Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/bo5hIpyBOwiJpAJmsoOIo6gtfqU.roa
File: bo5hIpyBOwiJpAJmsoOIo6gtfqU.roa (raw, json)
Hash identifier: cRJZSIQ0je0yw0EY/ZT+V7uBbTgHThv0gjaDfhXoboE=
Subject key identifier: 6E:8E:61:22:9C:81:3B:08:89:A4:02:66:B2:83:88:A3:A8:2D:7E:A5
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019C9B37702DA44CCDEB9E66DB3BB6C1AEA2
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/bo5hIpyBOwiJpAJmsoOIo6gtfqU.roa
Signing time: Thu 26 Feb 2026 18:30:27 +0000
ROA not before: Thu 26 Feb 2026 18:30:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202656
IP address blocks: 31.41.251.0/24 maxlen: 24
31.41.252.0/24 maxlen: 24
31.41.254.0/24 maxlen: 24
37.72.128.0/24 maxlen: 24
45.87.126.0/24 maxlen: 24
45.95.29.0/24 maxlen: 24
45.128.125.0/24 maxlen: 24
45.128.126.0/24 maxlen: 24
45.128.127.0/24 maxlen: 24
45.128.128.0/24 maxlen: 24
45.151.29.0/24 maxlen: 24
46.174.196.0/24 maxlen: 24
83.138.54.0/24 maxlen: 24
88.151.8.0/24 maxlen: 24
91.212.103.0/24 maxlen: 24
94.154.190.0/24 maxlen: 24
176.116.15.0/24 maxlen: 24
176.126.96.0/24 maxlen: 24
193.28.178.0/24 maxlen: 24
193.187.105.0/24 maxlen: 24
193.201.10.0/24 maxlen: 24
194.59.187.0/24 maxlen: 24
195.96.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9b:37:70:2d:a4:4c:cd:eb:9e:66:db:3b:b6:c1:ae:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Feb 26 18:30:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6e8e61229c813b0889a40266b28388a3a82d7ea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3a:90:ed:dc:14:c1:b4:32:00:c1:4b:73:96:
c7:f6:4f:c2:cd:78:6f:97:90:8d:aa:e2:44:09:78:
86:36:52:99:a5:8a:cf:2d:3e:ba:36:84:66:29:a3:
3b:49:42:8b:97:64:50:09:eb:ed:ac:d7:5b:a8:61:
a0:41:81:d5:c1:5c:5f:e6:e8:40:23:76:34:3e:30:
7d:31:c0:4c:95:32:51:65:00:18:ee:e7:bc:72:38:
fc:83:5a:2c:92:f6:2b:84:63:34:9a:64:c6:12:da:
05:aa:d7:39:49:4a:38:70:a9:ca:54:41:6e:d4:b3:
f3:c1:b1:97:e0:e2:7f:f0:41:78:d9:6e:0b:f4:3d:
1e:d9:65:62:be:2d:7e:a2:ad:a3:00:95:ba:8a:b2:
e6:31:8b:d9:37:76:36:12:ba:19:3c:64:dd:a2:8e:
f0:3f:ab:a5:55:6b:63:3c:fb:2c:5e:0f:4d:8b:68:
17:1e:55:06:f5:b1:15:28:7e:5b:18:fd:38:33:7a:
fa:78:3e:75:0a:20:06:90:1f:73:ea:c4:1d:0e:90:
b7:dd:5d:3b:a7:f6:db:84:3a:b5:56:a6:85:99:6b:
7a:2a:a5:41:eb:4c:a6:9f:34:52:4a:b0:07:9b:10:
a5:00:c6:1d:30:52:03:5f:56:af:7d:d7:56:98:6f:
29:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:8E:61:22:9C:81:3B:08:89:A4:02:66:B2:83:88:A3:A8:2D:7E:A5
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/bo5hIpyBOwiJpAJmsoOIo6gtfqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.251.0-31.41.252.255
31.41.254.0/24
37.72.128.0/24
