Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/xgsOy9H1BuBVezDZ_9SuC6Tun1M.roa
File: xgsOy9H1BuBVezDZ_9SuC6Tun1M.roa (raw, json)
Hash identifier: /z/mFmHwdWG5CazbOOnI6AezNlZYMt5pHZxEjhCh35g=
Subject key identifier: C6:0B:0E:CB:D1:F5:06:E0:55:7B:30:D9:FF:D4:AE:0B:A4:EE:9F:53
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019DE422A7C1D09B7AD6D6647508218795EB
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/xgsOy9H1BuBVezDZ_9SuC6Tun1M.roa
Signing time: Fri 01 May 2026 15:22:49 +0000
ROA not before: Fri 01 May 2026 15:22:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396356
IP address blocks: 5.253.44.0/24 maxlen: 24
5.253.45.0/24 maxlen: 24
5.253.47.0/24 maxlen: 24
45.8.188.0/24 maxlen: 24
45.8.189.0/24 maxlen: 24
45.8.194.0/24 maxlen: 24
45.8.206.0/24 maxlen: 24
45.9.4.0/24 maxlen: 24
45.9.6.0/24 maxlen: 24
45.9.7.0/24 maxlen: 24
45.66.152.0/24 maxlen: 24
45.66.154.0/24 maxlen: 24
45.66.155.0/24 maxlen: 24
85.208.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 11:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e4:22:a7:c1:d0:9b:7a:d6:d6:64:75:08:21:87:95:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: May 1 15:22:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c60b0ecbd1f506e0557b30d9ffd4ae0ba4ee9f53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c5:ca:29:f5:3e:ee:b2:29:b7:c0:ac:8e:2a:
f1:6d:f2:b6:08:bd:cf:9a:f0:76:80:9e:f6:8a:c7:
46:c3:f7:16:55:92:e7:af:76:94:a9:55:d8:09:71:
de:8d:5d:77:db:9c:8a:dd:cf:5a:0c:e0:6f:78:4d:
1e:93:9c:e0:b8:a9:9d:ca:cc:2d:15:73:95:b1:6a:
e3:a4:8f:78:e7:36:7e:b4:94:36:f5:9f:ac:7b:72:
02:76:2d:6a:62:bf:a4:f9:22:b7:0f:56:43:d1:72:
40:53:1b:17:0e:a5:8d:c0:53:6e:31:b8:32:78:d1:
69:22:fa:51:75:17:56:eb:94:33:b2:21:6d:90:8b:
3d:24:ad:da:70:10:24:63:9b:ce:b3:fe:0f:cf:99:
e2:ac:81:28:0f:f8:5e:2b:e3:76:fa:6f:ca:7e:6d:
31:07:b6:dc:d0:15:81:08:de:d2:b6:df:4c:38:10:
10:0a:44:33:ac:b6:73:15:4d:0b:bc:28:b4:31:11:
0a:d8:7d:94:42:27:35:29:5d:6b:1c:55:a2:6e:ab:
b1:41:6d:9f:89:32:86:b5:f1:01:9d:cd:31:fe:41:
03:54:33:06:f3:70:fd:88:68:15:07:14:14:bc:bb:
81:cf:3b:c7:ee:ae:0c:45:44:f2:56:a5:10:74:af:
0c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:0B:0E:CB:D1:F5:06:E0:55:7B:30:D9:FF:D4:AE:0B:A4:EE:9F:53
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/xgsOy9H1BuBVezDZ_9SuC6Tun1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.44.0/23
