Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/22df61-b609-4986-99e3-926c4a326e08/1/XvwcowRQqw3vC8CDzXMHK3Qppok.roa
File: XvwcowRQqw3vC8CDzXMHK3Qppok.roa (raw, json)
Hash identifier: sYuGrFtDRAMXSeEbGGnBEDhF/9Cc3KSQ5r4kzxa+bwg=
Subject key identifier: 5E:FC:1C:A3:04:50:AB:0D:EF:0B:C0:83:CD:73:07:2B:74:29:A6:89
Certificate issuer: /CN=aeb0b777f5377bb1c50653884b03e27dcdee828e
Certificate serial: 019DAB8DBF440F769450E0F561BA338B16F0
Authority key identifier: AE:B0:B7:77:F5:37:7B:B1:C5:06:53:88:4B:03:E2:7D:CD:EE:82:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rrC3d_U3e7HFBlOISwPifc3ugo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/22df61-b609-4986-99e3-926c4a326e08/1/XvwcowRQqw3vC8CDzXMHK3Qppok.roa
Signing time: Mon 20 Apr 2026 15:41:26 +0000
ROA not before: Mon 20 Apr 2026 15:41:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 33921
IP address blocks: 5.42.207.0/24 maxlen: 24
45.92.79.0/24 maxlen: 24
84.246.112.0/24 maxlen: 24
84.246.113.0/24 maxlen: 24
84.246.114.0/24 maxlen: 24
84.246.115.0/24 maxlen: 24
141.98.208.0/24 maxlen: 24
185.5.129.0/24 maxlen: 24
194.213.108.0/24 maxlen: 24
2a13:a380::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/22df61-b609-4986-99e3-926c4a326e08/1/rrC3d_U3e7HFBlOISwPifc3ugo4.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/22df61-b609-4986-99e3-926c4a326e08/1/rrC3d_U3e7HFBlOISwPifc3ugo4.mft
rsync://rpki.ripe.net/repository/DEFAULT/rrC3d_U3e7HFBlOISwPifc3ugo4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ab:8d:bf:44:0f:76:94:50:e0:f5:61:ba:33:8b:16:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aeb0b777f5377bb1c50653884b03e27dcdee828e
Validity
Not Before: Apr 20 15:41:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5efc1ca30450ab0def0bc083cd73072b7429a689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1f:5c:49:ce:ea:60:5b:5e:f1:eb:8a:5d:1a:
9f:1b:72:a9:2c:59:d1:9e:2b:a4:dd:eb:7a:3a:7c:
40:8d:2e:00:37:7b:bf:2a:f4:cd:ac:d2:db:18:72:
a4:64:e4:36:7a:b7:c9:86:b2:3a:6c:fa:ed:42:86:
64:1c:db:04:5a:9a:4f:b6:43:3f:9c:0c:05:df:ab:
98:f3:f1:09:e1:91:f0:10:3b:97:f7:a7:3b:04:06:
48:6e:a1:a1:89:37:1c:a6:18:20:34:30:c8:b9:66:
60:b6:c2:7a:2c:21:07:32:9c:ec:c2:28:96:da:88:
67:9e:91:13:5f:c2:5c:ef:89:62:04:ab:2b:c2:de:
e7:11:e7:3d:4c:74:a1:44:18:67:16:ff:75:be:97:
94:eb:89:c8:1d:d1:e8:68:5f:39:87:f7:79:9d:84:
0b:52:03:c5:b2:d6:b2:20:86:56:7c:b3:9b:7d:4e:
34:13:3b:f5:27:be:7b:30:7c:e2:00:e6:fe:74:e8:
5e:21:95:a9:23:e2:54:85:3a:b8:23:b6:3d:a9:98:
52:c6:a4:58:47:9e:7b:bc:f2:81:78:51:8b:e6:6e:
7e:89:aa:5d:89:d7:0d:e3:6c:41:4d:45:72:08:c2:
0a:1d:d4:de:11:f5:7b:b9:50:ef:15:c0:d7:ff:e3:
e8:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:FC:1C:A3:04:50:AB:0D:EF:0B:C0:83:CD:73:07:2B:74:29:A6:89
X509v3 Authority Key Identifier:
