Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/5Aim9vGIPcLoJ8J-N__EKTAZhGU.roa
File: 5Aim9vGIPcLoJ8J-N__EKTAZhGU.roa (raw, json)
Hash identifier: DEyXdgrj8KNTGdHcyFHO3L9TrDiI80UpnOO4Jv7Q0X0=
Subject key identifier: E4:08:A6:F6:F1:88:3D:C2:E8:27:C2:7E:37:FF:C4:29:30:19:84:65
Certificate issuer: /CN=43015654082578c4946cd27be1e89a3dd7562fa4
Certificate serial: 019ECF8BEAF730EEE7A1FE654FD4C1B2516E
Authority key identifier: 43:01:56:54:08:25:78:C4:94:6C:D2:7B:E1:E8:9A:3D:D7:56:2F:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/5Aim9vGIPcLoJ8J-N__EKTAZhGU.roa
Signing time: Tue 16 Jun 2026 08:28:33 +0000
ROA not before: Tue 16 Jun 2026 08:28:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8315
IP address blocks: 5.100.224.0/21 maxlen: 24
79.99.184.0/21 maxlen: 24
83.98.128.0/19 maxlen: 24
83.98.166.0/23 maxlen: 24
83.98.168.0/21 maxlen: 24
83.98.176.0/20 maxlen: 24
83.98.200.0/22 maxlen: 24
83.98.208.0/20 maxlen: 24
85.92.128.0/19 maxlen: 24
85.92.128.0/20 maxlen: 24
85.92.144.0/22 maxlen: 24
85.158.160.0/21 maxlen: 24
85.222.192.0/21 maxlen: 24
89.18.160.0/22 maxlen: 24
89.18.168.0/21 maxlen: 24
89.18.180.0/22 maxlen: 24
89.30.128.0/18 maxlen: 24
89.30.192.0/19 maxlen: 24
89.30.208.0/20 maxlen: 24
89.30.224.0/21 maxlen: 24
91.200.48.0/23 maxlen: 24
91.200.51.0/24 maxlen: 24
91.216.113.0/24 maxlen: 24
91.216.141.0/24 maxlen: 24
93.175.176.0/20 maxlen: 24
94.198.24.0/21 maxlen: 24
134.0.88.0/21 maxlen: 24
162.248.196.0/22 maxlen: 24
162.251.32.0/21 maxlen: 24
176.62.192.0/21 maxlen: 24
178.251.192.0/21 maxlen: 24
185.12.132.0/22 maxlen: 24
185.30.236.0/22 maxlen: 24
185.38.156.0/22 maxlen: 24
185.74.76.0/24 maxlen: 24
185.74.77.0/24 maxlen: 24
185.77.120.0/22 maxlen: 24
185.113.52.0/22 maxlen: 24
185.113.196.0/22 maxlen: 24
185.113.224.0/22 maxlen: 24
185.116.72.0/22 maxlen: 24
193.34.150.0/23 maxlen: 24
194.105.128.0/23 maxlen: 24
194.165.34.0/24 maxlen: 24
195.234.173.0/24 maxlen: 24
213.171.128.0/19 maxlen: 24
213.171.144.0/20 maxlen: 24
213.189.0.0/21 maxlen: 24
213.189.16.0/20 maxlen: 24
213.189.20.0/24 maxlen: 24
213.189.28.0/22 maxlen: 24
213.214.96.0/24 maxlen: 24
213.214.101.0/24 maxlen: 24
213.214.103.0/24 maxlen: 24
213.214.107.0/24 maxlen: 24
213.214.112.0/20 maxlen: 24
213.247.32.0/21 maxlen: 24
213.247.40.0/22 maxlen: 24
213.247.48.0/23 maxlen: 24
213.247.52.0/24 maxlen: 24
217.195.112.0/20 maxlen: 24
2001:16f8::/32 maxlen: 48
2a00:1bd8::/32 maxlen: 48
2a01:40e0::/32 maxlen: 48
2a02:20b0::/32 maxlen: 32
2a02:20b1::/32 maxlen: 32
2a02:2858::/29 maxlen: 48
2a02:2858:200::/40 maxlen: 40
2a02:2858:300::/40 maxlen: 40
2a02:2858:400::/40 maxlen: 40
2a02:2858:500::/40 maxlen: 40
2a03:5500::/31 maxlen: 48
2a0d:5040::/29 maxlen: 29
2a0d:5040::/32 maxlen: 32
