Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/xdpnkpQumD8hWob7tbO8hs-5ock.roa
File: xdpnkpQumD8hWob7tbO8hs-5ock.roa (raw, json)
Hash identifier: /JU6lYmiVeUYjf6zxuU3H+KLl6rfRGkxJshaoXYAXG4=
Subject key identifier: C5:DA:67:92:94:2E:98:3F:21:5A:86:FB:B5:B3:BC:86:CF:B9:A1:C9
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 019D03160C9DFA0E7922E0AC5E2156EA7DF3
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/xdpnkpQumD8hWob7tbO8hs-5ock.roa
Signing time: Wed 18 Mar 2026 22:34:29 +0000
ROA not before: Wed 18 Mar 2026 22:34:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 5511
IP address blocks: 45.136.0.0/24 maxlen: 32
45.136.2.0/24 maxlen: 32
45.136.3.0/24 maxlen: 32
128.0.119.0/24 maxlen: 32
185.117.23.0/24 maxlen: 32
185.211.48.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.211.50.0/24 maxlen: 32
185.227.240.0/24 maxlen: 32
185.227.241.0/24 maxlen: 32
185.227.242.0/24 maxlen: 32
185.227.243.0/24 maxlen: 32
193.201.209.0/24 maxlen: 32
193.201.210.0/24 maxlen: 32
193.201.211.0/24 maxlen: 32
194.36.102.0/24 maxlen: 32
194.36.103.0/24 maxlen: 32
194.124.66.0/24 maxlen: 32
194.124.67.0/24 maxlen: 32
195.85.68.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:03:16:0c:9d:fa:0e:79:22:e0:ac:5e:21:56:ea:7d:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Mar 18 22:34:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c5da6792942e983f215a86fbb5b3bc86cfb9a1c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:a8:01:fe:d8:3a:c2:ae:be:80:b8:01:e6:9b:
1c:ec:0e:da:5c:b1:e9:95:0a:b0:91:4e:99:2f:ac:
7b:18:cd:48:84:3e:76:e6:9e:cb:3d:ae:0a:d0:d8:
d1:30:55:66:75:07:4a:78:75:2b:01:5c:5c:e4:e9:
07:9a:df:46:4d:14:54:32:5f:c4:f8:ce:a4:a5:fb:
02:a9:23:a3:ab:54:a6:d3:ba:a8:77:33:c2:a7:eb:
5a:7e:73:e6:3b:76:cd:63:f7:cf:ac:40:b6:34:df:
7b:47:2a:e1:91:74:1b:6e:83:66:04:c9:ad:34:20:
96:c2:7b:69:0c:40:db:05:41:90:4c:18:8c:c8:6a:
02:a6:7a:70:bf:d0:f0:2c:fc:7a:2f:17:a5:5d:64:
35:4d:30:19:37:2c:ac:2f:c8:b1:01:17:ea:f6:33:
9c:86:fd:b0:5c:f4:a2:ad:3f:b5:e7:a0:0f:7b:3a:
c5:d2:8c:65:23:30:78:fe:8e:32:f6:c8:11:8a:28:
a3:af:17:56:5c:00:02:68:f1:ca:66:a7:f0:c7:62:
af:a1:5f:a2:b7:a3:4f:79:bc:d7:88:b9:47:b5:b9:
b9:7a:1d:bf:52:ab:20:ef:62:e7:d4:fa:66:04:08:
7b:d1:1c:23:81:da:86:15:05:54:58:c9:8a:e6:4c:
c0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:DA:67:92:94:2E:98:3F:21:5A:86:FB:B5:B3:BC:86:CF:B9:A1:C9
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/xdpnkpQumD8hWob7tbO8hs-5ock.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/24
