Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/_645545npeuONDIZ9fun9ntTd9E.roa
File: _645545npeuONDIZ9fun9ntTd9E.roa (raw, json)
Hash identifier: GNBYn3FZfjpuT4fovzIb2V6Ggv9ci6Pk0yI8O+piO10=
Subject key identifier: FF:AE:39:E7:8E:67:A5:EB:8E:34:32:19:F5:FB:A7:F6:7B:53:77:D1
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019C2F414799F0E436AC6093D5CDE93E7658
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/_645545npeuONDIZ9fun9ntTd9E.roa
Signing time: Thu 05 Feb 2026 19:22:13 +0000
ROA not before: Thu 05 Feb 2026 19:22:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58061
IP address blocks: 5.182.117.0/24 maxlen: 24
31.40.250.0/24 maxlen: 24
31.222.230.0/24 maxlen: 24
45.129.197.0/24 maxlen: 24
62.204.52.0/24 maxlen: 24
77.83.193.0/24 maxlen: 24
78.142.238.0/24 maxlen: 24
91.242.234.0/24 maxlen: 24
130.255.172.0/24 maxlen: 24
130.255.175.0/24 maxlen: 24
185.251.22.0/24 maxlen: 24
185.253.4.0/24 maxlen: 24
193.17.88.0/24 maxlen: 24
193.42.119.0/24 maxlen: 24
194.69.164.0/24 maxlen: 24
195.64.127.0/24 maxlen: 24
212.24.120.0/24 maxlen: 24
212.52.18.0/24 maxlen: 24
212.107.26.0/24 maxlen: 24
213.109.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:2f:41:47:99:f0:e4:36:ac:60:93:d5:cd:e9:3e:76:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Feb 5 19:22:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ffae39e78e67a5eb8e343219f5fba7f67b5377d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:64:c2:91:13:4a:ed:a4:e9:90:7f:e6:fc:7b:
38:7f:be:bd:99:5e:9a:3a:8e:40:e9:01:69:e5:97:
2f:76:0f:54:b1:32:2f:af:94:84:64:8c:0e:cc:6c:
e3:93:02:20:cf:c1:a0:1b:c9:ad:74:c4:99:55:5f:
23:3f:54:88:83:28:27:45:df:1e:06:69:db:a0:78:
62:dd:ee:f6:63:c9:95:8c:b2:d6:ce:db:0f:2c:7e:
fc:fe:c0:3d:47:1c:97:a0:92:8d:5f:2b:7e:9d:7e:
8c:a3:6d:70:55:4a:04:4a:40:7c:c2:96:b5:60:af:
8a:7a:14:02:1a:b3:f0:54:24:23:d3:f3:b8:15:5b:
ec:e5:cd:07:ee:9b:e5:0a:70:46:2d:ed:e1:ca:cd:
cf:81:bc:17:63:47:58:27:f6:90:de:90:c9:fa:a0:
a8:3e:03:bd:d8:6f:b2:c2:ca:42:87:1c:a0:9f:d4:
cb:6a:1e:a1:47:77:1e:4f:df:83:9b:0a:bb:f9:21:
ed:ec:f2:fb:97:75:b1:f7:7c:82:54:0b:a5:cc:2e:
8b:da:90:93:f6:7b:83:75:37:bf:ae:2d:56:09:82:
bd:9e:78:77:60:72:c1:d2:fd:da:11:f0:e8:00:32:
ef:09:5b:7f:fa:d0:f8:3f:1c:19:c9:e1:87:ed:9f:
c6:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:AE:39:E7:8E:67:A5:EB:8E:34:32:19:F5:FB:A7:F6:7B:53:77:D1
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/_645545npeuONDIZ9fun9ntTd9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.117.0/24
31.40.250.0/24
31.222.230.0/24
45.129.197.0/24
62.204.52.0/24