2a0d:5041::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/QwFWVAgleMSUbNJ74eiaPddWL6Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/QwFWVAgleMSUbNJ74eiaPddWL6Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Jun 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:cf:8b:ea:f7:30:ee:e7:a1:fe:65:4f:d4:c1:b2:51:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43015654082578c4946cd27be1e89a3dd7562fa4
Validity
Not Before: Jun 16 08:28:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e408a6f6f1883dc2e827c27e37ffc42930198465
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:53:d6:e8:2c:43:54:50:4d:52:93:e0:fc:fc:
69:d1:bf:29:ff:c7:4b:a5:a5:ae:81:4a:40:44:2f:
8b:b9:a9:8b:80:20:3c:02:c4:4e:ff:aa:a5:74:60:
76:55:48:ff:56:9c:6f:42:b1:0b:b5:63:74:fc:31:
77:f7:37:ce:ef:7f:4f:72:43:ee:7c:de:9c:47:d1:
f7:19:4a:f5:df:c0:28:7c:13:e7:e7:af:b3:53:77:
9f:b6:53:8c:cf:7c:f9:6c:6e:b1:1d:cf:cc:99:1a:
81:a6:ee:40:fd:74:d1:31:2b:1e:41:44:88:83:14:
18:5c:58:d1:d2:54:de:3c:7d:30:f6:1f:65:ad:f9:
1f:41:01:65:19:f6:31:f4:c0:73:07:e6:9c:1c:3a:
8a:14:46:d3:92:75:c0:44:6a:7f:5d:16:1d:f7:0a:
a4:35:41:a6:a8:4d:67:a0:b6:c6:72:76:69:1e:e8:
5d:07:f7:55:b2:81:5c:4d:81:b2:95:da:87:92:32:
53:e0:1d:53:f7:0a:df:d9:8e:fd:80:4d:92:fd:b4:
41:64:c8:0e:36:5a:72:8e:94:e9:1b:41:6c:b3:ee:
f6:23:af:77:22:8c:94:98:c3:e4:f9:57:ce:2e:76:
8d:89:37:df:e6:02:82:52:88:f9:33:47:da:a9:75:
9e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:08:A6:F6:F1:88:3D:C2:E8:27:C2:7E:37:FF:C4:29:30:19:84:65
X509v3 Authority Key Identifier:
keyid:43:01:56:54:08:25:78:C4:94:6C:D2:7B:E1:E8:9A:3D:D7:56:2F:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/5Aim9vGIPcLoJ8J-N__EKTAZhGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/QwFWVAgleMSUbNJ74eiaPddWL6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.224.0/21
79.99.184.0/21
83.98.128.0/19
83.98.166.0-83.98.191.255
83.98.200.0/22
83.98.208.0/20
85.92.128.0/19
85.158.160.0/21
85.222.192.0/21
89.18.160.0/22
89.18.168.0/21
89.18.180.0/22
89.30.128.0-89.30.231.255
91.200.48.0/23
91.200.51.0/24
91.216.113.0/24
91.216.141.0/24
93.175.176.0/20
94.198.24.0/21
134.0.88.0/21
162.248.196.0/22
162.251.32.0/21
176.62.192.0/21
178.251.192.0/21
185.12.132.0/22
185.30.236.0/22
185.38.156.0/22
185.74.76.0/23
185.77.120.0/22
185.113.52.0/22
185.113.196.0/22
185.113.224.0/22
185.116.72.0/22
193.34.150.0/23
194.105.128.0/23
194.165.34.0/24
195.234.173.0/24
213.171.128.0/19
213.189.0.0/21
213.189.16.0/20
213.214.96.0/24
213.214.101.0/24
213.214.103.0/24
213.214.107.0/24
213.214.112.0/20
213.247.32.0-213.247.43.255
213.247.48.0/23
213.247.52.0/24
217.195.112.0/20
IPv6:
2001:16f8::/32
2a00:1bd8::/32
2a01:40e0::/32
2a02:20b0::/31
2a02:2858::/29
2a03:5500::/31
2a0d:5040::/29
Signature Algorithm: sha256WithRSAEncryption
69:fe:e0:9e:1c:d8:76:8a:2f:db:60:aa:f0:7c:47:a5:63:6f:
a6:a1:4f:77:42:15:18:31:1f:46:93:06:8a:76:46:5f:34:f5:
fc:8b:7f:6c:d6:b9:65:42:37:8d:4e:4d:32:1b:94:eb:bf:0a:
ec:ad:ff:0a:41:4f:45:4b:8b:b8:9f:54:60:c9:85:eb:4c:ef:
b0:08:72:87:aa:47:f2:d4:6f:cf:6f:4f:f5:3e:74:5d:0b:bb:
cd:e3:8d:f5:d4:b6:9a:0d:08:3d:b1:e2:0b:6a:79:6a:18:a0:
28:07:93:5b:ce:ee:be:88:83:c1:f1:ae:8c:73:a0:81:a9:07:
ab:c8:4e:df:25:cf:19:38:ce:45:f3:c4:d2:9c:ec:4e:77:61:
4a:69:9e:c7:92:e4:08:a1:77:a9:30:be:b5:6b:42:9c:ec:0c:
ef:53:55:c9:a3:b3:07:d8:70:f2:9a:42:c0:02:90:6a:76:8c:
c7:de:11:bd:73:51:27:07:56:1a:1a:0c:31:12:b8:04:35:af:
b4:ae:5c:ca:34:c7:ec:55:d4:15:3a:ca:a2:e6:20:fc:22:93:
04:b9:e4:fc:f1:51:98:cf:94:ec:4f:ee:82:f5:ae:f2:e5:cf:
2f:18:2f:5b:38:cb:3b:65:15:88:ca:1a:24:ef:6f:8c:b7:23:
e6:98:95:39
-----BEGIN CERTIFICATE-----
MIIGeDCCBWCgAwIBAgISAZ7Pi+r3MO7nof5lT9TBslFuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDE1NjU0MDgyNTc4YzQ5NDZjZDI3YmUxZTg5YTNkZDc1
NjJmYTQwHhcNMjYwNjE2MDgyODMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDA4YTZmNmYxODgzZGMyZTgyN2MyN2UzN2ZmYzQyOTMwMTk4NDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlPW6CxDVFBNUpPg/Pxp0b8p/8dL
paWugUpARC+LuamLgCA8AsRO/6qldGB2VUj/VpxvQrELtWN0/DF39zfO739PckPu
fN6cR9H3GUr138AofBPn56+zU3eftlOMz3z5bG6xHc/MmRqBpu5A/XTRMSseQUSI
gxQYXFjR0lTePH0w9h9lrfkfQQFlGfYx9MBzB+acHDqKFEbTknXARGp/XRYd9wqk
NUGmqE1noLbGcnZpHuhdB/dVsoFcTYGyldqHkjJT4B1T9wrf2Y79gE2S/bRBZMgO
NlpyjpTpG0Fss+72I693IoyUmMPk+VfOLnaNiTff5gKCUoj5M0faqXWeGwIDAQAB
o4IDhDCCA4AwHQYDVR0OBBYEFOQIpvbxiD3C6CfCfjf/xCkwGYRlMB8GA1UdIwQY
MBaAFEMBVlQIJXjElGzSe+Homj3XVi+kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdGV1ZBZ2xlTVNVYk5KNzRlaWFQZGRXTDZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jMjdmYTYtYjJiMC00ZGNiLWE4OTkt
MTAzMGNkYmU2YmQ0LzEvNUFpbTl2R0lQY0xvSjhKLU5fX0VLVEFaaEdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jMjdmYTYtYjJiMC00ZGNiLWE4OTktMTAzMGNkYmU2YmQ0
LzEvUXdGV1ZBZ2xlTVNVYk5KNzRlaWFQZGRXTDZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBmAYIKwYBBQUHAQcBAf8EggGHMIIBgzCCAUYEAgABMIIB
PgMEAwVk4AMEA09juAMEBVNigDAMAwQBU2KmAwQGU2KAAwQCU2LIAwQEU2LQAwQF
VVyAAwQDVZ6gAwQDVd7AAwQCWRKgAwQDWRKoAwQCWRK0MAwDBAdZHoADBANZHuAD
BAFbyDADBABbyDMDBABb2HEDBABb2I0DBARdr7ADBANexhgDBAOGAFgDBAKi+MQD
BAOi+yADBAOwPsADBAOy+8ADBAK5DIQDBAK5HuwDBAK5JpwDBAG5SkwDBAK5TXgD
BAK5cTQDBAK5ccQDBAK5ceADBAK5dEgDBAHBIpYDBAHCaYADBADCpSIDBADD6q0D
BAXVq4ADBAPVvQADBATVvRADBADV1mADBADV1mUDBADV1mcDBADV1msDBATV1nAw
DAMEBdX3IAMEAtX3KAMEAdX3MAMEANX3NAMEBNnDcDA3BAIAAjAxAwUAIAEW+AMF
ACoAG9gDBQAqAUDgAwUBKgIgsAMFAyoCKFgDBQEqA1UAAwUDKg1QQDANBgkqhkiG
9w0BAQsFAAOCAQEAaf7gnhzYdoov22Cq8HxHpWNvpqFPd0IVGDEfRpMGinZGXzT1
/It/bNa5ZUI3jU5NMhuU678K7K3/CkFPRUuLuJ9UYMmF60zvsAhyh6pH8tRvz29P
9T50XQu7zeON9dS2mg0IPbHiC2p5ahigKAeTW87uvoiDwfGujHOggakHq8hO3yXP
GTjORfPE0pzsTndhSmmex5LkCKF3qTC+tWtCnOwM71NVyaOzB9hw8ppCwAKQanaM
x94RvXNRJwdWGhoMMRK4BDWvtK5cyjTH7FXUFTrKouYg/CKTBLnk/PFRmM+U7E/u
gvWu8uXPLxgvWzjLO2UViMoaJO9vjLcj5piVOQ==
-----END CERTIFICATE-----
Generated at Wed Jun 17 09:43:20 2026 by rpki-client