Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/XXAxLeR9iCjxs0KN2sJV-GUTLrs.roa
File: XXAxLeR9iCjxs0KN2sJV-GUTLrs.roa (raw, json)
Hash identifier: vbwqyD/MHd4gIhRBk8aJrlF68pfDvRkIiGup6DojcAQ=
Subject key identifier: 5D:70:31:2D:E4:7D:88:28:F1:B3:42:8D:DA:C2:55:F8:65:13:2E:BB
Certificate issuer: /CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Certificate serial: 019DFBE9BABDA2DED6A72471F91A30E1184D
Authority key identifier: 89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/XXAxLeR9iCjxs0KN2sJV-GUTLrs.roa
Signing time: Wed 06 May 2026 06:11:32 +0000
ROA not before: Wed 06 May 2026 06:11:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 19905
IP address blocks: 109.224.0.0/18 maxlen: 18
109.224.1.0/24 maxlen: 24
109.224.2.0/23 maxlen: 23
109.224.4.0/22 maxlen: 22
109.224.5.0/24 maxlen: 24
109.224.8.0/22 maxlen: 22
109.224.12.0/24 maxlen: 24
109.224.13.0/24 maxlen: 24
109.224.14.0/24 maxlen: 24
109.224.15.0/24 maxlen: 24
109.224.16.0/22 maxlen: 22
109.224.20.0/22 maxlen: 22
109.224.20.0/24 maxlen: 24
109.224.24.0/22 maxlen: 22
109.224.28.0/24 maxlen: 24
109.224.29.0/24 maxlen: 24
109.224.30.0/23 maxlen: 23
109.224.32.0/22 maxlen: 22
109.224.32.0/24 maxlen: 24
109.224.36.0/22 maxlen: 22
109.224.41.0/24 maxlen: 24
109.224.43.0/24 maxlen: 24
109.224.44.0/22 maxlen: 22
109.224.48.0/22 maxlen: 22
109.224.52.0/22 maxlen: 22
109.224.56.0/22 maxlen: 22
109.224.60.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.mft
rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fb:e9:ba:bd:a2:de:d6:a7:24:71:f9:1a:30:e1:18:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Validity
Not Before: May 6 06:11:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5d70312de47d8828f1b3428ddac255f865132ebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:de:07:29:36:40:60:13:1f:43:eb:5d:76:74:
b6:61:65:c2:6c:3d:d3:fa:d9:78:06:b1:42:1f:bd:
23:51:32:e5:7a:e9:ca:f2:23:b5:bf:ff:bf:c3:b9:
53:44:d0:23:4a:fc:07:64:79:96:0a:6a:c6:c6:7d:
86:f4:23:de:60:e9:74:a4:fc:d4:5d:1f:e9:4a:84:
14:11:be:e6:8d:27:cb:8b:e7:4c:82:f0:83:8f:28:
ec:7d:55:5d:94:9b:9d:c5:06:16:20:84:27:a8:35:
d2:2b:c2:74:3d:7f:8e:9e:0e:ee:b1:e6:42:d8:32:
55:d0:f0:ec:88:72:33:90:ad:56:53:0a:e2:d1:9d:
9f:5a:14:b4:17:c7:96:21:76:32:59:a9:b8:38:d0:
48:64:76:d7:72:31:a9:3e:20:6c:4f:67:b0:40:2f:
27:c8:7b:d9:e4:f5:1f:2d:ca:d0:4d:91:66:3d:60:
79:c4:ab:07:76:f1:06:c3:de:12:30:43:98:5d:44:
d1:9f:85:1f:a0:24:02:39:59:e8:1b:5e:21:8f:5e:
df:57:85:a6:9a:50:d7:10:7e:d9:ca:18:fd:7a:84:
1b:e3:45:d9:5f:d4:d2:5c:bf:4f:b5:71:3e:0c:28:
f2:79:4e:92:dc:93:e5:b3:fe:d7:11:d7:2a:c6:e5:
a9:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:70:31:2D:E4:7D:88:28:F1:B3:42:8D:DA:C2:55:F8:65:13:2E:BB
X509v3 Authority Key Identifier:
keyid:89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/XXAxLeR9iCjxs0KN2sJV-GUTLrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.0.0/18
Signature Algorithm: sha256WithRSAEncryption
8a:d6:9a:a3:e3:56:e6:0b:e4:7d:66:12:d8:30:32:90:0e:ae:
59:1d:5f:dc:3b:cc:77:36:02:7d:22:30:0d:b0:48:53:d2:00:
99:5d:08:2a:4c:2d:bc:9d:60:c1:34:48:f0:f3:65:75:fb:0c:
8c:95:c2:74:42:cf:75:a5:73:08:dd:7d:46:bd:0c:40:34:3f:
1c:ee:85:ea:48:0f:12:5e:18:a5:f6:8f:6b:17:c0:df:87:e7:
1f:78:e7:79:68:ae:4b:de:bc:91:53:57:e7:1b:59:11:f4:95:
9a:67:06:1a:50:ff:f0:f0:b8:f6:cb:57:99:90:e8:15:f8:60:
df:25:b0:bf:e9:fe:4b:eb:59:8d:4a:80:d4:a9:7a:1f:56:90:
c0:01:bc:60:b0:0d:e9:57:14:57:66:e5:8c:35:a1:74:69:80:
d3:ff:e5:1c:56:38:fe:70:4e:bd:a8:14:f2:dc:cc:e9:95:1a:
7e:8f:c8:c9:55:ba:69:f5:c6:bd:f8:10:4c:85:1e:09:6d:9c:
59:96:a5:93:dd:6b:7a:86:9d:2b:a4:38:70:2f:77:ca:82:8c:
5c:40:a7:a8:de:5d:30:07:ec:8b:fe:4f:01:a9:a5:a3:1c:7d:
ff:ed:a3:77:3a:e9:6f:5f:85:56:b8:e3:7d:31:38:96:95:d9:
7e:3f:bf:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ376bq9ot7WpyRx+Row4RhNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmVkNmU0YjVjN2MxOWRiOThjNTc0MzJhZjRkY2Y2MzBi
ZjYwYWUwHhcNMjYwNTA2MDYxMTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDcwMzEyZGU0N2Q4ODI4ZjFiMzQyOGRkYWMyNTVmODY1MTMyZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0N4HKTZAYBMfQ+tddnS2YWXCbD3T
+tl4BrFCH70jUTLleunK8iO1v/+/w7lTRNAjSvwHZHmWCmrGxn2G9CPeYOl0pPzU
XR/pSoQUEb7mjSfLi+dMgvCDjyjsfVVdlJudxQYWIIQnqDXSK8J0PX+Ong7useZC
2DJV0PDsiHIzkK1WUwri0Z2fWhS0F8eWIXYyWam4ONBIZHbXcjGpPiBsT2ewQC8n
yHvZ5PUfLcrQTZFmPWB5xKsHdvEGw94SMEOYXUTRn4UfoCQCOVnoG14hj17fV4Wm
mlDXEH7Zyhj9eoQb40XZX9TSXL9PtXE+DCjyeU6S3JPls/7XEdcqxuWp2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF1wMS3kfYgo8bNCjdrCVfhlEy67MB8GA1UdIwQY
MBaAFIlu1uS1x8GduYxXQyr03PYwv2CuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYt
ZGMxZmY2NzQ2ZDJlLzEvWFhBeExlUjlpQ2p4czBLTjJzSlYtR1VUTHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYtZGMxZmY2NzQ2ZDJl
LzEvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGbeAAMA0G
CSqGSIb3DQEBCwUAA4IBAQCK1pqj41bmC+R9ZhLYMDKQDq5ZHV/cO8x3NgJ9IjAN
sEhT0gCZXQgqTC28nWDBNEjw82V1+wyMlcJ0Qs91pXMI3X1GvQxAND8c7oXqSA8S
Xhil9o9rF8Dfh+cfeOd5aK5L3ryRU1fnG1kR9JWaZwYaUP/w8Lj2y1eZkOgV+GDf
JbC/6f5L61mNSoDUqXofVpDAAbxgsA3pVxRXZuWMNaF0aYDT/+UcVjj+cE69qBTy
3MzplRp+j8jJVbpp9ca9+BBMhR4JbZxZlqWT3Wt6hp0rpDhwL3fKgoxcQKeo3l0w
B+yL/k8BqaWjHH3/7aN3OulvX4VWuON9MTiWldl+P7+E
-----END CERTIFICATE-----
Generated at Tue May 12 21:44:33 2026 by rpki-client