77.83.193.0/24
78.142.238.0/24
91.242.234.0/24
130.255.172.0/24
130.255.175.0/24
185.251.22.0/24
185.253.4.0/24
193.17.88.0/24
193.42.119.0/24
194.69.164.0/24
195.64.127.0/24
212.24.120.0/24
212.52.18.0/24
212.107.26.0/24
213.109.153.0/24
Signature Algorithm: sha256WithRSAEncryption
72:4c:d1:34:04:b3:ed:48:b2:e3:bc:f3:9a:cb:6a:ba:e0:7a:
86:2f:7a:29:69:97:9e:2e:89:fb:0a:86:aa:73:4a:36:70:82:
c0:cc:b9:dd:9c:16:aa:df:e5:4b:6e:1d:c7:79:9b:16:d1:dc:
7b:1a:62:f8:10:c9:17:fc:e9:7f:c9:a0:50:a8:f1:c0:4c:7b:
11:fa:53:9f:0d:fd:aa:4d:b1:15:d7:07:62:39:b9:b6:74:fa:
df:0c:a7:ab:26:64:65:2f:1e:70:d0:01:2b:dc:77:be:fe:21:
fb:26:ae:07:76:05:e5:07:2c:5b:f0:c7:e6:aa:cd:31:b7:3f:
6c:0a:7b:28:48:9e:47:06:a3:08:53:85:8a:10:ea:bc:c6:8f:
f6:20:49:3d:6b:f4:1b:f0:e1:c4:fd:07:94:0b:ec:06:ec:92:
c5:86:90:a3:48:f7:91:ca:d5:c9:4b:77:d9:16:a7:90:a4:df:
9e:77:54:35:0d:ca:d3:1a:23:14:ce:6c:e3:db:06:23:2f:91:
76:f9:45:cb:86:6c:84:23:d4:84:a2:4a:2b:3e:68:53:c0:e5:
65:30:22:95:52:bb:58:78:ba:1f:0a:f0:5b:20:1f:04:80:e3:
da:02:c6:28:1e:33:8c:e5:26:ad:b0:e9:b9:e1:e3:d5:f4:82:
18:95:3e:75
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZwvQUeZ8OQ2rGCT1c3pPnZYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwMjA1MTkyMjEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmFlMzllNzhlNjdhNWViOGUzNDMyMTlmNWZiYTdmNjdiNTM3N2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWTCkRNK7aTpkH/m/Hs4f769mV6a
Oo5A6QFp5Zcvdg9UsTIvr5SEZIwOzGzjkwIgz8GgG8mtdMSZVV8jP1SIgygnRd8e
BmnboHhi3e72Y8mVjLLWztsPLH78/sA9RxyXoJKNXyt+nX6Mo21wVUoESkB8wpa1
YK+KehQCGrPwVCQj0/O4FVvs5c0H7pvlCnBGLe3hys3PgbwXY0dYJ/aQ3pDJ+qCo
PgO92G+ywspChxygn9TLah6hR3ceT9+Dmwq7+SHt7PL7l3Wx93yCVAulzC6L2pCT
9nuDdTe/ri1WCYK9nnh3YHLB0v3aEfDoADLvCVt/+tD4PxwZyeGH7Z/GxwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFP+uOeeOZ6XrjjQyGfX7p/Z7U3fRMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvXzY0NTU0NW5wZXVPTkRJWjlmdW45bnRUZDlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQABbZ1
AwQAHyj6AwQAH97mAwQALYHFAwQAPsw0AwQATVPBAwQATo7uAwQAW/LqAwQAgv+s
AwQAgv+vAwQAufsWAwQAuf0EAwQAwRFYAwQAwSp3AwQAwkWkAwQAw0B/AwQA1Bh4
AwQA1DQSAwQA1GsaAwQA1W2ZMA0GCSqGSIb3DQEBCwUAA4IBAQByTNE0BLPtSLLj
vPOay2q64HqGL3opaZeeLon7Coaqc0o2cILAzLndnBaq3+VLbh3HeZsW0dx7GmL4
EMkX/Ol/yaBQqPHATHsR+lOfDf2qTbEV1wdiObm2dPrfDKerJmRlLx5w0AEr3He+
/iH7Jq4HdgXlByxb8Mfmqs0xtz9sCnsoSJ5HBqMIU4WKEOq8xo/2IEk9a/Qb8OHE
/QeUC+wG7JLFhpCjSPeRytXJS3fZFqeQpN+ed1Q1DcrTGiMUzmzj2wYjL5F2+UXL
hmyEI9SEokorPmhTwOVlMCKVUrtYeLofCvBbIB8EgOPaAsYoHjOM5SatsOm54ePV
9IIYlT51
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:56:13 2026 by rpki-client