Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/u5YnFPuceri8RSotTNFkUS8wZuc.roa
File: u5YnFPuceri8RSotTNFkUS8wZuc.roa (raw, json)
Hash identifier: kUzjCrkd8rRRn9+d88Nro7P09CurP0oq8r5PYi+J3LA=
Subject key identifier: BB:96:27:14:FB:9C:7A:B8:BC:45:2A:2D:4C:D1:64:51:2F:30:66:E7
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019D9B1692AB93448CF5B7DE574239F3276B
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/u5YnFPuceri8RSotTNFkUS8wZuc.roa
Signing time: Fri 17 Apr 2026 10:57:20 +0000
ROA not before: Fri 17 Apr 2026 10:57:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57013
IP address blocks: 45.155.206.0/24 maxlen: 24
77.83.204.0/24 maxlen: 24
77.83.205.0/24 maxlen: 24
186.246.52.0/24 maxlen: 24
194.26.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:16:92:ab:93:44:8c:f5:b7:de:57:42:39:f3:27:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 17 10:57:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bb962714fb9c7ab8bc452a2d4cd164512f3066e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:61:6a:4e:a8:7c:09:eb:ef:19:f6:87:c2:f2:
c8:6c:5b:18:16:9f:9c:7a:e9:2e:13:cf:28:05:04:
f9:77:fb:db:3a:a0:03:91:89:1c:84:f7:e8:64:a1:
de:54:e5:c4:d4:de:c2:57:7d:e2:97:f9:69:ea:1c:
fd:c6:6a:be:6e:81:b8:6a:5a:fe:35:7e:1c:b5:13:
ec:cb:29:c6:26:11:f5:29:5e:46:7a:38:b5:cb:b6:
f0:29:86:da:30:40:dc:af:02:88:1d:57:8c:98:ba:
ff:55:c3:15:56:16:4c:59:a6:c8:1d:21:41:65:d5:
e8:42:b1:9e:0d:ca:ab:54:61:fa:d0:f4:0f:2e:1f:
61:a1:67:a2:79:19:3b:c7:92:64:31:51:70:33:6e:
a7:8b:f5:90:aa:fe:b2:6f:b0:a2:15:b0:a5:c1:ee:
48:51:90:e0:1b:db:6c:9f:8c:9a:c1:a1:15:e9:20:
ff:24:5d:b0:5a:08:a9:73:a5:cb:0f:66:35:f2:47:
cb:28:74:71:49:4c:2e:f0:ec:0a:c0:94:e9:a5:24:
68:76:04:4f:53:63:30:bb:ef:02:90:b9:42:fa:94:
5f:45:f7:01:26:8f:53:ba:a3:f1:b1:40:ff:f1:3c:
0f:0e:3c:8c:3b:12:aa:ad:6f:f7:33:83:87:cd:52:
26:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:96:27:14:FB:9C:7A:B8:BC:45:2A:2D:4C:D1:64:51:2F:30:66:E7
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/u5YnFPuceri8RSotTNFkUS8wZuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.206.0/24
77.83.204.0/23
186.246.52.0/24
194.26.205.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:48:fa:b6:1a:ee:5a:50:aa:ff:e0:7d:0a:ef:a2:f2:a7:75:
b7:40:3b:73:b8:0e:5e:54:59:01:79:22:5a:31:b7:89:26:60:
97:78:85:bc:0d:55:d8:8e:62:78:52:80:31:69:29:f9:c4:d4:
e6:6b:a7:58:12:d6:19:bf:da:51:98:b6:c6:59:41:62:4f:5e:
cd:36:09:39:c7:ff:be:6a:0c:97:27:1d:99:d6:64:07:9d:cb:
83:a1:73:fa:bb:2d:08:2f:6e:98:49:ca:db:27:c5:3d:d5:9f:
a1:db:43:24:6a:d1:ce:f3:74:87:73:30:be:c9:e3:fa:49:f4:
cc:35:e4:5c:83:67:f7:1c:92:93:01:69:1f:b2:1a:7c:b3:74:
5e:8b:57:0c:16:11:38:b3:9c:93:66:30:cc:97:cd:51:25:15:
15:ca:f3:e7:0c:9a:d6:0a:1a:7b:8b:bf:1e:43:22:b8:61:84:
8c:01:e6:63:e1:a1:c5:a5:bf:7e:df:aa:03:68:57:de:99:3d:
43:c9:71:88:c2:86:28:e5:05:6a:4d:2a:1c:94:65:f7:05:4f:
84:81:ee:03:04:6e:70:34:9d:54:8b:29:a6:7d:25:be:22:14:
80:11:fd:34:a7:44:05:8e:af:1d:7f:e9:1c:22:95:1e:5f:5b:
c4:11:97:a1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ2bFpKrk0SM9bfeV0I58ydrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwNDE3MTA1NzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjk2MjcxNGZiOWM3YWI4YmM0NTJhMmQ0Y2QxNjQ1MTJmMzA2NmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA52FqTqh8CevvGfaHwvLIbFsYFp+c
eukuE88oBQT5d/vbOqADkYkchPfoZKHeVOXE1N7CV33il/lp6hz9xmq+boG4alr+
NX4ctRPsyynGJhH1KV5Geji1y7bwKYbaMEDcrwKIHVeMmLr/VcMVVhZMWabIHSFB
ZdXoQrGeDcqrVGH60PQPLh9hoWeieRk7x5JkMVFwM26ni/WQqv6yb7CiFbClwe5I
UZDgG9tsn4yawaEV6SD/JF2wWgipc6XLD2Y18kfLKHRxSUwu8OwKwJTppSRodgRP
U2Mwu+8CkLlC+pRfRfcBJo9TuqPxsUD/8TwPDjyMOxKqrW/3M4OHzVImaQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLuWJxT7nHq4vEUqLUzRZFEvMGbnMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvdTVZbkZQdWNlcmk4UlNvdFRORmtVUzh3WnVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZvOAwQB
TVPMAwQAuvY0AwQAwhrNMA0GCSqGSIb3DQEBCwUAA4IBAQCNSPq2Gu5aUKr/4H0K
76Lyp3W3QDtzuA5eVFkBeSJaMbeJJmCXeIW8DVXYjmJ4UoAxaSn5xNTma6dYEtYZ
v9pRmLbGWUFiT17NNgk5x/++agyXJx2Z1mQHncuDoXP6uy0IL26YScrbJ8U91Z+h
20MkatHO83SHczC+yeP6SfTMNeRcg2f3HJKTAWkfshp8s3Rei1cMFhE4s5yTZjDM
l81RJRUVyvPnDJrWChp7i78eQyK4YYSMAeZj4aHFpb9+36oDaFfemT1DyXGIwoYo
5QVqTSoclGX3BU+Ege4DBG5wNJ1UiymmfSW+IhSAEf00p0QFjq8df+kcIpUeX1vE
EZeh
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:27:01 2026 by rpki-client