Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/XtF6dx1K_-9E8G1QrrAN0rjOP2E.roa
File: XtF6dx1K_-9E8G1QrrAN0rjOP2E.roa (raw, json)
Hash identifier: AEIk+UMFJZOy6fARFY4HiJljniS60LJkRzj37goEaUE=
Subject key identifier: 5E:D1:7A:77:1D:4A:FF:EF:44:F0:6D:50:AE:B0:0D:D2:B8:CE:3F:61
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 019F084437F3BDB280CA6C8F963A284E4C35
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/XtF6dx1K_-9E8G1QrrAN0rjOP2E.roa
Signing time: Sat 27 Jun 2026 08:48:36 +0000
ROA not before: Sat 27 Jun 2026 08:48:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57043
IP address blocks: 195.216.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:08:44:37:f3:bd:b2:80:ca:6c:8f:96:3a:28:4e:4c:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Jun 27 08:48:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5ed17a771d4affef44f06d50aeb00dd2b8ce3f61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f0:83:72:ff:0e:8d:91:da:08:2b:38:b1:a9:
96:fe:2b:c3:b2:50:0f:80:c8:8b:03:d6:ed:79:59:
d3:89:91:b8:de:32:fc:f2:5c:a2:e1:6a:ad:c4:11:
0c:69:cf:2b:59:77:5f:81:72:d4:1e:4e:28:98:d3:
24:ff:f1:51:76:f3:10:9d:9d:49:4a:92:3b:03:25:
2c:b8:21:83:20:83:c4:b8:31:82:73:5f:86:9b:20:
2d:5d:b3:53:ab:8e:09:9c:22:e2:7a:a6:8a:91:27:
64:b9:22:5e:1d:d9:95:cf:7b:68:e9:fa:84:dc:9e:
d3:41:0c:af:fd:b9:72:fc:f0:d5:f0:52:2a:96:dc:
c3:6a:62:40:07:3b:b2:4d:ff:c9:23:b3:5d:37:0f:
9e:e1:43:0d:38:29:b7:43:3a:df:ee:b0:1d:5f:ff:
68:e1:2c:a0:1e:53:2e:24:53:66:15:a0:be:44:41:
d2:e4:b7:4c:78:08:bf:ec:47:65:96:15:0d:f9:a0:
16:e3:d0:e4:20:cb:8c:90:38:b0:0d:49:61:61:51:
ad:47:2d:73:b5:66:a5:ef:d5:13:0f:1a:91:f2:ab:
dd:a2:44:35:65:e1:16:97:24:11:97:3c:84:df:9f:
37:c5:58:8a:c4:cb:46:f7:e2:67:f6:39:24:a0:09:
c8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:D1:7A:77:1D:4A:FF:EF:44:F0:6D:50:AE:B0:0D:D2:B8:CE:3F:61
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/XtF6dx1K_-9E8G1QrrAN0rjOP2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.186.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:1b:77:ef:b4:19:51:1d:65:d1:34:70:95:84:44:9a:75:4f:
b6:5a:14:df:e8:73:e8:6b:82:95:55:85:f0:7c:ed:ac:d5:12:
59:f3:c5:78:68:8a:18:db:fa:52:f9:9c:99:36:d9:cf:24:16:
2c:0a:fa:81:e2:df:eb:bc:43:7a:b2:1c:ef:a5:75:0e:d8:a8:
27:20:e6:0a:a5:c7:de:f9:11:48:bf:63:c1:0f:07:48:7c:f7:
f7:a7:c7:89:65:e5:fe:96:40:77:21:bc:23:dc:e2:58:67:c7:
63:dc:f5:bf:eb:71:1e:96:76:9b:a4:ad:76:ee:48:b8:f4:69:
54:1a:21:b6:36:7e:aa:c1:db:8a:e8:ca:36:0d:62:cb:77:72:
c9:1a:8e:30:5d:d4:46:f6:b6:59:aa:81:cc:da:f6:e0:89:64:
eb:5a:c4:c2:3e:b1:d5:e1:0c:7a:cc:e6:93:2d:4d:5d:14:d7:
b5:80:ed:b2:b6:6f:02:63:e1:01:6a:3c:7d:d5:f0:66:c1:8c:
e7:3c:d3:ff:e9:0f:b7:4a:e4:6e:a6:6b:c6:0f:c4:8a:49:ec:
d8:de:02:d2:20:fb:fa:07:7d:93:6a:62:cb:75:57:41:a4:d9:
3b:2b:31:a8:95:56:be:14:18:9d:8f:83:3f:81:a5:0f:fb:08:
7f:8d:5c:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ8IRDfzvbKAymyPljooTkw1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjYwNjI3MDg0ODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWQxN2E3NzFkNGFmZmVmNDRmMDZkNTBhZWIwMGRkMmI4Y2UzZjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfCDcv8OjZHaCCs4samW/ivDslAP
gMiLA9bteVnTiZG43jL88lyi4WqtxBEMac8rWXdfgXLUHk4omNMk//FRdvMQnZ1J
SpI7AyUsuCGDIIPEuDGCc1+GmyAtXbNTq44JnCLieqaKkSdkuSJeHdmVz3to6fqE
3J7TQQyv/bly/PDV8FIqltzDamJABzuyTf/JI7NdNw+e4UMNOCm3Qzrf7rAdX/9o
4SygHlMuJFNmFaC+REHS5LdMeAi/7EdllhUN+aAW49DkIMuMkDiwDUlhYVGtRy1z
tWal79UTDxqR8qvdokQ1ZeEWlyQRlzyE3583xViKxMtG9+Jn9jkkoAnI5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF7RencdSv/vRPBtUK6wDdK4zj9hMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvWHRGNmR4MUtfLTlFOEcxUXJyQU4wcmpPUDJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw9i6MA0G
CSqGSIb3DQEBCwUAA4IBAQA/G3fvtBlRHWXRNHCVhESadU+2WhTf6HPoa4KVVYXw
fO2s1RJZ88V4aIoY2/pS+ZyZNtnPJBYsCvqB4t/rvEN6shzvpXUO2KgnIOYKpcfe
+RFIv2PBDwdIfPf3p8eJZeX+lkB3Ibwj3OJYZ8dj3PW/63EelnabpK127ki49GlU
GiG2Nn6qwduK6Mo2DWLLd3LJGo4wXdRG9rZZqoHM2vbgiWTrWsTCPrHV4Qx6zOaT
LU1dFNe1gO2ytm8CY+EBajx91fBmwYznPNP/6Q+3SuRupmvGD8SKSezY3gLSIPv6
B32TamLLdVdBpNk7KzGolVa+FBidj4M/gaUP+wh/jVzq
-----END CERTIFICATE-----
Generated at Mon Jun 29 12:24:12 2026 by rpki-client