Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/T_XFNeZT8y3cvlmC-FDGyTbQPEQ.roa
File: T_XFNeZT8y3cvlmC-FDGyTbQPEQ.roa (raw, json)
Hash identifier: yPf4MjNnJsPVmh5cf0exZFQpxpGLZw774YP/hVrhXHU=
Subject key identifier: 4F:F5:C5:35:E6:53:F3:2D:DC:BE:59:82:F8:50:C6:C9:36:D0:3C:44
Certificate issuer: /CN=b9df156ee18b6958d4306b6311b4a086763eff62
Certificate serial: 019D87B80F8CC64F853171283E9217CAED3D
Authority key identifier: B9:DF:15:6E:E1:8B:69:58:D4:30:6B:63:11:B4:A0:86:76:3E:FF:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ud8VbuGLaVjUMGtjEbSghnY-_2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/T_XFNeZT8y3cvlmC-FDGyTbQPEQ.roa
Signing time: Mon 13 Apr 2026 16:41:19 +0000
ROA not before: Mon 13 Apr 2026 16:41:19 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60798
IP address blocks: 37.156.244.0/24 maxlen: 24
86.105.14.0/24 maxlen: 24
89.45.228.0/24 maxlen: 24
91.245.234.0/24 maxlen: 24
185.116.60.0/24 maxlen: 24
193.164.143.0/24 maxlen: 24
195.64.116.0/24 maxlen: 24
195.189.244.0/24 maxlen: 24
2a0c:79c0:1::/48 maxlen: 48
2a0c:79c0:2::/48 maxlen: 48
2a0c:79c0:3::/48 maxlen: 48
2a0c:79c0:4::/48 maxlen: 48
2a0c:79c0:5::/48 maxlen: 48
2a0c:79c0:6::/48 maxlen: 48
2a0c:79c0:7::/48 maxlen: 48
2a0c:79c0:8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/ud8VbuGLaVjUMGtjEbSghnY-_2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/ud8VbuGLaVjUMGtjEbSghnY-_2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/ud8VbuGLaVjUMGtjEbSghnY-_2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:87:b8:0f:8c:c6:4f:85:31:71:28:3e:92:17:ca:ed:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9df156ee18b6958d4306b6311b4a086763eff62
Validity
Not Before: Apr 13 16:41:19 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4ff5c535e653f32ddcbe5982f850c6c936d03c44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4a:24:0b:ba:dc:aa:c4:fb:da:d2:98:b6:5f:
fa:5a:9d:0a:a5:56:bf:cf:5a:2d:4c:2c:02:c3:19:
43:cf:09:06:fe:25:68:c2:23:2d:24:c5:55:08:31:
7c:06:b1:4e:97:f0:bb:ec:b7:81:90:a1:a5:4f:1b:
97:57:15:8f:85:7f:94:64:a0:41:e3:0c:3c:27:24:
c5:5e:3e:16:63:be:cc:78:fe:3a:b1:65:56:75:64:
7d:a9:60:5f:ba:9a:bb:59:1c:1d:e0:78:c5:c1:b3:
f9:b4:39:2a:c3:25:3c:1f:14:35:34:b9:ff:db:5a:
96:03:32:8e:22:dd:8d:b1:7b:02:d9:e9:b3:06:15:
a8:54:45:d0:17:ea:88:6f:23:9b:b3:0e:6a:31:88:
6a:9e:c4:c2:20:78:c6:f4:01:d5:d7:84:e4:06:f6:
87:63:a0:c3:96:7d:96:f5:35:27:7a:7b:2f:95:64:
d6:eb:9c:fc:27:3e:3e:95:2d:a9:ce:66:8c:2c:19:
1e:b5:b5:33:32:0b:d1:eb:18:76:db:cf:18:b9:17:
e4:ac:08:b3:7a:f9:0f:7a:44:9d:25:f4:e0:31:d7:
fe:5a:9f:f1:a7:fa:c2:2b:b0:cf:cd:37:ba:a8:36:
23:e4:80:28:e1:1e:a6:c1:bd:17:64:1c:d2:29:82:
eb:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:F5:C5:35:E6:53:F3:2D:DC:BE:59:82:F8:50:C6:C9:36:D0:3C:44
X509v3 Authority Key Identifier:
keyid:B9:DF:15:6E:E1:8B:69:58:D4:30:6B:63:11:B4:A0:86:76:3E:FF:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ud8VbuGLaVjUMGtjEbSghnY-_2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/T_XFNeZT8y3cvlmC-FDGyTbQPEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/ud8VbuGLaVjUMGtjEbSghnY-_2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.244.0/24
