Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/XDoOCkf5CnO9nMvxbGa0LtE_XQQ.roa
File: XDoOCkf5CnO9nMvxbGa0LtE_XQQ.roa (raw, json)
Hash identifier: ot+Sv1+Lvck9ZSiTraTVvrdyHCpJGwJQ0EVIO7hg38A=
Subject key identifier: 5C:3A:0E:0A:47:F9:0A:73:BD:9C:CB:F1:6C:66:B4:2E:D1:3F:5D:04
Certificate issuer: /CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Certificate serial: 019DF65B423A6C8B5C945EEF01E1DE1F81A9
Authority key identifier: 81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/XDoOCkf5CnO9nMvxbGa0LtE_XQQ.roa
Signing time: Tue 05 May 2026 04:17:49 +0000
ROA not before: Tue 05 May 2026 04:17:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213176
IP address blocks: 85.155.128.0/24 maxlen: 24
85.155.129.0/24 maxlen: 24
209.35.224.0/24 maxlen: 24
209.35.225.0/24 maxlen: 24
209.35.226.0/24 maxlen: 24
209.35.227.0/24 maxlen: 24
209.35.228.0/24 maxlen: 24
209.35.229.0/24 maxlen: 24
209.35.230.0/24 maxlen: 24
209.35.231.0/24 maxlen: 24
209.35.233.0/24 maxlen: 24
209.35.234.0/24 maxlen: 24
209.35.235.0/24 maxlen: 24
209.35.236.0/24 maxlen: 24
209.35.237.0/24 maxlen: 24
209.35.238.0/24 maxlen: 24
209.35.239.0/24 maxlen: 24
209.35.240.0/24 maxlen: 24
209.35.241.0/24 maxlen: 24
209.35.242.0/24 maxlen: 24
209.35.243.0/24 maxlen: 24
209.35.244.0/24 maxlen: 24
209.35.245.0/24 maxlen: 24
209.35.246.0/24 maxlen: 24
209.35.247.0/24 maxlen: 24
209.35.248.0/24 maxlen: 24
209.35.249.0/24 maxlen: 24
209.35.250.0/24 maxlen: 24
209.35.251.0/24 maxlen: 24
209.35.252.0/24 maxlen: 24
209.35.253.0/24 maxlen: 24
209.35.254.0/24 maxlen: 24
209.35.255.0/24 maxlen: 24
212.59.64.0/24 maxlen: 24
212.59.65.0/24 maxlen: 24
212.59.66.0/24 maxlen: 24
212.59.67.0/24 maxlen: 24
212.59.68.0/24 maxlen: 24
212.59.69.0/24 maxlen: 24
212.59.70.0/24 maxlen: 24
212.59.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f6:5b:42:3a:6c:8b:5c:94:5e:ef:01:e1:de:1f:81:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Validity
Not Before: May 5 04:17:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5c3a0e0a47f90a73bd9ccbf16c66b42ed13f5d04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b8:61:be:a9:75:4f:7a:05:b3:e3:54:ad:21:
5e:48:7d:26:af:1b:43:f2:ab:d0:ad:e3:f4:d8:33:
80:fa:dc:7b:9c:13:56:25:23:94:66:8a:9b:98:70:
76:33:46:0b:49:32:16:de:b7:6e:82:83:2c:3b:ed:
73:d4:2b:7b:fa:ff:8f:8f:ec:5f:15:63:70:ef:5a:
94:15:bc:76:a6:18:8f:54:5d:db:51:05:79:e9:d2:
ec:f7:ec:c2:16:f5:de:7c:e0:fe:b1:15:10:24:44:
01:c3:e4:17:e7:e7:11:98:a5:06:e4:38:f0:3a:cc:
7d:91:1d:c8:44:88:dc:2c:85:d9:d1:26:1b:96:dc:
b9:bb:a8:33:f5:0d:73:be:cd:7a:2d:b6:aa:33:fb:
47:be:21:c1:b3:7e:6a:47:f0:84:93:fc:b4:30:1a:
ed:d5:31:b3:8e:cb:af:9a:d3:c9:a2:45:7a:2f:b3:
34:f2:2f:06:ed:16:31:8a:bd:66:42:79:30:58:cc:
05:c6:67:8e:b7:f9:02:46:d0:ab:19:76:74:2e:f0:
a0:92:c0:fc:6d:bf:5b:32:ae:7b:90:37:8f:a2:0b:
d6:59:6e:43:a1:28:80:38:7d:e2:c9:dc:ab:32:a7:
e1:7e:46:64:20:dd:3e:23:bf:48:ec:7e:a0:48:de:
7a:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:3A:0E:0A:47:F9:0A:73:BD:9C:CB:F1:6C:66:B4:2E:D1:3F:5D:04
X509v3 Authority Key Identifier:
keyid:81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/XDoOCkf5CnO9nMvxbGa0LtE_XQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.155.128.0/23
209.35.224.0/21
209.35.233.0-209.35.255.255
212.59.64.0/21
Signature Algorithm: sha256WithRSAEncryption
0f:ac:c8:0b:57:fa:d0:e9:0f:15:d5:11:22:15:82:63:21:8f:
5f:e3:89:39:c2:68:6b:00:9b:82:06:86:52:d1:59:5a:67:34:
72:55:d2:86:be:34:13:54:85:20:ed:38:e7:32:2b:3a:c0:4c:
7f:a8:59:16:f7:a3:db:93:bd:5e:25:ca:74:d4:88:27:50:38:
85:bd:d9:82:13:ab:0d:01:90:01:7a:40:f7:82:57:6d:fc:32:
0c:cc:e3:54:df:80:43:fa:6e:ed:b1:f4:ad:5c:b8:50:b2:3f:
c5:82:6c:2e:d0:a1:2a:07:c7:88:75:93:0a:40:d3:91:6d:ed:
47:5d:46:15:1b:af:7f:37:01:96:1c:cf:40:2f:f4:29:2a:b2:
89:97:e2:4c:1e:85:72:72:99:51:dc:f5:96:23:f6:be:89:16:
a8:2a:7c:2e:f1:13:1d:9f:dd:d6:7a:29:ab:f6:53:6b:a1:29:
a7:9a:d4:b6:97:81:00:e2:30:c1:34:fd:dd:8f:70:d2:ce:d0:
cb:e6:b3:3c:49:f1:fa:77:19:f1:3b:9a:61:f9:5d:fa:05:56:
97:82:cc:15:17:1f:b1:1b:35:6a:ac:22:af:cc:d8:c0:23:16:
c1:4e:77:9a:7d:e8:81:02:7d:c4:d2:14:60:94:7a:f8:f7:f6:
66:85:99:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ32W0I6bItclF7vAeHeH4GpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYTJkMGRjZDUwYTY4MmY5NzVlYTNkOGMzOGU1ZTY3YmIw
MzIyZjkwHhcNMjYwNTA1MDQxNzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzNhMGUwYTQ3ZjkwYTczYmQ5Y2NiZjE2YzY2YjQyZWQxM2Y1ZDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobhhvql1T3oFs+NUrSFeSH0mrxtD
8qvQreP02DOA+tx7nBNWJSOUZoqbmHB2M0YLSTIW3rdugoMsO+1z1Ct7+v+Pj+xf
FWNw71qUFbx2phiPVF3bUQV56dLs9+zCFvXefOD+sRUQJEQBw+QX5+cRmKUG5Djw
Osx9kR3IRIjcLIXZ0SYblty5u6gz9Q1zvs16LbaqM/tHviHBs35qR/CEk/y0MBrt
1TGzjsuvmtPJokV6L7M08i8G7RYxir1mQnkwWMwFxmeOt/kCRtCrGXZ0LvCgksD8
bb9bMq57kDePogvWWW5DoSiAOH3iydyrMqfhfkZkIN0+I79I7H6gSN56hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFw6DgpH+QpzvZzL8WxmtC7RP10EMB8GA1UdIwQY
MBaAFIGi0NzVCmgvl16j2MOOXme7AyL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9kMjVhNzItYmJlMy00YWIwLTk1NjQt
ZmU0NWQ1MTYwYzM5LzEvWERvT0NrZjVDbk85bk12eGJHYTBMdEVfWFFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9kMjVhNzItYmJlMy00YWIwLTk1NjQtZmU0NWQ1MTYwYzM5
LzEvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAlBAIAATAfAwQBVZuAAwQD
0SPgMAsDBADRI+kDAwLRIAMEA9Q7QDANBgkqhkiG9w0BAQsFAAOCAQEAD6zIC1f6
0OkPFdURIhWCYyGPX+OJOcJoawCbggaGUtFZWmc0clXShr40E1SFIO045zIrOsBM
f6hZFvej25O9XiXKdNSIJ1A4hb3ZghOrDQGQAXpA94JXbfwyDMzjVN+AQ/pu7bH0
rVy4ULI/xYJsLtChKgfHiHWTCkDTkW3tR11GFRuvfzcBlhzPQC/0KSqyiZfiTB6F
cnKZUdz1liP2vokWqCp8LvETHZ/d1nopq/ZTa6Epp5rUtpeBAOIwwTT93Y9w0s7Q
y+azPEnx+ncZ8TuaYfld+gVWl4LMFRcfsRs1aqwir8zYwCMWwU53mn3ogQJ9xNIU
YJR6+Pf2ZoWZWg==
-----END CERTIFICATE-----
Generated at Wed May 13 06:27:27 2026 by rpki-client