Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/f0ad4d-d1c2-4f15-a199-e34255f5006a/1/xkospZ8VDgr5HEQ7FH2579LCSdY.roa
File: xkospZ8VDgr5HEQ7FH2579LCSdY.roa (raw, json)
Hash identifier: HfJsaHRKIrTg2Dnzwwy9sQpbTZKrMPPVshND+I4qJ4M=
Subject key identifier: C6:4A:2C:A5:9F:15:0E:0A:F9:1C:44:3B:14:7D:B9:EF:D2:C2:49:D6
Certificate issuer: /CN=2ed9b0ee387c9afd15c7b7784005e86cc97e8818
Certificate serial: 019DB507FAD5C03A00E4D7983185F1A588F2
Authority key identifier: 2E:D9:B0:EE:38:7C:9A:FD:15:C7:B7:78:40:05:E8:6C:C9:7E:88:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ltmw7jh8mv0Vx7d4QAXobMl-iBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/f0ad4d-d1c2-4f15-a199-e34255f5006a/1/xkospZ8VDgr5HEQ7FH2579LCSdY.roa
Signing time: Wed 22 Apr 2026 11:51:32 +0000
ROA not before: Wed 22 Apr 2026 11:51:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210644
IP address blocks: 2a01:e5c0:2000::/36 maxlen: 36
2a01:e5c0:3000::/36 maxlen: 36
2a01:e5c0:4000::/36 maxlen: 36
2a01:e5c0:5000::/36 maxlen: 36
2a01:e5c0:6000::/36 maxlen: 36
2a01:e5c0:7000::/36 maxlen: 36
2a01:e5c0:8000::/48 maxlen: 48
2a01:e5c0:8003::/48 maxlen: 48
2a01:e5c0:8004:ec3b::/64 maxlen: 64
2a01:e5c0:8008::/48 maxlen: 48
2a01:e5c0:9000::/36 maxlen: 36
2a01:e5c0:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/f0ad4d-d1c2-4f15-a199-e34255f5006a/1/Ltmw7jh8mv0Vx7d4QAXobMl-iBg.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/f0ad4d-d1c2-4f15-a199-e34255f5006a/1/Ltmw7jh8mv0Vx7d4QAXobMl-iBg.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ltmw7jh8mv0Vx7d4QAXobMl-iBg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b5:07:fa:d5:c0:3a:00:e4:d7:98:31:85:f1:a5:88:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ed9b0ee387c9afd15c7b7784005e86cc97e8818
Validity
Not Before: Apr 22 11:51:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c64a2ca59f150e0af91c443b147db9efd2c249d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d9:38:5c:51:ea:82:3e:e9:e4:88:4d:d2:56:
bd:f2:e8:e6:c8:1c:53:ca:b3:e4:d7:27:2e:c7:48:
fa:48:cf:05:93:4b:e7:3f:28:0c:0f:d6:e1:8e:a4:
ef:1e:0c:87:9f:ae:42:78:78:18:9d:48:d0:7e:9a:
51:0f:bf:f2:2b:ab:39:ca:74:20:31:81:b4:9c:14:
c7:de:74:b5:ec:e6:16:b6:ba:6c:ac:5f:09:09:8f:
0d:37:0e:2a:d3:41:17:16:57:65:63:67:df:72:9b:
1f:e0:1c:93:38:30:e6:3c:f9:f9:98:d7:12:6d:6e:
df:3d:d2:21:21:37:d0:b4:91:63:f3:91:29:3b:b0:
0b:a8:3a:6e:a3:05:45:1e:bc:09:da:d8:ed:37:b7:
a2:aa:c0:a3:18:68:f9:67:27:d9:63:1f:5b:13:19:
19:c7:01:db:51:29:c2:81:52:83:60:78:38:a7:53:
70:07:e8:b9:01:08:3c:43:23:d1:4a:8e:e7:9d:88:
eb:7e:ab:72:2d:29:88:e1:68:fd:8d:17:e9:cb:f5:
69:0f:c1:4a:34:e9:52:fa:c3:44:94:1c:94:fb:a1:
a6:c3:cb:a0:c6:81:4c:e3:16:64:24:45:81:30:d0:
54:8a:24:70:4c:e0:04:c8:80:10:68:22:13:12:46:
ca:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:4A:2C:A5:9F:15:0E:0A:F9:1C:44:3B:14:7D:B9:EF:D2:C2:49:D6
X509v3 Authority Key Identifier:
