Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/0e5aa2-8409-47a0-b479-f48aa2e754e5/1/5f-UuDoTp5gYMURYo2jt2lK0wo0.roa
File: 5f-UuDoTp5gYMURYo2jt2lK0wo0.roa (raw, json)
Hash identifier: Xs27w1pjtbaPiwS7XxbIK5JOznQzGRl8strYBgv7AYc=
Subject key identifier: E5:FF:94:B8:3A:13:A7:98:18:31:44:58:A3:68:ED:DA:52:B4:C2:8D
Certificate issuer: /CN=b5160326be7e5cdc35b5c036441163cd25a4974d
Certificate serial: 019C7018B3C32CD718D389D08E19F67EEF28
Authority key identifier: B5:16:03:26:BE:7E:5C:DC:35:B5:C0:36:44:11:63:CD:25:A4:97:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tRYDJr5-XNw1tcA2RBFjzSWkl00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/0e5aa2-8409-47a0-b479-f48aa2e754e5/1/5f-UuDoTp5gYMURYo2jt2lK0wo0.roa
Signing time: Wed 18 Feb 2026 09:33:12 +0000
ROA not before: Wed 18 Feb 2026 09:33:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206374
IP address blocks: 185.188.132.0/24 maxlen: 24
185.188.133.0/24 maxlen: 24
185.188.134.0/24 maxlen: 24
2a0b:c480::/32 maxlen: 38
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/0e5aa2-8409-47a0-b479-f48aa2e754e5/1/tRYDJr5-XNw1tcA2RBFjzSWkl00.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/0e5aa2-8409-47a0-b479-f48aa2e754e5/1/tRYDJr5-XNw1tcA2RBFjzSWkl00.mft
rsync://rpki.ripe.net/repository/DEFAULT/tRYDJr5-XNw1tcA2RBFjzSWkl00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:70:18:b3:c3:2c:d7:18:d3:89:d0:8e:19:f6:7e:ef:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5160326be7e5cdc35b5c036441163cd25a4974d
Validity
Not Before: Feb 18 09:33:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e5ff94b83a13a79818314458a368edda52b4c28d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:05:f3:90:5a:3f:7b:e3:50:9c:2f:4f:dc:a7:
c7:89:2b:78:c2:30:0f:f5:7c:e2:9d:77:38:f9:96:
cf:0e:af:7e:c0:88:b2:d2:a2:cb:84:e1:ed:57:93:
a6:53:cb:9d:0e:44:8b:5e:ad:e3:67:af:d4:4a:31:
ff:83:e5:68:1c:c6:8c:22:98:c7:6b:57:d0:f8:39:
32:7e:45:38:7e:00:15:ac:eb:ef:2a:2a:61:ac:44:
38:50:ed:09:1c:a9:9d:4f:17:70:46:32:c2:03:39:
f6:75:87:82:55:f8:73:7b:73:3d:38:3d:e6:b5:0c:
19:99:9c:4b:2a:d2:78:76:cb:01:1e:80:77:18:29:
28:2d:fc:48:87:65:54:b2:e6:7b:c5:f7:d0:de:ed:
e3:99:d7:ac:1e:3f:aa:45:dc:c8:3d:02:25:08:cd:
7e:00:69:80:b9:63:26:05:66:f8:9e:c9:ee:06:c3:
23:f3:d7:52:8a:26:9d:f7:c6:dc:28:f9:0e:38:ed:
fe:b9:0e:37:20:4f:63:8b:33:2b:56:a1:d4:81:a0:
7d:6b:55:fe:ec:9f:02:91:c4:5e:b5:33:3b:af:eb:
12:45:22:32:29:95:ce:4d:5e:9e:2c:f5:6c:e4:3d:
63:c7:ed:a1:52:8b:99:a0:e2:7a:36:40:39:c1:c9:
f3:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:FF:94:B8:3A:13:A7:98:18:31:44:58:A3:68:ED:DA:52:B4:C2:8D
X509v3 Authority Key Identifier:
keyid:B5:16:03:26:BE:7E:5C:DC:35:B5:C0:36:44:11:63:CD:25:A4:97:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tRYDJr5-XNw1tcA2RBFjzSWkl00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0e5aa2-8409-47a0-b479-f48aa2e754e5/1/5f-UuDoTp5gYMURYo2jt2lK0wo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0e5aa2-8409-47a0-b479-f48aa2e754e5/1/tRYDJr5-XNw1tcA2RBFjzSWkl00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.132.0-185.188.134.255
IPv6:
2a0b:c480::/32
Signature Algorithm: sha256WithRSAEncryption
39:53:e9:ec:8c:6e:10:9b:04:c6:ff:26:90:37:2b:eb:25:e0:
b6:7a:c5:99:90:d7:af:aa:31:1c:ac:d8:23:de:0b:e5:44:8b:
c9:1f:97:35:aa:a6:b4:6c:6a:a0:c1:92:12:da:34:c5:df:44:
aa:51:13:34:9b:9c:f4:33:eb:1b:a0:60:0f:8f:16:26:0f:40:
48:d9:af:a5:a3:6d:4a:fd:ce:11:ea:49:a3:27:7f:ed:c9:5b:
5a:e7:83:6d:4a:09:f3:b4:73:47:7c:17:09:2d:19:e7:b2:58:
13:dc:6e:ea:f5:6f:8a:29:19:11:87:22:3b:f7:63:1b:6e:62:
49:55:65:94:d7:e8:45:4c:71:9c:88:be:c2:43:5b:d0:04:ed:
a8:a2:3a:28:39:fc:7b:46:e7:c4:c8:6c:1c:fb:91:18:e5:a1:
a2:5f:bf:ed:ea:68:ed:07:53:eb:7d:7c:03:2e:46:9e:c3:fc:
1d:c3:8a:56:3d:e8:d7:4f:56:85:e0:35:8e:4d:cf:49:33:1b:
69:40:89:0f:50:f0:5e:b5:1e:16:87:bc:ec:3e:1d:5a:14:92:
23:3b:2d:99:4e:07:42:84:50:66:2c:61:e4:ac:9a:f4:e6:6c:
7f:a4:4b:f9:ae:d3:9e:03:77:d6:92:05:6f:d1:65:36:8c:00:
1a:64:a1:f8
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZxwGLPDLNcY04nQjhn2fu8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MTYwMzI2YmU3ZTVjZGMzNWI1YzAzNjQ0MTE2M2NkMjVh
NDk3NGQwHhcNMjYwMjE4MDkzMzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWZmOTRiODNhMTNhNzk4MTgzMTQ0NThhMzY4ZWRkYTUyYjRjMjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgXzkFo/e+NQnC9P3KfHiSt4wjAP
9XzinXc4+ZbPDq9+wIiy0qLLhOHtV5OmU8udDkSLXq3jZ6/USjH/g+VoHMaMIpjH
a1fQ+DkyfkU4fgAVrOvvKiphrEQ4UO0JHKmdTxdwRjLCAzn2dYeCVfhze3M9OD3m
tQwZmZxLKtJ4dssBHoB3GCkoLfxIh2VUsuZ7xffQ3u3jmdesHj+qRdzIPQIlCM1+
AGmAuWMmBWb4nsnuBsMj89dSiiad98bcKPkOOO3+uQ43IE9jizMrVqHUgaB9a1X+
7J8CkcRetTM7r+sSRSIyKZXOTV6eLPVs5D1jx+2hUouZoOJ6NkA5wcnz6wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOX/lLg6E6eYGDFEWKNo7dpStMKNMB8GA1UdIwQY
MBaAFLUWAya+flzcNbXANkQRY80lpJdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFJZREpyNS1YTncxdGNBMlJCRmp6U1drbDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8wZTVhYTItODQwOS00N2EwLWI0Nzkt
ZjQ4YWEyZTc1NGU1LzEvNWYtVXVEb1RwNWdZTVVSWW8yanQybEswd28wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8wZTVhYTItODQwOS00N2EwLWI0NzktZjQ4YWEyZTc1NGU1
LzEvdFJZREpyNS1YTncxdGNBMlJCRmp6U1drbDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAK5vIQD
BAC5vIYwDQQCAAIwBwMFACoLxIAwDQYJKoZIhvcNAQELBQADggEBADlT6eyMbhCb
BMb/JpA3K+sl4LZ6xZmQ16+qMRys2CPeC+VEi8kflzWqprRsaqDBkhLaNMXfRKpR
EzSbnPQz6xugYA+PFiYPQEjZr6WjbUr9zhHqSaMnf+3JW1rng21KCfO0c0d8Fwkt
GeeyWBPcbur1b4opGRGHIjv3YxtuYklVZZTX6EVMcZyIvsJDW9AE7aiiOig5/HtG
58TIbBz7kRjloaJfv+3qaO0HU+t9fAMuRp7D/B3DilY96NdPVoXgNY5Nz0kzG2lA
iQ9Q8F61HhaHvOw+HVoUkiM7LZlOB0KEUGYsYeSsmvTmbH+kS/mu054Dd9aSBW/R
ZTaMABpkofg=
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:17:36 2026 by rpki-client