Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/Xy9zoi1ohlKni320yp6JqiAEau4.roa
File: Xy9zoi1ohlKni320yp6JqiAEau4.roa (raw, json)
Hash identifier: e84mTt2wqPadUhKCAZ9tM4AfKevo/rHiL4d3AYZU0CY=
Subject key identifier: 5F:2F:73:A2:2D:68:86:52:A7:8B:7D:B4:CA:9E:89:AA:20:04:6A:EE
Certificate issuer: /CN=86ee201c65d655ee9cfe251f951ea91bba154567
Certificate serial: 019E2659723458EC194B04A5E8CF340E418C
Authority key identifier: 86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/Xy9zoi1ohlKni320yp6JqiAEau4.roa
Signing time: Thu 14 May 2026 11:57:36 +0000
ROA not before: Thu 14 May 2026 11:57:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16633
IP address blocks: 45.147.95.0/24 maxlen: 24
46.229.240.0/24 maxlen: 24
87.236.163.0/24 maxlen: 24
185.201.17.0/24 maxlen: 24
185.201.18.0/24 maxlen: 24
185.225.27.0/24 maxlen: 24
188.190.112.0/24 maxlen: 24
193.41.32.0/24 maxlen: 24
193.200.214.0/24 maxlen: 24
2a01:ebc0::/32 maxlen: 48
2a01:ebc0:17::/48 maxlen: 48
2a01:ebc0:31::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hu4gHGXWVe6c_iUflR6pG7oVRWc.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hu4gHGXWVe6c_iUflR6pG7oVRWc.mft
rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 19 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:26:59:72:34:58:ec:19:4b:04:a5:e8:cf:34:0e:41:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86ee201c65d655ee9cfe251f951ea91bba154567
Validity
Not Before: May 14 11:57:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5f2f73a22d688652a78b7db4ca9e89aa20046aee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8d:d6:6f:d5:78:84:8c:70:bc:3f:a4:47:7e:
7d:3b:1e:fd:db:17:13:93:ed:18:e5:23:b1:88:43:
34:79:a1:94:7e:44:21:fc:b0:73:21:2a:01:5d:8f:
ae:7c:f4:f5:ed:5f:61:c1:35:f9:99:ea:90:2e:d4:
49:c7:23:c0:c0:7a:c1:c6:68:d9:6c:3f:ac:69:f6:
b1:98:32:80:f6:ac:04:d7:4a:28:d4:78:9a:d8:ce:
76:05:4d:0c:83:fa:b3:e0:ee:7e:29:37:75:8b:19:
44:f5:41:2d:ab:95:d4:74:73:2e:84:00:b9:f2:b1:
f4:f1:54:4f:fe:57:01:e4:c3:fa:b5:a0:01:52:56:
98:3b:07:73:b7:9c:c3:0d:3f:fb:7d:bb:6f:28:9c:
84:17:80:22:da:85:5d:51:d3:f0:3c:f7:ae:74:97:
de:d4:d6:30:4f:cd:58:b9:11:e6:0f:e4:8f:42:86:
36:69:89:37:ae:69:7d:96:a2:97:c8:6d:22:1d:82:
0e:0d:53:32:bb:28:93:19:4c:44:23:61:fb:2e:04:
6a:e3:4f:57:16:51:1e:d5:17:89:f9:6f:af:90:29:
33:1f:77:54:a6:c9:ea:d3:d6:84:14:b0:79:a8:bf:
db:43:a2:8a:86:2a:92:65:24:9f:ac:f8:3e:f7:e2:
36:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:2F:73:A2:2D:68:86:52:A7:8B:7D:B4:CA:9E:89:AA:20:04:6A:EE
X509v3 Authority Key Identifier:
keyid:86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/Xy9zoi1ohlKni320yp6JqiAEau4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hu4gHGXWVe6c_iUflR6pG7oVRWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.95.0/24
