Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/X5_OOiiCcGiXKcGALlcB_hscUHs.roa
File: X5_OOiiCcGiXKcGALlcB_hscUHs.roa (raw, json)
Hash identifier: Qj/ZlInW3VgI1VUQwqxEhpwqlf4BE1RLFh2kkgSMtX4=
Subject key identifier: 5F:9F:CE:3A:28:82:70:68:97:29:C1:80:2E:57:01:FE:1B:1C:50:7B
Certificate issuer: /CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Certificate serial: 019CB2A422C12B972A70F67C668F36915565
Authority key identifier: 11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/X5_OOiiCcGiXKcGALlcB_hscUHs.roa
Signing time: Tue 03 Mar 2026 07:40:26 +0000
ROA not before: Tue 03 Mar 2026 07:40:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39134
IP address blocks: 77.73.239.0/24 maxlen: 24
84.47.138.0/24 maxlen: 24
84.47.139.0/24 maxlen: 24
178.236.20.0/24 maxlen: 24
178.236.21.0/24 maxlen: 24
178.236.28.0/24 maxlen: 24
178.236.30.0/24 maxlen: 24
178.236.31.0/24 maxlen: 24
213.208.186.0/23 maxlen: 23
213.208.186.0/24 maxlen: 24
213.208.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.mft
rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 14:28:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b2:a4:22:c1:2b:97:2a:70:f6:7c:66:8f:36:91:55:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Validity
Not Before: Mar 3 07:40:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5f9fce3a288270689729c1802e5701fe1b1c507b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:4d:87:af:18:21:8f:94:1a:bc:a1:81:6c:bb:
6c:c2:be:e9:a4:08:0c:5a:55:af:d7:5c:57:ac:ba:
0e:9e:e6:1c:be:28:2e:71:bb:dc:3d:c0:88:8e:d9:
43:74:22:0c:0f:69:19:17:ca:9d:0e:ac:f2:7e:69:
fb:32:b2:2c:1c:98:60:cb:ac:ca:d8:57:23:4a:e1:
c7:4c:f6:11:98:d8:25:9a:04:b8:c6:9b:8f:84:95:
66:1e:db:b7:bf:b1:26:6f:41:73:0e:a1:68:37:32:
cb:c2:ad:75:68:6c:3c:b0:b8:6f:4b:4b:91:f2:f7:
6b:dd:b0:ba:59:e7:e9:6b:d0:cc:36:86:cd:3a:6b:
fa:fd:48:e5:b2:03:de:57:ad:eb:82:ef:7f:44:2f:
1f:71:a3:12:a1:c0:78:9a:ba:3b:b1:ac:82:23:0d:
42:9d:e7:a8:5d:d8:46:61:f5:31:e9:a4:0a:2a:02:
16:fc:9d:95:a6:1f:41:84:7b:1f:20:82:ee:30:8f:
1c:6c:ba:61:27:5c:69:61:91:b5:d6:ee:0d:05:88:
bc:e9:21:0d:13:9e:08:ad:77:71:16:c1:fe:76:b7:
a4:7c:2d:d2:54:2e:78:1a:b5:71:bc:d7:38:b3:ee:
35:8e:05:b1:85:ec:3a:05:ce:ce:41:6e:26:a7:79:
d3:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:9F:CE:3A:28:82:70:68:97:29:C1:80:2E:57:01:FE:1B:1C:50:7B
X509v3 Authority Key Identifier:
keyid:11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/X5_OOiiCcGiXKcGALlcB_hscUHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.239.0/24