keyid:AE:B0:B7:77:F5:37:7B:B1:C5:06:53:88:4B:03:E2:7D:CD:EE:82:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrC3d_U3e7HFBlOISwPifc3ugo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/22df61-b609-4986-99e3-926c4a326e08/1/XvwcowRQqw3vC8CDzXMHK3Qppok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/22df61-b609-4986-99e3-926c4a326e08/1/rrC3d_U3e7HFBlOISwPifc3ugo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.207.0/24
45.92.79.0/24
84.246.112.0/22
141.98.208.0/24
185.5.129.0/24
194.213.108.0/24
IPv6:
2a13:a380::/40
Signature Algorithm: sha256WithRSAEncryption
78:e7:c1:7c:37:27:5c:c5:38:dc:eb:88:f6:14:d8:d2:0c:ba:
65:ee:d2:00:d2:1b:39:8b:dd:5f:2b:72:7c:b8:3c:36:e9:d7:
f7:05:49:77:b0:7b:fd:b4:9d:fb:46:df:2b:af:42:db:16:3b:
ff:8e:9a:02:bd:f1:64:9d:57:ba:34:35:50:f1:c2:70:c1:82:
85:8f:6e:4c:4a:75:4a:dd:fb:b9:d1:0e:de:d0:7a:64:62:48:
d7:6d:84:06:79:1d:e8:7c:6a:dd:81:bb:f3:f3:15:e2:63:f2:
a6:d6:de:ae:5a:85:60:d6:00:73:df:af:59:1b:73:b1:dc:cf:
a9:9e:b9:cc:36:e0:4a:05:ff:3f:cc:18:39:34:4e:2a:0d:73:
45:7b:8c:f7:f4:68:71:4d:ba:ee:de:42:af:a6:a8:f2:4a:65:
08:1e:26:8b:96:11:b3:17:17:dd:9b:44:b3:af:12:cd:cf:f8:
f2:f1:6a:43:3c:6b:69:08:a7:d1:26:b2:01:f5:3d:cc:81:76:
61:13:2d:2a:eb:d2:10:60:04:41:2b:bb:f3:60:73:a2:59:71:
af:95:20:9c:1a:75:e7:a0:d1:53:93:65:27:e1:b9:3a:c3:33:
84:e5:08:a6:e3:16:25:77:28:cf:3a:cf:70:fa:29:9e:96:78:
25:32:6d:9a
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZ2rjb9ED3aUUOD1YbozixbwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYjBiNzc3ZjUzNzdiYjFjNTA2NTM4ODRiMDNlMjdkY2Rl
ZTgyOGUwHhcNMjYwNDIwMTU0MTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWZjMWNhMzA0NTBhYjBkZWYwYmMwODNjZDczMDcyYjc0MjlhNjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAux9cSc7qYFte8euKXRqfG3KpLFnR
niuk3et6OnxAjS4AN3u/KvTNrNLbGHKkZOQ2erfJhrI6bPrtQoZkHNsEWppPtkM/
nAwF36uY8/EJ4ZHwEDuX96c7BAZIbqGhiTccphggNDDIuWZgtsJ6LCEHMpzswiiW
2ohnnpETX8Jc74liBKsrwt7nEec9THShRBhnFv91vpeU64nIHdHoaF85h/d5nYQL
UgPFstayIIZWfLObfU40Ezv1J757MHziAOb+dOheIZWpI+JUhTq4I7Y9qZhSxqRY
R557vPKBeFGL5m5+iapdidcN42xBTUVyCMIKHdTeEfV7uVDvFcDX/+PotwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFF78HKMEUKsN7wvAg81zByt0KaaJMB8GA1UdIwQY
MBaAFK6wt3f1N3uxxQZTiEsD4n3N7oKOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnJDM2RfVTNlN0hGQmxPSVN3UGlmYzN1Z280LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8yMmRmNjEtYjYwOS00OTg2LTk5ZTMt
OTI2YzRhMzI2ZTA4LzEvWHZ3Y293UlFxdzN2QzhDRHpYTUhLM1FwcG9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8yMmRmNjEtYjYwOS00OTg2LTk5ZTMtOTI2YzRhMzI2ZTA4
LzEvcnJDM2RfVTNlN0hGQmxPSVN3UGlmYzN1Z280LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAqBAIAATAkAwQABSrPAwQA
LVxPAwQCVPZwAwQAjWLQAwQAuQWBAwQAwtVsMA4EAgACMAgDBgAqE6OAADANBgkq
hkiG9w0BAQsFAAOCAQEAeOfBfDcnXMU43OuI9hTY0gy6Ze7SANIbOYvdXytyfLg8
NunX9wVJd7B7/bSd+0bfK69C2xY7/46aAr3xZJ1XujQ1UPHCcMGChY9uTEp1St37
udEO3tB6ZGJI122EBnkd6Hxq3YG78/MV4mPyptberlqFYNYAc9+vWRtzsdzPqZ65
zDbgSgX/P8wYOTROKg1zRXuM9/RocU267t5Cr6ao8kplCB4mi5YRsxcX3ZtEs68S
zc/48vFqQzxraQin0SayAfU9zIF2YRMtKuvSEGAEQSu782Bzollxr5UgnBp156DR
U5NlJ+G5OsMzhOUIpuMWJXcozzrPcPopnpZ4JTJtmg==
-----END CERTIFICATE-----
Generated at Wed May 13 09:17:31 2026 by rpki-client