keyid:2E:D9:B0:EE:38:7C:9A:FD:15:C7:B7:78:40:05:E8:6C:C9:7E:88:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ltmw7jh8mv0Vx7d4QAXobMl-iBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/f0ad4d-d1c2-4f15-a199-e34255f5006a/1/xkospZ8VDgr5HEQ7FH2579LCSdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/f0ad4d-d1c2-4f15-a199-e34255f5006a/1/Ltmw7jh8mv0Vx7d4QAXobMl-iBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e5c0:2000::-2a01:e5c0:8000:ffff:ffff:ffff:ffff:ffff
2a01:e5c0:8003::/48
2a01:e5c0:8004:ec3b::/64
2a01:e5c0:8008::/48
2a01:e5c0:9000::/36
2a01:e5c0:f000::/36
Signature Algorithm: sha256WithRSAEncryption
7a:4c:ef:e7:f4:f7:ee:53:26:72:18:25:ce:64:5b:f5:c1:30:
77:56:11:b3:10:05:46:a6:85:b2:24:6c:9e:cf:02:8e:1e:4a:
37:7e:e1:bc:63:7b:cd:b5:e4:92:29:0c:7a:6e:5f:d9:f3:d6:
73:b0:b3:7b:31:bf:09:72:06:84:84:41:2c:e1:29:e1:e5:a4:
10:30:47:f9:88:d1:4c:c2:72:da:16:74:54:47:48:91:d9:53:
1c:53:2a:5d:d2:e2:7d:2e:ea:77:33:8e:6b:8b:e5:44:63:fb:
97:37:aa:74:ce:95:c6:20:34:a0:8c:32:69:24:bb:ab:ff:7a:
59:bb:72:b2:bc:81:e1:a2:a1:7c:f1:aa:84:44:77:1c:77:4b:
5b:44:27:1a:95:ec:40:dc:cd:6e:1a:19:11:d4:c8:88:51:ac:
a2:14:6f:9b:65:36:b3:d6:f1:15:01:c6:ec:87:45:c1:b1:13:
20:96:f4:5c:37:08:35:e7:67:66:d3:d9:c7:ad:51:ce:e5:8c:
1c:52:84:5e:41:59:69:74:0b:e3:41:e2:ad:d6:e7:42:2f:75:
d4:af:57:eb:ff:b5:c5:e1:75:94:2e:33:b3:f2:04:8b:09:f1:
b3:38:ca:5c:19:6c:cd:49:7c:a2:2a:f2:c5:ad:91:f9:2d:33:
06:a8:53:77
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZ21B/rVwDoA5NeYMYXxpYjyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZDliMGVlMzg3YzlhZmQxNWM3Yjc3ODQwMDVlODZjYzk3
ZTg4MTgwHhcNMjYwNDIyMTE1MTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjRhMmNhNTlmMTUwZTBhZjkxYzQ0M2IxNDdkYjllZmQyYzI0OWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutk4XFHqgj7p5IhN0la98ujmyBxT
yrPk1ycux0j6SM8Fk0vnPygMD9bhjqTvHgyHn65CeHgYnUjQfppRD7/yK6s5ynQg
MYG0nBTH3nS17OYWtrpsrF8JCY8NNw4q00EXFldlY2ffcpsf4ByTODDmPPn5mNcS
bW7fPdIhITfQtJFj85EpO7ALqDpuowVFHrwJ2tjtN7eiqsCjGGj5ZyfZYx9bExkZ
xwHbUSnCgVKDYHg4p1NwB+i5AQg8QyPRSo7nnYjrfqtyLSmI4Wj9jRfpy/VpD8FK
NOlS+sNElByU+6Gmw8ugxoFM4xZkJEWBMNBUiiRwTOAEyIAQaCITEkbK2wIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFMZKLKWfFQ4K+RxEOxR9ue/SwknWMB8GA1UdIwQY
MBaAFC7ZsO44fJr9Fce3eEAF6GzJfogYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHRtdzdqaDhtdjBWeDdkNFFBWG9iTWwtaUJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9mMGFkNGQtZDFjMi00ZjE1LWExOTkt
ZTM0MjU1ZjUwMDZhLzEveGtvc3BaOFZEZ3I1SEVRN0ZIMjU3OUxDU2RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9mMGFkNGQtZDFjMi00ZjE1LWExOTktZTM0MjU1ZjUwMDZh
LzEvTHRtdzdqaDhtdjBWeDdkNFFBWG9iTWwtaUJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAAjBAMBEDBgUqAeXA
IAMHACoB5cCAAAMHACoB5cCAAwMJACoB5cCABOw7AwcAKgHlwIAIAwYEKgHlwJAD
BgQqAeXA8DANBgkqhkiG9w0BAQsFAAOCAQEAekzv5/T37lMmchglzmRb9cEwd1YR
sxAFRqaFsiRsns8Cjh5KN37hvGN7zbXkkikMem5f2fPWc7CzezG/CXIGhIRBLOEp
4eWkEDBH+YjRTMJy2hZ0VEdIkdlTHFMqXdLifS7qdzOOa4vlRGP7lzeqdM6VxiA0
oIwyaSS7q/96WbtysryB4aKhfPGqhER3HHdLW0QnGpXsQNzNbhoZEdTIiFGsohRv
m2U2s9bxFQHG7IdFwbETIJb0XDcINednZtPZx61RzuWMHFKEXkFZaXQL40Hirdbn
Qi911K9X6/+1xeF1lC4zs/IEiwnxszjKXBlszUl8oiryxa2R+S0zBqhTdw==
-----END CERTIFICATE-----
Generated at Tue May 12 21:53:35 2026 by rpki-client