84.47.138.0/23
178.236.20.0/23
178.236.28.0/24
178.236.30.0/23
213.208.186.0/23
Signature Algorithm: sha256WithRSAEncryption
90:9b:63:b1:ca:7e:fd:0e:c3:08:8a:f4:e5:2c:11:e2:05:30:
b4:3b:69:db:a1:89:c6:c3:ab:ea:7f:e8:d3:05:0d:59:41:0f:
7a:e7:c9:e3:33:9a:b8:2f:90:ea:7a:1a:0b:f9:16:57:13:e8:
81:25:3b:f5:49:ad:bb:c7:85:f4:19:80:df:ec:a0:61:73:b3:
96:39:d2:fb:6d:72:47:f4:a5:14:78:55:dd:70:df:15:ea:44:
d6:d0:ec:50:88:94:69:4f:8f:bd:89:a4:7d:b3:78:68:05:30:
ab:3c:0d:ca:ef:f2:ec:f7:76:5c:9f:dc:ac:a7:bd:8a:39:19:
72:17:45:d9:65:ba:24:33:64:da:cb:b9:9b:ad:71:cb:2c:d6:
f8:bf:3a:c0:4c:ac:19:ca:ef:8c:c3:9c:32:49:62:d8:0e:e2:
02:82:91:fe:10:36:4e:36:56:d0:13:51:bc:4c:72:e2:21:b4:
16:5c:4d:e6:cb:a0:39:16:b6:d7:cd:09:f1:65:a2:d6:4b:8b:
a9:5b:0b:49:a2:a0:ec:74:d2:81:5e:13:5b:59:79:c1:1e:2c:
80:4f:08:70:57:e3:c0:46:5a:02:a2:f9:87:42:8b:0d:12:bc:
ab:0f:14:a3:58:e0:f1:1a:56:81:6a:99:f6:89:0d:5a:ea:ff:
63:e1:aa:f0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZyypCLBK5cqcPZ8Zo82kVVlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYjY5YjU5ZDE5ZjI5ODdlNDlmMTg1MmQ2MGJiMTc3N2Y4
MGEzMDEwHhcNMjYwMzAzMDc0MDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjlmY2UzYTI4ODI3MDY4OTcyOWMxODAyZTU3MDFmZTFiMWM1MDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3U2Hrxghj5QavKGBbLtswr7ppAgM
WlWv11xXrLoOnuYcvigucbvcPcCIjtlDdCIMD2kZF8qdDqzyfmn7MrIsHJhgy6zK
2FcjSuHHTPYRmNglmgS4xpuPhJVmHtu3v7Emb0FzDqFoNzLLwq11aGw8sLhvS0uR
8vdr3bC6Wefpa9DMNobNOmv6/UjlsgPeV63rgu9/RC8fcaMSocB4mro7sayCIw1C
neeoXdhGYfUx6aQKKgIW/J2Vph9BhHsfIILuMI8cbLphJ1xpYZG11u4NBYi86SEN
E54IrXdxFsH+drekfC3SVC54GrVxvNc4s+41jgWxhew6Bc7OQW4mp3nTXwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFF+fzjoognBolynBgC5XAf4bHFB7MB8GA1UdIwQY
MBaAFBG2m1nRnymH5J8YUtYLsXd/gKMBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTIt
ZDE2OWMwODhiNDEyLzEvWDVfT09paUNjR2lYS2NHQUxsY0JfaHNjVUhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTItZDE2OWMwODhiNDEy
LzEvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQATUnvAwQB
VC+KAwQBsuwUAwQAsuwcAwQBsuweAwQB1dC6MA0GCSqGSIb3DQEBCwUAA4IBAQCQ
m2Oxyn79DsMIivTlLBHiBTC0O2nboYnGw6vqf+jTBQ1ZQQ9658njM5q4L5DqehoL
+RZXE+iBJTv1Sa27x4X0GYDf7KBhc7OWOdL7bXJH9KUUeFXdcN8V6kTW0OxQiJRp
T4+9iaR9s3hoBTCrPA3K7/Ls93Zcn9ysp72KORlyF0XZZbokM2Tay7mbrXHLLNb4
vzrATKwZyu+Mw5wySWLYDuICgpH+EDZONlbQE1G8THLiIbQWXE3my6A5FrbXzQnx
ZaLWS4upWwtJoqDsdNKBXhNbWXnBHiyATwhwV+PARloCovmHQosNEryrDxSjWODx
GlaBapn2iQ1a6v9j4arw
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:56:36 2026 by rpki-client