Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/USckjRPQ_sgN8RwnHK3U3VXM6gM.roa
File: USckjRPQ_sgN8RwnHK3U3VXM6gM.roa (raw, json)
Hash identifier: onchtlkk/ceaTRNFJVm1mVaJjKm5MQyUt2/lXHM/Vb0=
Subject key identifier: 51:27:24:8D:13:D0:FE:C8:0D:F1:1C:27:1C:AD:D4:DD:55:CC:EA:03
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 019D86811CCFBF77B6D64FDA8CC887A5F1B4
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/USckjRPQ_sgN8RwnHK3U3VXM6gM.roa
Signing time: Mon 13 Apr 2026 11:01:41 +0000
ROA not before: Mon 13 Apr 2026 11:01:41 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 30058
IP address blocks: 72.63.88.0/22 maxlen: 22
72.63.248.0/22 maxlen: 22
189.81.6.0/23 maxlen: 23
189.81.70.0/23 maxlen: 23
189.81.108.0/23 maxlen: 23
189.81.142.0/23 maxlen: 23
189.81.206.0/23 maxlen: 23
189.81.234.0/23 maxlen: 23
189.104.6.0/23 maxlen: 23
189.104.36.0/23 maxlen: 23
189.104.68.0/23 maxlen: 23
189.104.104.0/23 maxlen: 23
189.104.134.0/23 maxlen: 23
189.104.158.0/23 maxlen: 23
189.104.174.0/23 maxlen: 23
189.104.204.0/23 maxlen: 23
205.188.100.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:86:81:1c:cf:bf:77:b6:d6:4f:da:8c:c8:87:a5:f1:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: Apr 13 11:01:41 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5127248d13d0fec80df11c271cadd4dd55ccea03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:62:8f:e3:12:83:18:d8:aa:05:98:81:10:c2:
ab:a8:b0:d2:de:d2:d9:e9:4f:70:9c:9d:83:04:5d:
cd:36:81:31:cc:b5:06:ec:82:92:d7:73:ad:72:dc:
56:f6:5d:76:59:23:3d:fb:97:87:22:68:df:5c:f0:
cb:5d:b2:33:00:fc:25:99:96:53:63:5f:e8:e1:36:
46:63:53:b8:9a:c6:2a:3a:a3:b9:b8:7e:ec:54:92:
9c:49:4d:e4:02:a8:8b:a8:ae:50:72:48:90:60:2a:
d5:94:10:4d:46:23:c4:17:7d:d5:e4:a9:ae:cc:5f:
5c:10:58:9b:b0:f2:cd:1d:16:fe:ed:36:40:06:68:
ab:43:39:cf:50:70:16:c0:5c:3b:42:02:07:99:20:
46:6f:cc:96:2b:45:ec:19:28:7d:bd:16:75:68:dc:
9d:a8:cd:08:13:ac:37:34:3d:ff:d5:6b:be:1e:d9:
5e:a1:6c:8a:c4:5a:84:b6:14:f0:05:93:fd:36:1e:
9a:76:ee:bc:47:4c:1b:9d:c4:26:42:72:d3:65:79:
c4:c5:85:47:d6:6d:ea:3d:0e:75:a6:4e:91:d1:c3:
37:06:57:b7:56:63:a5:e0:a5:6d:eb:67:b2:52:a9:
1d:6b:95:61:41:9f:b5:8f:84:16:15:37:20:6d:47:
d4:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:27:24:8D:13:D0:FE:C8:0D:F1:1C:27:1C:AD:D4:DD:55:CC:EA:03
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/USckjRPQ_sgN8RwnHK3U3VXM6gM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
72.63.88.0/22
72.63.248.0/22
189.81.6.0/23
189.81.70.0/23
189.81.108.0/23
