Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/XmW7PYJ0GR4Rd3DTirPhCqE9pAo.roa
File: XmW7PYJ0GR4Rd3DTirPhCqE9pAo.roa (raw, json)
Hash identifier: ky54r2jZewxdt6Qrty1zKKTYr5Kebx3PLj5VDHUV2M0=
Subject key identifier: 5E:65:BB:3D:82:74:19:1E:11:77:70:D3:8A:B3:E1:0A:A1:3D:A4:0A
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019E08C8CA230F75EC305D0CE3019E1FE257
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/XmW7PYJ0GR4Rd3DTirPhCqE9pAo.roa
Signing time: Fri 08 May 2026 18:10:37 +0000
ROA not before: Fri 08 May 2026 18:10:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 13335
IP address blocks: 2.57.240.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
78.17.69.0/24 maxlen: 24
103.245.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:08:c8:ca:23:0f:75:ec:30:5d:0c:e3:01:9e:1f:e2:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: May 8 18:10:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5e65bb3d8274191e117770d38ab3e10aa13da40a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e6:7c:6c:14:75:01:06:45:cd:78:ac:e9:18:
21:76:a6:48:33:3a:01:88:76:8e:f0:98:83:b0:cd:
6a:49:d1:24:2d:64:d1:08:39:52:f3:c0:22:7c:8e:
39:c7:36:67:e5:2c:25:9d:64:30:d3:e4:4b:bb:17:
39:8c:90:fe:cb:c9:6e:e4:13:a5:84:fb:62:ec:ca:
e3:77:e8:79:3f:2a:4a:01:9b:f7:ec:cd:75:29:8d:
74:45:5e:db:12:75:b6:be:ce:f0:e0:d2:bd:91:74:
10:86:90:bb:9b:24:4d:49:e6:f2:e3:e0:1c:58:37:
ee:71:6d:17:aa:72:b7:a0:29:b7:05:81:29:cc:21:
88:aa:05:5a:ae:8d:1d:8b:fb:c5:b3:40:ba:2e:09:
af:e1:95:aa:ab:b2:12:f7:ff:e8:a9:c8:e6:eb:0b:
82:e8:0b:ed:57:ba:17:46:15:39:d6:97:26:2c:50:
2b:2f:7a:ed:aa:9d:d6:e7:d4:6f:64:bb:de:46:34:
37:21:18:3b:ff:3c:47:84:9b:d6:06:73:02:fb:2a:
70:be:43:a7:3b:76:8c:a6:b6:5c:45:3d:50:b3:54:
4d:9c:bb:da:79:73:82:c1:76:15:0f:e5:5c:0f:e6:
0f:98:e5:79:85:5c:7f:9c:2a:59:45:bb:9a:2e:37:
ab:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:65:BB:3D:82:74:19:1E:11:77:70:D3:8A:B3:E1:0A:A1:3D:A4:0A
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/XmW7PYJ0GR4Rd3DTirPhCqE9pAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.240.0/24
45.135.183.0/24
78.17.69.0/24
103.245.230.0/24
Signature Algorithm: sha256WithRSAEncryption
67:cf:46:e1:20:e7:43:5c:5e:87:eb:31:a5:15:a7:9f:11:d0:
21:d9:43:20:27:df:90:ad:71:b4:a2:4b:1c:ab:38:ad:f9:ec:
51:00:c3:d9:82:4f:8d:61:31:07:9c:1d:0c:5d:21:b5:ac:6c:
18:cd:06:8e:cd:5b:f7:2e:a3:90:51:e3:d7:7e:3c:5f:a5:cc:
32:fb:ea:b2:0d:e0:fa:f4:8a:c0:fc:96:3e:4f:6e:42:0d:a8:
a1:c6:99:b8:05:36:6c:4f:d3:ae:8a:66:15:90:1f:e3:ba:0a:
49:f7:6a:b0:d5:4e:a8:1a:15:84:63:0d:8d:a3:34:60:cf:79:
37:28:2f:bc:6e:82:dc:94:f1:23:a7:5e:56:3f:8e:3e:2e:c4:
39:e1:e2:0f:bc:e4:4e:9f:1e:fc:0a:7e:a0:1a:d5:9a:1c:49:
37:8c:3e:95:cc:f7:b4:b7:98:7a:f5:8f:6c:41:e6:17:9e:02:
4f:56:5e:0b:f9:2b:3e:3e:b5:52:a6:8c:64:60:1f:e4:4c:a6:
49:c3:1d:df:a1:60:e8:d4:35:98:7a:f1:ab:c2:09:90:a4:56:
87:18:fc:d9:42:2f:74:ac:d1:d8:3e:ea:db:79:3b:6e:ff:5b:
47:c7:d0:cc:3a:a7:7f:26:18:51:f4:ff:9e:68:a2:fd:9e:51:
43:bc:a0:1f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ4IyMojD3XsMF0M4wGeH+JXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwNTA4MTgxMDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTY1YmIzZDgyNzQxOTFlMTE3NzcwZDM4YWIzZTEwYWExM2RhNDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeZ8bBR1AQZFzXis6RghdqZIMzoB
iHaO8JiDsM1qSdEkLWTRCDlS88AifI45xzZn5SwlnWQw0+RLuxc5jJD+y8lu5BOl
hPti7Mrjd+h5PypKAZv37M11KY10RV7bEnW2vs7w4NK9kXQQhpC7myRNSeby4+Ac
WDfucW0XqnK3oCm3BYEpzCGIqgVaro0di/vFs0C6Lgmv4ZWqq7IS9//oqcjm6wuC
6AvtV7oXRhU51pcmLFArL3rtqp3W59RvZLveRjQ3IRg7/zxHhJvWBnMC+ypwvkOn
O3aMprZcRT1Qs1RNnLvaeXOCwXYVD+VcD+YPmOV5hVx/nCpZRbuaLjerOQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF5luz2CdBkeEXdw04qz4QqhPaQKMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvWG1XN1BZSjBHUjRSZDNEVGlyUGhDcUU5cEFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjnwAwQA
LYe3AwQAThFFAwQAZ/XmMA0GCSqGSIb3DQEBCwUAA4IBAQBnz0bhIOdDXF6H6zGl
FaefEdAh2UMgJ9+QrXG0okscqzit+exRAMPZgk+NYTEHnB0MXSG1rGwYzQaOzVv3
LqOQUePXfjxfpcwy++qyDeD69IrA/JY+T25CDaihxpm4BTZsT9OuimYVkB/jugpJ
92qw1U6oGhWEYw2NozRgz3k3KC+8boLclPEjp15WP44+LsQ54eIPvOROnx78Cn6g
GtWaHEk3jD6VzPe0t5h69Y9sQeYXngJPVl4L+Ss+PrVSpoxkYB/kTKZJwx3foWDo
1DWYevGrwgmQpFaHGPzZQi90rNHYPurbeTtu/1tHx9DMOqd/JhhR9P+eaKL9nlFD
vKAf
-----END CERTIFICATE-----
Generated at Tue May 12 22:05:48 2026 by rpki-client