Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/e0UM5uUQ1W1VtRKlYintaPcBzwk.roa
File: e0UM5uUQ1W1VtRKlYintaPcBzwk.roa (raw, json)
Hash identifier: p0iTK6vjuQxaUHz15iF6DcBCDRZtRmOB+xeDXxJ1Rug=
Subject key identifier: 7B:45:0C:E6:E5:10:D5:6D:55:B5:12:A5:62:29:ED:68:F7:01:CF:09
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019C0A8EAFE3976B4331C6DF2818E15BBAF1
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/e0UM5uUQ1W1VtRKlYintaPcBzwk.roa
Signing time: Thu 29 Jan 2026 16:20:49 +0000
ROA not before: Thu 29 Jan 2026 16:20:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201749
IP address blocks: 5.175.145.0/24 maxlen: 24
5.175.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:0a:8e:af:e3:97:6b:43:31:c6:df:28:18:e1:5b:ba:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jan 29 16:20:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7b450ce6e510d56d55b512a56229ed68f701cf09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a0:5c:96:eb:63:c2:4e:a3:bc:5f:33:ef:3f:
cc:3a:43:99:e8:b2:2f:5b:5b:d9:5c:7b:0f:53:94:
3b:40:68:b7:4a:70:c8:68:18:0c:1a:67:08:dd:86:
8f:8e:56:ea:29:27:d4:4b:6f:4f:c6:2f:cf:e7:89:
66:c9:f2:f0:da:94:70:cd:08:68:27:16:17:1a:89:
3f:06:70:fa:0f:ad:d7:88:2a:2c:ad:6a:96:31:fa:
9d:89:a0:57:b6:db:bc:76:78:45:32:84:60:fb:e0:
91:a5:f7:7f:42:c9:40:c1:cb:a6:ab:e4:88:01:0e:
45:27:86:84:a9:53:08:8d:91:0e:c0:dc:9d:cc:bd:
7c:c8:3a:93:2c:e0:f7:2e:cf:20:38:4b:d4:3a:86:
d1:82:a3:34:a8:67:ac:d1:40:bc:55:97:7a:2b:89:
3b:5e:b6:7b:66:04:4a:be:b5:11:ba:36:85:60:9b:
02:aa:8f:93:c2:3c:6b:77:d0:b8:c7:ac:74:2c:76:
ca:72:dc:16:b8:06:7c:b3:db:eb:53:cc:04:f7:17:
93:46:08:36:42:19:3b:56:6f:49:8b:be:af:45:72:
69:77:8f:4a:30:63:bf:5e:6a:e6:1e:29:c8:a2:b7:
75:66:42:45:96:4f:01:9b:80:ea:94:25:7c:01:4f:
61:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:45:0C:E6:E5:10:D5:6D:55:B5:12:A5:62:29:ED:68:F7:01:CF:09
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/e0UM5uUQ1W1VtRKlYintaPcBzwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.145.0/24
5.175.159.0/24
Signature Algorithm: sha256WithRSAEncryption
37:71:54:23:12:c1:02:6f:0e:03:27:62:39:be:12:d8:df:37:
35:b7:aa:bf:68:cc:c1:fa:da:0d:48:d5:27:a5:1f:8a:ad:80:
9a:35:c0:ab:c5:cd:bd:d2:9f:67:1b:15:b4:83:e2:0f:23:a7:
22:a5:0a:2c:73:5a:2c:a3:cf:f2:04:e1:7e:02:20:be:1d:30:
be:0d:ed:39:25:63:a5:af:41:21:eb:4e:c5:da:29:79:f0:31:
06:5c:de:64:b6:c5:67:a9:c5:c5:12:05:a9:e5:6e:56:67:3b:
80:aa:3f:7a:d5:d4:b5:45:48:46:1e:97:c2:ab:fd:08:07:37:
e2:74:8c:54:ca:bd:bd:6f:53:a3:01:38:b5:ea:bd:0e:3d:10:
db:b1:97:9c:f6:b7:77:9d:3b:6e:b4:25:2d:b7:ef:62:d0:09:
0e:b0:84:e1:0c:e1:d9:64:1e:ca:59:c3:38:d1:dc:ae:1b:97:
d0:1a:6f:5b:10:fe:c7:a3:4c:83:a4:4e:52:d8:b8:72:19:58:
e0:5a:4b:a2:51:b6:e2:97:52:4e:fd:66:7f:40:cb:8f:14:79:
2f:c4:d9:96:ef:12:8a:92:9a:37:c3:9f:23:71:b1:79:03:b7:
ce:b3:fa:a4:b9:05:39:01:c3:a1:07:0a:c5:4b:eb:50:a2:1b:
b2:01:99:e4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZwKjq/jl2tDMcbfKBjhW7rxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwMTI5MTYyMDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjQ1MGNlNmU1MTBkNTZkNTViNTEyYTU2MjI5ZWQ2OGY3MDFjZjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqBclutjwk6jvF8z7z/MOkOZ6LIv
W1vZXHsPU5Q7QGi3SnDIaBgMGmcI3YaPjlbqKSfUS29Pxi/P54lmyfLw2pRwzQho
JxYXGok/BnD6D63XiCosrWqWMfqdiaBXttu8dnhFMoRg++CRpfd/QslAwcumq+SI
AQ5FJ4aEqVMIjZEOwNydzL18yDqTLOD3Ls8gOEvUOobRgqM0qGes0UC8VZd6K4k7
XrZ7ZgRKvrURujaFYJsCqo+Twjxrd9C4x6x0LHbKctwWuAZ8s9vrU8wE9xeTRgg2
Qhk7Vm9Ji76vRXJpd49KMGO/XmrmHinIord1ZkJFlk8Bm4DqlCV8AU9h8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHtFDOblENVtVbUSpWIp7Wj3Ac8JMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvZTBVTTV1VVExVzFWdFJLbFlpbnRhUGNCendrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABa+RAwQA
Ba+fMA0GCSqGSIb3DQEBCwUAA4IBAQA3cVQjEsECbw4DJ2I5vhLY3zc1t6q/aMzB
+toNSNUnpR+KrYCaNcCrxc290p9nGxW0g+IPI6cipQosc1oso8/yBOF+AiC+HTC+
De05JWOlr0Eh607F2il58DEGXN5ktsVnqcXFEgWp5W5WZzuAqj961dS1RUhGHpfC
q/0IBzfidIxUyr29b1OjATi16r0OPRDbsZec9rd3nTtutCUtt+9i0AkOsIThDOHZ
ZB7KWcM40dyuG5fQGm9bEP7Ho0yDpE5S2LhyGVjgWkuiUbbil1JO/WZ/QMuPFHkv
xNmW7xKKkpo3w58jcbF5A7fOs/qkuQU5AcOhBwrFS+tQohuyAZnk
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:11:32 2026 by rpki-client