Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/XwkSmjcy3MRiLVWcicf-USLCrwg.roa
File: XwkSmjcy3MRiLVWcicf-USLCrwg.roa (raw, json)
Hash identifier: MaT1kxQpBKjFLSuc65ISq1jK4eo9xPUmjyYX6dR+q0E=
Subject key identifier: 5F:09:12:9A:37:32:DC:C4:62:2D:55:9C:89:C7:FE:51:22:C2:AF:08
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 019EA6C68AFA79A3CAE9A5E42228926AFF4D
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/XwkSmjcy3MRiLVWcicf-USLCrwg.roa
Signing time: Mon 08 Jun 2026 10:28:10 +0000
ROA not before: Mon 08 Jun 2026 10:28:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25211
IP address blocks: 45.141.233.0/24 maxlen: 24
45.141.234.0/24 maxlen: 24
78.159.128.0/24 maxlen: 24
78.159.129.0/24 maxlen: 24
78.159.131.0/24 maxlen: 24
78.159.136.0/24 maxlen: 24
78.159.137.0/24 maxlen: 24
78.159.138.0/24 maxlen: 24
78.159.139.0/24 maxlen: 24
78.159.149.0/24 maxlen: 24
78.159.150.0/24 maxlen: 24
78.159.152.0/22 maxlen: 22
78.159.153.0/24 maxlen: 24
78.159.154.0/24 maxlen: 24
78.159.155.0/24 maxlen: 24
78.159.157.0/24 maxlen: 24
78.159.158.0/24 maxlen: 24
78.159.159.0/24 maxlen: 24
91.92.34.0/24 maxlen: 24
91.92.44.0/24 maxlen: 24
91.92.45.0/24 maxlen: 24
91.92.46.0/24 maxlen: 24
91.92.49.0/24 maxlen: 24
91.92.50.0/24 maxlen: 24
91.92.51.0/24 maxlen: 24
91.92.52.0/24 maxlen: 24
91.92.53.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
93.152.210.0/24 maxlen: 24
93.152.211.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
93.152.217.0/24 maxlen: 24
93.152.218.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
93.152.222.0/24 maxlen: 24
93.152.223.0/24 maxlen: 24
93.152.226.0/24 maxlen: 24
93.152.227.0/24 maxlen: 24
94.26.28.0/24 maxlen: 24
94.26.29.0/24 maxlen: 24
94.26.76.0/22 maxlen: 22
94.26.76.0/24 maxlen: 24
94.26.77.0/24 maxlen: 24
94.26.78.0/24 maxlen: 24
94.26.79.0/24 maxlen: 24
94.26.89.0/24 maxlen: 24
94.26.90.0/24 maxlen: 24
94.190.195.0/24 maxlen: 24
185.96.252.0/24 maxlen: 24
185.96.253.0/24 maxlen: 24
185.96.254.0/24 maxlen: 24
185.96.255.0/24 maxlen: 24
212.102.105.0/24 maxlen: 24
212.102.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 12:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a6:c6:8a:fa:79:a3:ca:e9:a5:e4:22:28:92:6a:ff:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jun 8 10:28:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5f09129a3732dcc4622d559c89c7fe5122c2af08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f3:ec:f4:be:05:ca:81:e0:67:6b:3d:91:c6:
ee:0f:8e:9c:a9:7b:94:af:72:1e:f7:57:94:0f:64:
92:08:fc:43:49:36:b8:60:ea:55:4b:00:4d:0f:be:
71:a7:a5:4c:97:9c:3f:2f:63:3b:94:b6:99:bf:15:
16:39:3a:3c:5e:83:7b:23:81:f4:0d:3a:f2:29:dd:
eb:fd:fc:d6:b8:01:2e:e8:57:06:5e:0b:54:57:43:
40:05:96:85:b8:61:52:d8:84:ec:01:e5:b3:f5:f0:
77:ac:89:79:5f:e0:22:ce:bc:4b:0b:6c:1a:c5:c5:
77:2d:a8:a1:6b:b6:51:ef:5f:5f:a4:d5:98:e1:37:
a4:2f:cb:6d:81:e1:b2:76:99:a3:5c:26:a1:0e:1e:
0e:79:4d:01:eb:29:3b:10:2f:65:a1:8c:0f:b4:13:
c5:38:99:57:08:55:d1:84:7a:84:f3:fb:31:9e:a9:
68:af:77:7c:32:d0:0f:00:b9:55:db:9b:85:d8:16:
e2:13:aa:f7:6f:68:bb:61:57:f7:7e:17:ed:74:67:
ff:c7:9c:00:a5:f4:74:29:5b:28:ff:b5:35:1d:0a:
4c:64:e0:d7:db:92:b7:33:9c:8f:ac:69:ec:da:df:
c5:41:b2:60:23:3c:4d:26:fb:a5:31:07:82:1a:e6:
95:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:09:12:9A:37:32:DC:C4:62:2D:55:9C:89:C7:FE:51:22:C2:AF:08
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/XwkSmjcy3MRiLVWcicf-USLCrwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.233.0-45.141.234.255
78.159.128.0/23
78.159.131.0/24
78.159.136.0/22
78.159.149.0-78.159.150.255
78.159.152.0/22
78.159.157.0-78.159.159.255
91.92.34.0/24
91.92.44.0-91.92.46.255
91.92.49.0-91.92.53.255
93.152.207.0/24
93.152.210.0/23
93.152.214.0-93.152.218.255
93.152.221.0-93.152.223.255
93.152.226.0/23
94.26.28.0/23
94.26.76.0/22
94.26.89.0-94.26.90.255
94.190.195.0/24
185.96.252.0/22
212.102.105.0/24
212.102.107.0/24
Signature Algorithm: sha256WithRSAEncryption
40:d4:d0:42:37:c1:6a:e1:f1:fd:61:55:d8:9a:84:f8:f5:52:
62:11:f3:4c:0c:00:3e:b5:80:f6:1d:f0:27:05:c7:08:04:0a:
0a:5d:4f:6a:b5:39:cf:28:da:7d:23:19:b7:34:b7:4b:ee:5d:
b4:e0:7a:cd:17:33:68:2e:c8:e1:e5:62:7c:b3:7e:a2:65:b9:
1c:ab:c5:9a:db:04:c2:51:84:ef:55:9e:5b:af:bf:dd:be:f8:
eb:99:10:5e:00:6c:ed:a7:34:7f:1e:12:2e:25:94:61:71:19:
d9:78:90:84:c5:47:2b:2d:aa:2d:87:c1:c7:21:3a:ef:a8:c9:
61:97:67:12:74:9e:91:a7:50:56:ed:44:e1:21:65:6a:24:03:
8c:e0:75:0a:91:b3:c0:0a:6e:e2:72:d3:d9:05:ab:c1:82:33:
3e:5b:99:c2:aa:01:f0:27:8b:8c:e2:11:2d:2e:26:19:af:8e:
b8:4c:c5:6b:e8:53:79:3c:c0:22:b3:de:0f:9d:6b:5c:c6:c1:
ec:8d:2c:bf:eb:ce:4a:e7:b1:98:11:91:e6:e7:fd:c4:c3:69:
1d:7e:69:95:2a:5a:a9:2f:08:17:a8:51:5f:c1:78:64:94:2a:
51:ad:59:15:a5:22:f7:29:ec:79:d2:b9:f7:4d:ae:b0:cd:33:
f6:39:35:fa
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAZ6mxor6eaPK6aXkIiiSav9NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjYwNjA4MTAyODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjA5MTI5YTM3MzJkY2M0NjIyZDU1OWM4OWM3ZmU1MTIyYzJhZjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfPs9L4FyoHgZ2s9kcbuD46cqXuU
r3Ie91eUD2SSCPxDSTa4YOpVSwBND75xp6VMl5w/L2M7lLaZvxUWOTo8XoN7I4H0
DTryKd3r/fzWuAEu6FcGXgtUV0NABZaFuGFS2ITsAeWz9fB3rIl5X+AizrxLC2wa
xcV3Laiha7ZR719fpNWY4TekL8ttgeGydpmjXCahDh4OeU0B6yk7EC9loYwPtBPF
OJlXCFXRhHqE8/sxnqlor3d8MtAPALlV25uF2BbiE6r3b2i7YVf3fhftdGf/x5wA
pfR0KVso/7U1HQpMZODX25K3M5yPrGns2t/FQbJgIzxNJvulMQeCGuaV9wIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFF8JEpo3MtzEYi1VnInH/lEiwq8IMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvWHdrU21qY3kzTVJpTFZXY2ljZi1VU0xDcndnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBywQCAAEwgcQwDAME
AC2N6QMEAC2N6gMEAU6fgAMEAE6fgwMEAk6fiDAMAwQATp+VAwQATp+WAwQCTp+Y
MAwDBABOn50DBAVOn4ADBABbXCIwDAMEAltcLAMEAFtcLjAMAwQAW1wxAwQBW1w0
AwQAXZjPAwQBXZjSMAwDBAFdmNYDBABdmNowDAMEAF2Y3QMEBV2YwAMEAV2Y4gME
AV4aHAMEAl4aTDAMAwQAXhpZAwQAXhpaAwQAXr7DAwQCuWD8AwQA1GZpAwQA1GZr
MA0GCSqGSIb3DQEBCwUAA4IBAQBA1NBCN8Fq4fH9YVXYmoT49VJiEfNMDAA+tYD2
HfAnBccIBAoKXU9qtTnPKNp9Ixm3NLdL7l204HrNFzNoLsjh5WJ8s36iZbkcq8Wa
2wTCUYTvVZ5br7/dvvjrmRBeAGztpzR/HhIuJZRhcRnZeJCExUcrLaoth8HHITrv
qMlhl2cSdJ6Rp1BW7UThIWVqJAOM4HUKkbPACm7ictPZBavBgjM+W5nCqgHwJ4uM
4hEtLiYZr464TMVr6FN5PMAis94PnWtcxsHsjSy/685K57GYEZHm5/3Ew2kdfmmV
KlqpLwgXqFFfwXhklCpRrVkVpSL3Kex50rn3Ta6wzTP2OTX6
-----END CERTIFICATE-----
Generated at Thu Jun 11 20:07:02 2026 by rpki-client