Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/VJhfwBMpKYGf6ops4QG8W2D9K5Y.roa
File: VJhfwBMpKYGf6ops4QG8W2D9K5Y.roa (raw, json)
Hash identifier: BYsR2fxa81FQHh1Dxyok1UJdkjHu0vH5dq3diC+m0iI=
Subject key identifier: 54:98:5F:C0:13:29:29:81:9F:EA:8A:6C:E1:01:BC:5B:60:FD:2B:96
Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Certificate serial: 019C9E09C7A0652CCC4C432F2B8DFB06CDDF
Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/VJhfwBMpKYGf6ops4QG8W2D9K5Y.roa
Signing time: Fri 27 Feb 2026 07:39:26 +0000
ROA not before: Fri 27 Feb 2026 07:39:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58065
IP address blocks: 5.157.6.0/24 maxlen: 24
5.157.11.0/24 maxlen: 24
5.157.19.0/24 maxlen: 24
5.157.21.0/24 maxlen: 24
5.157.23.0/24 maxlen: 24
5.157.24.0/24 maxlen: 24
5.157.26.0/24 maxlen: 24
5.157.29.0/24 maxlen: 24
5.157.32.0/24 maxlen: 24
5.157.33.0/24 maxlen: 24
5.157.34.0/24 maxlen: 24
5.157.37.0/24 maxlen: 24
5.157.43.0/24 maxlen: 24
5.157.51.0/24 maxlen: 24
5.157.53.0/24 maxlen: 24
5.157.55.0/24 maxlen: 24
5.157.57.0/24 maxlen: 24
23.92.115.0/24 maxlen: 24
23.92.116.0/24 maxlen: 24
23.92.126.0/24 maxlen: 24
37.72.186.0/24 maxlen: 24
104.160.3.0/24 maxlen: 24
104.160.11.0/24 maxlen: 24
104.160.16.0/24 maxlen: 24
104.160.17.0/24 maxlen: 24
107.150.64.0/24 maxlen: 24
107.150.65.0/24 maxlen: 24
107.150.67.0/24 maxlen: 24
107.150.69.0/24 maxlen: 24
107.150.70.0/24 maxlen: 24
107.150.71.0/24 maxlen: 24
107.150.88.0/24 maxlen: 24
107.150.89.0/24 maxlen: 24
107.150.90.0/24 maxlen: 24
107.150.91.0/24 maxlen: 24
107.150.93.0/24 maxlen: 24
130.185.153.0/24 maxlen: 24
151.237.188.0/24 maxlen: 24
162.212.168.0/24 maxlen: 24
162.212.169.0/24 maxlen: 24
162.212.170.0/24 maxlen: 24
162.212.171.0/24 maxlen: 24
162.212.172.0/24 maxlen: 24
162.212.173.0/24 maxlen: 24
162.212.174.0/24 maxlen: 24
162.212.175.0/24 maxlen: 24
2a02:5740:4::/48 maxlen: 48
2a02:5740:9::/48 maxlen: 48
2a02:5740:14::/48 maxlen: 48
2a02:5740:24::/48 maxlen: 48
2a02:5740:26::/48 maxlen: 48
2a02:5740:153::/48 maxlen: 48
2a02:5740:200::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9e:09:c7:a0:65:2c:cc:4c:43:2f:2b:8d:fb:06:cd:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Validity
Not Before: Feb 27 07:39:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=54985fc0132929819fea8a6ce101bc5b60fd2b96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0e:1c:d1:eb:f1:bc:f7:91:a8:c3:41:35:50:
fb:39:d4:94:ae:60:78:cd:1d:0f:bf:cb:30:5a:6e:
0c:21:89:e8:c8:51:42:f7:d8:56:fc:33:f2:17:4b:
07:6a:02:51:49:6a:72:d7:79:bb:6b:f2:4e:f7:02:
6b:39:16:a7:42:be:c4:7d:4b:8a:c0:50:d1:7b:03:
f3:64:a8:c1:af:54:f2:e1:88:ad:6c:42:93:43:c8:
36:35:a4:0d:1b:9a:d3:57:70:e8:d4:31:5f:0f:67:
17:bd:41:79:50:5d:de:f6:96:29:d1:07:9b:36:90:
03:18:a2:23:a6:c4:11:39:48:36:44:78:e6:68:7e:
69:b0:02:aa:50:0a:23:c1:e4:44:3a:19:83:16:03:
5f:52:fc:cb:eb:8b:b4:e4:bb:8b:26:a0:07:34:5b:
bf:d8:5e:76:4a:1d:61:96:62:75:40:1c:15:cb:0a:
7c:0e:b7:8d:e6:f5:c0:4b:bf:c4:23:43:6f:15:8b:
cf:e3:c9:03:13:b8:b4:29:2b:58:bb:ae:79:e1:a6:
11:1c:b9:7b:2f:a3:f7:b8:da:7a:9f:eb:31:75:38:
6f:42:15:6c:9c:46:59:9f:40:30:54:71:a8:d2:b0:
03:7b:27:96:e5:fe:00:59:0f:1f:39:5b:22:9e:30:
21:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:98:5F:C0:13:29:29:81:9F:EA:8A:6C:E1:01:BC:5B:60:FD:2B:96
X509v3 Authority Key Identifier:
keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/VJhfwBMpKYGf6ops4QG8W2D9K5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.6.0/24
5.157.11.0/24
5.157.19.0/24
5.157.21.0/24
5.157.23.0-5.157.24.255
5.157.26.0/24
5.157.29.0/24
5.157.32.0-5.157.34.255
5.157.37.0/24
5.157.43.0/24
5.157.51.0/24
5.157.53.0/24
5.157.55.0/24
5.157.57.0/24
23.92.115.0-23.92.116.255
23.92.126.0/24
37.72.186.0/24
104.160.3.0/24
104.160.11.0/24
104.160.16.0/23
107.150.64.0/23
107.150.67.0/24
107.150.69.0-107.150.71.255
107.150.88.0/22
107.150.93.0/24
130.185.153.0/24
151.237.188.0/24
162.212.168.0/21
IPv6:
2a02:5740:4::/48
2a02:5740:9::/48
2a02:5740:14::/48
2a02:5740:24::/48
2a02:5740:26::/48
2a02:5740:153::/48
2a02:5740:200::/48
Signature Algorithm: sha256WithRSAEncryption
82:b0:58:12:c1:91:a3:1e:10:e8:81:38:98:2e:90:ae:8a:ff:
93:3e:e6:cc:14:7f:2b:61:45:61:a0:cb:20:d4:d1:e7:35:60:
2c:39:92:90:9a:f4:05:d3:26:35:b0:3a:eb:87:45:f5:5b:54:
b6:c8:5c:d8:fd:a6:44:7b:7f:2e:11:8d:ef:e3:6d:15:2f:79:
b2:d4:89:63:8c:59:6f:22:64:30:03:be:b8:85:aa:19:9e:44:
db:2b:95:0b:cd:0d:f0:43:86:26:31:54:fe:30:9f:ac:af:8d:
a9:a7:d6:5f:12:ba:3a:f1:af:86:69:02:fa:a7:2d:13:28:bb:
ff:3f:ca:cd:3b:b8:c7:4a:4c:8b:5b:81:78:a4:44:95:1d:9c:
b6:17:5f:27:f8:57:f8:c8:08:a1:aa:3b:b8:53:30:fc:98:9e:
61:a9:bf:a5:6f:5f:34:cd:3b:87:38:9b:55:18:d2:a1:33:a5:
bc:b4:92:cc:05:02:85:7e:92:df:b6:60:7c:b5:7b:bd:71:8d:
db:db:4f:eb:53:42:e8:21:1c:29:34:b0:5d:c2:3c:8d:10:46:
7a:0d:7d:8f:1c:ab:60:08:40:af:25:84:95:09:d9:36:ae:1a:
7a:04:ab:ae:34:a1:93:7d:48:5c:eb:23:f9:79:ac:4a:20:f0:
70:f0:b3:97
-----BEGIN CERTIFICATE-----
MIIGDjCCBPagAwIBAgISAZyeCcegZSzMTEMvK437Bs3fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy
MDdmZDIwHhcNMjYwMjI3MDczOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDk4NWZjMDEzMjkyOTgxOWZlYThhNmNlMTAxYmM1YjYwZmQyYjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAug4c0evxvPeRqMNBNVD7OdSUrmB4
zR0Pv8swWm4MIYnoyFFC99hW/DPyF0sHagJRSWpy13m7a/JO9wJrORanQr7EfUuK
wFDRewPzZKjBr1Ty4YitbEKTQ8g2NaQNG5rTV3Do1DFfD2cXvUF5UF3e9pYp0Qeb
NpADGKIjpsQROUg2RHjmaH5psAKqUAojweREOhmDFgNfUvzL64u05LuLJqAHNFu/
2F52Sh1hlmJ1QBwVywp8DreN5vXAS7/EI0NvFYvP48kDE7i0KStYu6554aYRHLl7
L6P3uNp6n+sxdThvQhVsnEZZn0AwVHGo0rADeyeW5f4AWQ8fOVsinjAhOQIDAQAB
o4IDGjCCAxYwHQYDVR0OBBYEFFSYX8ATKSmBn+qKbOEBvFtg/SuWMB8GA1UdIwQY
MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt
MTVmMTNlM2Y3ZDg1LzEvVkpoZndCTXBLWUdmNm9wczRRRzhXMkQ5SzVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1
LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLgYIKwYBBQUHAQcBAf8EggEdMIIBGTCBzwQCAAEwgcgD
BAAFnQYDBAAFnQsDBAAFnRMDBAAFnRUwDAMEAAWdFwMEAAWdGAMEAAWdGgMEAAWd
HTAMAwQFBZ0gAwQABZ0iAwQABZ0lAwQABZ0rAwQABZ0zAwQABZ01AwQABZ03AwQA
BZ05MAwDBAAXXHMDBAAXXHQDBAAXXH4DBAAlSLoDBABooAMDBABooAsDBAFooBAD
BAFrlkADBABrlkMwDAMEAGuWRQMEA2uWQAMEAmuWWAMEAGuWXQMEAIK5mQMEAJft
vAMEA6LUqDBFBAIAAjA/AwcAKgJXQAAEAwcAKgJXQAAJAwcAKgJXQAAUAwcAKgJX
QAAkAwcAKgJXQAAmAwcAKgJXQAFTAwcAKgJXQAIAMA0GCSqGSIb3DQEBCwUAA4IB
AQCCsFgSwZGjHhDogTiYLpCuiv+TPubMFH8rYUVhoMsg1NHnNWAsOZKQmvQF0yY1
sDrrh0X1W1S2yFzY/aZEe38uEY3v420VL3my1IljjFlvImQwA764haoZnkTbK5UL
zQ3wQ4YmMVT+MJ+sr42pp9ZfEro68a+GaQL6py0TKLv/P8rNO7jHSkyLW4F4pESV
HZy2F18n+Ff4yAihqju4UzD8mJ5hqb+lb180zTuHOJtVGNKhM6W8tJLMBQKFfpLf
tmB8tXu9cY3b20/rU0LoIRwpNLBdwjyNEEZ6DX2PHKtgCECvJYSVCdk2rhp6BKuu
NKGTfUhc6yP5eaxKIPBw8LOX
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:09:17 2026 by rpki-client