Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/XslFfE7yqi8_uXamXBX3LBpMXA4.roa
File: XslFfE7yqi8_uXamXBX3LBpMXA4.roa (raw, json)
Hash identifier: 7u+TCHG5CUYB8HCctbOXAV9OUYjASuj1beuMfWPu+4g=
Subject key identifier: 5E:C9:45:7C:4E:F2:AA:2F:3F:B9:76:A6:5C:15:F7:2C:1A:4C:5C:0E
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019D202EEBE86F0BBEADE5DA2E5547D7579D
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/XslFfE7yqi8_uXamXBX3LBpMXA4.roa
Signing time: Tue 24 Mar 2026 14:10:39 +0000
ROA not before: Tue 24 Mar 2026 14:10:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199527
IP address blocks: 80.81.39.0/24 maxlen: 24
83.223.134.0/24 maxlen: 24
83.223.135.0/24 maxlen: 24
83.223.157.0/24 maxlen: 24
85.254.12.0/24 maxlen: 24
85.254.13.0/24 maxlen: 24
85.254.15.0/24 maxlen: 24
85.254.63.0/24 maxlen: 24
91.190.61.0/24 maxlen: 24
188.64.176.0/24 maxlen: 24
188.64.177.0/24 maxlen: 24
188.64.178.0/24 maxlen: 24
188.64.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:20:2e:eb:e8:6f:0b:be:ad:e5:da:2e:55:47:d7:57:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Mar 24 14:10:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5ec9457c4ef2aa2f3fb976a65c15f72c1a4c5c0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e3:a6:54:e5:78:9f:29:a8:43:2f:cf:08:e1:
54:7e:ba:8f:71:ac:c2:14:52:c7:47:73:fb:ce:99:
de:bf:8e:e1:af:df:ff:a3:12:c0:db:42:cc:b3:1c:
ab:88:d3:37:20:9d:7e:ca:f1:ce:3f:19:9c:b3:45:
38:1f:2c:d1:2e:22:3d:3f:a8:97:17:7a:1f:52:27:
8f:2c:8e:fc:76:e4:0c:7a:c0:60:51:28:a7:ba:fd:
bf:81:05:98:00:45:df:2e:51:05:1e:a5:ee:fc:db:
b8:fa:6d:b4:a2:a0:34:9e:7d:09:56:fc:4c:44:f4:
a1:d4:a2:48:be:e9:d1:ba:2b:c2:10:46:e5:f6:14:
bc:cd:a5:7a:97:be:7a:91:6a:07:60:28:8c:22:2d:
6b:10:65:bc:08:ec:e7:88:4e:84:07:61:ce:2f:b6:
73:14:4c:79:b6:d7:bc:27:55:11:f4:40:89:5e:0b:
b6:9b:54:9e:9e:a6:cd:c8:22:ed:96:ad:68:fc:82:
c9:1e:c9:a8:5d:a0:bd:97:74:e4:dd:88:f3:f0:b4:
10:00:8a:5f:5b:a3:c7:dc:20:15:b4:02:1e:62:26:
6a:b7:a9:6e:51:33:af:7a:32:cb:bd:8f:d8:8d:f9:
29:ca:7d:08:bd:18:1a:f3:0f:b4:99:d5:e9:1c:6e:
a2:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:C9:45:7C:4E:F2:AA:2F:3F:B9:76:A6:5C:15:F7:2C:1A:4C:5C:0E
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/XslFfE7yqi8_uXamXBX3LBpMXA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.39.0/24
83.223.134.0/23
83.223.157.0/24
85.254.12.0/23
85.254.15.0/24
85.254.63.0/24
91.190.61.0/24
188.64.176.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:7e:aa:cd:2f:9d:ed:e1:15:83:27:6c:5b:b6:d6:67:97:8d:
12:ed:41:56:84:66:31:13:2f:64:9b:2d:8f:a7:44:c6:08:1e:
9a:c8:0c:6f:c8:05:b5:ec:d1:c2:82:5b:59:08:8a:bb:93:4b:
1e:12:ea:46:bf:38:c7:e4:33:d2:a3:19:ec:d6:6d:b6:79:76:
37:d8:0c:27:ac:26:ac:94:e8:3f:e1:d3:1c:8b:35:ec:30:e0:
b3:fc:85:4b:6d:c2:19:0a:e3:ec:d7:06:e2:4c:54:07:9c:58:
11:71:4f:98:f5:a9:d7:3f:e8:95:3a:33:1d:a3:58:c8:fa:f8:
28:ce:6c:12:7e:6e:02:dc:51:6b:a2:e1:55:5b:18:b4:5e:16:
fc:0a:c3:8d:6b:6a:65:ec:fa:8b:82:31:5c:61:6d:ff:dd:6a:
cc:f5:98:ed:52:1a:b0:13:da:c0:81:66:94:7a:ef:41:47:3d:
8a:9d:fa:d0:38:ae:9f:74:ae:2b:e3:53:78:38:44:37:79:cd:
b7:e8:c4:9c:36:1d:6f:8b:7a:db:01:2a:ca:f2:c4:6b:33:73:
dd:80:37:dc:68:cd:44:5f:7b:24:57:45:d3:a9:6e:ff:a2:d9:
54:4e:dd:39:1e:31:77:77:8e:6d:04:44:04:ca:b3:3b:56:ef:
8a:73:0b:4d
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZ0gLuvobwu+reXaLlVH11edMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjYwMzI0MTQxMDM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWM5NDU3YzRlZjJhYTJmM2ZiOTc2YTY1YzE1ZjcyYzFhNGM1YzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OOmVOV4nymoQy/PCOFUfrqPcazC
FFLHR3P7zpnev47hr9//oxLA20LMsxyriNM3IJ1+yvHOPxmcs0U4HyzRLiI9P6iX
F3ofUiePLI78duQMesBgUSinuv2/gQWYAEXfLlEFHqXu/Nu4+m20oqA0nn0JVvxM
RPSh1KJIvunRuivCEEbl9hS8zaV6l756kWoHYCiMIi1rEGW8COzniE6EB2HOL7Zz
FEx5tte8J1UR9ECJXgu2m1SenqbNyCLtlq1o/ILJHsmoXaC9l3Tk3Yjz8LQQAIpf
W6PH3CAVtAIeYiZqt6luUTOvejLLvY/Yjfkpyn0IvRga8w+0mdXpHG6ibwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFF7JRXxO8qovP7l2plwV9ywaTFwOMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvWHNsRmZFN3lxaThfdVhhbVhCWDNMQnBNWEE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAUFEnAwQB
U9+GAwQAU9+dAwQBVf4MAwQAVf4PAwQAVf4/AwQAW749AwQCvECwMA0GCSqGSIb3
DQEBCwUAA4IBAQArfqrNL53t4RWDJ2xbttZnl40S7UFWhGYxEy9kmy2Pp0TGCB6a
yAxvyAW17NHCgltZCIq7k0seEupGvzjH5DPSoxns1m22eXY32AwnrCaslOg/4dMc
izXsMOCz/IVLbcIZCuPs1wbiTFQHnFgRcU+Y9anXP+iVOjMdo1jI+vgozmwSfm4C
3FFrouFVWxi0Xhb8CsONa2pl7PqLgjFcYW3/3WrM9ZjtUhqwE9rAgWaUeu9BRz2K
nfrQOK6fdK4r41N4OEQ3ec236MScNh1vi3rbASrK8sRrM3PdgDfcaM1EX3skV0XT
qW7/otlUTt05HjF3d45tBEQEyrM7Vu+KcwtN
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:34:27 2026 by rpki-client