Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xvsx71LEUQnNFgDSgHYrz1w1Ok0.roa
File: xvsx71LEUQnNFgDSgHYrz1w1Ok0.roa (raw, json)
Hash identifier: L5AaRm/NPz1b9eAnC0gpaM/7I8j+FHqAGBb5ty0Rf6A=
Subject key identifier: C6:FB:31:EF:52:C4:51:09:CD:16:00:D2:80:76:2B:CF:5C:35:3A:4D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019E6FE452D26BC45E8FCA030BDC3EB0CC64
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xvsx71LEUQnNFgDSgHYrz1w1Ok0.roa
Signing time: Thu 28 May 2026 18:41:34 +0000
ROA not before: Thu 28 May 2026 18:41:34 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205544
IP address blocks: 45.153.20.0/24 maxlen: 24
2a09:17c0:b19a::/48 maxlen: 48
2a0e:1a83:88::/48 maxlen: 48
2a0f:1206:77::/48 maxlen: 48
2a0f:1540::/29 maxlen: 29
2a0f:1640::/29 maxlen: 29
2a0f:1940::/29 maxlen: 29
2a0f:2840::/29 maxlen: 29
2a0f:2940::/29 maxlen: 29
2a0f:2a40::/29 maxlen: 29
2a0f:2dc0::/29 maxlen: 29
2a0f:2e40::/29 maxlen: 29
2a0f:30c0::/29 maxlen: 29
2a0f:3140::/29 maxlen: 29
2a0f:3540::/29 maxlen: 29
2a0f:3740::/29 maxlen: 29
2a0f:e1c7:100::/48 maxlen: 48
2a0f:e202:97::/48 maxlen: 48
2a0f:e440::/29 maxlen: 29
2a11:3240::/29 maxlen: 29
2a11:4800::/29 maxlen: 29
2a11:8700::/29 maxlen: 29
2a11:e580::/29 maxlen: 29
2a12:3f00::/29 maxlen: 29
2a12:4b00::/29 maxlen: 29
2a12:5900::/29 maxlen: 29
2a12:cd00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 17:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6f:e4:52:d2:6b:c4:5e:8f:ca:03:0b:dc:3e:b0:cc:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 28 18:41:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c6fb31ef52c45109cd1600d280762bcf5c353a4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:97:85:12:91:a1:76:1d:b0:6c:11:77:ad:2b:
03:01:65:ca:25:8a:48:a5:3b:82:b0:a6:54:44:58:
5b:0e:93:e1:bd:b5:db:6d:6a:25:b4:cb:18:1a:48:
e0:63:f0:ba:ea:cf:e0:f5:d9:a1:59:05:e7:83:63:
b7:9e:b1:f2:a2:30:c6:45:20:04:ab:90:ed:a4:dc:
00:8a:33:34:f3:7a:69:9b:f1:a7:1a:b0:5c:02:2e:
0d:16:fb:3e:9e:76:c6:ee:28:20:a3:d1:49:12:32:
36:25:d1:44:f1:aa:e8:eb:68:e1:36:09:f6:08:82:
95:b6:3c:f7:07:d9:43:13:7c:9e:bf:09:97:34:06:
2e:5e:db:31:5e:17:e9:59:54:b6:c1:60:c9:76:66:
ee:a9:c0:e2:eb:14:26:ee:4a:da:e9:a5:6a:de:5f:
c4:3c:a0:54:d2:ca:10:b4:1c:15:69:f1:a1:3a:85:
7a:39:71:5f:75:95:9e:df:f6:b3:96:08:9d:34:74:
d4:8c:f8:39:f6:03:9f:46:84:29:59:21:ec:b7:bc:
c6:70:68:fc:e1:b5:a4:d6:19:ac:0c:50:7c:55:ee:
a0:4c:34:27:88:9d:ff:cf:4c:61:61:d6:93:e2:61:
3c:90:f3:9d:79:49:ac:ac:71:92:69:fd:5b:25:8e:
46:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:FB:31:EF:52:C4:51:09:CD:16:00:D2:80:76:2B:CF:5C:35:3A:4D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xvsx71LEUQnNFgDSgHYrz1w1Ok0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.20.0/24
IPv6:
2a09:17c0:b19a::/48
2a0e:1a83:88::/48
2a0f:1206:77::/48
2a0f:1540::/29
