Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/3c8854-d3e6-4581-ab33-63ced8762042/1/Xa7fNq306iK_L67oeRoGpGyVl8A.roa
File: Xa7fNq306iK_L67oeRoGpGyVl8A.roa (raw, json)
Hash identifier: bcfCdxRyLe0Ir4b0bc+ci5cWcTFvO5oyxAsQNP3eSUk=
Subject key identifier: 5D:AE:DF:36:AD:F4:EA:22:BF:2F:AE:E8:79:1A:06:A4:6C:95:97:C0
Certificate issuer: /CN=4b78caa7741f99b9fbca4f4943c8b79f00bebff8
Certificate serial: 019D05FD74DBC48A9C77D3F54BB79EAF18B6
Authority key identifier: 4B:78:CA:A7:74:1F:99:B9:FB:CA:4F:49:43:C8:B7:9F:00:BE:BF:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S3jKp3Qfmbn7yk9JQ8i3nwC-v_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/3c8854-d3e6-4581-ab33-63ced8762042/1/Xa7fNq306iK_L67oeRoGpGyVl8A.roa
Signing time: Thu 19 Mar 2026 12:06:29 +0000
ROA not before: Thu 19 Mar 2026 12:06:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 401838
IP address blocks: 78.24.122.0/24 maxlen: 24
78.24.123.0/24 maxlen: 24
78.24.124.0/24 maxlen: 24
78.24.125.0/24 maxlen: 24
93.92.18.0/24 maxlen: 24
93.92.22.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/3c8854-d3e6-4581-ab33-63ced8762042/1/S3jKp3Qfmbn7yk9JQ8i3nwC-v_g.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/3c8854-d3e6-4581-ab33-63ced8762042/1/S3jKp3Qfmbn7yk9JQ8i3nwC-v_g.mft
rsync://rpki.ripe.net/repository/DEFAULT/S3jKp3Qfmbn7yk9JQ8i3nwC-v_g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 21:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:05:fd:74:db:c4:8a:9c:77:d3:f5:4b:b7:9e:af:18:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b78caa7741f99b9fbca4f4943c8b79f00bebff8
Validity
Not Before: Mar 19 12:06:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5daedf36adf4ea22bf2faee8791a06a46c9597c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2f:2d:45:8f:59:e2:01:31:68:6b:8d:a1:14:
09:7d:d2:95:c4:39:68:3f:09:77:27:87:1c:31:53:
5e:fe:85:34:8a:ca:8d:16:0f:31:af:30:bf:e4:52:
44:26:d7:40:57:06:39:0d:7f:c7:3c:3d:00:3c:5f:
0b:31:6f:70:fe:23:84:1f:60:a1:2c:82:c0:93:06:
18:7a:51:79:b7:c6:2b:cb:7b:e0:3d:52:ef:17:76:
27:84:0b:ce:7a:1e:a5:f4:e5:99:31:7f:97:cb:7c:
29:70:5f:33:80:e2:1a:16:da:64:67:97:bc:1a:17:
af:77:52:f4:7c:4a:07:78:bc:16:d1:fe:d4:89:83:
6c:eb:5a:12:05:6f:99:94:63:1b:23:12:3e:aa:65:
57:b2:c5:7b:29:dd:b3:3d:a5:a5:0c:33:48:50:2f:
40:14:1c:68:06:58:03:c5:5e:a6:f6:8e:c3:36:a4:
a6:ac:5b:c6:16:69:d8:08:f8:e4:4b:9d:07:de:46:
45:3e:89:10:a3:69:7d:68:74:3a:bb:e3:ae:26:08:
d3:04:f5:ba:0b:f3:d0:75:59:b7:03:e6:d9:8d:93:
3f:fb:2e:c2:6c:b9:ef:27:f7:58:6d:b9:f3:ba:0b:
94:74:af:dd:e6:fd:c3:6d:f3:89:f2:bd:7a:d6:92:
12:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:AE:DF:36:AD:F4:EA:22:BF:2F:AE:E8:79:1A:06:A4:6C:95:97:C0
X509v3 Authority Key Identifier:
