Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/XuycbR32EoIomKKoQhLCCI4Rvp8.roa
File: XuycbR32EoIomKKoQhLCCI4Rvp8.roa (raw, json)
Hash identifier: HSv0T0VPzIpKBdwedT9ShZypv6pQI0ktxil19pf7w6Q=
Subject key identifier: 5E:EC:9C:6D:1D:F6:12:82:28:98:A2:A8:42:12:C2:08:8E:11:BE:9F
Certificate issuer: /CN=304e59a223f4bcb823492fb1096c3a82310c03da
Certificate serial: 019D1234E87836A73B43813D12C3C00D5BCD
Authority key identifier: 30:4E:59:A2:23:F4:BC:B8:23:49:2F:B1:09:6C:3A:82:31:0C:03:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/XuycbR32EoIomKKoQhLCCI4Rvp8.roa
Signing time: Sat 21 Mar 2026 21:02:30 +0000
ROA not before: Sat 21 Mar 2026 21:02:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42032
IP address blocks: 45.14.60.0/22 maxlen: 22
185.119.105.0/24 maxlen: 24
2a06:8a02::/32 maxlen: 32
2a0e:b580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.mft
rsync://rpki.ripe.net/repository/DEFAULT/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:12:34:e8:78:36:a7:3b:43:81:3d:12:c3:c0:0d:5b:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=304e59a223f4bcb823492fb1096c3a82310c03da
Validity
Not Before: Mar 21 21:02:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5eec9c6d1df612822898a2a84212c2088e11be9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:19:d4:a2:b2:5d:14:3a:33:2b:cd:53:dd:06:
87:b0:95:69:67:66:83:69:b5:bc:46:ee:a6:29:f2:
89:5b:4c:24:77:df:31:98:13:14:2c:66:33:7d:9c:
bd:23:fa:3f:9e:d8:4c:0d:62:d7:38:2c:bd:6c:b3:
c0:bf:03:48:fa:ba:7b:ba:01:81:3f:1a:da:08:cb:
18:f1:fe:d3:c1:49:7d:32:e7:5c:49:49:78:c2:85:
4c:07:25:a1:8d:b0:55:14:e7:1e:a8:0a:f5:3e:72:
be:22:3b:3d:6b:13:b8:c0:5f:6f:78:22:6e:53:87:
3f:ce:86:9b:70:6b:f5:be:c0:27:ca:13:1a:8d:7a:
7f:70:bd:51:f4:a3:b3:a5:7d:6d:45:7f:8b:66:34:
9b:52:44:c6:9c:dd:01:a4:2f:d5:b8:b6:95:36:78:
cd:4a:d5:ad:82:2f:84:66:ed:ba:49:ef:26:c4:1e:
d8:53:b7:6f:91:a9:fd:d9:88:e6:6a:29:3e:bf:da:
bc:26:92:89:70:8b:99:1a:c9:c5:a6:0c:8d:32:eb:
a4:c1:c3:f6:dc:75:84:42:88:c9:92:4a:b1:5b:5f:
a9:d7:23:3d:ae:b7:51:8d:ef:a2:b2:f4:32:f7:f8:
a0:53:c4:f7:c6:0c:22:1f:2a:19:0b:42:87:18:67:
84:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:EC:9C:6D:1D:F6:12:82:28:98:A2:A8:42:12:C2:08:8E:11:BE:9F
X509v3 Authority Key Identifier:
keyid:30:4E:59:A2:23:F4:BC:B8:23:49:2F:B1:09:6C:3A:82:31:0C:03:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/XuycbR32EoIomKKoQhLCCI4Rvp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.60.0/22
185.119.105.0/24
IPv6:
2a06:8a02::/32
2a0e:b580::/29
Signature Algorithm: sha256WithRSAEncryption
