Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/pPOTkkl8EzCy9tLzI5fRTCKjARI.roa
File: pPOTkkl8EzCy9tLzI5fRTCKjARI.roa (raw, json)
Hash identifier: ISeNjEuf5fFjjXII25/DWCapgvbh7E9b8sy+V71b+lM=
Subject key identifier: A4:F3:93:92:49:7C:13:30:B2:F6:D2:F3:23:97:D1:4C:22:A3:01:12
Certificate issuer: /CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
Certificate serial: 019C9EAE9452CC71CCBE956233031D4DF36B
Authority key identifier: 2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/pPOTkkl8EzCy9tLzI5fRTCKjARI.roa
Signing time: Fri 27 Feb 2026 10:39:27 +0000
ROA not before: Fri 27 Feb 2026 10:39:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210273
IP address blocks: 5.22.156.0/24 maxlen: 24
94.125.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9e:ae:94:52:cc:71:cc:be:95:62:33:03:1d:4d:f3:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
Validity
Not Before: Feb 27 10:39:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a4f39392497c1330b2f6d2f32397d14c22a30112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7c:8d:e1:8e:46:ec:21:90:a6:1b:0f:be:cc:
53:ca:4f:ec:7d:cd:d3:4f:a3:e6:7a:34:ba:d9:6d:
78:86:4e:11:5e:5c:ea:81:9a:8b:bb:fb:b0:dc:c0:
44:83:0f:65:41:80:94:15:e6:4f:70:c1:fa:11:44:
1c:c6:f4:3a:92:8f:70:24:e1:cb:0e:32:a7:3e:69:
e8:ef:4f:fe:50:11:45:e8:74:62:bc:9c:e5:29:37:
bc:70:e1:e4:29:aa:f2:eb:97:24:78:0d:57:a4:d9:
20:49:c0:28:43:7f:16:42:9c:8e:81:da:2a:dd:6f:
88:b9:61:0a:f5:cb:34:65:ad:60:bf:cf:38:26:0e:
96:e5:ec:87:62:f9:7e:17:d0:92:26:e8:c2:41:f5:
6c:7d:aa:2c:2e:32:40:6a:02:79:a6:d6:5c:76:92:
e2:85:6f:49:e8:89:b9:ed:ca:01:f5:d5:b8:88:e9:
b3:94:ad:0e:98:bb:7f:fc:ff:c6:16:a5:5c:0f:dc:
38:d6:56:b0:32:20:1a:ae:d4:8f:c9:f1:ed:dd:9c:
5b:2b:97:76:17:fe:35:24:e6:6f:33:5b:3a:cc:d4:
9a:21:8c:3b:51:41:f7:86:7b:0e:14:1a:8e:02:ff:
36:1a:10:08:25:3f:4a:8b:0d:02:23:68:95:5e:34:
a7:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:F3:93:92:49:7C:13:30:B2:F6:D2:F3:23:97:D1:4C:22:A3:01:12
X509v3 Authority Key Identifier:
keyid:2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/pPOTkkl8EzCy9tLzI5fRTCKjARI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.156.0/24
94.125.99.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:0e:d0:24:c8:90:1e:5e:cb:14:ea:84:7c:34:bd:f4:61:79:
51:25:c5:64:f5:84:8a:5b:04:02:e3:c9:f4:79:18:6c:e1:63:
2f:fc:15:9a:6e:8f:e1:20:7e:d7:a1:f7:1d:84:05:72:6f:42:
d5:7b:eb:8e:05:88:a7:79:4f:0d:03:1b:88:16:9d:c3:a9:d5:
e9:be:39:e4:94:21:a9:d8:66:f8:89:53:de:62:29:10:b3:0a:
bd:c1:29:76:74:8d:da:d2:1b:fb:0c:4b:7a:de:9f:8d:2e:f3:
88:de:e3:2e:cf:ea:61:98:a1:7b:ef:9a:ab:1a:bb:23:24:66:
d1:d3:9b:3e:f1:85:74:f6:81:6b:32:5c:2b:ab:3e:62:c3:68:
95:7b:a6:95:ee:e1:5d:36:0f:90:ab:79:10:5b:7d:dc:c5:47:
8f:ba:f7:37:ed:24:d5:4d:1e:a8:c7:18:9c:51:cd:4b:fd:40:
85:0d:f6:00:52:17:1b:f5:4a:53:a5:57:b4:5a:a3:e3:15:05:
b9:a0:5d:c1:99:18:ca:d3:0c:49:8a:b9:ff:3d:e8:75:d4:56:
1e:30:e4:8f:93:7f:dd:f6:f7:f9:78:42:3b:70:59:fd:0d:6a:
05:2e:52:1e:c7:e1:50:ef:bd:63:c9:91:30:1b:b1:f7:ec:2b:
a2:06:b3:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZyerpRSzHHMvpViMwMdTfNrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmOTNkM2JhMTk3ZjVjZTMwOThiZmE3NzAwYjQzODU0ZWFh
ODBlOWUwHhcNMjYwMjI3MTAzOTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGYzOTM5MjQ5N2MxMzMwYjJmNmQyZjMyMzk3ZDE0YzIyYTMwMTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3yN4Y5G7CGQphsPvsxTyk/sfc3T
T6PmejS62W14hk4RXlzqgZqLu/uw3MBEgw9lQYCUFeZPcMH6EUQcxvQ6ko9wJOHL
DjKnPmno70/+UBFF6HRivJzlKTe8cOHkKary65ckeA1XpNkgScAoQ38WQpyOgdoq
3W+IuWEK9cs0Za1gv884Jg6W5eyHYvl+F9CSJujCQfVsfaosLjJAagJ5ptZcdpLi
hW9J6Im57coB9dW4iOmzlK0OmLt//P/GFqVcD9w41lawMiAartSPyfHt3ZxbK5d2
F/41JOZvM1s6zNSaIYw7UUH3hnsOFBqOAv82GhAIJT9Kiw0CI2iVXjSnJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKTzk5JJfBMwsvbS8yOX0UwiowESMB8GA1UdIwQY
MBaAFC+T07oZf1zjCYv6dwC0OFTqqA6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUt
OWU3MWRjMjRhNjgzLzEvcFBPVGtrbDhFekN5OXRMekk1ZlJUQ0tqQVJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUtOWU3MWRjMjRhNjgz
LzEvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABRacAwQA
Xn1jMA0GCSqGSIb3DQEBCwUAA4IBAQBuDtAkyJAeXssU6oR8NL30YXlRJcVk9YSK
WwQC48n0eRhs4WMv/BWabo/hIH7XofcdhAVyb0LVe+uOBYineU8NAxuIFp3DqdXp
vjnklCGp2Gb4iVPeYikQswq9wSl2dI3a0hv7DEt63p+NLvOI3uMuz+phmKF775qr
GrsjJGbR05s+8YV09oFrMlwrqz5iw2iVe6aV7uFdNg+Qq3kQW33cxUePuvc37STV
TR6oxxicUc1L/UCFDfYAUhcb9UpTpVe0WqPjFQW5oF3BmRjK0wxJirn/Peh11FYe
MOSPk3/d9vf5eEI7cFn9DWoFLlIex+FQ771jyZEwG7H37CuiBrMa
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:02:53 2026 by rpki-client