Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/Xsw6u2NpyOA4Uhb6gf6FLBFCjyA.roa
File: Xsw6u2NpyOA4Uhb6gf6FLBFCjyA.roa (raw, json)
Hash identifier: aYe/DyjAhtmHLFtm+CL3nAuzPuexlmj48Rq0XUQoAOI=
Subject key identifier: 5E:CC:3A:BB:63:69:C8:E0:38:52:16:FA:81:FE:85:2C:11:42:8F:20
Certificate issuer: /CN=e91ef22adaa16d53dcf637c569f4131f26215b91
Certificate serial: 019E3B7E0BB771FF155C442759095E6DC14A
Authority key identifier: E9:1E:F2:2A:DA:A1:6D:53:DC:F6:37:C5:69:F4:13:1F:26:21:5B:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6R7yKtqhbVPc9jfFafQTHyYhW5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/Xsw6u2NpyOA4Uhb6gf6FLBFCjyA.roa
Signing time: Mon 18 May 2026 14:29:36 +0000
ROA not before: Mon 18 May 2026 14:29:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214798
IP address blocks: 45.129.140.0/24 maxlen: 24
109.120.158.0/24 maxlen: 24
130.49.160.0/22 maxlen: 24
185.164.163.0/24 maxlen: 24
185.169.107.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
2a09:31c0:cafe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/6R7yKtqhbVPc9jfFafQTHyYhW5E.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/6R7yKtqhbVPc9jfFafQTHyYhW5E.mft
rsync://rpki.ripe.net/repository/DEFAULT/6R7yKtqhbVPc9jfFafQTHyYhW5E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3b:7e:0b:b7:71:ff:15:5c:44:27:59:09:5e:6d:c1:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e91ef22adaa16d53dcf637c569f4131f26215b91
Validity
Not Before: May 18 14:29:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5ecc3abb6369c8e0385216fa81fe852c11428f20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ed:9b:5c:79:f1:93:1f:e2:71:ba:9a:ea:53:
d1:1e:77:cf:15:e2:2e:36:92:1d:ef:e6:46:45:26:
5a:f3:83:ec:c7:87:12:c7:16:77:55:30:00:54:b4:
75:33:df:db:86:d0:4c:68:62:77:32:ee:5e:99:97:
a9:88:f2:16:63:4d:48:60:42:a6:30:f7:7e:29:2e:
dd:2d:5e:ba:1e:c9:de:c8:d6:33:3e:20:52:4c:6f:
61:c8:27:ff:4e:3d:a4:55:bf:4c:8f:6f:0d:64:e6:
15:35:9f:ea:40:ff:3c:fe:bc:36:d7:1c:d1:0d:06:
cd:b8:82:2f:a2:9b:58:cd:13:e0:e1:d7:05:ea:1b:
ed:31:8b:a7:77:6c:45:68:9a:79:86:71:b5:c9:c5:
b1:4a:43:15:05:ec:ee:70:85:8d:91:f1:a4:20:93:
57:2a:8a:32:e5:71:47:27:de:96:24:18:8a:ac:ca:
bd:4c:bb:af:d6:59:80:14:dd:4d:3b:d2:8f:25:fd:
a4:97:48:b4:20:d3:37:cd:b6:09:60:ed:02:2a:b5:
24:92:47:85:9c:e5:9b:62:7b:a6:6c:02:64:b1:63:
62:43:d3:ab:a6:10:f6:8f:fc:fb:e4:96:56:28:5a:
7f:74:1e:db:17:b2:0a:d5:c7:26:f2:20:12:c8:12:
68:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:CC:3A:BB:63:69:C8:E0:38:52:16:FA:81:FE:85:2C:11:42:8F:20
X509v3 Authority Key Identifier:
keyid:E9:1E:F2:2A:DA:A1:6D:53:DC:F6:37:C5:69:F4:13:1F:26:21:5B:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6R7yKtqhbVPc9jfFafQTHyYhW5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/Xsw6u2NpyOA4Uhb6gf6FLBFCjyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/6R7yKtqhbVPc9jfFafQTHyYhW5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.140.0/24
