Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8bc469-f7e3-40c4-afc8-e1d0fdd5bff5/1/T5JGF7B12Y-OhHm1OYqXkm7-lXg.roa
File: T5JGF7B12Y-OhHm1OYqXkm7-lXg.roa (raw, json)
Hash identifier: KwWOzAO8pCz7VGjCCS1zx6R3CR7E9zIHXknJYnIgWh0=
Subject key identifier: 4F:92:46:17:B0:75:D9:8F:8E:84:79:B5:39:8A:97:92:6E:FE:95:78
Certificate issuer: /CN=f47d03377cc108f4409126b9a0c201632421c64a
Certificate serial: 019B7D5B0B5CB65FF551CEA6EA1A1C4600EC
Authority key identifier: F4:7D:03:37:7C:C1:08:F4:40:91:26:B9:A0:C2:01:63:24:21:C6:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9H0DN3zBCPRAkSa5oMIBYyQhxko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8bc469-f7e3-40c4-afc8-e1d0fdd5bff5/1/T5JGF7B12Y-OhHm1OYqXkm7-lXg.roa
Signing time: Fri 02 Jan 2026 06:17:57 +0000
ROA not before: Fri 02 Jan 2026 06:17:57 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35107
IP address blocks: 87.247.136.0/24 maxlen: 24
87.247.137.0/24 maxlen: 24
87.247.138.0/24 maxlen: 24
87.247.139.0/24 maxlen: 24
89.124.12.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/8bc469-f7e3-40c4-afc8-e1d0fdd5bff5/1/9H0DN3zBCPRAkSa5oMIBYyQhxko.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/8bc469-f7e3-40c4-afc8-e1d0fdd5bff5/1/9H0DN3zBCPRAkSa5oMIBYyQhxko.mft
rsync://rpki.ripe.net/repository/DEFAULT/9H0DN3zBCPRAkSa5oMIBYyQhxko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7d:5b:0b:5c:b6:5f:f5:51:ce:a6:ea:1a:1c:46:00:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f47d03377cc108f4409126b9a0c201632421c64a
Validity
Not Before: Jan 2 06:17:57 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4f924617b075d98f8e8479b5398a97926efe9578
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6b:8e:2e:97:8a:68:b4:3e:bf:25:e0:1a:b3:
d8:22:88:70:a9:91:35:7c:71:de:d8:30:33:70:3c:
2f:85:47:a7:ae:7b:b6:77:f2:ac:28:03:de:db:f7:
c6:92:ca:57:a9:d7:67:b0:61:a6:b7:b2:c0:72:b7:
a6:1b:99:c5:78:f8:dd:43:e7:49:08:f5:be:9e:ad:
44:21:b5:1f:7b:1f:f2:47:e8:62:2a:f1:0d:3a:c0:
9f:b4:6d:35:c9:4f:17:c2:7c:97:16:17:5f:1a:c7:
68:f9:61:9f:97:43:80:00:f9:f9:ca:2d:ec:26:b3:
7d:fe:69:64:46:5f:bf:06:6b:b0:a0:12:5c:50:66:
a4:33:7a:24:cc:81:4f:31:53:35:3d:bf:3e:52:c7:
0f:ab:32:d5:00:2f:74:26:45:f4:c7:c4:fe:8e:9e:
05:bd:0d:28:ed:8b:a6:30:a2:03:83:84:25:07:64:
03:34:17:88:32:75:2e:e9:2d:66:d0:a9:ea:ce:64:
2e:60:16:e7:e7:09:ed:33:b4:5d:f3:19:c0:7e:18:
08:e6:aa:83:bb:4a:22:0e:6e:b0:d6:8d:97:36:e9:
78:db:76:53:c5:e2:a2:99:61:90:63:bc:6b:77:ed:
2f:c1:b7:ec:43:8a:c3:5c:87:03:5c:a4:a1:eb:db:
2a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:92:46:17:B0:75:D9:8F:8E:84:79:B5:39:8A:97:92:6E:FE:95:78
X509v3 Authority Key Identifier:
keyid:F4:7D:03:37:7C:C1:08:F4:40:91:26:B9:A0:C2:01:63:24:21:C6:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9H0DN3zBCPRAkSa5oMIBYyQhxko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8bc469-f7e3-40c4-afc8-e1d0fdd5bff5/1/T5JGF7B12Y-OhHm1OYqXkm7-lXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8bc469-f7e3-40c4-afc8-e1d0fdd5bff5/1/9H0DN3zBCPRAkSa5oMIBYyQhxko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.247.136.0/22
89.124.12.0/22
Signature Algorithm: sha256WithRSAEncryption
cb:9b:31:b2:c6:e9:3a:82:a7:e4:28:f0:29:92:98:86:27:09:
67:9b:09:ad:60:e3:9b:77:8e:12:23:2f:47:9a:e3:c3:9b:c9:
f2:31:32:42:0c:bf:d6:c3:ec:04:3c:d3:97:be:1a:a4:ea:44:
fb:a8:35:ef:5a:f9:a3:3c:34:c4:43:3b:78:7d:c0:ca:18:20:
c2:03:52:bc:36:29:28:77:f3:eb:c7:9b:e0:a2:20:e3:fc:09:
11:f5:6e:f9:26:e2:a4:6e:c7:b0:cd:c1:45:68:da:36:51:d6:
0b:96:47:f5:ff:fa:4e:5a:e0:db:0a:ab:b5:d0:9b:21:4f:a0:
49:54:87:8a:e1:c8:48:3c:34:a0:81:3b:55:15:85:4d:1d:d5:
60:dc:18:0b:7b:69:c9:3d:1d:33:56:1f:0a:dd:95:bf:28:f1:
3f:f0:ee:95:21:83:a2:0f:90:f0:54:22:7b:38:73:94:89:eb:
00:38:55:cd:83:07:da:dd:39:92:1b:9a:69:78:32:1f:f7:6b:
3b:38:48:bb:d0:f3:4c:19:0e:51:91:5e:68:8a:e9:58:bd:d7:
ea:24:61:07:ae:ea:59:59:b4:21:b0:26:31:c4:e6:27:43:e4:
7f:07:8e:c4:98:e5:a8:54:c0:1f:f0:80:98:b7:eb:7c:1d:18:
e3:c8:65:39
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZt9Wwtctl/1Uc6m6hocRgDsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0N2QwMzM3N2NjMTA4ZjQ0MDkxMjZiOWEwYzIwMTYzMjQy
MWM2NGEwHhcNMjYwMTAyMDYxNzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjkyNDYxN2IwNzVkOThmOGU4NDc5YjUzOThhOTc5MjZlZmU5NTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmuOLpeKaLQ+vyXgGrPYIohwqZE1
fHHe2DAzcDwvhUenrnu2d/KsKAPe2/fGkspXqddnsGGmt7LAcremG5nFePjdQ+dJ
CPW+nq1EIbUfex/yR+hiKvENOsCftG01yU8XwnyXFhdfGsdo+WGfl0OAAPn5yi3s
JrN9/mlkRl+/BmuwoBJcUGakM3okzIFPMVM1Pb8+UscPqzLVAC90JkX0x8T+jp4F
vQ0o7YumMKIDg4QlB2QDNBeIMnUu6S1m0KnqzmQuYBbn5wntM7Rd8xnAfhgI5qqD
u0oiDm6w1o2XNul423ZTxeKimWGQY7xrd+0vwbfsQ4rDXIcDXKSh69sqjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE+SRhewddmPjoR5tTmKl5Ju/pV4MB8GA1UdIwQY
MBaAFPR9Azd8wQj0QJEmuaDCAWMkIcZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUgwRE4zekJDUFJBa1NhNW9NSUJZeVFoeGtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84YmM0NjktZjdlMy00MGM0LWFmYzgt
ZTFkMGZkZDViZmY1LzEvVDVKR0Y3QjEyWS1PaEhtMU9ZcVhrbTctbFhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84YmM0NjktZjdlMy00MGM0LWFmYzgtZTFkMGZkZDViZmY1
LzEvOUgwRE4zekJDUFJBa1NhNW9NSUJZeVFoeGtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCV/eIAwQC
WXwMMA0GCSqGSIb3DQEBCwUAA4IBAQDLmzGyxuk6gqfkKPApkpiGJwlnmwmtYOOb
d44SIy9HmuPDm8nyMTJCDL/Ww+wEPNOXvhqk6kT7qDXvWvmjPDTEQzt4fcDKGCDC
A1K8Nikod/Prx5vgoiDj/AkR9W75JuKkbsewzcFFaNo2UdYLlkf1//pOWuDbCqu1
0JshT6BJVIeK4chIPDSggTtVFYVNHdVg3BgLe2nJPR0zVh8K3ZW/KPE/8O6VIYOi
D5DwVCJ7OHOUiesAOFXNgwfa3TmSG5ppeDIf92s7OEi70PNMGQ5RkV5oiulYvdfq
JGEHrupZWbQhsCYxxOYnQ+R/B47EmOWoVMAf8ICYt+t8HRjjyGU5
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:57:28 2026 by rpki-client