Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/9a18ad-087b-4d12-9f69-8cbf903e91cd/1/Xo5fFGYUqhi1mHeQLpxNA7Txd2I.roa
File: Xo5fFGYUqhi1mHeQLpxNA7Txd2I.roa (raw, json)
Hash identifier: 7BEYJ6Z27LV8hRl7JxOpGRBg3lkYZDCNIK4576IwVX0=
Subject key identifier: 5E:8E:5F:14:66:14:AA:18:B5:98:77:90:2E:9C:4D:03:B4:F1:77:62
Certificate issuer: /CN=f1f4609d0d053aec0307da44b0e678c388f641a4
Certificate serial: 019CB3395D1A734E5EE8C006651B56CC2A2C
Authority key identifier: F1:F4:60:9D:0D:05:3A:EC:03:07:DA:44:B0:E6:78:C3:88:F6:41:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8fRgnQ0FOuwDB9pEsOZ4w4j2QaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/9a18ad-087b-4d12-9f69-8cbf903e91cd/1/Xo5fFGYUqhi1mHeQLpxNA7Txd2I.roa
Signing time: Tue 03 Mar 2026 10:23:26 +0000
ROA not before: Tue 03 Mar 2026 10:23:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214973
IP address blocks: 185.18.221.0/24 maxlen: 24
2a13:2c0::/29 maxlen: 29
2a13:2c0::/48 maxlen: 48
2a13:2c0:3::/48 maxlen: 48
2a13:2c0:deff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/9a18ad-087b-4d12-9f69-8cbf903e91cd/1/8fRgnQ0FOuwDB9pEsOZ4w4j2QaQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/9a18ad-087b-4d12-9f69-8cbf903e91cd/1/8fRgnQ0FOuwDB9pEsOZ4w4j2QaQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/8fRgnQ0FOuwDB9pEsOZ4w4j2QaQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b3:39:5d:1a:73:4e:5e:e8:c0:06:65:1b:56:cc:2a:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1f4609d0d053aec0307da44b0e678c388f641a4
Validity
Not Before: Mar 3 10:23:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5e8e5f146614aa18b59877902e9c4d03b4f17762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0d:cb:57:3c:4d:c8:72:96:1f:bf:87:16:d9:
a3:fd:16:48:57:2a:a4:8f:3d:30:34:ad:97:8a:77:
cf:64:9d:de:65:8b:bc:a6:18:6a:01:f3:5c:71:08:
0c:c5:9c:e6:27:9d:f3:ac:5b:65:a3:70:d5:5c:f5:
bf:64:65:78:86:b0:06:86:64:f5:c8:ab:5f:d5:4a:
fd:3a:ac:60:8f:5c:fb:80:7a:ab:34:c3:40:1f:ab:
17:b9:61:35:20:27:11:a0:a1:23:e7:00:30:37:0c:
93:d8:3f:a5:34:b2:cd:22:af:5a:9e:d0:42:9f:08:
c8:98:e4:42:e2:d4:26:f0:54:b7:98:1e:e3:c9:1b:
fe:87:9e:7a:ae:d9:c2:51:bd:54:c1:50:a9:3e:7d:
2b:6e:41:18:c5:4a:99:d9:3a:2e:63:fd:95:5e:7f:
e3:2a:18:93:87:18:59:44:89:e6:e5:74:a1:ee:c4:
c3:8e:29:8e:7a:28:f5:9b:4c:c3:8c:df:5a:83:1d:
61:c2:8e:88:42:28:7b:55:3b:1c:14:64:6a:91:ea:
83:7b:50:d1:99:7a:b2:85:41:c7:94:a0:c4:df:b4:
a1:f3:f6:f2:fc:91:82:ec:e2:92:3d:37:ea:dc:dd:
96:21:20:2a:1d:15:81:44:f8:bd:b4:53:93:fe:19:
6e:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:8E:5F:14:66:14:AA:18:B5:98:77:90:2E:9C:4D:03:B4:F1:77:62
X509v3 Authority Key Identifier:
keyid:F1:F4:60:9D:0D:05:3A:EC:03:07:DA:44:B0:E6:78:C3:88:F6:41:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8fRgnQ0FOuwDB9pEsOZ4w4j2QaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/9a18ad-087b-4d12-9f69-8cbf903e91cd/1/Xo5fFGYUqhi1mHeQLpxNA7Txd2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/9a18ad-087b-4d12-9f69-8cbf903e91cd/1/8fRgnQ0FOuwDB9pEsOZ4w4j2QaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.18.221.0/24
IPv6:
2a13:2c0::/29
Signature Algorithm: sha256WithRSAEncryption
96:63:db:b9:68:4c:8f:30:28:4f:28:d7:8b:ca:d7:4c:de:ab:
22:01:5e:4b:f3:7e:f5:96:05:41:c1:19:b0:43:3e:4e:eb:76:
19:b1:ef:73:dc:12:a4:a0:6c:0a:1c:3e:2f:74:a0:61:de:52:
38:22:4d:81:b2:fe:cf:1f:c3:90:95:24:30:02:18:17:a8:34:
36:9d:4c:39:2d:30:2b:43:74:b8:cf:34:b0:e2:74:3e:3d:fc:
43:6a:7a:f1:1a:ed:e2:c9:e9:ce:94:9e:71:5e:c2:ce:d7:9b:
f2:7b:1e:2b:f1:04:8e:0f:8d:bd:95:bf:19:42:00:d2:18:52:
d8:d1:c2:2a:01:32:d1:d0:37:ac:45:2c:b5:29:92:8b:5a:6a:
30:36:1f:93:e4:99:a0:58:c3:45:bc:99:bf:d1:bd:10:81:2d:
e9:0c:f4:d0:28:ca:bb:57:64:20:ca:b4:0e:7e:47:c2:70:a4:
95:8e:2d:d8:a7:7a:74:38:aa:4d:cf:32:27:7b:7f:ce:97:1c:
e9:69:80:eb:14:cc:3b:d5:86:04:b5:85:32:79:16:60:f2:92:
dd:f0:34:94:5d:c2:56:d6:77:da:08:43:b4:27:fe:e3:9f:55:
00:1f:0d:aa:66:0f:3d:bf:27:fb:bf:93:6f:e6:b9:29:52:8a:
43:89:06:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZyzOV0ac05e6MAGZRtWzCosMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZjQ2MDlkMGQwNTNhZWMwMzA3ZGE0NGIwZTY3OGMzODhm
NjQxYTQwHhcNMjYwMzAzMTAyMzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZThlNWYxNDY2MTRhYTE4YjU5ODc3OTAyZTljNGQwM2I0ZjE3NzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAug3LVzxNyHKWH7+HFtmj/RZIVyqk
jz0wNK2XinfPZJ3eZYu8phhqAfNccQgMxZzmJ53zrFtlo3DVXPW/ZGV4hrAGhmT1
yKtf1Ur9Oqxgj1z7gHqrNMNAH6sXuWE1ICcRoKEj5wAwNwyT2D+lNLLNIq9antBC
nwjImORC4tQm8FS3mB7jyRv+h556rtnCUb1UwVCpPn0rbkEYxUqZ2TouY/2VXn/j
KhiThxhZRInm5XSh7sTDjimOeij1m0zDjN9agx1hwo6IQih7VTscFGRqkeqDe1DR
mXqyhUHHlKDE37Sh8/by/JGC7OKSPTfq3N2WISAqHRWBRPi9tFOT/hlufQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF6OXxRmFKoYtZh3kC6cTQO08XdiMB8GA1UdIwQY
MBaAFPH0YJ0NBTrsAwfaRLDmeMOI9kGkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGZSZ25RMEZPdXdEQjlwRXNPWjR3NGoyUWFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85YTE4YWQtMDg3Yi00ZDEyLTlmNjkt
OGNiZjkwM2U5MWNkLzEvWG81ZkZHWVVxaGkxbUhlUUxweE5BN1R4ZDJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85YTE4YWQtMDg3Yi00ZDEyLTlmNjktOGNiZjkwM2U5MWNk
LzEvOGZSZ25RMEZPdXdEQjlwRXNPWjR3NGoyUWFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuRLdMA0E
AgACMAcDBQMqEwLAMA0GCSqGSIb3DQEBCwUAA4IBAQCWY9u5aEyPMChPKNeLytdM
3qsiAV5L8371lgVBwRmwQz5O63YZse9z3BKkoGwKHD4vdKBh3lI4Ik2Bsv7PH8OQ
lSQwAhgXqDQ2nUw5LTArQ3S4zzSw4nQ+PfxDanrxGu3iyenOlJ5xXsLO15vyex4r
8QSOD429lb8ZQgDSGFLY0cIqATLR0DesRSy1KZKLWmowNh+T5JmgWMNFvJm/0b0Q
gS3pDPTQKMq7V2QgyrQOfkfCcKSVji3Yp3p0OKpNzzIne3/OlxzpaYDrFMw71YYE
tYUyeRZg8pLd8DSUXcJW1nfaCEO0J/7jn1UAHw2qZg89vyf7v5Nv5rkpUopDiQb1
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:36:10 2026 by rpki-client