Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/XlsLvbVU193m2Z6UVxU87ZTboqY.roa
File: XlsLvbVU193m2Z6UVxU87ZTboqY.roa (raw, json)
Hash identifier: UZGfcrrCQJHsGlbF2mwHoSkh+ONgNYGr3BnRwDE44rU=
Subject key identifier: 5E:5B:0B:BD:B5:54:D7:DD:E6:D9:9E:94:57:15:3C:ED:94:DB:A2:A6
Certificate issuer: /CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
Certificate serial: 019D2D55EAF0A397AFDC8C78E56FECA41491
Authority key identifier: 5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/XlsLvbVU193m2Z6UVxU87ZTboqY.roa
Signing time: Fri 27 Mar 2026 03:28:18 +0000
ROA not before: Fri 27 Mar 2026 03:28:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39386
IP address blocks: 37.224.192.0/24 maxlen: 24
84.235.0.0/17 maxlen: 17
84.235.0.0/24 maxlen: 24
84.235.14.0/24 maxlen: 24
84.235.56.0/23 maxlen: 23
84.235.95.0/24 maxlen: 24
84.235.108.0/24 maxlen: 24
84.235.109.0/24 maxlen: 24
84.235.110.0/24 maxlen: 24
84.235.111.0/24 maxlen: 24
84.235.120.0/22 maxlen: 22
178.86.50.0/24 maxlen: 24
193.19.244.0/24 maxlen: 24
212.118.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:57:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2d:55:ea:f0:a3:97:af:dc:8c:78:e5:6f:ec:a4:14:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
Validity
Not Before: Mar 27 03:28:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5e5b0bbdb554d7dde6d99e9457153ced94dba2a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:84:c6:d6:2a:d4:87:05:07:9e:38:90:94:a9:
de:c9:7c:a2:8d:58:dc:fa:3b:20:96:0c:a3:fc:73:
cd:8b:67:59:6f:91:00:e6:0f:fa:af:57:c5:73:d0:
e0:15:b4:30:c3:86:9a:36:fe:a9:51:e6:f5:e8:97:
29:27:d3:d1:8d:7f:9c:24:0a:89:9c:82:e0:32:32:
71:30:3b:d3:15:b3:8e:a6:5e:4b:94:a0:71:18:b3:
c3:b1:54:3a:92:a6:d1:3a:58:5b:2b:fa:be:fe:ff:
d8:77:ff:20:df:69:b8:b5:4a:a6:cb:bd:24:bf:ee:
7b:aa:56:16:e2:eb:88:58:c4:a3:f9:3d:f3:9e:2b:
57:32:2e:19:37:9f:0d:d5:31:22:dd:d3:4b:b7:a1:
eb:c4:6d:4d:4c:57:14:d0:d8:8d:f8:a8:78:da:e3:
9b:a9:6a:e5:22:00:cc:1b:34:35:b2:0d:29:13:eb:
62:d5:07:67:43:b0:83:f8:a4:1d:ea:7c:e9:89:81:
ff:47:bc:f9:8c:98:16:81:fd:0b:04:f8:b6:81:eb:
57:4a:1e:8f:fe:be:a3:1d:34:c7:dc:08:15:ab:93:
fd:c4:01:41:cb:1a:26:c6:0a:5d:f3:06:6f:8c:d1:
3a:cd:9d:9f:0b:7e:b3:dc:91:9f:63:7e:fa:fa:34:
64:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:5B:0B:BD:B5:54:D7:DD:E6:D9:9E:94:57:15:3C:ED:94:DB:A2:A6
X509v3 Authority Key Identifier:
keyid:5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/XlsLvbVU193m2Z6UVxU87ZTboqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.224.192.0/24
