Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/va0TITzOYnUkc1W_Gbzx44QVoXk.roa
File: va0TITzOYnUkc1W_Gbzx44QVoXk.roa (raw, json)
Hash identifier: HFnvTIolfy4/bUpZooyap9PI0juEnH4Xt35ZPQTs9NE=
Subject key identifier: BD:AD:13:21:3C:CE:62:75:24:73:55:BF:19:BC:F1:E3:84:15:A1:79
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019C067536E09DC1F28DE74EF0D53C722998
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/va0TITzOYnUkc1W_Gbzx44QVoXk.roa
Signing time: Wed 28 Jan 2026 21:14:30 +0000
ROA not before: Wed 28 Jan 2026 21:14:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49505
IP address blocks: 5.172.179.0/24 maxlen: 24
31.41.253.0/24 maxlen: 24
45.10.248.0/22 maxlen: 22
45.87.255.0/24 maxlen: 24
45.93.12.0/24 maxlen: 24
45.93.14.0/24 maxlen: 24
45.93.15.0/24 maxlen: 24
45.94.228.0/22 maxlen: 22
45.95.28.0/24 maxlen: 24
45.95.148.0/22 maxlen: 22
45.128.129.0/24 maxlen: 24
45.129.4.0/22 maxlen: 22
45.142.254.0/24 maxlen: 24
88.151.11.0/24 maxlen: 24
91.190.158.0/24 maxlen: 24
93.190.123.0/24 maxlen: 24
94.154.188.0/24 maxlen: 24
94.154.189.0/24 maxlen: 24
94.154.191.0/24 maxlen: 24
176.116.17.0/24 maxlen: 24
176.126.98.0/24 maxlen: 24
176.126.102.0/24 maxlen: 24
185.222.214.0/24 maxlen: 24
193.187.106.0/24 maxlen: 24
194.50.73.0/24 maxlen: 24
194.104.232.0/24 maxlen: 24
212.60.7.0/24 maxlen: 24
217.8.117.0/24 maxlen: 24
2a12:a507::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:06:75:36:e0:9d:c1:f2:8d:e7:4e:f0:d5:3c:72:29:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jan 28 21:14:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bdad13213cce6275247355bf19bcf1e38415a179
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3e:4e:3e:3b:e6:b9:62:4d:78:45:de:6f:67:
4b:e6:b3:0b:69:86:4e:bb:4c:a2:da:81:36:da:7f:
6e:59:7c:d8:25:61:ab:9f:44:61:8a:fe:60:79:52:
6b:53:b8:91:05:7e:7b:47:e8:e3:81:44:90:2a:ed:
9a:09:05:f9:9d:a2:30:34:af:af:07:f3:1c:ec:fd:
89:43:27:2b:d2:e7:08:b8:ad:28:dc:a2:d5:c6:5e:
b0:39:8d:4a:1d:ad:af:7c:51:68:e9:f8:47:33:59:
28:5f:93:0e:49:3e:28:a1:3d:88:f7:3d:05:ba:c8:
b1:46:4c:5b:86:a3:68:b9:60:7b:50:49:8a:de:97:
52:0b:30:18:65:1b:0e:af:4f:6c:b7:31:75:cd:65:
b6:aa:0e:48:d6:5e:f8:8c:07:84:91:ae:0e:7e:ac:
d4:2c:74:37:e8:92:e5:8a:e0:df:f7:3d:d5:5e:43:
e8:41:89:33:7a:18:a8:35:d5:ff:e2:b1:d6:fd:5e:
16:3b:c9:db:a4:d7:f7:db:5a:b7:df:8b:e2:ea:1d:
f0:23:b7:2d:40:d7:b2:3f:1e:f7:90:0d:07:a4:36:
31:39:72:c5:72:92:02:da:98:e7:33:d4:f4:c5:68:
f5:e4:67:a5:2f:3b:54:4b:1c:26:f9:28:d3:d2:dd:
65:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:AD:13:21:3C:CE:62:75:24:73:55:BF:19:BC:F1:E3:84:15:A1:79
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/va0TITzOYnUkc1W_Gbzx44QVoXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.179.0/24
31.41.253.0/24
45.10.248.0/22
45.87.255.0/24