109.120.158.0/24
130.49.160.0/22
185.164.163.0/24
185.169.107.0/24
185.216.84.0/22
IPv6:
2a09:31c0:cafe::/48
Signature Algorithm: sha256WithRSAEncryption
51:60:26:e6:68:e2:9c:b0:9a:92:13:9d:21:50:6f:09:e6:f7:
95:ec:97:1a:99:56:70:03:e8:50:28:11:17:62:ca:69:c2:8c:
22:7e:8f:95:06:ec:95:68:ee:1a:fa:1a:ce:9b:63:15:f5:ab:
1d:a4:09:2b:c5:06:76:c4:20:7e:bc:2c:f9:83:7b:a8:50:b6:
90:a5:22:37:eb:65:dc:b3:2a:46:9f:5e:44:56:1e:1a:36:f6:
4d:07:bf:71:73:5c:e3:57:2b:46:24:92:4b:12:e6:16:8f:2f:
d5:0e:1a:c4:36:42:86:3f:41:d2:eb:74:7d:c8:a9:f8:0e:7c:
80:5c:35:cc:a0:74:5a:28:7a:a9:fd:f5:17:5e:52:7f:be:79:
1c:04:5d:68:73:9d:2d:50:87:d7:1d:27:3e:1a:9e:2e:3d:43:
8d:16:6a:07:6a:54:e7:65:3c:b2:09:e7:70:d9:32:23:e5:8f:
de:b9:26:fb:77:1d:fa:d9:b7:c6:99:66:72:44:d1:78:88:58:
cd:33:c6:ad:bc:e2:96:3b:3d:54:63:1d:c2:8c:1c:4d:b5:ff:
dd:7f:5e:f9:01:05:f3:0e:96:a8:c9:14:68:7c:f0:bc:bf:46:
ff:f7:c6:bf:10:2b:7b:ba:be:a0:6e:07:7c:79:5e:59:5c:fa:
34:bd:23:fb
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZ47fgu3cf8VXEQnWQlebcFKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MWVmMjJhZGFhMTZkNTNkY2Y2MzdjNTY5ZjQxMzFmMjYy
MTViOTEwHhcNMjYwNTE4MTQyOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWNjM2FiYjYzNjljOGUwMzg1MjE2ZmE4MWZlODUyYzExNDI4ZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqO2bXHnxkx/icbqa6lPRHnfPFeIu
NpId7+ZGRSZa84Psx4cSxxZ3VTAAVLR1M9/bhtBMaGJ3Mu5emZepiPIWY01IYEKm
MPd+KS7dLV66HsneyNYzPiBSTG9hyCf/Tj2kVb9Mj28NZOYVNZ/qQP88/rw21xzR
DQbNuIIvoptYzRPg4dcF6hvtMYund2xFaJp5hnG1ycWxSkMVBezucIWNkfGkIJNX
Kooy5XFHJ96WJBiKrMq9TLuv1lmAFN1NO9KPJf2kl0i0INM3zbYJYO0CKrUkkkeF
nOWbYnumbAJksWNiQ9OrphD2j/z75JZWKFp/dB7bF7IK1ccm8iASyBJobwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFF7MOrtjacjgOFIW+oH+hSwRQo8gMB8GA1UdIwQY
MBaAFOke8iraoW1T3PY3xWn0Ex8mIVuRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlI3eUt0cWhiVlBjOWpmRmFmUVRIeVloVzVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8xMTEzODUtMmViNi00YzZhLWI5YzQt
MzRhZTg5MWE3MmNmLzEvWHN3NnUyTnB5T0E0VWhiNmdmNkZMQkZDanlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8xMTEzODUtMmViNi00YzZhLWI5YzQtMzRhZTg5MWE3MmNm
LzEvNlI3eUt0cWhiVlBjOWpmRmFmUVRIeVloVzVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQALYGMAwQA
bXieAwQCgjGgAwQAuaSjAwQAualrAwQCudhUMA8EAgACMAkDBwAqCTHAyv4wDQYJ
KoZIhvcNAQELBQADggEBAFFgJuZo4pywmpITnSFQbwnm95XslxqZVnAD6FAoERdi
ymnCjCJ+j5UG7JVo7hr6Gs6bYxX1qx2kCSvFBnbEIH68LPmDe6hQtpClIjfrZdyz
KkafXkRWHho29k0Hv3FzXONXK0YkkksS5haPL9UOGsQ2QoY/QdLrdH3IqfgOfIBc
NcygdFooeqn99RdeUn++eRwEXWhznS1Qh9cdJz4ani49Q40WagdqVOdlPLIJ53DZ
MiPlj965Jvt3HfrZt8aZZnJE0XiIWM0zxq284pY7PVRjHcKMHE21/91/XvkBBfMO
lqjJFGh88Ly/Rv/3xr8QK3u6vqBuB3x5Xllc+jS9I/s=
-----END CERTIFICATE-----
Generated at Thu Jun 11 21:19:39 2026 by rpki-client