86.105.14.0/24
89.45.228.0/24
91.245.234.0/24
185.116.60.0/24
193.164.143.0/24
195.64.116.0/24
195.189.244.0/24
IPv6:
2a0c:79c0:1::-2a0c:79c0:8:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
28:bf:92:11:b8:05:50:c6:0b:2f:2d:01:1f:eb:df:9d:48:10:
6b:d6:90:c7:48:b6:d6:95:54:1a:09:76:8c:bd:fd:91:3e:3d:
e1:37:bd:53:f4:dd:e2:e1:c9:24:d2:84:17:c9:ee:76:6a:62:
bc:60:93:8b:d1:24:b8:95:7a:57:67:2e:e0:e4:23:7a:98:a1:
45:fb:4d:97:42:af:90:70:a0:1f:42:db:92:3e:55:d5:5b:06:
5e:79:7b:d4:fb:a6:96:db:57:91:ce:5d:18:8d:60:2a:33:2d:
cd:d9:67:d5:a5:c5:4f:f3:9a:67:8b:1c:40:ef:53:f7:ae:32:
51:71:2e:04:b4:cc:f3:7c:c5:47:da:1d:33:a4:b4:1a:da:87:
e4:09:28:b9:bb:16:ed:d7:d7:97:4a:d4:72:ff:43:2a:b4:ab:
a7:7c:d4:ab:b4:9c:fd:2a:2d:29:fe:97:18:bb:02:1c:6d:07:
88:b8:03:31:9d:82:c3:57:8e:e1:9f:e9:17:eb:41:54:2f:7b:
ec:cd:2b:8b:b1:e9:9f:77:1f:5f:c6:13:60:22:e6:35:63:4c:
83:2a:fc:64:c5:a1:f8:1f:94:0c:fd:51:f9:82:88:05:b3:d7:
d3:7f:cd:7a:cd:89:76:a2:f0:61:53:3a:95:b3:01:06:1f:64:
d1:4e:ba:30
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZ2HuA+Mxk+FMXEoPpIXyu09MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZGYxNTZlZTE4YjY5NThkNDMwNmI2MzExYjRhMDg2NzYz
ZWZmNjIwHhcNMjYwNDEzMTY0MTE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmY1YzUzNWU2NTNmMzJkZGNiZTU5ODJmODUwYzZjOTM2ZDAzYzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EokC7rcqsT72tKYtl/6Wp0KpVa/
z1otTCwCwxlDzwkG/iVowiMtJMVVCDF8BrFOl/C77LeBkKGlTxuXVxWPhX+UZKBB
4ww8JyTFXj4WY77MeP46sWVWdWR9qWBfupq7WRwd4HjFwbP5tDkqwyU8HxQ1NLn/
21qWAzKOIt2NsXsC2emzBhWoVEXQF+qIbyObsw5qMYhqnsTCIHjG9AHV14TkBvaH
Y6DDln2W9TUnensvlWTW65z8Jz4+lS2pzmaMLBketbUzMgvR6xh2288YuRfkrAiz
evkPekSdJfTgMdf+Wp/xp/rCK7DPzTe6qDYj5IAo4R6mwb0XZBzSKYLrpwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFE/1xTXmU/Mt3L5ZgvhQxsk20DxEMB8GA1UdIwQY
MBaAFLnfFW7hi2lY1DBrYxG0oIZ2Pv9iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWQ4VmJ1R0xhVmpVTUd0akViU2doblktXzJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9kNjQ2MWYtMTdlMy00OTg2LWE1ZjYt
NzJhNGIzYTliYjQ0LzEvVF9YRk5lWlQ4eTNjdmxtQy1GREd5VGJRUEVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9kNjQ2MWYtMTdlMy00OTg2LWE1ZjYtNzJhNGIzYTliYjQ0
LzEvdWQ4VmJ1R0xhVmpVTUd0akViU2doblktXzJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA2BAIAATAwAwQAJZz0AwQA
VmkOAwQAWS3kAwQAW/XqAwQAuXQ8AwQAwaSPAwQAw0B0AwQAw730MBoEAgACMBQw
EgMHACoMecAAAQMHACoMecAACDANBgkqhkiG9w0BAQsFAAOCAQEAKL+SEbgFUMYL
Ly0BH+vfnUgQa9aQx0i21pVUGgl2jL39kT494Te9U/Td4uHJJNKEF8nudmpivGCT
i9EkuJV6V2cu4OQjepihRftNl0KvkHCgH0Lbkj5V1VsGXnl71PumlttXkc5dGI1g
KjMtzdln1aXFT/OaZ4scQO9T964yUXEuBLTM83zFR9odM6S0GtqH5AkoubsW7dfX
l0rUcv9DKrSrp3zUq7Sc/SotKf6XGLsCHG0HiLgDMZ2Cw1eO4Z/pF+tBVC977M0r
i7Hpn3cfX8YTYCLmNWNMgyr8ZMWh+B+UDP1R+YKIBbPX03/Nes2JdqLwYVM6lbMB
Bh9k0U66MA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:07:48 2026 by rpki-client