Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/XfKFQ0jrYjUJX2-xXdeOtI2PwBA.roa
File: XfKFQ0jrYjUJX2-xXdeOtI2PwBA.roa (raw, json)
Hash identifier: Dv4g2hdF2DWTn9KmOFquly3+gEa0c48Mrasajz85cj8=
Subject key identifier: 5D:F2:85:43:48:EB:62:35:09:5F:6F:B1:5D:D7:8E:B4:8D:8F:C0:10
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 019C323BE8F6B4D2416378E620D7F1616211
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/XfKFQ0jrYjUJX2-xXdeOtI2PwBA.roa
Signing time: Fri 06 Feb 2026 09:15:12 +0000
ROA not before: Fri 06 Feb 2026 09:15:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 46.227.72.0/21 maxlen: 21
78.40.40.0/21 maxlen: 21
81.21.208.0/20 maxlen: 20
81.27.0.0/20 maxlen: 20
82.214.0.0/18 maxlen: 18
93.94.168.0/21 maxlen: 21
185.53.212.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Feb 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:32:3b:e8:f6:b4:d2:41:63:78:e6:20:d7:f1:61:62:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: Feb 6 09:15:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5df2854348eb6235095f6fb15dd78eb48d8fc010
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b3:7e:c6:a3:8f:b0:22:d3:34:23:36:64:95:
68:0c:a8:f5:cf:b7:d7:b8:55:43:02:23:63:8d:12:
f0:4b:70:29:d4:30:6c:79:db:7d:65:1b:10:17:96:
1c:c9:b5:d7:00:5f:77:47:74:42:28:72:9e:29:76:
8f:c9:34:7e:fd:f7:15:bb:8c:c9:ad:15:d3:c4:5f:
8d:7a:4c:4d:2d:b5:86:fb:1f:44:fb:65:67:fc:75:
f8:75:91:b0:a6:a8:8a:6c:cf:e8:a7:72:71:1c:d9:
78:bd:ad:8e:86:dd:1e:d4:76:58:77:92:95:d9:50:
b1:d3:c2:13:40:03:93:6f:4f:b3:de:ed:24:94:03:
21:a4:66:50:b4:65:ca:74:62:b7:40:b2:1d:77:af:
41:9a:c4:c3:cd:2c:e0:d0:f6:48:d0:dd:36:5a:6c:
2f:16:b1:a2:8d:8f:ea:f2:f8:fc:c6:0f:7d:c9:52:
9e:ab:3d:75:94:4f:c8:c2:f9:e6:2e:30:fe:4d:63:
1a:1f:a5:cf:dc:8f:b6:74:4c:18:28:a4:89:7b:bf:
f9:1a:c6:6a:4d:4b:1d:8b:fa:78:6c:ed:5d:52:b8:
6a:9e:a2:b9:34:47:f0:f9:21:88:0b:ea:c7:72:30:
75:aa:96:82:dd:ff:3e:34:ad:3f:b6:e9:55:7f:e2:
94:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:F2:85:43:48:EB:62:35:09:5F:6F:B1:5D:D7:8E:B4:8D:8F:C0:10
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/XfKFQ0jrYjUJX2-xXdeOtI2PwBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.72.0/21
78.40.40.0/21
81.21.208.0/20
81.27.0.0/20
82.214.0.0/18
93.94.168.0/21
185.53.212.0/22
Signature Algorithm: sha256WithRSAEncryption
58:63:7e:67:40:8c:ae:e2:db:e3:65:63:f2:55:b8:b8:22:da:
