79:88:41:22:ca:
d5:96:20:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt4NUYmP+tG1S9CCVuj1My1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMTFmZTJiMmY2NzU0N2FkNzEyZDZmYzM2YWM2N2RkNjky
ZjBlMWUwHhcNMjYwMTAxMDYxODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDQ2MTdkZDMyOGYwZDczOGJmNDVmYTc2ZTkyMjkxOTFiZTUxYmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBM9l2smWffRr4rzLZY0V4s8W0M3
8h+mN+anfk89tp+aQ7SYmq+DjcDGxQL1KDBWynJVFudRnKqK+JCviU4r+lCFaJW7
3fCXFFmfFNcW5DQcP5+W6ZYC1toxrJtyWIGu2rdbwr5zo9pAcEQxxoldqnNh2ssF
Cgmubo3JGjEVeiCv3LhfshiTiosDLG1MEl5ICzwQtwGRFgYtEkZJ8IXLHNz3GRcr
wMY0BHO1HzvZzA+9uOY2mM/AoTrL1oaNTFYMiYDBdayUWc+E8gSDhesM/SBky4mw
MGxjpTrZrWo0ekB/ptgVVos1MoCps3e94um6TqiDAttvMSxUWeq1ODS9bwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF1GF90yjw1zi/Rfp26SKRkb5RvMMB8GA1UdIwQY
MBaAFAAR/isvZ1R61xLW/DasZ91pLw4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUJILUt5OW5WSHJYRXRiOE5xeG4zV2t2RGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS80ZGQwNmQtZTdhNi00NDkxLTllMTMt
YTI4OGI0MWE1MGY2LzEvWFVZWDNUS1BEWE9MOUYtbmJwSXBHUnZsRzh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS80ZGQwNmQtZTdhNi00NDkxLTllMTMtYTI4OGI0MWE1MGY2
LzEvQUJILUt5OW5WSHJYRXRiOE5xeG4zV2t2RGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueUkMA0G
CSqGSIb3DQEBCwUAA4IBAQAkPBthFuqN6h52UIjTiDT5fkycnJO+u7nBCMJnngpa
cwNWOuaBz/GpMVTYeNvk5/uhbp/tmA9kvN4xlMh/TIqG2sJ7r571o+TLdtrjHGkE
QMIkq1BJ6a5hr4cSbZjFvzdT4TcsSVJQH79Ca3rEzKzO2E/lt0e29UC+zlLCNpr3
GbzGZc5usF2zvkzYKrEPGExSVlKTr97w+DDhq8QO4b/u3R3tj5K/OTuASFDOZ+tS
ew3ICzjbrGHBRYbWZbdSQEcCr/eu29XQRxSKL4HzVG/gf7RpoNFwB3rrHPpD8JOB
LQahl1XTriGoMicqjtVzH3H5TuOyZxAxeYhBIsrVliBB
-----END CERTIFICATE-----
Generated at Thu Mar 5 14:14:42 2026 by rpki-client