keyid:4B:78:CA:A7:74:1F:99:B9:FB:CA:4F:49:43:C8:B7:9F:00:BE:BF:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S3jKp3Qfmbn7yk9JQ8i3nwC-v_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/3c8854-d3e6-4581-ab33-63ced8762042/1/Xa7fNq306iK_L67oeRoGpGyVl8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/3c8854-d3e6-4581-ab33-63ced8762042/1/S3jKp3Qfmbn7yk9JQ8i3nwC-v_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.122.0-78.24.125.255
93.92.18.0/24
93.92.22.0/23
Signature Algorithm: sha256WithRSAEncryption
47:b6:0d:34:5c:9f:72:44:41:ca:44:e2:1d:bd:db:90:04:86:
8a:38:00:94:89:2d:29:bf:fc:65:f0:53:08:84:86:83:c2:bc:
6f:fe:ac:8d:0d:3d:dd:8c:52:e6:9d:f7:0b:7e:09:14:2f:4e:
f8:40:a3:54:fc:2e:b4:9a:52:c2:21:ab:27:74:f7:cc:7d:70:
19:2f:c4:2e:7a:6e:f8:bd:45:04:ca:c8:5b:cb:71:24:ba:de:
6a:46:cb:c5:b0:50:60:8e:ac:5f:e5:22:78:f2:c8:77:10:c2:
33:d6:bd:92:e5:0a:fd:1b:7f:98:13:f0:4f:2e:f6:40:32:84:
ae:5b:80:4c:64:83:59:a7:e4:96:7a:c7:d0:4c:78:ec:b0:c2:
37:99:f5:31:b2:28:1e:26:98:fa:f6:c6:ef:e6:bf:2d:1c:34:
04:c8:d7:79:d1:ba:f7:31:c1:f0:be:f1:52:cc:ea:79:a7:75:
4d:b4:ae:89:be:16:bc:20:bf:b0:68:a8:85:80:2c:3d:fe:18:
31:fa:69:62:13:ff:c8:30:02:36:3a:0c:ba:bc:6f:7f:38:65:
d9:a2:1b:e6:32:32:88:dc:11:57:c3:94:d2:aa:fe:13:48:41:
bd:14:4c:12:35:41:59:55:3f:d7:48:58:aa:3d:11:2d:f1:b2:
96:53:65:20
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ0F/XTbxIqcd9P1S7eerxi2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNzhjYWE3NzQxZjk5YjlmYmNhNGY0OTQzYzhiNzlmMDBi
ZWJmZjgwHhcNMjYwMzE5MTIwNjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGFlZGYzNmFkZjRlYTIyYmYyZmFlZTg3OTFhMDZhNDZjOTU5N2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwS8tRY9Z4gExaGuNoRQJfdKVxDlo
Pwl3J4ccMVNe/oU0isqNFg8xrzC/5FJEJtdAVwY5DX/HPD0APF8LMW9w/iOEH2Ch
LILAkwYYelF5t8Yry3vgPVLvF3YnhAvOeh6l9OWZMX+Xy3wpcF8zgOIaFtpkZ5e8
Ghevd1L0fEoHeLwW0f7UiYNs61oSBW+ZlGMbIxI+qmVXssV7Kd2zPaWlDDNIUC9A
FBxoBlgDxV6m9o7DNqSmrFvGFmnYCPjkS50H3kZFPokQo2l9aHQ6u+OuJgjTBPW6
C/PQdVm3A+bZjZM/+y7CbLnvJ/dYbbnzuguUdK/d5v3DbfOJ8r161pISEQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFF2u3zat9Ooivy+u6HkaBqRslZfAMB8GA1UdIwQY
MBaAFEt4yqd0H5m5+8pPSUPIt58Avr/4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzNqS3AzUWZtYm43eWs5SlE4aTNud0Mtdl9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8zYzg4NTQtZDNlNi00NTgxLWFiMzMt
NjNjZWQ4NzYyMDQyLzEvWGE3Zk5xMzA2aUtfTDY3b2VSb0dwR3lWbDhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8zYzg4NTQtZDNlNi00NTgxLWFiMzMtNjNjZWQ4NzYyMDQy
LzEvUzNqS3AzUWZtYm43eWs5SlE4aTNud0Mtdl9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAFOGHoD
BAFOGHwDBABdXBIDBAFdXBYwDQYJKoZIhvcNAQELBQADggEBAEe2DTRcn3JEQcpE
4h2925AEhoo4AJSJLSm//GXwUwiEhoPCvG/+rI0NPd2MUuad9wt+CRQvTvhAo1T8
LrSaUsIhqyd098x9cBkvxC56bvi9RQTKyFvLcSS63mpGy8WwUGCOrF/lInjyyHcQ
wjPWvZLlCv0bf5gT8E8u9kAyhK5bgExkg1mn5JZ6x9BMeOywwjeZ9TGyKB4mmPr2
xu/mvy0cNATI13nRuvcxwfC+8VLM6nmndU20rom+Frwgv7BoqIWALD3+GDH6aWIT
/8gwAjY6DLq8b384ZdmiG+YyMojcEVfDlNKq/hNIQb0UTBI1QVlVP9dIWKo9ES3x
spZTZSA=
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:46:45 2026 by rpki-client