d7:d6:fc:9e:1f:77:7e:32:07:8f:14:40:83:49:11:98:f4:30:
f7:aa:72:c2:f7:b0:4f:94:a1:0f:35:c4:fd:f6:9b:80:2f:76:
c5:b4:77:35:72:22:8f:a1:b3:83:24:21:29:42:c6:a8:c7:31:
fd:c7:78:4f:f5:0c:c0:f8:fe:f0:9e:48:74:37:96:36:b6:49:
41:ff:25:7c:df:b4:e1:c7:e0:41:8e:6c:43:d1:09:58:93:f9:
ae:eb:7b:bf:a4:60:8a:a1:54:31:2e:f1:c4:02:20:e9:07:9a:
f9:e4:df:51:5f:2a:63:fe:bc:05:a6:7e:8a:4d:a3:de:fd:82:
2a:95:5d:cb:e9:d1:ee:2e:51:4a:f7:e2:63:29:f1:70:a4:92:
2c:8a:88:f9:9b:75:b8:b4:37:27:58:9b:14:e7:02:1d:93:bb:
e7:1e:20:fb:8e:1b:19:48:5d:be:ee:7b:16:00:e4:7f:f6:84:
7e:58:06:e6:77:ff:a4:59:83:ba:fa:12:26:e7:40:7b:4d:7b:
38:1a:db:01:3c:bf:b3:01:0a:76:5d:c3:a1:19:7f:f4:0d:60:
a6:3a:74:0d:36:c9:c8:b9:35:43:ac:dd:90:cb:30:73:bc:45:
5f:0e:14:fa
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZwyO+j2tNJBY3jmINfxYWIRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjgxMzhkNGVjMmVhNTFjYWNlZjA5ZmYxMDU4YTM3MGE1
YmUxOTAwHhcNMjYwMjA2MDkxNTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGYyODU0MzQ4ZWI2MjM1MDk1ZjZmYjE1ZGQ3OGViNDhkOGZjMDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bN+xqOPsCLTNCM2ZJVoDKj1z7fX
uFVDAiNjjRLwS3Ap1DBsedt9ZRsQF5YcybXXAF93R3RCKHKeKXaPyTR+/fcVu4zJ
rRXTxF+NekxNLbWG+x9E+2Vn/HX4dZGwpqiKbM/op3JxHNl4va2Oht0e1HZYd5KV
2VCx08ITQAOTb0+z3u0klAMhpGZQtGXKdGK3QLIdd69BmsTDzSzg0PZI0N02Wmwv
FrGijY/q8vj8xg99yVKeqz11lE/IwvnmLjD+TWMaH6XP3I+2dEwYKKSJe7/5GsZq
TUsdi/p4bO1dUrhqnqK5NEfw+SGIC+rHcjB1qpaC3f8+NK0/tulVf+KUfQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFF3yhUNI62I1CV9vsV3XjrSNj8AQMB8GA1UdIwQY
MBaAFB9oE41OwupRys7wn/EFijcKW+GQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgt
NjA4NTY0ODM5ZmQwLzEvWGZLRlEwanJZalVKWDIteFhkZU90STJQd0JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgtNjA4NTY0ODM5ZmQw
LzEvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDLuNIAwQD
TigoAwQEURXQAwQEURsAAwQGUtYAAwQDXV6oAwQCuTXUMA0GCSqGSIb3DQEBCwUA
A4IBAQBYY35nQIyu4tvjZWPyVbi4ItrX1vyeH3d+MgePFECDSRGY9DD3qnLC97BP
lKEPNcT99puAL3bFtHc1ciKPobODJCEpQsaoxzH9x3hP9QzA+P7wnkh0N5Y2tklB
/yV837Thx+BBjmxD0QlYk/mu63u/pGCKoVQxLvHEAiDpB5r55N9RXypj/rwFpn6K
TaPe/YIqlV3L6dHuLlFK9+JjKfFwpJIsioj5m3W4tDcnWJsU5wIdk7vnHiD7jhsZ
SF2+7nsWAOR/9oR+WAbmd/+kWYO6+hIm50B7TXs4GtsBPL+zAQp2XcOhGX/0DWCm
OnQNNsnIuTVDrN2QyzBzvEVfDhT6
-----END CERTIFICATE-----
Generated at Sat Feb 21 03:40:33 2026 by rpki-client