Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/c_xaTl9gP9JwlPnyxymXg5TMLIU.roa
File: c_xaTl9gP9JwlPnyxymXg5TMLIU.roa (raw, json)
Hash identifier: IFehYmfAeHvCA3C5RhETbg4GssWey8RutTmAyM818G8=
Subject key identifier: 73:FC:5A:4E:5F:60:3F:D2:70:94:F9:F2:C7:29:97:83:94:CC:2C:85
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 019E129CA78B808737DEFABC469A0021CD29
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/c_xaTl9gP9JwlPnyxymXg5TMLIU.roa
Signing time: Sun 10 May 2026 15:58:36 +0000
ROA not before: Sun 10 May 2026 15:58:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 91.109.40.0/24 maxlen: 24
91.109.41.0/24 maxlen: 24
91.109.44.0/24 maxlen: 24
91.109.45.0/24 maxlen: 24
91.109.46.0/24 maxlen: 24
147.185.196.0/24 maxlen: 24
193.168.200.0/24 maxlen: 24
193.168.203.0/24 maxlen: 24
207.244.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:12:9c:a7:8b:80:87:37:de:fa:bc:46:9a:00:21:cd:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: May 10 15:58:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=73fc5a4e5f603fd27094f9f2c729978394cc2c85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:6e:99:d7:5d:4d:4d:aa:c7:38:e5:93:b6:0d:
5c:83:32:17:f4:23:73:c5:85:20:5d:8c:39:49:79:
fa:7b:ae:cb:23:bc:4c:50:73:09:f6:9c:20:08:36:
cc:4d:a5:52:5e:2a:48:c2:26:e0:41:6d:7f:9e:a9:
e0:e7:04:eb:24:e3:42:3f:fe:68:78:62:02:ee:bf:
2e:46:aa:86:0e:eb:21:56:14:e2:b7:dd:30:11:f9:
bb:d1:00:bd:6a:05:32:eb:46:04:c1:ee:ab:b4:d7:
a1:4f:37:49:e9:f6:d9:f4:09:3b:d2:68:fc:cb:e3:
df:d3:c9:99:e8:b6:99:cf:a8:c9:f4:49:63:ad:4b:
1d:22:a8:ab:87:12:b4:78:43:8e:01:53:93:db:16:
a5:51:32:cb:13:0d:f6:ff:71:80:23:3c:26:55:f9:
5e:4a:c5:09:f0:08:e5:3b:87:94:98:c4:21:36:cf:
66:3e:e5:7c:1a:92:11:a2:ed:e0:61:1d:ae:bb:5d:
c9:f5:6b:77:65:56:9b:d0:6e:0a:6d:78:c5:37:33:
4a:d2:d5:8d:7c:60:61:73:28:e9:84:9e:8b:a6:17:
e8:5a:b8:5e:20:59:3a:ec:17:ab:ad:47:b9:65:82:
8d:13:f1:06:2d:d8:f7:02:3c:18:a7:00:c4:4c:e8:
8f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:FC:5A:4E:5F:60:3F:D2:70:94:F9:F2:C7:29:97:83:94:CC:2C:85
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/c_xaTl9gP9JwlPnyxymXg5TMLIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.109.40.0/23
91.109.44.0-91.109.46.255
147.185.196.0/24
193.168.200.0/24
193.168.203.0/24
207.244.198.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:5f:63:71:a0:3b:d0:dc:bf:4d:9e:f4:f1:b1:80:0b:5f:72:
33:74:15:7c:d1:24:20:1c:e5:91:57:38:3a:44:57:f8:46:0a:
77:3f:4f:5b:47:09:e0:7b:3b:9e:4c:18:6f:38:7f:6b:6f:3c:
b9:02:1e:eb:ad:57:b2:fc:8e:8a:62:38:b5:dc:05:6a:fe:31:
bd:e6:99:00:33:dc:d9:53:4f:00:ba:22:8b:02:c1:f1:4f:e2:
aa:aa:79:db:82:b7:39:db:ad:6f:50:04:4b:11:c6:7d:5f:51:
79:4e:14:8a:e7:ed:e3:63:40:0b:23:fd:fe:69:0c:9f:d5:45:
dd:71:6f:26:02:4a:7b:40:3d:4c:3f:03:83:af:22:02:59:13:
cc:c6:75:36:e2:1d:90:6c:14:5f:1a:c7:c6:bc:7c:aa:c8:11:
df:dd:76:76:f0:38:45:c7:fa:c6:ce:32:85:db:de:81:3e:28:
40:e7:5d:f6:a9:79:c0:10:7c:2c:1d:4e:4b:af:c3:04:07:85:
0b:3b:a1:1d:06:a0:d5:a8:85:cd:21:ef:27:eb:e4:14:38:1c:
8d:ae:91:09:b4:28:df:be:48:24:ce:a4:3d:63:63:1a:1f:ab:
59:ea:98:33:95:9f:35:56:ac:6b:ca:db:c6:bb:f7:89:7b:c0:
49:1c:15:46
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZ4SnKeLgIc33vq8RpoAIc0pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjYwNTEwMTU1ODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2ZjNWE0ZTVmNjAzZmQyNzA5NGY5ZjJjNzI5OTc4Mzk0Y2MyYzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8G6Z111NTarHOOWTtg1cgzIX9CNz
xYUgXYw5SXn6e67LI7xMUHMJ9pwgCDbMTaVSXipIwibgQW1/nqng5wTrJONCP/5o
eGIC7r8uRqqGDushVhTit90wEfm70QC9agUy60YEwe6rtNehTzdJ6fbZ9Ak70mj8
y+Pf08mZ6LaZz6jJ9EljrUsdIqirhxK0eEOOAVOT2xalUTLLEw32/3GAIzwmVfle
SsUJ8AjlO4eUmMQhNs9mPuV8GpIRou3gYR2uu13J9Wt3ZVab0G4KbXjFNzNK0tWN
fGBhcyjphJ6LphfoWrheIFk67BerrUe5ZYKNE/EGLdj3AjwYpwDETOiPVQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFHP8Wk5fYD/ScJT58scpl4OUzCyFMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvY194YVRsOWdQOUp3bFBueXh5bVhnNVRNTElVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQBW20oMAwD
BAJbbSwDBABbbS4DBACTucQDBADBqMgDBADBqMsDBADP9MYwDQYJKoZIhvcNAQEL
BQADggEBAC9fY3GgO9Dcv02e9PGxgAtfcjN0FXzRJCAc5ZFXODpEV/hGCnc/T1tH
CeB7O55MGG84f2tvPLkCHuutV7L8jopiOLXcBWr+Mb3mmQAz3NlTTwC6IosCwfFP
4qqqeduCtznbrW9QBEsRxn1fUXlOFIrn7eNjQAsj/f5pDJ/VRd1xbyYCSntAPUw/
A4OvIgJZE8zGdTbiHZBsFF8ax8a8fKrIEd/ddnbwOEXH+sbOMoXb3oE+KEDnXfap
ecAQfCwdTkuvwwQHhQs7oR0GoNWohc0h7yfr5BQ4HI2ukQm0KN++SCTOpD1jYxof
q1nqmDOVnzVWrGvK28a794l7wEkcFUY=
-----END CERTIFICATE-----
Generated at Tue May 12 22:16:21 2026 by rpki-client