
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xDxuIEUCIDcUBC7GEX_yysiuxhc.roa
File: xDxuIEUCIDcUBC7GEX_yysiuxhc.roa (raw, json)
Hash identifier: IzprAziVgxKDFqYRMO4B3XrCwMl8qW/JU7Fx+iGkOeI=
Subject key identifier: C4:3C:6E:20:45:02:20:37:14:04:2E:C6:11:7F:F2:CA:C8:AE:C6:17
Certificate issuer: /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial: 019F2368D1EF351FE26363BB1C73ECA9D284
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xDxuIEUCIDcUBC7GEX_yysiuxhc.roa
Signing time: Thu 02 Jul 2026 15:18:19 +0000
ROA not before: Thu 02 Jul 2026 15:18:19 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 154049
IP address blocks: 37.252.25.0/24 maxlen: 24
77.107.83.0/24 maxlen: 24
79.99.147.0/24 maxlen: 24
81.168.38.0/24 maxlen: 24
109.176.14.0/24 maxlen: 24
212.38.80.0/24 maxlen: 24
213.210.24.0/24 maxlen: 24
217.144.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:23:68:d1:ef:35:1f:e2:63:63:bb:1c:73:ec:a9:d2:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Validity
Not Before: Jul 2 15:18:19 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c43c6e204502203714042ec6117ff2cac8aec617
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:f8:fd:2b:50:5f:e4:c9:e6:fa:af:e7:0a:95:
bf:49:d6:02:c0:06:27:08:83:dc:15:c3:09:97:fd:
4a:d2:25:61:a1:f6:22:60:c1:7a:52:c8:90:2e:2c:
e5:ce:e5:b6:67:ee:d4:d3:a7:08:10:34:52:0d:14:
b5:13:79:f4:5c:cb:3f:cf:9c:3e:cd:5a:72:d1:d4:
33:48:d7:bb:a0:ff:40:f9:80:49:ae:b7:06:b9:a3:
0a:9f:b6:0a:08:f1:04:a0:99:26:bb:6b:eb:a2:b5:
4e:21:e8:d7:85:ce:d1:27:07:89:a0:46:df:04:a6:
d0:75:4f:20:cc:0e:41:6a:95:35:a8:9a:15:a0:41:
11:41:25:3e:1b:e3:d6:97:4f:13:ba:f0:34:5a:b5:
a7:91:1d:6f:7c:52:9a:48:53:26:05:6b:a3:54:8f:
04:9f:c7:75:1a:28:56:87:4c:31:72:e7:7d:02:07:
b3:dc:57:93:18:53:35:7e:31:9c:d5:c3:9b:5b:09:
61:3d:d8:37:0c:7f:99:f6:0a:f5:10:8d:51:b3:5b:
de:37:32:37:5f:33:97:d5:1d:19:5f:d4:72:6a:cb:
93:3c:10:8d:5a:17:ac:58:f1:e2:0c:2b:ed:49:ba:
c2:d4:91:8d:36:2a:66:62:93:a1:0e:5b:94:8b:75:
bb:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:3C:6E:20:45:02:20:37:14:04:2E:C6:11:7F:F2:CA:C8:AE:C6:17
X509v3 Authority Key Identifier:
keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xDxuIEUCIDcUBC7GEX_yysiuxhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.25.0/24
77.107.83.0/24
79.99.147.0/24
81.168.38.0/24
109.176.14.0/24
212.38.80.0/24
213.210.24.0/24
217.144.147.0/24
Signature Algorithm: sha256WithRSAEncryption
60:95:7c:f9:d0:4c:6c:07:6e:dc:e0:9a:3e:ea:fa:19:69:72:
3e:28:33:d2:b5:ec:4a:c6:ff:99:a9:a1:35:56:67:5f:77:c3:
68:9a:39:3d:23:49:13:3f:d1:1f:dd:0f:4b:a4:49:af:ca:f5:
90:70:2c:35:08:30:cf:99:35:23:a1:70:66:c7:10:e2:fe:9b:
09:39:eb:51:c8:f8:89:d8:11:94:b2:e1:74:99:74:a2:77:69:
13:72:84:26:12:8b:c6:44:7d:5f:29:3d:e5:fe:28:cc:5c:4b:
bc:94:e0:6a:93:01:df:22:6e:ac:de:d7:0f:ad:3e:25:e2:93:
c9:57:7b:c7:65:d7:2a:51:3d:ff:24:7d:fc:04:f7:26:54:27:
f4:32:1c:1f:ab:f3:9e:ec:38:a6:e5:32:dc:ed:ad:bb:2e:43:
11:07:ce:2d:1a:4f:9a:11:45:2a:98:d3:45:97:a1:9a:e9:16:
1c:1d:de:f9:d9:26:2e:07:84:1c:8c:66:40:09:b2:fe:7b:ea:
96:f5:f7:71:d7:17:d2:a2:e7:3a:ef:cc:bf:b1:0b:0e:0e:d1:
89:ba:69:99:56:48:57:1a:f8:61:00:51:f8:1a:f7:a5:fc:fc:
5b:55:94:1f:00:80:4c:5a:1e:9f:18:49:2a:54:dc:43:ef:8b:
6f:35:26:cd
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZ8jaNHvNR/iY2O7HHPsqdKEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDNjNmUyMDQ1MDIyMDM3MTQwNDJlYzYxMTdmZjJjYWM4YWVjNjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3vj9K1Bf5Mnm+q/nCpW/SdYCwAYn
CIPcFcMJl/1K0iVhofYiYMF6UsiQLizlzuW2Z+7U06cIEDRSDRS1E3n0XMs/z5w+
zVpy0dQzSNe7oP9A+YBJrrcGuaMKn7YKCPEEoJkmu2vrorVOIejXhc7RJweJoEbf
BKbQdU8gzA5BapU1qJoVoEERQSU+G+PWl08TuvA0WrWnkR1vfFKaSFMmBWujVI8E
n8d1GihWh0wxcud9Agez3FeTGFM1fjGc1cObWwlhPdg3DH+Z9gr1EI1Rs1veNzI3
XzOX1R0ZX9RyasuTPBCNWhesWPHiDCvtSbrC1JGNNipmYpOhDluUi3W77QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFMQ8biBFAiA3FAQuxhF/8srIrsYXMB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveER4dUlFVUNJRGNVQkM3R0VYX3l5c2l1eGhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAJfwZAwQA
TWtTAwQAT2OTAwQAUagmAwQAbbAOAwQA1CZQAwQA1dIYAwQA2ZCTMA0GCSqGSIb3
DQEBCwUAA4IBAQBglXz50ExsB27c4Jo+6voZaXI+KDPStexKxv+ZqaE1Vmdfd8No
mjk9I0kTP9Ef3Q9LpEmvyvWQcCw1CDDPmTUjoXBmxxDi/psJOetRyPiJ2BGUsuF0
mXSid2kTcoQmEovGRH1fKT3l/ijMXEu8lOBqkwHfIm6s3tcPrT4l4pPJV3vHZdcq
UT3/JH38BPcmVCf0Mhwfq/Oe7Dim5TLc7a27LkMRB84tGk+aEUUqmNNFl6Ga6RYc
Hd752SYuB4QcjGZACbL+e+qW9fdx1xfSouc678y/sQsODtGJummZVkhXGvhhAFH4
Gvel/PxbVZQfAIBMWh6fGEkqVNxD74tvNSbN
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:20:06 2026 by rpki-client