189.81.142.0/23
189.81.206.0/23
189.81.234.0/23
189.104.6.0/23
189.104.36.0/23
189.104.68.0/23
189.104.104.0/23
189.104.134.0/23
189.104.158.0/23
189.104.174.0/23
189.104.204.0/23
205.188.100.0/22
Signature Algorithm: sha256WithRSAEncryption
49:ef:e6:a1:09:c0:91:1e:7c:69:f6:00:53:ce:4c:27:b4:e2:
70:26:e0:11:55:14:63:dc:86:e4:4f:ac:13:f0:1c:b8:17:95:
78:ce:5e:8c:d0:ee:8e:33:8f:2f:99:00:e4:55:d9:3b:5a:c6:
98:6c:2a:1f:44:01:32:c3:fb:9a:2d:6b:8f:a5:91:79:b8:90:
52:4e:25:77:77:9d:61:86:4f:01:44:26:a7:19:b6:44:5d:de:
e7:84:8f:81:b7:34:18:4f:d9:e4:5f:56:ba:b6:39:c1:c3:a7:
14:6a:5d:33:e7:07:a4:f9:e3:cd:3a:19:48:d1:92:3c:90:70:
e1:42:d4:3c:6f:63:d3:e4:a4:88:8a:c9:f6:2d:8f:e0:ef:65:
8f:4d:28:f5:74:01:66:e1:57:eb:85:d6:ed:7d:50:00:50:d3:
71:13:68:b1:28:99:02:62:fc:68:ff:f8:d4:63:5b:ca:98:4b:
76:f9:f9:32:01:c3:f2:63:a5:f2:c7:07:77:6d:ff:6f:e4:1e:
70:f7:06:d8:2b:cf:6f:be:eb:22:a2:80:cc:8f:92:63:52:c0:
8c:e4:ad:11:df:70:78:a5:3e:a7:41:2c:c4:e7:2d:b5:80:d9:
f6:bd:e4:52:69:58:de:7f:de:68:72:21:ca:c9:2e:47:06:aa:
b9:ef:eb:47
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZ2GgRzPv3e21k/ajMiHpfG0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjYwNDEzMTEwMTQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTI3MjQ4ZDEzZDBmZWM4MGRmMTFjMjcxY2FkZDRkZDU1Y2NlYTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmKP4xKDGNiqBZiBEMKrqLDS3tLZ
6U9wnJ2DBF3NNoExzLUG7IKS13OtctxW9l12WSM9+5eHImjfXPDLXbIzAPwlmZZT
Y1/o4TZGY1O4msYqOqO5uH7sVJKcSU3kAqiLqK5QckiQYCrVlBBNRiPEF33V5Kmu
zF9cEFibsPLNHRb+7TZABmirQznPUHAWwFw7QgIHmSBGb8yWK0XsGSh9vRZ1aNyd
qM0IE6w3ND3/1Wu+HtleoWyKxFqEthTwBZP9Nh6adu68R0wbncQmQnLTZXnExYVH
1m3qPQ51pk6R0cM3Ble3VmOl4KVt62eyUqkda5VhQZ+1j4QWFTcgbUfUawIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFFEnJI0T0P7IDfEcJxyt1N1VzOoDMB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvVVNja2pSUFFfc2dOOFJ3bkhLM1UzVlhNNmdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQCSD9YAwQC
SD/4AwQBvVEGAwQBvVFGAwQBvVFsAwQBvVGOAwQBvVHOAwQBvVHqAwQBvWgGAwQB
vWgkAwQBvWhEAwQBvWhoAwQBvWiGAwQBvWieAwQBvWiuAwQBvWjMAwQCzbxkMA0G
CSqGSIb3DQEBCwUAA4IBAQBJ7+ahCcCRHnxp9gBTzkwntOJwJuARVRRj3IbkT6wT
8By4F5V4zl6M0O6OM48vmQDkVdk7WsaYbCofRAEyw/uaLWuPpZF5uJBSTiV3d51h
hk8BRCanGbZEXd7nhI+BtzQYT9nkX1a6tjnBw6cUal0z5wek+ePNOhlI0ZI8kHDh
QtQ8b2PT5KSIisn2LY/g72WPTSj1dAFm4VfrhdbtfVAAUNNxE2ixKJkCYvxo//jU
Y1vKmEt2+fkyAcPyY6Xyxwd3bf9v5B5w9wbYK89vvusiooDMj5JjUsCM5K0R33B4
pT6nQSzE5y21gNn2veRSaVjef95ociHKyS5HBqq57+tH
-----END CERTIFICATE-----
Generated at Fri Apr 17 04:00:13 2026 by rpki-client