46.229.240.0/24
87.236.163.0/24
185.201.17.0-185.201.18.255
185.225.27.0/24
188.190.112.0/24
193.41.32.0/24
193.200.214.0/24
IPv6:
2a01:ebc0::/32
Signature Algorithm: sha256WithRSAEncryption
2e:75:c4:89:75:97:d0:34:34:52:93:5f:ed:f6:d4:90:74:ab:
fa:a6:cf:b7:42:27:95:2a:3c:ff:cc:55:f3:9c:c8:ca:e4:61:
bb:14:bc:6d:74:a3:7e:4c:37:42:ea:04:2e:6d:a9:38:88:c8:
49:f5:84:94:cd:53:2b:23:f0:c4:25:85:4d:e7:ad:25:d3:2b:
78:d1:29:fe:7b:55:d6:00:3d:89:55:70:13:95:d5:78:b3:c5:
b3:c4:3b:40:18:7f:0b:a7:6c:8c:c2:9d:a4:2f:4c:1a:8e:01:
04:5c:ab:61:b8:ba:54:26:bc:dd:be:57:86:28:fc:ce:a4:b2:
0a:cc:3c:a3:d0:fe:54:54:ae:0b:f8:35:14:eb:06:db:f2:1e:
07:47:58:9c:d9:f3:ac:63:2b:32:03:20:8b:a8:af:81:fb:9f:
05:0f:5f:2c:a4:8f:59:d3:7c:5c:1d:61:28:bd:c5:0c:84:f2:
67:46:47:ae:36:49:a5:e3:f7:ac:de:9f:2f:82:d6:b1:aa:3e:
ff:27:62:30:cf:b9:c6:3d:d7:16:72:76:2d:d9:e4:30:77:07:
6a:08:04:c3:4b:8b:ab:89:7a:b5:79:60:67:26:65:39:66:b4:
36:54:13:17:bd:c8:90:f8:da:f5:2e:0d:d0:27:85:a4:a7:c4:
d7:a7:38:78
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZ4mWXI0WOwZSwSl6M80DkGMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZWUyMDFjNjVkNjU1ZWU5Y2ZlMjUxZjk1MWVhOTFiYmEx
NTQ1NjcwHhcNMjYwNTE0MTE1NzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjJmNzNhMjJkNjg4NjUyYTc4YjdkYjRjYTllODlhYTIwMDQ2YWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs43Wb9V4hIxwvD+kR359Ox792xcT
k+0Y5SOxiEM0eaGUfkQh/LBzISoBXY+ufPT17V9hwTX5meqQLtRJxyPAwHrBxmjZ
bD+safaxmDKA9qwE10oo1Hia2M52BU0Mg/qz4O5+KTd1ixlE9UEtq5XUdHMuhAC5
8rH08VRP/lcB5MP6taABUlaYOwdzt5zDDT/7fbtvKJyEF4Ai2oVdUdPwPPeudJfe
1NYwT81YuRHmD+SPQoY2aYk3rml9lqKXyG0iHYIODVMyuyiTGUxEI2H7LgRq409X
FlEe1ReJ+W+vkCkzH3dUpsnq09aEFLB5qL/bQ6KKhiqSZSSfrPg+9+I2DQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFF8vc6ItaIZSp4t9tMqeiaogBGruMB8GA1UdIwQY
MBaAFIbuIBxl1lXunP4lH5UeqRu6FUVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEt
YThjYThlNGM3ZTc3LzEvWHk5em9pMW9obEtuaTMyMHlwNkpxaUFFYXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEtYThjYThlNGM3ZTc3
LzEvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQALZNfAwQA
LuXwAwQAV+yjMAwDBAC5yREDBAC5yRIDBAC54RsDBAC8vnADBADBKSADBADByNYw
DQQCAAIwBwMFACoB68AwDQYJKoZIhvcNAQELBQADggEBAC51xIl1l9A0NFKTX+32
1JB0q/qmz7dCJ5UqPP/MVfOcyMrkYbsUvG10o35MN0LqBC5tqTiIyEn1hJTNUysj
8MQlhU3nrSXTK3jRKf57VdYAPYlVcBOV1XizxbPEO0AYfwunbIzCnaQvTBqOAQRc
q2G4ulQmvN2+V4Yo/M6ksgrMPKPQ/lRUrgv4NRTrBtvyHgdHWJzZ86xjKzIDIIuo
r4H7nwUPXyykj1nTfFwdYSi9xQyE8mdGR642SaXj96zeny+C1rGqPv8nYjDPucY9
1xZydi3Z5DB3B2oIBMNLi6uJerV5YGcmZTlmtDZUExe9yJD42vUuDdAnhaSnxNen
OHg=
-----END CERTIFICATE-----
Generated at Tue May 19 09:28:06 2026 by rpki-client