Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/7cabe0-6d84-47a7-acec-c7cad5020eef/1/xE-BgKSVBYFhggPNmKsU1prxN0g.roa
File: xE-BgKSVBYFhggPNmKsU1prxN0g.roa (raw, json)
Hash identifier: YpkmYJyHUw54oWyFNUMkFF7WgnbU7Uo2+GiNtKKeUKY=
Subject key identifier: C4:4F:81:80:A4:95:05:81:61:82:03:CD:98:AB:14:D6:9A:F1:37:48
Certificate issuer: /CN=a19fd633a4d3d210decf7db57d122b648b98ed25
Certificate serial: 019EF3FE14A7929AA1D3BBC60DA803443931
Authority key identifier: A1:9F:D6:33:A4:D3:D2:10:DE:CF:7D:B5:7D:12:2B:64:8B:98:ED:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oZ_WM6TT0hDez321fRIrZIuY7SU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/7cabe0-6d84-47a7-acec-c7cad5020eef/1/xE-BgKSVBYFhggPNmKsU1prxN0g.roa
Signing time: Tue 23 Jun 2026 10:19:35 +0000
ROA not before: Tue 23 Jun 2026 10:19:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213648
IP address blocks: 5.182.232.0/22 maxlen: 22
94.142.164.0/22 maxlen: 22
193.23.115.0/24 maxlen: 24
194.93.78.0/24 maxlen: 24
2a14:8700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/7cabe0-6d84-47a7-acec-c7cad5020eef/1/oZ_WM6TT0hDez321fRIrZIuY7SU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/7cabe0-6d84-47a7-acec-c7cad5020eef/1/oZ_WM6TT0hDez321fRIrZIuY7SU.mft
rsync://rpki.ripe.net/repository/DEFAULT/oZ_WM6TT0hDez321fRIrZIuY7SU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Jun 2026 15:38:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:f3:fe:14:a7:92:9a:a1:d3:bb:c6:0d:a8:03:44:39:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a19fd633a4d3d210decf7db57d122b648b98ed25
Validity
Not Before: Jun 23 10:19:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c44f8180a4950581618203cd98ab14d69af13748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:fd:63:fa:9c:56:b4:10:ac:de:51:85:41:cb:
01:76:5b:d8:98:13:80:de:85:cd:0f:e5:2f:92:42:
59:dc:05:dc:08:bf:01:d9:23:6a:6a:42:48:b9:88:
d2:f1:da:bf:f0:cb:61:90:b0:60:d4:29:9a:05:46:
0b:74:c4:0e:28:9c:8e:c1:39:71:3e:14:ce:1a:1e:
c0:5f:07:65:10:3c:c0:92:b9:1b:50:53:4b:05:43:
b2:08:5d:89:7d:5a:fb:63:25:a2:2d:cd:0d:76:46:
ca:a9:2d:c9:d9:9c:31:1e:ad:f3:11:25:79:ba:28:
02:48:5d:ea:3d:b9:ca:56:7a:2c:85:f3:71:8c:37:
db:69:6f:06:30:71:c4:6e:12:a8:26:55:96:d7:e9:
5b:6b:10:6e:a8:a6:d9:8e:15:15:6b:b3:19:9e:95:
d9:11:8f:8b:54:a9:8e:72:f9:21:ea:99:a5:01:ca:
3b:eb:54:c9:c7:a7:a4:68:7e:c8:ca:23:6c:ef:cc:
06:f6:7e:6b:00:2a:ff:f6:9c:e8:82:f2:3f:a8:75:
92:c0:55:35:33:ef:8d:51:de:b8:62:22:0b:07:59:
3d:d0:db:52:66:42:0b:95:da:96:f1:06:60:71:65:
54:1d:7c:d4:f8:3f:f9:c2:25:7e:25:36:73:fe:53:
3b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:4F:81:80:A4:95:05:81:61:82:03:CD:98:AB:14:D6:9A:F1:37:48
X509v3 Authority Key Identifier:
keyid:A1:9F:D6:33:A4:D3:D2:10:DE:CF:7D:B5:7D:12:2B:64:8B:98:ED:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oZ_WM6TT0hDez321fRIrZIuY7SU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/7cabe0-6d84-47a7-acec-c7cad5020eef/1/xE-BgKSVBYFhggPNmKsU1prxN0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/7cabe0-6d84-47a7-acec-c7cad5020eef/1/oZ_WM6TT0hDez321fRIrZIuY7SU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.232.0/22
94.142.164.0/22
193.23.115.0/24
194.93.78.0/24
IPv6:
2a14:8700::/29
Signature Algorithm: sha256WithRSAEncryption
97:b7:73:04:f3:74:4a:64:a0:5d:83:46:46:c7:dd:0d:cd:ea:
1f:31:d5:05:9b:98:82:40:3a:b7:a0:32:49:1b:95:89:bb:bf:
6a:df:93:f6:4f:57:ec:15:1e:94:61:38:d3:58:ba:ea:cf:1e:
19:b5:b6:e7:70:f5:12:2f:4f:13:80:49:b9:98:4f:0b:89:e4:
18:aa:8b:8a:26:8a:82:0b:f3:43:34:ed:6a:93:05:67:83:8b:
de:65:b9:ad:39:5c:43:c3:05:81:d8:2d:59:1b:93:82:f8:ec:
2d:ed:18:64:33:c3:cc:54:88:84:f2:5e:e9:c5:f7:b1:9d:91:
01:f8:74:54:f2:26:ae:a1:e0:a5:c6:f5:a3:60:e6:3b:2c:d3:
2f:34:e2:88:52:33:24:16:8f:ae:31:45:d9:04:8a:a2:2a:54:
14:e8:6c:52:1c:62:51:7a:cd:96:95:f5:23:31:d3:f3:73:fd:
bc:12:56:35:4e:d6:f3:27:25:2e:b9:d8:98:26:75:f4:ea:0c:
d2:62:38:f1:fe:7b:5a:c1:82:1b:b3:6c:8f:73:46:4d:e9:07:
36:cc:f3:ec:ce:63:f3:d4:4e:fb:3d:1c:66:0e:2f:e5:d5:67:
57:51:81:42:0d:6c:8a:ae:5c:16:be:0e:90:87:61:ef:ef:25:
29:d4:5b:1c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZ7z/hSnkpqh07vGDagDRDkxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExOWZkNjMzYTRkM2QyMTBkZWNmN2RiNTdkMTIyYjY0OGI5
OGVkMjUwHhcNMjYwNjIzMTAxOTM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDRmODE4MGE0OTUwNTgxNjE4MjAzY2Q5OGFiMTRkNjlhZjEzNzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1P1j+pxWtBCs3lGFQcsBdlvYmBOA
3oXND+UvkkJZ3AXcCL8B2SNqakJIuYjS8dq/8MthkLBg1CmaBUYLdMQOKJyOwTlx
PhTOGh7AXwdlEDzAkrkbUFNLBUOyCF2JfVr7YyWiLc0NdkbKqS3J2ZwxHq3zESV5
uigCSF3qPbnKVnoshfNxjDfbaW8GMHHEbhKoJlWW1+lbaxBuqKbZjhUVa7MZnpXZ
EY+LVKmOcvkh6pmlAco761TJx6ekaH7IyiNs78wG9n5rACr/9pzogvI/qHWSwFU1
M++NUd64YiILB1k90NtSZkILldqW8QZgcWVUHXzU+D/5wiV+JTZz/lM7UQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMRPgYCklQWBYYIDzZirFNaa8TdIMB8GA1UdIwQY
MBaAFKGf1jOk09IQ3s99tX0SK2SLmO0lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1pfV002VFQwaERlejMyMWZSSXJaSXVZN1NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC83Y2FiZTAtNmQ4NC00N2E3LWFjZWMt
YzdjYWQ1MDIwZWVmLzEveEUtQmdLU1ZCWUZoZ2dQTm1Lc1UxcHJ4TjBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC83Y2FiZTAtNmQ4NC00N2E3LWFjZWMtYzdjYWQ1MDIwZWVm
LzEvb1pfV002VFQwaERlejMyMWZSSXJaSXVZN1NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCBbboAwQC
Xo6kAwQAwRdzAwQAwl1OMA0EAgACMAcDBQMqFIcAMA0GCSqGSIb3DQEBCwUAA4IB
AQCXt3ME83RKZKBdg0ZGx90NzeofMdUFm5iCQDq3oDJJG5WJu79q35P2T1fsFR6U
YTjTWLrqzx4ZtbbncPUSL08TgEm5mE8LieQYqouKJoqCC/NDNO1qkwVng4veZbmt
OVxDwwWB2C1ZG5OC+Owt7RhkM8PMVIiE8l7pxfexnZEB+HRU8iauoeClxvWjYOY7
LNMvNOKIUjMkFo+uMUXZBIqiKlQU6GxSHGJRes2WlfUjMdPzc/28ElY1TtbzJyUu
udiYJnX06gzSYjjx/ntawYIbs2yPc0ZN6Qc2zPPszmPz1E77PRxmDi/l1WdXUYFC
DWyKrlwWvg6Qh2Hv7yUp1Fsc
-----END CERTIFICATE-----
Generated at Fri Jun 26 21:51:10 2026 by rpki-client