45.87.126.0/24
45.95.29.0/24
45.128.125.0-45.128.128.255
45.151.29.0/24
46.174.196.0/24
83.138.54.0/24
88.151.8.0/24
91.212.103.0/24
94.154.190.0/24
176.116.15.0/24
176.126.96.0/24
193.28.178.0/24
193.187.105.0/24
193.201.10.0/24
194.59.187.0/24
195.96.159.0/24
Signature Algorithm: sha256WithRSAEncryption
14:28:2e:70:3e:73:8c:94:25:e0:c7:15:54:6f:26:cb:56:ee:
f1:03:6b:0c:db:10:97:c4:a3:2e:b9:40:d9:f5:64:05:d8:59:
d3:44:66:d2:36:5a:19:e9:2b:e1:e5:b0:3d:c1:a3:98:6b:50:
77:53:6a:09:c8:09:74:c5:e9:e8:65:7b:90:2d:63:94:82:c8:
48:1b:8c:38:ba:b6:a3:c0:fc:f1:9c:13:66:32:1c:89:2b:b3:
a1:f7:c9:b4:e0:a9:88:10:1f:76:68:3a:b7:5d:53:dc:2d:58:
e1:42:ee:1d:be:ec:38:e3:c8:34:d1:7c:be:ff:5e:21:8a:fb:
58:51:88:89:20:5c:dc:43:68:0a:e1:b8:c7:9f:fb:c1:1c:8d:
8c:71:43:94:be:c6:b4:9b:74:75:92:4e:13:7d:98:74:a3:79:
8f:13:cf:20:a6:e4:88:87:2f:13:81:6e:7f:2e:79:6b:c9:7b:
af:7a:ff:c1:96:66:ff:33:d4:89:21:24:0e:2d:bc:fe:1a:71:
d4:6f:40:37:bc:9a:54:14:89:00:95:eb:85:77:a1:e6:8b:6e:
99:85:9d:ef:f8:93:62:a8:9a:ed:76:1a:86:26:87:63:54:a5:
69:b4:88:b9:ce:d8:df:0e:d3:28:53:f4:53:31:68:cf:a4:07:
ea:93:f8:bc
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZybN3AtpEzN655m2zu2wa6iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwMjI2MTgzMDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZThlNjEyMjljODEzYjA4ODlhNDAyNjZiMjgzODhhM2E4MmQ3ZWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzqQ7dwUwbQyAMFLc5bH9k/CzXhv
l5CNquJECXiGNlKZpYrPLT66NoRmKaM7SUKLl2RQCevtrNdbqGGgQYHVwVxf5uhA
I3Y0PjB9McBMlTJRZQAY7ue8cjj8g1oskvYrhGM0mmTGEtoFqtc5SUo4cKnKVEFu
1LPzwbGX4OJ/8EF42W4L9D0e2WVivi1+oq2jAJW6irLmMYvZN3Y2EroZPGTdoo7w
P6ulVWtjPPssXg9Ni2gXHlUG9bEVKH5bGP04M3r6eD51CiAGkB9z6sQdDpC33V07
p/bbhDq1VqaFmWt6KqVB60ymnzRSSrAHmxClAMYdMFIDX1avfddWmG8pLwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFG6OYSKcgTsIiaQCZrKDiKOoLX6lMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvYm81aElweUJPd2lKcEFKbXNvT0lvNmd0ZnFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIwDAME
AB8p+wMEAB8p/AMEAB8p/gMEACVIgAMEAC1XfgMEAC1fHTAMAwQALYB9AwQALYCA
AwQALZcdAwQALq7EAwQAU4o2AwQAWJcIAwQAW9RnAwQAXpq+AwQAsHQPAwQAsH5g
AwQAwRyyAwQAwbtpAwQAwckKAwQAwju7AwQAw2CfMA0GCSqGSIb3DQEBCwUAA4IB
AQAUKC5wPnOMlCXgxxVUbybLVu7xA2sM2xCXxKMuuUDZ9WQF2FnTRGbSNloZ6Svh
5bA9waOYa1B3U2oJyAl0xenoZXuQLWOUgshIG4w4urajwPzxnBNmMhyJK7Oh98m0
4KmIEB92aDq3XVPcLVjhQu4dvuw448g00Xy+/14hivtYUYiJIFzcQ2gK4bjHn/vB
HI2McUOUvsa0m3R1kk4TfZh0o3mPE88gpuSIhy8TgW5/LnlryXuvev/Blmb/M9SJ
ISQOLbz+GnHUb0A3vJpUFIkAleuFd6Hmi26ZhZ3v+JNiqJrtdhqGJodjVKVptIi5
ztjfDtMoU/RTMWjPpAfqk/i8
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:18:38 2026 by rpki-client