Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/344d24-2e11-466d-8ade-38e846148c78/1/Sy_QSnV4oKxcnxQ4UaY7HAFaAQY.roa
File: Sy_QSnV4oKxcnxQ4UaY7HAFaAQY.roa (raw, json)
Hash identifier: mPfUVg1yW0xKUezEUlUR8Yt63tdbh4K/MBcEri0pjgQ=
Subject key identifier: 4B:2F:D0:4A:75:78:A0:AC:5C:9F:14:38:51:A6:3B:1C:01:5A:01:06
Certificate issuer: /CN=1aa0a328c6fe0f1bca5e6599042dff59e513b25d
Certificate serial: 019B7D5C36AE0D86CEACFFC0C457E4FB151E
Authority key identifier: 1A:A0:A3:28:C6:FE:0F:1B:CA:5E:65:99:04:2D:FF:59:E5:13:B2:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GqCjKMb-DxvKXmWZBC3_WeUTsl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/344d24-2e11-466d-8ade-38e846148c78/1/Sy_QSnV4oKxcnxQ4UaY7HAFaAQY.roa
Signing time: Fri 02 Jan 2026 06:19:13 +0000
ROA not before: Fri 02 Jan 2026 06:19:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210771
IP address blocks: 185.208.144.0/24 maxlen: 24
185.208.145.0/24 maxlen: 24
185.208.146.0/24 maxlen: 24
185.208.147.0/24 maxlen: 24
185.252.5.0/24 maxlen: 24
185.252.6.0/24 maxlen: 24
185.252.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/344d24-2e11-466d-8ade-38e846148c78/1/GqCjKMb-DxvKXmWZBC3_WeUTsl0.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/344d24-2e11-466d-8ade-38e846148c78/1/GqCjKMb-DxvKXmWZBC3_WeUTsl0.mft
rsync://rpki.ripe.net/repository/DEFAULT/GqCjKMb-DxvKXmWZBC3_WeUTsl0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7d:5c:36:ae:0d:86:ce:ac:ff:c0:c4:57:e4:fb:15:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aa0a328c6fe0f1bca5e6599042dff59e513b25d
Validity
Not Before: Jan 2 06:19:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4b2fd04a7578a0ac5c9f143851a63b1c015a0106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f6:70:60:ab:11:12:bb:b8:f7:a8:6b:9d:da:
77:0a:7b:a4:6f:49:2b:ec:36:e9:24:9e:09:3e:18:
55:a6:c2:ae:cb:f8:d2:1a:0c:f4:f9:e9:bb:20:dc:
b5:c0:d8:0e:68:98:8e:b9:5f:22:79:e3:89:90:9f:
57:52:c7:2b:1c:f7:72:9f:7e:18:21:20:23:bb:47:
55:c5:f1:3f:63:d2:db:ce:56:10:bc:70:66:57:4f:
74:64:02:68:b3:e8:18:28:da:f3:63:df:b5:48:a3:
43:fb:a7:d1:1d:15:2c:79:ef:53:2c:ce:92:a7:cb:
97:37:af:92:2f:0e:94:7b:4a:03:dc:d8:11:6b:36:
8c:2e:69:28:ba:86:2c:82:41:82:e9:63:a7:57:00:
72:02:63:a2:bf:be:5b:44:6e:2a:55:3f:f2:53:72:
94:36:6a:ac:8c:9d:00:4c:a4:45:0c:c7:7f:c9:08:
d8:31:05:27:01:b8:64:38:53:3f:07:01:d0:46:01:
05:63:75:20:55:03:89:3c:14:39:c5:ea:9e:18:3b:
7d:f4:9c:c7:f6:ac:f4:22:9e:66:ad:60:2e:59:6e:
9a:92:80:02:ef:10:6b:61:d5:4e:14:db:c0:23:aa:
20:b6:76:d8:a0:74:a8:4f:f7:70:ba:cb:4c:44:50:
e2:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:2F:D0:4A:75:78:A0:AC:5C:9F:14:38:51:A6:3B:1C:01:5A:01:06
X509v3 Authority Key Identifier:
keyid:1A:A0:A3:28:C6:FE:0F:1B:CA:5E:65:99:04:2D:FF:59:E5:13:B2:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GqCjKMb-DxvKXmWZBC3_WeUTsl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/344d24-2e11-466d-8ade-38e846148c78/1/Sy_QSnV4oKxcnxQ4UaY7HAFaAQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/344d24-2e11-466d-8ade-38e846148c78/1/GqCjKMb-DxvKXmWZBC3_WeUTsl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.144.0/22
185.252.5.0-185.252.7.255
Signature Algorithm: sha256WithRSAEncryption
82:07:eb:94:e9:96:03:1d:cc:c8:3f:50:35:92:5e:eb:25:fe:
8e:9a:2d:d3:1a:d3:0a:69:6c:07:e6:8a:a9:c6:e6:e4:f5:1b:
e4:e5:3d:eb:3d:47:5e:d8:6d:fb:17:f9:c6:3d:69:fb:5f:74:
3b:9e:89:b3:0f:74:90:dd:21:ba:87:36:43:6b:6a:89:50:5b:
88:ad:b4:6a:30:ed:95:9e:e1:45:e3:0b:5b:80:c8:a1:95:e8:
75:58:f7:00:10:9a:cd:2f:16:e9:99:fd:3f:6d:d7:56:82:ff:
a7:83:dc:4c:d7:23:fa:ca:f8:e1:1f:8b:44:a2:48:17:65:f6:
29:9b:cc:56:50:3b:d6:65:fc:19:b8:a2:33:a2:c8:a7:ac:5d:
e0:00:e4:9b:24:1e:60:39:2c:7d:44:16:e4:d3:b6:b9:8c:46:
20:de:08:d2:c9:d8:53:27:97:19:fa:dd:d7:2f:e6:ca:d3:61:
f5:ef:d7:1f:b0:93:32:17:75:99:5d:f6:30:78:98:cf:0b:1f:
9f:b1:1d:fb:b5:9e:83:0c:56:5c:de:27:fe:c6:a8:0a:a6:f1:
52:ca:eb:43:41:ac:69:88:7d:c6:95:d3:35:6a:19:d9:db:c5:
36:48:fb:7f:1f:48:11:62:a6:6c:ad:08:da:2e:0f:35:a5:7c:
30:d2:fe:dc
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZt9XDauDYbOrP/AxFfk+xUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYTBhMzI4YzZmZTBmMWJjYTVlNjU5OTA0MmRmZjU5ZTUx
M2IyNWQwHhcNMjYwMTAyMDYxOTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjJmZDA0YTc1NzhhMGFjNWM5ZjE0Mzg1MWE2M2IxYzAxNWEwMTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvZwYKsREru496hrndp3Cnukb0kr
7DbpJJ4JPhhVpsKuy/jSGgz0+em7INy1wNgOaJiOuV8ieeOJkJ9XUscrHPdyn34Y
ISAju0dVxfE/Y9LbzlYQvHBmV090ZAJos+gYKNrzY9+1SKND+6fRHRUsee9TLM6S
p8uXN6+SLw6Ue0oD3NgRazaMLmkouoYsgkGC6WOnVwByAmOiv75bRG4qVT/yU3KU
NmqsjJ0ATKRFDMd/yQjYMQUnAbhkOFM/BwHQRgEFY3UgVQOJPBQ5xeqeGDt99JzH
9qz0Ip5mrWAuWW6akoAC7xBrYdVOFNvAI6ogtnbYoHSoT/dwustMRFDi/wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEsv0Ep1eKCsXJ8UOFGmOxwBWgEGMB8GA1UdIwQY
MBaAFBqgoyjG/g8byl5lmQQt/1nlE7JdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3FDaktNYi1EeHZLWG1XWkJDM19XZVVUc2wwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zNDRkMjQtMmUxMS00NjZkLThhZGUt
MzhlODQ2MTQ4Yzc4LzEvU3lfUVNuVjRvS3hjbnhRNFVhWTdIQUZhQVFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zNDRkMjQtMmUxMS00NjZkLThhZGUtMzhlODQ2MTQ4Yzc4
LzEvR3FDaktNYi1EeHZLWG1XWkJDM19XZVVUc2wwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCudCQMAwD
BAC5/AUDBAO5/AAwDQYJKoZIhvcNAQELBQADggEBAIIH65TplgMdzMg/UDWSXusl
/o6aLdMa0wppbAfmiqnG5uT1G+TlPes9R17YbfsX+cY9aftfdDueibMPdJDdIbqH
NkNraolQW4ittGow7ZWe4UXjC1uAyKGV6HVY9wAQms0vFumZ/T9t11aC/6eD3EzX
I/rK+OEfi0SiSBdl9imbzFZQO9Zl/Bm4ojOiyKesXeAA5JskHmA5LH1EFuTTtrmM
RiDeCNLJ2FMnlxn63dcv5srTYfXv1x+wkzIXdZld9jB4mM8LH5+xHfu1noMMVlze
J/7GqAqm8VLK60NBrGmIfcaV0zVqGdnbxTZI+38fSBFipmytCNouDzWlfDDS/tw=
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:29:54 2026 by rpki-client