84.235.0.0/17
178.86.50.0/24
193.19.244.0/24
212.118.154.0/24
Signature Algorithm: sha256WithRSAEncryption
48:97:bb:8d:27:af:80:76:f9:a6:68:72:64:3d:d5:38:bd:cd:
11:8f:f2:0c:c2:91:46:b8:2c:16:b0:51:f6:83:70:5b:13:93:
80:cd:5c:02:dc:59:99:c3:fd:c7:62:f7:5b:13:70:f2:8a:71:
66:13:bd:f4:b8:bd:fd:84:85:25:d4:17:71:59:fa:29:ec:c5:
2d:7b:c5:de:05:53:33:d6:64:8d:1b:cc:c4:7c:29:4b:e4:39:
ef:17:2a:e8:db:1e:f1:c4:b5:3b:e5:83:0f:44:1d:f2:70:39:
cb:4d:e1:22:be:36:89:ce:6e:56:7f:21:74:9c:48:57:a6:cb:
e1:b4:54:95:c9:fd:1c:95:b2:b9:69:7f:52:35:e9:b1:f2:5b:
0d:03:45:ef:4c:08:be:cf:ee:59:45:f6:c6:11:52:87:53:d3:
0b:1c:9d:9a:fe:c9:38:2d:44:2d:6f:f4:6d:ab:4e:b2:03:3d:
a3:b4:42:3c:07:35:af:98:b4:45:0b:d1:9d:50:f6:fd:f7:97:
e4:03:f5:89:ea:76:de:01:02:bf:39:b6:f2:99:b9:b4:bf:f0:
0d:51:98:fc:53:1d:01:c3:46:b1:27:b3:d7:09:28:37:6c:c5:
0b:c6:9b:1e:92:d6:4c:03:bd:b4:90:73:d0:8b:42:2d:b2:27:
77:36:40:d2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ0tVerwo5ev3Ix45W/spBSRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMWJmNmEzMTlkYTI0ODk4MTZhZWRiYTFiNGZkMGNjN2Rk
ZjNlMWUwHhcNMjYwMzI3MDMyODE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTViMGJiZGI1NTRkN2RkZTZkOTllOTQ1NzE1M2NlZDk0ZGJhMmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxITG1irUhwUHnjiQlKneyXyijVjc
+jsglgyj/HPNi2dZb5EA5g/6r1fFc9DgFbQww4aaNv6pUeb16JcpJ9PRjX+cJAqJ
nILgMjJxMDvTFbOOpl5LlKBxGLPDsVQ6kqbROlhbK/q+/v/Yd/8g32m4tUqmy70k
v+57qlYW4uuIWMSj+T3znitXMi4ZN58N1TEi3dNLt6HrxG1NTFcU0NiN+Kh42uOb
qWrlIgDMGzQ1sg0pE+ti1QdnQ7CD+KQd6nzpiYH/R7z5jJgWgf0LBPi2getXSh6P
/r6jHTTH3AgVq5P9xAFByxomxgpd8wZvjNE6zZ2fC36z3JGfY376+jRkEQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFF5bC721VNfd5tmelFcVPO2U26KmMB8GA1UdIwQY
MBaAFF4b9qMZ2iSJgWrtuhtP0Mx93z4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYt
YjU5MDk1N2Q5NDE1LzEvWGxzTHZiVlUxOTNtMlo2VVZ4VTg3WlRib3FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYtYjU5MDk1N2Q5NDE1
LzEvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJeDAAwQH
VOsAAwQAslYyAwQAwRP0AwQA1HaaMA0GCSqGSIb3DQEBCwUAA4IBAQBIl7uNJ6+A
dvmmaHJkPdU4vc0Rj/IMwpFGuCwWsFH2g3BbE5OAzVwC3FmZw/3HYvdbE3DyinFm
E730uL39hIUl1BdxWfop7MUte8XeBVMz1mSNG8zEfClL5DnvFyro2x7xxLU75YMP
RB3ycDnLTeEivjaJzm5WfyF0nEhXpsvhtFSVyf0clbK5aX9SNemx8lsNA0XvTAi+
z+5ZRfbGEVKHU9MLHJ2a/sk4LUQtb/Rtq06yAz2jtEI8BzWvmLRFC9GdUPb995fk
A/WJ6nbeAQK/Obbymbm0v/ANUZj8Ux0Bw0axJ7PXCSg3bMULxpsektZMA720kHPQ
i0Itsid3NkDS
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:57:43 2026 by rpki-client