Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/XBXyNJhbKHex8DRygRHd3ywh0Zo.roa
File: XBXyNJhbKHex8DRygRHd3ywh0Zo.roa (raw, json)
Hash identifier: E1PhUWwczXdFhpz8KhBrgLQkU7hDMdxjH0EmbS1q6xI=
Subject key identifier: 5C:15:F2:34:98:5B:28:77:B1:F0:34:72:81:11:DD:DF:2C:21:D1:9A
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019CFB2B125D82B3B58E25C5527DB873246E
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/XBXyNJhbKHex8DRygRHd3ywh0Zo.roa
Signing time: Tue 17 Mar 2026 09:40:29 +0000
ROA not before: Tue 17 Mar 2026 09:40:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 140666
IP address blocks: 87.84.0.0/20 maxlen: 24
87.84.32.0/20 maxlen: 24
87.84.80.0/20 maxlen: 24
87.84.160.0/20 maxlen: 24
212.212.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:fb:2b:12:5d:82:b3:b5:8e:25:c5:52:7d:b8:73:24:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Mar 17 09:40:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5c15f234985b2877b1f034728111dddf2c21d19a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0e:5c:14:0b:39:b1:e7:1f:19:6f:f1:8d:43:
7e:a8:2d:41:ae:ce:97:6a:3f:49:51:47:3a:02:2e:
06:eb:84:c4:2a:2a:28:f9:b0:f6:47:5e:48:f0:06:
af:97:6a:17:b8:d8:ba:74:ad:15:aa:be:24:b4:eb:
5a:9d:fe:15:79:4c:95:e4:ad:c5:09:10:4d:09:39:
b6:fb:1a:5e:6a:88:f5:7f:b8:bc:2f:e7:a6:2f:6c:
0e:f8:b2:3e:05:4f:76:35:ff:66:2d:8b:61:1e:e4:
93:c7:15:3e:9c:b1:37:b7:23:46:6d:51:1e:b7:11:
a0:32:ad:ef:b6:93:bf:66:3b:d9:51:31:4f:8b:2e:
65:c8:3f:0c:3f:d1:64:b2:47:1e:de:62:99:67:75:
3c:ab:fd:30:76:74:d9:bd:56:1f:70:15:1d:e1:a4:
90:e7:46:d3:f3:cd:fc:6a:be:cb:31:9f:c9:db:92:
00:d4:1d:55:a3:2d:28:99:39:5e:31:e7:6f:71:cd:
0d:fd:ab:2b:8c:86:30:a7:f0:1c:d4:f6:7e:05:d2:
03:e0:60:cd:9e:a4:2f:27:bd:51:54:f8:06:d9:f9:
d2:ec:d6:20:22:39:c2:36:81:ea:16:07:78:bb:98:
0f:87:d4:8c:ba:60:6b:48:e1:cd:eb:c2:e1:db:54:
65:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:15:F2:34:98:5B:28:77:B1:F0:34:72:81:11:DD:DF:2C:21:D1:9A
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/XBXyNJhbKHex8DRygRHd3ywh0Zo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.84.0.0/20
87.84.32.0/20
87.84.80.0/20
87.84.160.0/20
212.212.64.0/18
Signature Algorithm: sha256WithRSAEncryption
c7:ed:54:9f:35:a9:32:fa:20:0b:17:91:ba:88:73:89:63:81:
bf:be:a3:00:63:61:53:52:eb:72:5b:9a:4b:3a:d6:e4:1f:02:
22:fd:cb:88:d0:ad:bd:c0:69:66:3f:cf:e4:f0:33:31:d6:15:
c6:d9:f7:7e:7b:fb:a7:8a:92:44:fe:dc:5a:1d:39:46:77:61:
1a:e6:d0:66:a5:93:e3:a5:db:09:e6:59:d9:fe:c0:ed:f5:ed:
f9:28:ab:b7:dc:36:8b:3a:ba:2e:33:15:33:e2:d5:ea:e0:3e:
80:ca:83:59:47:2e:07:45:70:f3:96:4b:c3:c9:ba:67:32:02:
17:54:1a:05:d3:c3:ce:64:5c:e2:a5:c5:77:d8:b8:10:cb:98:
e8:16:ef:73:4b:28:5e:b1:56:90:3e:dd:c2:f0:2f:19:ed:8f:
3b:25:24:45:43:ca:96:2f:5b:e4:8b:c5:af:9b:86:2c:0e:8e:
00:3f:5b:a5:bc:cc:02:d7:d5:ea:e7:6e:92:af:5e:a4:69:ef:
fa:bc:bc:f3:dc:b7:60:d8:69:45:7a:df:9e:ed:00:af:20:b7:
2a:6c:ed:8f:85:0e:0c:47:96:da:fa:71:9e:4e:af:9b:5d:48:
04:9c:73:14:09:c0:9d:6f:f5:ae:42:c4:57:83:62:3b:59:ba:
ec:4a:b7:65
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZz7KxJdgrO1jiXFUn24cyRuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwMzE3MDk0MDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzE1ZjIzNDk4NWIyODc3YjFmMDM0NzI4MTExZGRkZjJjMjFkMTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQ5cFAs5secfGW/xjUN+qC1Brs6X
aj9JUUc6Ai4G64TEKioo+bD2R15I8Aavl2oXuNi6dK0Vqr4ktOtanf4VeUyV5K3F
CRBNCTm2+xpeaoj1f7i8L+emL2wO+LI+BU92Nf9mLYthHuSTxxU+nLE3tyNGbVEe
txGgMq3vtpO/ZjvZUTFPiy5lyD8MP9Fkskce3mKZZ3U8q/0wdnTZvVYfcBUd4aSQ
50bT8838ar7LMZ/J25IA1B1Voy0omTleMedvcc0N/asrjIYwp/Ac1PZ+BdID4GDN
nqQvJ71RVPgG2fnS7NYgIjnCNoHqFgd4u5gPh9SMumBrSOHN68Lh21RljwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFwV8jSYWyh3sfA0coER3d8sIdGaMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvWEJYeU5KaGJLSGV4OERSeWdSSGQzeXdoMFpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEV1QAAwQE
V1QgAwQEV1RQAwQEV1SgAwQG1NRAMA0GCSqGSIb3DQEBCwUAA4IBAQDH7VSfNaky
+iALF5G6iHOJY4G/vqMAY2FTUutyW5pLOtbkHwIi/cuI0K29wGlmP8/k8DMx1hXG
2fd+e/unipJE/txaHTlGd2Ea5tBmpZPjpdsJ5lnZ/sDt9e35KKu33DaLOrouMxUz
4tXq4D6AyoNZRy4HRXDzlkvDybpnMgIXVBoF08POZFzipcV32LgQy5joFu9zSyhe
sVaQPt3C8C8Z7Y87JSRFQ8qWL1vki8Wvm4YsDo4AP1ulvMwC19Xq526Sr16kae/6
vLzz3Ldg2GlFet+e7QCvILcqbO2PhQ4MR5ba+nGeTq+bXUgEnHMUCcCdb/WuQsRX
g2I7WbrsSrdl
-----END CERTIFICATE-----
Generated at Sat Mar 28 12:18:40 2026 by rpki-client