45.93.12.0/24
45.93.14.0/23
45.94.228.0/22
45.95.28.0/24
45.95.148.0/22
45.128.129.0/24
45.129.4.0/22
45.142.254.0/24
88.151.11.0/24
91.190.158.0/24
93.190.123.0/24
94.154.188.0/23
94.154.191.0/24
176.116.17.0/24
176.126.98.0/24
176.126.102.0/24
185.222.214.0/24
193.187.106.0/24
194.50.73.0/24
194.104.232.0/24
212.60.7.0/24
217.8.117.0/24
IPv6:
2a12:a507::/32
Signature Algorithm: sha256WithRSAEncryption
3c:0c:fe:ad:d2:c9:a7:8b:3b:1c:f7:83:48:3b:29:45:39:99:
3d:f7:49:29:b0:77:e7:29:f8:59:ae:c9:7e:43:cb:b6:0c:b4:
9e:92:33:37:e2:ff:a8:bf:58:f5:8b:3f:b5:a9:40:22:9d:4b:
fb:b9:f5:d2:76:18:95:c5:3e:a5:5c:95:0d:14:d3:9b:7d:8c:
63:9d:7e:0a:ea:da:3a:0b:37:18:81:2b:7c:d3:84:05:8c:88:
9c:4c:a2:3a:89:6e:71:aa:6e:0f:68:ae:09:a2:2f:02:cf:b8:
98:fb:53:29:7d:c9:76:38:6a:28:48:ae:35:c0:0a:cc:3b:21:
ef:df:da:5c:35:2a:5a:66:8a:af:99:21:ee:eb:77:c4:a3:ea:
e6:54:c7:88:cd:ec:4c:1b:75:fa:27:7b:f8:e8:f1:c7:ee:f4:
f6:1a:df:22:2e:48:a1:eb:c8:27:16:aa:8f:d3:99:b2:8c:0f:
9e:61:28:c9:50:f1:92:ed:d2:6a:1a:9b:c1:07:35:fd:d7:e4:
dc:7b:87:d0:3e:e8:f5:97:26:d5:a8:69:d9:4c:d5:48:31:39:
d2:31:02:b0:24:e7:72:89:f3:bb:b1:a9:fe:a6:52:2e:76:32:
63:56:e6:76:1c:52:8d:4e:d1:85:ec:99:49:d2:2d:fb:74:70:
4d:a0:ca:10
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgISAZwGdTbgncHyjedO8NU8cimYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwMTI4MjExNDMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGFkMTMyMTNjY2U2Mjc1MjQ3MzU1YmYxOWJjZjFlMzg0MTVhMTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtz5OPjvmuWJNeEXeb2dL5rMLaYZO
u0yi2oE22n9uWXzYJWGrn0Rhiv5geVJrU7iRBX57R+jjgUSQKu2aCQX5naIwNK+v
B/Mc7P2JQycr0ucIuK0o3KLVxl6wOY1KHa2vfFFo6fhHM1koX5MOST4ooT2I9z0F
usixRkxbhqNouWB7UEmK3pdSCzAYZRsOr09stzF1zWW2qg5I1l74jAeEka4OfqzU
LHQ36JLliuDf9z3VXkPoQYkzehioNdX/4rHW/V4WO8nbpNf321q334vi6h3wI7ct
QNeyPx73kA0HpDYxOXLFcpIC2pjnM9T0xWj15GelLztUSxwm+SjT0t1lKQIDAQAB
o4ICszCCAq8wHQYDVR0OBBYEFL2tEyE8zmJ1JHNVvxm88eOEFaF5MB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvdmEwVElUek9ZblVrYzFXX0dieng0NFFWb1hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHIBggrBgEFBQcBBwEB/wSBuDCBtTCBowQCAAEwgZwDBAAF
rLMDBAAfKf0DBAItCvgDBAAtV/8DBAAtXQwDBAEtXQ4DBAItXuQDBAAtXxwDBAIt
X5QDBAAtgIEDBAItgQQDBAAtjv4DBABYlwsDBABbvp4DBABdvnsDBAFemrwDBABe
mr8DBACwdBEDBACwfmIDBACwfmYDBAC53tYDBADBu2oDBADCMkkDBADCaOgDBADU
PAcDBADZCHUwDQQCAAIwBwMFACoSpQcwDQYJKoZIhvcNAQELBQADggEBADwM/q3S
yaeLOxz3g0g7KUU5mT33SSmwd+cp+FmuyX5Dy7YMtJ6SMzfi/6i/WPWLP7WpQCKd
S/u59dJ2GJXFPqVclQ0U05t9jGOdfgrq2joLNxiBK3zThAWMiJxMojqJbnGqbg9o
rgmiLwLPuJj7Uyl9yXY4aihIrjXACsw7Ie/f2lw1Klpmiq+ZIe7rd8Sj6uZUx4jN
7Ewbdfone/jo8cfu9PYa3yIuSKHryCcWqo/TmbKMD55hKMlQ8ZLt0moam8EHNf3X
5Nx7h9A+6PWXJtWoadlM1UgxOdIxArAk53KJ87uxqf6mUi52MmNW5nYcUo1O0YXs
mUnSLft0cE2gyhA=
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:20:47 2026 by rpki-client