Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/XKH26q6FyoHhPWYtVmWy7C-UnDM.roa
File: XKH26q6FyoHhPWYtVmWy7C-UnDM.roa (raw, json)
Hash identifier: OtEvRixouQiKDuyWr9x+GN+VVDpKASRtZXM2B0lmSBs=
Subject key identifier: 5C:A1:F6:EA:AE:85:CA:81:E1:3D:66:2D:56:65:B2:EC:2F:94:9C:33
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019DE239C666EC3B1959999A3C37D7716389
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/XKH26q6FyoHhPWYtVmWy7C-UnDM.roa
Signing time: Fri 01 May 2026 06:28:50 +0000
ROA not before: Fri 01 May 2026 06:28:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208185
IP address blocks: 31.58.239.0/24 maxlen: 24
94.183.242.0/24 maxlen: 24
94.183.243.0/24 maxlen: 24
94.183.244.0/24 maxlen: 24
94.183.245.0/24 maxlen: 24
94.183.246.0/24 maxlen: 24
94.183.247.0/24 maxlen: 24
94.183.248.0/22 maxlen: 24
94.183.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 16:45:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e2:39:c6:66:ec:3b:19:59:99:9a:3c:37:d7:71:63:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 1 06:28:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5ca1f6eaae85ca81e13d662d5665b2ec2f949c33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:00:e6:5f:c6:74:94:22:93:2b:5d:91:46:7f:
3f:8c:bc:68:1b:33:71:86:cc:69:d2:f7:fe:7b:e6:
cd:9c:8b:7e:40:4f:fd:2d:ab:96:28:38:dc:30:06:
87:da:ff:a0:50:95:85:38:a3:52:2e:72:46:22:9b:
2c:37:c3:fd:21:eb:84:20:f1:b7:8f:3d:de:f3:c6:
a3:e6:06:86:c2:54:81:e2:ec:79:9e:df:26:9b:8e:
76:ba:89:00:cb:98:68:05:1b:26:77:d0:30:5b:d5:
82:f8:dd:8b:a2:e4:75:4f:c1:13:90:63:aa:1e:e6:
50:1c:50:2c:ba:4f:aa:80:b3:18:5c:fc:9e:88:8a:
8a:e6:98:ce:4b:4d:fd:dc:2e:09:5f:0d:d9:fe:e5:
82:b8:57:55:ef:d9:7f:5b:d3:a5:96:5f:f0:bc:ce:
c6:cd:02:97:ef:f2:a7:68:0b:72:3d:9a:80:15:5a:
63:6a:60:ab:f0:bb:02:ea:18:2d:48:59:f4:41:2b:
39:9c:d2:03:81:ae:6f:a4:e0:9e:43:35:62:11:1c:
62:e2:13:33:ce:9e:39:e9:de:94:ec:7d:fc:5c:f0:
ea:be:e1:88:dd:7a:f1:2e:f0:ab:a8:b4:aa:01:37:
2d:09:00:b5:63:52:21:57:a9:a5:d3:7d:24:e2:d1:
3b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:A1:F6:EA:AE:85:CA:81:E1:3D:66:2D:56:65:B2:EC:2F:94:9C:33
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/XKH26q6FyoHhPWYtVmWy7C-UnDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.239.0/24
94.183.242.0-94.183.251.255
94.183.254.0/24
Signature Algorithm: sha256WithRSAEncryption
17:fb:1f:56:1d:bd:0c:14:e7:1e:a6:39:89:e1:c8:70:b0:f0:
58:ff:33:bc:3c:6f:fd:00:10:e6:1b:32:22:8c:e6:fd:b4:cf:
87:e6:76:d4:a7:65:cc:09:ec:95:26:b6:22:93:e0:13:26:aa:
39:ff:25:54:30:6f:db:d5:42:6b:df:54:4e:c3:ac:34:af:76:
ff:25:3d:90:78:84:f6:36:9a:90:d4:40:7c:88:71:15:ae:e1:
a2:f0:83:0a:74:b8:86:09:f5:95:d9:3e:5e:fe:f6:7e:44:11:
be:cb:78:ef:e2:90:a5:c6:d6:90:d1:75:0f:aa:17:3e:b3:56:
6e:fa:70:c7:75:14:ec:49:9c:f2:94:0f:98:b3:3b:3a:9d:3d:
51:e9:1d:72:5a:7f:57:bd:15:98:88:19:bd:39:e0:e2:64:45:
bf:4a:bb:d9:25:e3:3e:15:45:81:84:1c:a8:78:2f:4e:74:a7:
bf:07:62:af:7f:e3:d7:0c:6e:be:a3:c3:31:78:49:ff:5a:95:
11:7b:01:58:0c:df:e8:51:f7:5a:e7:13:fa:f2:43:6f:e3:de:
31:0d:7c:85:ed:22:2b:7b:0f:2a:76:60:cc:b9:82:ad:fc:ed:
bd:82:95:32:f3:42:ef:20:10:be:53:94:0b:63:e9:7d:13:80:
d3:d7:ff:b5
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ3iOcZm7DsZWZmaPDfXcWOJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNTAxMDYyODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2ExZjZlYWFlODVjYTgxZTEzZDY2MmQ1NjY1YjJlYzJmOTQ5YzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ADmX8Z0lCKTK12RRn8/jLxoGzNx
hsxp0vf+e+bNnIt+QE/9LauWKDjcMAaH2v+gUJWFOKNSLnJGIpssN8P9IeuEIPG3
jz3e88aj5gaGwlSB4ux5nt8mm452uokAy5hoBRsmd9AwW9WC+N2LouR1T8ETkGOq
HuZQHFAsuk+qgLMYXPyeiIqK5pjOS0393C4JXw3Z/uWCuFdV79l/W9Olll/wvM7G
zQKX7/KnaAtyPZqAFVpjamCr8LsC6hgtSFn0QSs5nNIDga5vpOCeQzViERxi4hMz
zp456d6U7H38XPDqvuGI3XrxLvCrqLSqATctCQC1Y1IhV6ml030k4tE7NwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFyh9uquhcqB4T1mLVZlsuwvlJwzMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvWEtIMjZxNkZ5b0hoUFdZdFZtV3k3Qy1VbkRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAHzrvMAwD
BAFet/IDBAJet/gDBABet/4wDQYJKoZIhvcNAQELBQADggEBABf7H1YdvQwU5x6m
OYnhyHCw8Fj/M7w8b/0AEOYbMiKM5v20z4fmdtSnZcwJ7JUmtiKT4BMmqjn/JVQw
b9vVQmvfVE7DrDSvdv8lPZB4hPY2mpDUQHyIcRWu4aLwgwp0uIYJ9ZXZPl7+9n5E
Eb7LeO/ikKXG1pDRdQ+qFz6zVm76cMd1FOxJnPKUD5izOzqdPVHpHXJaf1e9FZiI
Gb054OJkRb9Ku9kl4z4VRYGEHKh4L050p78HYq9/49cMbr6jwzF4Sf9alRF7AVgM
3+hR91rnE/ryQ2/j3jENfIXtIit7Dyp2YMy5gq387b2ClTLzQu8gEL5TlAtj6X0T
gNPX/7U=
-----END CERTIFICATE-----
Generated at Wed May 6 02:40:17 2026 by rpki-client