Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/IqdHlUJa3uvZPr2-m3v2S7HrJE0.roa
File: IqdHlUJa3uvZPr2-m3v2S7HrJE0.roa (raw, json)
Hash identifier: 0dizv8L3FD2g5DMEu7DpHeZSiKDU38+rdYF5Csc3+Wk=
Subject key identifier: 22:A7:47:95:42:5A:DE:EB:D9:3E:BD:BE:9B:7B:F6:4B:B1:EB:24:4D
Certificate issuer: /CN=1a4dc22595fc1f588fbc4dde07c1c394998f33a7
Certificate serial: 019D90C0AFA668595B8A42D89A16BBB3AECC
Authority key identifier: 1A:4D:C2:25:95:FC:1F:58:8F:BC:4D:DE:07:C1:C3:94:99:8F:33:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/IqdHlUJa3uvZPr2-m3v2S7HrJE0.roa
Signing time: Wed 15 Apr 2026 10:47:20 +0000
ROA not before: Wed 15 Apr 2026 10:47:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58061
IP address blocks: 5.45.64.0/21 maxlen: 21
5.45.72.0/22 maxlen: 22
5.45.76.0/22 maxlen: 22
5.45.84.0/22 maxlen: 22
5.45.88.0/22 maxlen: 22
5.45.92.0/22 maxlen: 22
5.61.48.0/22 maxlen: 22
5.61.52.0/22 maxlen: 22
5.61.56.0/22 maxlen: 22
37.1.200.0/21 maxlen: 21
37.1.216.0/21 maxlen: 21
37.252.3.0/24 maxlen: 24
37.252.13.0/24 maxlen: 24
37.252.14.0/23 maxlen: 23
45.136.48.0/22 maxlen: 22
62.197.48.0/23 maxlen: 23
153.56.140.0/22 maxlen: 22
153.56.160.0/19 maxlen: 19
176.97.79.0/24 maxlen: 24
185.238.168.0/23 maxlen: 23
185.238.170.0/23 maxlen: 23
188.116.20.0/24 maxlen: 24
188.116.21.0/24 maxlen: 24
188.116.23.0/24 maxlen: 24
188.116.24.0/24 maxlen: 24
188.116.25.0/24 maxlen: 24
188.116.26.0/24 maxlen: 24
188.116.27.0/24 maxlen: 24
195.54.174.0/23 maxlen: 23
213.142.146.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:90:c0:af:a6:68:59:5b:8a:42:d8:9a:16:bb:b3:ae:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a4dc22595fc1f588fbc4dde07c1c394998f33a7
Validity
Not Before: Apr 15 10:47:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=22a74795425adeebd93ebdbe9b7bf64bb1eb244d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:2c:bc:53:53:45:c5:dd:b1:d9:59:0b:34:a5:
1f:7a:c8:6c:3d:8e:20:86:1b:7c:31:83:e1:16:e1:
1e:c1:34:28:89:17:3a:d8:66:1c:d8:98:54:8b:88:
6c:44:ed:22:88:cd:20:ca:0d:e8:9b:3f:1e:2d:8e:
be:b5:1e:87:50:8f:a5:fe:30:a4:54:15:5a:92:8d:
0d:fe:80:f0:a8:e0:eb:ea:da:a7:0a:52:f8:5f:ed:
c1:76:db:93:88:8a:e8:90:23:4a:52:8c:43:bd:62:
7b:50:b0:fa:2b:24:7b:1d:33:d4:17:a9:91:66:5e:
00:7c:30:14:6d:a6:c8:85:85:f4:64:21:2c:c8:54:
ba:70:95:4d:52:a6:06:c4:a9:3f:1a:b2:43:2c:e9:
ca:b2:45:45:a9:f6:59:2e:87:cd:e2:b3:9a:c8:24:
b7:bd:0b:2b:5d:c2:a2:a4:b0:ec:0e:59:44:94:9e:
50:8f:cc:87:e2:96:42:63:5a:10:ba:e7:60:2c:4c:
1c:cb:48:b6:f9:68:4c:02:30:c6:43:e6:be:96:66:
a5:4e:2c:c5:28:cf:60:c7:ec:9a:85:4a:a0:e9:97:
b0:7a:56:df:69:ba:68:40:4a:40:ea:86:d8:00:6a:
67:f0:08:0b:aa:2b:47:ff:a0:1d:3e:8b:b9:00:56:
f5:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:A7:47:95:42:5A:DE:EB:D9:3E:BD:BE:9B:7B:F6:4B:B1:EB:24:4D
X509v3 Authority Key Identifier:
keyid:1A:4D:C2:25:95:FC:1F:58:8F:BC:4D:DE:07:C1:C3:94:99:8F:33:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/IqdHlUJa3uvZPr2-m3v2S7HrJE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.64.0/20
