Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/G9xtvEv5Qw0U8wvAae68Nw1ZXg4.roa
File: G9xtvEv5Qw0U8wvAae68Nw1ZXg4.roa (raw, json)
Hash identifier: nFohzN6xxDAYEyDPBCuzvIGjTmi0wAuzFtIHxbGPxSw=
Subject key identifier: 1B:DC:6D:BC:4B:F9:43:0D:14:F3:0B:C0:69:EE:BC:37:0D:59:5E:0E
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019D58B9377D264A94D47E9F2C74A2000624
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/G9xtvEv5Qw0U8wvAae68Nw1ZXg4.roa
Signing time: Sat 04 Apr 2026 13:40:26 +0000
ROA not before: Sat 04 Apr 2026 13:40:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206996
IP address blocks: 5.83.138.0/24 maxlen: 24
5.175.181.0/24 maxlen: 24
5.175.184.0/24 maxlen: 24
5.175.213.0/24 maxlen: 24
5.231.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:58:b9:37:7d:26:4a:94:d4:7e:9f:2c:74:a2:00:06:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 4 13:40:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1bdc6dbc4bf9430d14f30bc069eebc370d595e0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f8:2c:a8:de:4e:ef:fd:ca:40:1f:aa:98:78:
e7:b9:6f:00:96:cd:d7:70:a2:e3:81:f4:bf:69:ab:
12:02:87:c7:e1:8b:d4:b0:d3:ce:a5:dc:3c:6c:60:
4f:57:3b:58:aa:38:2a:c7:5e:c3:d5:40:8b:5e:fa:
dc:27:13:0b:3e:b9:dc:7f:d4:ca:13:0d:5f:48:85:
26:a7:40:3d:fc:82:a2:b2:06:b3:21:b5:80:ca:8d:
3a:d9:c4:8a:e5:e1:6a:49:22:ae:df:c1:97:64:94:
9e:a8:37:67:cc:89:ed:58:30:ff:f5:72:b5:a6:9d:
16:fe:8a:92:e2:70:c8:0f:16:95:a5:fe:5f:30:74:
a3:bb:c9:09:20:10:85:62:36:13:cc:2b:57:99:07:
3a:f6:e6:6f:6f:1b:d2:8c:ee:d0:53:6b:d2:59:3f:
84:24:e1:35:bf:8e:5d:aa:ee:13:30:da:f8:2b:ce:
df:1c:25:41:aa:7c:9f:7c:d0:3d:36:01:c2:77:57:
19:29:3a:c9:b7:f2:9e:70:8b:38:99:1f:0f:1b:45:
29:61:ba:d9:a6:53:89:ab:61:cf:3e:16:27:82:d7:
52:61:dc:2d:78:9c:c6:3f:4c:09:81:5e:30:c5:d8:
62:f5:c7:32:06:2a:ea:42:6d:02:75:95:ca:84:fb:
78:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:DC:6D:BC:4B:F9:43:0D:14:F3:0B:C0:69:EE:BC:37:0D:59:5E:0E
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/G9xtvEv5Qw0U8wvAae68Nw1ZXg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.138.0/24
5.175.181.0/24
5.175.184.0/24
5.175.213.0/24
5.231.107.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:85:43:34:1e:53:dd:43:be:08:a5:99:c4:6f:44:78:fd:0f:
2f:64:7d:3b:87:28:3a:c4:ce:62:58:7a:3b:39:a0:3d:01:85:
9a:95:fe:44:13:16:49:ef:a6:de:0d:73:11:b9:0f:a8:7e:48:
50:4d:81:00:6e:6e:7f:18:f9:28:9d:5b:06:02:a3:ad:32:78:
d2:86:ff:02:03:57:18:ab:86:7a:59:48:3f:9a:a2:df:e7:d1:
28:4a:ef:ff:cb:00:bd:eb:92:f3:f2:11:19:0f:07:d9:b8:b6:
e8:22:db:31:e8:54:21:8a:ff:c7:7a:1a:a2:46:4f:6d:d5:e7:
0d:84:07:1a:bc:24:b9:6b:bd:fb:27:1e:ab:bf:1d:17:69:c7:
38:bd:4d:cf:28:ef:fd:0c:37:4a:e5:7e:f2:f3:a7:7a:c3:0e:
fa:ea:1d:90:a6:98:b7:8b:14:46:6b:75:7b:98:b5:d8:7c:b8:
8c:09:d5:f2:0f:80:e7:ca:86:a3:30:4b:25:4a:2f:89:48:53:
0c:fe:58:ef:e3:51:eb:aa:99:81:43:23:34:56:8a:12:af:87:
e0:1a:f0:45:88:22:ba:bb:d2:6a:4f:e7:e8:e1:bb:99:cc:47:
a4:75:cc:b5:e3:65:85:88:86:72:f8:78:cc:25:0f:4d:07:01:
1b:e7:fa:61
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ1YuTd9JkqU1H6fLHSiAAYkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwNDA0MTM0MDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmRjNmRiYzRiZjk0MzBkMTRmMzBiYzA2OWVlYmMzNzBkNTk1ZTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPgsqN5O7/3KQB+qmHjnuW8Als3X
cKLjgfS/aasSAofH4YvUsNPOpdw8bGBPVztYqjgqx17D1UCLXvrcJxMLPrncf9TK
Ew1fSIUmp0A9/IKisgazIbWAyo062cSK5eFqSSKu38GXZJSeqDdnzIntWDD/9XK1
pp0W/oqS4nDIDxaVpf5fMHSju8kJIBCFYjYTzCtXmQc69uZvbxvSjO7QU2vSWT+E
JOE1v45dqu4TMNr4K87fHCVBqnyffNA9NgHCd1cZKTrJt/KecIs4mR8PG0UpYbrZ
plOJq2HPPhYngtdSYdwteJzGP0wJgV4wxdhi9ccyBirqQm0CdZXKhPt4UwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBvcbbxL+UMNFPMLwGnuvDcNWV4OMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvRzl4dHZFdjVRdzBVOHd2QWFlNjhOdzFaWGc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABVOKAwQA
Ba+1AwQABa+4AwQABa/VAwQABedrMA0GCSqGSIb3DQEBCwUAA4IBAQC6hUM0HlPd
Q74IpZnEb0R4/Q8vZH07hyg6xM5iWHo7OaA9AYWalf5EExZJ76beDXMRuQ+ofkhQ
TYEAbm5/GPkonVsGAqOtMnjShv8CA1cYq4Z6WUg/mqLf59EoSu//ywC965Lz8hEZ
DwfZuLboItsx6FQhiv/HehqiRk9t1ecNhAcavCS5a737Jx6rvx0Xacc4vU3PKO/9
DDdK5X7y86d6ww766h2Qppi3ixRGa3V7mLXYfLiMCdXyD4DnyoajMEslSi+JSFMM
/ljv41HrqpmBQyM0VooSr4fgGvBFiCK6u9JqT+fo4buZzEekdcy142WFiIZy+HjM
JQ9NBwEb5/ph
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:19:50 2026 by rpki-client