2a0f:1640::/29
2a0f:1940::/29
2a0f:2840::/29
2a0f:2940::/29
2a0f:2a40::/29
2a0f:2dc0::/29
2a0f:2e40::/29
2a0f:30c0::/29
2a0f:3140::/29
2a0f:3540::/29
2a0f:3740::/29
2a0f:e1c7:100::/48
2a0f:e202:97::/48
2a0f:e440::/29
2a11:3240::/29
2a11:4800::/29
2a11:8700::/29
2a11:e580::/29
2a12:3f00::/29
2a12:4b00::/29
2a12:5900::/29
2a12:cd00::/29
Signature Algorithm: sha256WithRSAEncryption
b0:69:97:83:55:df:62:82:f2:bc:32:4e:8b:8d:81:64:12:14:
8f:4a:d7:29:85:48:60:7c:2f:bd:fd:ee:26:60:f1:88:3c:e5:
1f:6c:60:20:27:70:6d:91:e6:e8:94:18:8a:b7:e3:b0:94:13:
65:1b:0b:e1:a0:09:ab:cb:6e:fc:8b:b9:18:49:3b:69:dc:0c:
4d:4c:3d:d6:61:40:03:bf:90:16:08:cd:29:3a:38:3f:43:55:
b4:db:22:9a:b5:0b:06:31:89:6e:58:78:33:fd:19:08:b4:67:
e8:c8:f7:78:7a:6a:b8:62:3a:db:6c:be:05:a0:85:ef:62:e7:
39:c7:9c:b4:b9:15:2a:d4:b8:a3:5d:e9:a4:ce:c2:a5:4d:37:
db:2d:7b:6d:df:69:a5:f0:31:3b:9f:f6:40:b2:e8:83:3d:d9:
d3:a7:c6:8d:16:8f:fa:05:e5:55:d8:47:11:6e:6c:be:85:6f:
97:28:f4:4f:92:05:d5:d5:a1:c4:f1:bc:62:72:ea:61:9a:46:
d1:c1:35:00:69:15:68:94:37:c9:4c:46:bb:18:0b:66:aa:0d:
8c:5d:09:b4:4c:49:6b:7e:0b:14:f0:7d:92:7a:c4:55:b3:22:
d7:37:66:ee:02:bd:aa:61:d8:87:d8:76:64:30:02:b1:2a:49:
64:60:59:55
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAZ5v5FLSa8Rej8oDC9w+sMxkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwNTI4MTg0MTM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmZiMzFlZjUyYzQ1MTA5Y2QxNjAwZDI4MDc2MmJjZjVjMzUzYTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5eFEpGhdh2wbBF3rSsDAWXKJYpI
pTuCsKZURFhbDpPhvbXbbWoltMsYGkjgY/C66s/g9dmhWQXng2O3nrHyojDGRSAE
q5DtpNwAijM083ppm/GnGrBcAi4NFvs+nnbG7iggo9FJEjI2JdFE8aro62jhNgn2
CIKVtjz3B9lDE3yevwmXNAYuXtsxXhfpWVS2wWDJdmbuqcDi6xQm7kra6aVq3l/E
PKBU0soQtBwVafGhOoV6OXFfdZWe3/azlgidNHTUjPg59gOfRoQpWSHst7zGcGj8
4bWk1hmsDFB8Ve6gTDQniJ3/z0xhYdaT4mE8kPOdeUmsrHGSaf1bJY5GVQIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFMb7Me9SxFEJzRYA0oB2K89cNTpNMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEveHZzeDcxTEVVUW5ORmdEU2dIWXJ6MXcxT2swLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DAMBAIAATAGAwQALZkU
MIHHBAIAAjCBwAMHACoJF8CxmgMHACoOGoMAiAMHACoPEgYAdwMFAyoPFUADBQMq
DxZAAwUDKg8ZQAMFAyoPKEADBQMqDylAAwUDKg8qQAMFAyoPLcADBQMqDy5AAwUD
Kg8wwAMFAyoPMUADBQMqDzVAAwUDKg83QAMHACoP4ccBAAMHACoP4gIAlwMFAyoP
5EADBQMqETJAAwUDKhFIAAMFAyoRhwADBQMqEeWAAwUDKhI/AAMFAyoSSwADBQMq
ElkAAwUDKhLNADANBgkqhkiG9w0BAQsFAAOCAQEAsGmXg1XfYoLyvDJOi42BZBIU
j0rXKYVIYHwvvf3uJmDxiDzlH2xgICdwbZHm6JQYirfjsJQTZRsL4aAJq8tu/Iu5
GEk7adwMTUw91mFAA7+QFgjNKTo4P0NVtNsimrULBjGJblh4M/0ZCLRn6Mj3eHpq
uGI622y+BaCF72LnOcectLkVKtS4o13ppM7CpU032y17bd9ppfAxO5/2QLLogz3Z
06fGjRaP+gXlVdhHEW5svoVvlyj0T5IF1dWhxPG8YnLqYZpG0cE1AGkVaJQ3yUxG
uxgLZqoNjF0JtExJa34LFPB9knrEVbMi1zdm7gK9qmHYh9h2ZDACsSpJZGBZVQ==
-----END CERTIFICATE-----
Generated at Sat Jun 6 02:28:23 2026 by rpki-client