5.45.84.0-5.45.95.255
5.61.48.0-5.61.59.255
37.1.200.0/21
37.1.216.0/21
37.252.3.0/24
37.252.13.0-37.252.15.255
45.136.48.0/22
62.197.48.0/23
153.56.140.0/22
153.56.160.0/19
176.97.79.0/24
185.238.168.0/22
188.116.20.0/23
188.116.23.0-188.116.27.255
195.54.174.0/23
213.142.146.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:01:fa:f3:ed:1b:1f:9d:8c:de:f2:b0:0e:25:49:36:bf:28:
77:6c:bc:e5:ef:36:4f:ff:23:83:02:c6:f7:bd:a5:ac:b8:7c:
a8:bb:dc:46:07:7a:b2:cd:8e:8a:c9:db:52:5b:b3:b9:ef:7e:
00:ad:12:f1:1f:1e:a0:eb:01:46:ff:35:95:12:aa:36:12:63:
66:03:e4:56:58:d5:8b:15:33:14:6f:9f:00:45:f1:72:8c:f2:
3f:94:d1:37:b8:19:44:36:31:e8:4c:de:17:7f:92:ab:85:22:
9f:8e:5d:ce:1b:15:62:d0:d7:ab:b9:0b:ca:d2:18:ae:bd:52:
9b:66:cb:72:a2:a7:20:65:9b:c9:18:84:fd:8f:0c:d7:b1:11:
cc:b4:e2:e2:51:a3:a9:0c:f2:9a:81:e0:cc:3f:23:fb:17:76:
83:8f:c7:54:98:71:b1:3d:b0:02:28:a0:e9:01:90:02:73:7e:
fb:74:3b:1c:b6:f4:8e:b0:1b:55:60:d0:d5:95:bf:73:34:18:
bc:bd:1c:32:cf:bb:8a:f6:b2:00:ed:0c:08:a5:6f:87:1e:e9:
05:3f:29:a1:fc:ed:e9:b7:ff:ee:02:f0:7c:6e:50:c3:fc:c6:
c9:13:c5:fc:bb:a0:00:c4:b5:5b:b5:f0:8a:51:93:53:0d:dc:
ed:91:f6:88
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZ2QwK+maFlbikLYmha7s67MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNGRjMjI1OTVmYzFmNTg4ZmJjNGRkZTA3YzFjMzk0OTk4
ZjMzYTcwHhcNMjYwNDE1MTA0NzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmE3NDc5NTQyNWFkZWViZDkzZWJkYmU5YjdiZjY0YmIxZWIyNDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCy8U1NFxd2x2VkLNKUfeshsPY4g
hht8MYPhFuEewTQoiRc62GYc2JhUi4hsRO0iiM0gyg3omz8eLY6+tR6HUI+l/jCk
VBVako0N/oDwqODr6tqnClL4X+3BdtuTiIrokCNKUoxDvWJ7ULD6KyR7HTPUF6mR
Zl4AfDAUbabIhYX0ZCEsyFS6cJVNUqYGxKk/GrJDLOnKskVFqfZZLofN4rOayCS3
vQsrXcKipLDsDllElJ5Qj8yH4pZCY1oQuudgLEwcy0i2+WhMAjDGQ+a+lmalTizF
KM9gx+yahUqg6ZewelbfabpoQEpA6obYAGpn8AgLqitH/6AdPou5AFb1XwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFCKnR5VCWt7r2T69vpt79kux6yRNMB8GA1UdIwQY
MBaAFBpNwiWV/B9Yj7xN3gfBw5SZjzOnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2szQ0paWDhIMWlQdkUzZUI4SERsSm1QTTZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8wZjEyZjItOGEyYi00MzQ2LWI2YjYt
MmI3OGIxOWI1YTg3LzEvSXFkSGxVSmEzdXZaUHIyLW0zdjJTN0hySkUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8wZjEyZjItOGEyYi00MzQ2LWI2YjYtMmI3OGIxOWI1YTg3
LzEvR2szQ0paWDhIMWlQdkUzZUI4SERsSm1QTTZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAQF
LUAwDAMEAgUtVAMEBQUtQDAMAwQEBT0wAwQCBT04AwQDJQHIAwQDJQHYAwQAJfwD
MAwDBAAl/A0DBAQl/AADBAItiDADBAE+xTADBAKZOIwDBAWZOKADBACwYU8DBAK5
7qgDBAG8dBQwDAMEALx0FwMEArx0GAMEAcM2rgMEAdWOkjANBgkqhkiG9w0BAQsF
AAOCAQEATQH68+0bH52M3vKwDiVJNr8od2y85e82T/8jgwLG972lrLh8qLvcRgd6
ss2OisnbUluzue9+AK0S8R8eoOsBRv81lRKqNhJjZgPkVljVixUzFG+fAEXxcozy
P5TRN7gZRDYx6EzeF3+Sq4Uin45dzhsVYtDXq7kLytIYrr1Sm2bLcqKnIGWbyRiE
/Y8M17ERzLTi4lGjqQzymoHgzD8j+xd2g4/HVJhxsT2wAiig6QGQAnN++3Q7HLb0
jrAbVWDQ1ZW/czQYvL0cMs+7ivayAO0MCKVvhx7pBT8pofzt6bf/7gLwfG5Qw/zG
yRPF/LugAMS1W7XwilGTUw3c7ZH2iA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:52:15 2026 by rpki-client