81:12:54:25:f8:00:88:5c:28:07:48:78:42:ce:04:aa:ce:6c:
03:15:98:5d:d4:90:f3:e7:c5:92:80:1e:a8:58:e3:31:87:5a:
d8:3a:cf:2e:78:88:e7:a4:eb:2c:11:e4:4e:fb:33:9b:5b:da:
42:14:69:c1:a4:98:9c:25:47:fe:f2:1d:29:27:13:a7:03:3f:
4a:2c:d3:65:94:a4:f3:29:56:44:71:45:80:8d:b2:78:56:0e:
47:6b:53:9d:b6:ba:2d:94:25:06:31:0f:e7:e6:48:2a:9b:63:
90:71:43:12:ca:ee:1b:21:22:3b:75:3b:49:b5:a3:a1:3d:4d:
71:1c:e6:27:b9:66:a4:24:2b:4a:76:52:92:27:73:f4:13:94:
ab:e7:76:ee:fc:16:8d:d4:57:24:14:bc:b7:a4:e0:08:ac:e7:
93:c9:0a:9d:01:66:59:47:65:f7:44:3a:b6:b7:0a:44:a6:ac:
97:5b:c7:a1:0a:0b:5a:45:89:ee:63:c2:45:48:5f:a9:03:84:
ac:3b:87:3f:e9:be:ca:4d:45:7a:52:df:3b:9b:4e:9a:bc:e0:
61:3b:ec:ac:9a:98:89:e3:09:db:fe:07:4d:9f:cf:ed:8e:e7:
04:58:fa:df:a5:22:d7:41:ff:95:75:cf:d8:50:f2:56:04:82:
2b:9e:85:ae
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZ0SNOh4Nqc7Q4E9EsPADVvNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNGU1OWEyMjNmNGJjYjgyMzQ5MmZiMTA5NmMzYTgyMzEw
YzAzZGEwHhcNMjYwMzIxMjEwMjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWVjOWM2ZDFkZjYxMjgyMjg5OGEyYTg0MjEyYzIwODhlMTFiZTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxnUorJdFDozK81T3QaHsJVpZ2aD
abW8Ru6mKfKJW0wkd98xmBMULGYzfZy9I/o/nthMDWLXOCy9bLPAvwNI+rp7ugGB
PxraCMsY8f7TwUl9MudcSUl4woVMByWhjbBVFOceqAr1PnK+Ijs9axO4wF9veCJu
U4c/zoabcGv1vsAnyhMajXp/cL1R9KOzpX1tRX+LZjSbUkTGnN0BpC/VuLaVNnjN
StWtgi+EZu26Se8mxB7YU7dvkan92Yjmaik+v9q8JpKJcIuZGsnFpgyNMuukwcP2
3HWEQojJkkqxW1+p1yM9rrdRje+isvQy9/igU8T3xgwiHyoZC0KHGGeE2QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFF7snG0d9hKCKJiiqEISwgiOEb6fMB8GA1UdIwQY
MBaAFDBOWaIj9Ly4I0kvsQlsOoIxDAPaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUU1Wm9pUDB2TGdqU1MteENXdzZnakVNQTlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9mNTM2Y2QtOTQzZi00NTU0LTlmMTct
MzQ0Y2M1MDJmMWJkLzEvWHV5Y2JSMzJFb0lvbUtLb1FoTENDSTRSdnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9mNTM2Y2QtOTQzZi00NTU0LTlmMTctMzQ0Y2M1MDJmMWJk
LzEvTUU1Wm9pUDB2TGdqU1MteENXdzZnakVNQTlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLQ48AwQA
uXdpMBQEAgACMA4DBQAqBooCAwUDKg61gDANBgkqhkiG9w0BAQsFAAOCAQEAgRJU
JfgAiFwoB0h4Qs4Eqs5sAxWYXdSQ8+fFkoAeqFjjMYda2DrPLniI56TrLBHkTvsz
m1vaQhRpwaSYnCVH/vIdKScTpwM/SizTZZSk8ylWRHFFgI2yeFYOR2tTnba6LZQl
BjEP5+ZIKptjkHFDEsruGyEiO3U7SbWjoT1NcRzmJ7lmpCQrSnZSkidz9BOUq+d2
7vwWjdRXJBS8t6TgCKznk8kKnQFmWUdl90Q6trcKRKasl1vHoQoLWkWJ7mPCRUhf
qQOErDuHP+m+yk1FelLfO5tOmrzgYTvsrJqYieMJ2/4HTZ/P7Y7nBFj636Ui10H/
lXXP2FDyVgSCK56Frg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:11:45 2026 by rpki-client