45.136.2.0/23
128.0.119.0/24
185.117.23.0/24
185.211.48.0-185.211.50.255
185.227.240.0/22
193.201.209.0-193.201.211.255
194.36.102.0/23
194.124.66.0/23
195.85.68.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:60:a9:70:2e:64:04:ac:40:c7:cb:d1:7a:af:5d:67:12:6f:
bf:b3:28:5f:13:fa:29:1d:9e:c5:b1:8e:64:13:c9:70:10:9e:
da:8e:86:89:24:e5:8d:a0:d4:03:df:57:00:1c:fd:04:69:7a:
d2:46:88:91:68:5d:aa:a8:99:c0:87:87:4f:16:7e:a3:34:dd:
30:69:87:32:ff:74:1c:15:b9:7d:91:4b:43:9a:a7:80:af:c9:
7a:b4:ca:a9:b8:4f:b4:d3:74:57:e2:12:ff:88:e7:39:50:26:
ed:79:05:21:53:7f:3f:11:11:cd:2f:35:d8:ae:e0:da:e7:47:
4f:0d:02:4c:5b:9d:fe:e9:ca:d7:21:0f:d7:94:b2:41:13:8f:
46:8f:67:f0:c9:39:97:3f:c6:aa:99:eb:f7:51:5a:52:d5:9b:
a4:9c:7b:2f:4e:a1:5f:8d:58:a9:10:01:2f:b1:1a:20:71:4e:
17:3d:5a:43:1b:9c:86:16:9c:1b:cb:16:8f:62:27:e8:a7:6c:
31:cd:b1:80:f6:1c:52:c9:8d:97:97:25:27:d7:d5:7e:d5:33:
fd:b3:97:31:b5:f0:68:23:ab:a0:ab:a5:85:81:1f:27:c0:51:
87:58:1d:1d:f2:49:d4:55:cc:2d:20:fd:ac:d1:d9:14:34:42:
a6:c9:96:3f
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZ0DFgyd+g55IuCsXiFW6n3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjYwMzE4MjIzNDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWRhNjc5Mjk0MmU5ODNmMjE1YTg2ZmJiNWIzYmM4NmNmYjlhMWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5KgB/tg6wq6+gLgB5psc7A7aXLHp
lQqwkU6ZL6x7GM1IhD525p7LPa4K0NjRMFVmdQdKeHUrAVxc5OkHmt9GTRRUMl/E
+M6kpfsCqSOjq1Sm07qodzPCp+tafnPmO3bNY/fPrEC2NN97RyrhkXQbboNmBMmt
NCCWwntpDEDbBUGQTBiMyGoCpnpwv9DwLPx6LxelXWQ1TTAZNyysL8ixARfq9jOc
hv2wXPSirT+156APezrF0oxlIzB4/o4y9sgRiiijrxdWXAACaPHKZqfwx2KvoV+i
t6NPebzXiLlHtbm5eh2/Uqsg72Ln1PpmBAh70RwjgdqGFQVUWMmK5kzABwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFMXaZ5KULpg/IVqG+7WzvIbPuaHJMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEveGRwbmtwUXVtRDhoV29iN3RiTzhocy01b2NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQALYgAAwQB
LYgCAwQAgAB3AwQAuXUXMAwDBAS50zADBAC50zIDBAK54/AwDAMEAMHJ0QMEAsHJ
0AMEAcIkZgMEAcJ8QgMEAMNVRDANBgkqhkiG9w0BAQsFAAOCAQEALWCpcC5kBKxA
x8vReq9dZxJvv7MoXxP6KR2exbGOZBPJcBCe2o6GiSTljaDUA99XABz9BGl60kaI
kWhdqqiZwIeHTxZ+ozTdMGmHMv90HBW5fZFLQ5qngK/JerTKqbhPtNN0V+IS/4jn
OVAm7XkFIVN/PxERzS812K7g2udHTw0CTFud/unK1yEP15SyQROPRo9n8Mk5lz/G
qpnr91FaUtWbpJx7L06hX41YqRABL7EaIHFOFz1aQxuchhacG8sWj2In6KdsMc2x
gPYcUsmNl5clJ9fVftUz/bOXMbXwaCOroKulhYEfJ8BRh1gdHfJJ1FXMLSD9rNHZ
FDRCpsmWPw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:43:02 2026 by rpki-client