5.253.47.0/24
45.8.188.0/23
45.8.194.0/24
45.8.206.0/24
45.9.4.0/24
45.9.6.0/23
45.66.152.0/24
45.66.154.0/23
85.208.113.0/24
Signature Algorithm: sha256WithRSAEncryption
75:c1:bc:e2:34:12:28:15:86:4c:a8:f4:88:64:ea:b1:cd:b5:
94:be:2f:b4:db:5a:ac:3c:d5:32:7a:a6:ed:c6:cb:32:f1:b5:
9e:4a:df:88:61:6e:f3:70:49:ad:ea:81:ef:d7:ee:04:c4:05:
01:bf:93:87:25:11:9e:15:41:1d:eb:91:5c:ac:70:e7:fa:e2:
31:2d:7c:92:3c:b5:17:d0:50:5e:14:3a:29:33:f2:a3:f9:2f:
24:77:5d:a4:19:72:f0:4f:6d:49:24:93:1d:9e:6a:ad:70:6a:
94:16:b2:f3:76:63:7a:12:fe:00:d5:e1:c6:ae:7a:eb:78:cc:
69:56:b8:71:b7:a4:53:6a:21:f9:ab:27:62:9d:7a:49:84:5c:
65:1b:6a:7c:e7:1c:3c:32:0c:79:d0:9d:f4:79:2a:68:0f:24:
22:d7:5e:a8:22:60:d1:76:73:ea:d9:93:1a:ec:9d:7b:30:4f:
7a:34:18:08:f7:1b:d8:2f:a5:e8:dd:6e:cc:5e:c1:eb:ff:54:
b4:f4:c1:b7:d7:3f:20:19:8d:71:63:c7:c4:10:bd:c6:01:d1:
69:7a:8d:c6:4d:09:32:90:ae:e9:99:c3:65:47:ef:41:a3:0d:
18:b0:84:2a:30:fc:9b:89:02:03:06:d4:3d:ea:77:f5:73:d1:
2f:b5:1a:b3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZ3kIqfB0Jt61tZkdQghh5XrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwNTAxMTUyMjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjBiMGVjYmQxZjUwNmUwNTU3YjMwZDlmZmQ0YWUwYmE0ZWU5ZjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8XKKfU+7rIpt8CsjirxbfK2CL3P
mvB2gJ72isdGw/cWVZLnr3aUqVXYCXHejV1325yK3c9aDOBveE0ek5zguKmdyswt
FXOVsWrjpI945zZ+tJQ29Z+se3ICdi1qYr+k+SK3D1ZD0XJAUxsXDqWNwFNuMbgy
eNFpIvpRdRdW65QzsiFtkIs9JK3acBAkY5vOs/4Pz5nirIEoD/heK+N2+m/Kfm0x
B7bc0BWBCN7Stt9MOBAQCkQzrLZzFU0LvCi0MREK2H2UQic1KV1rHFWibquxQW2f
iTKGtfEBnc0x/kEDVDMG83D9iGgVBxQUvLuBzzvH7q4MRUTyVqUQdK8MXQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMYLDsvR9QbgVXsw2f/Urguk7p9TMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEveGdzT3k5SDFCdUJWZXpEWl85U3VDNlR1bjFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBBf0sAwQA
Bf0vAwQBLQi8AwQALQjCAwQALQjOAwQALQkEAwQBLQkGAwQALUKYAwQBLUKaAwQA
VdBxMA0GCSqGSIb3DQEBCwUAA4IBAQB1wbziNBIoFYZMqPSIZOqxzbWUvi+021qs
PNUyeqbtxssy8bWeSt+IYW7zcEmt6oHv1+4ExAUBv5OHJRGeFUEd65FcrHDn+uIx
LXySPLUX0FBeFDopM/Kj+S8kd12kGXLwT21JJJMdnmqtcGqUFrLzdmN6Ev4A1eHG
rnrreMxpVrhxt6RTaiH5qydinXpJhFxlG2p85xw8Mgx50J30eSpoDyQi116oImDR
dnPq2ZMa7J17ME96NBgI9xvYL6Xo3W7MXsHr/1S09MG31z8gGY1xY8fEEL3GAdFp
eo3GTQkykK7pmcNlR+9Bow0YsIQqMPybiQIDBtQ96nf1c9EvtRqz
-----END CERTIFICATE-----
Generated at Sun May 3 17:06:20 2026 by rpki-client