Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/sTcAiGDjiKHna6lur2pzE779bNc.roa
File: sTcAiGDjiKHna6lur2pzE779bNc.roa (raw, json)
Hash identifier: cLA9XssP3qm7fcTPgbm83hwGnuynxSU1F6mH7xNIu+Y=
Subject key identifier: B1:37:00:88:60:E3:88:A1:E7:6B:A9:6E:AF:6A:73:13:BE:FD:6C:D7
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 019C99B25452CEEE14F45912C1DCBBC0FB3C
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/sTcAiGDjiKHna6lur2pzE779bNc.roa
Signing time: Thu 26 Feb 2026 11:25:26 +0000
ROA not before: Thu 26 Feb 2026 11:25:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 10753
IP address blocks: 205.188.6.0/23 maxlen: 23
205.188.62.0/23 maxlen: 23
205.188.228.0/22 maxlen: 22
205.188.250.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:99:b2:54:52:ce:ee:14:f4:59:12:c1:dc:bb:c0:fb:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: Feb 26 11:25:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b137008860e388a1e76ba96eaf6a7313befd6cd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:a1:77:72:45:72:fa:35:b8:2d:62:33:7a:45:
51:44:7c:02:72:b0:af:f3:11:42:b6:e1:f5:a1:a6:
94:c4:73:c3:33:61:94:7f:58:2e:78:6c:54:1a:89:
d7:f6:b7:36:0d:fa:f4:25:fd:08:42:4d:69:51:6d:
29:8a:26:0a:35:51:00:c1:5b:98:35:c2:34:0e:5c:
ad:71:48:fb:c3:bf:1a:e5:a6:88:ce:21:87:1d:1e:
b8:3a:bf:3d:8b:c5:d4:d9:30:d9:be:8a:dd:75:e0:
bf:11:15:66:3f:91:21:ff:03:ab:62:92:72:da:9a:
9e:5e:a3:0c:1d:c5:23:41:62:f4:d4:73:e2:56:6b:
a7:ed:4e:61:84:d1:52:df:64:8a:02:94:d4:91:b2:
84:e4:73:df:be:91:c0:81:2d:cd:4c:b0:1a:53:ea:
1b:6c:ad:5c:f9:e5:d5:c2:c8:d8:b6:8a:58:89:65:
47:b4:63:ac:3f:68:1b:ed:64:fb:08:c6:ec:01:aa:
ae:fc:16:f1:e7:90:08:98:39:44:e9:49:c3:f8:a2:
7c:12:0f:54:c6:f3:9b:17:f5:71:60:92:18:8c:81:
cb:c8:30:17:b7:91:b0:15:9a:41:d1:ef:d6:c8:8f:
01:0f:42:7a:fa:8c:4f:ca:da:78:e5:64:65:53:a9:
11:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:37:00:88:60:E3:88:A1:E7:6B:A9:6E:AF:6A:73:13:BE:FD:6C:D7
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/sTcAiGDjiKHna6lur2pzE779bNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
205.188.6.0/23
205.188.62.0/23
205.188.228.0/22
205.188.250.0/23
Signature Algorithm: sha256WithRSAEncryption
68:e1:3e:9c:24:2d:c2:11:7a:51:1f:de:17:6c:cb:ab:05:e4:
9a:8b:a7:8b:19:b1:bf:84:6b:9a:99:f3:fe:09:2c:f9:ac:25:
7e:0a:2e:2a:19:5f:db:4f:b3:0f:01:cf:c9:11:f2:d3:86:76:
39:68:a2:cc:1c:3e:91:5f:b7:15:e5:b4:6b:e1:73:16:ee:1d:
19:f9:1f:40:93:7c:bb:b1:67:55:54:c9:9b:d1:63:ca:5d:e6:
93:ff:c6:c7:ea:48:44:d9:99:17:a2:7c:41:a7:8e:3f:07:df:
e3:b3:6b:e3:b2:99:e3:4a:84:04:df:a7:eb:65:72:29:e2:fa:
6b:82:be:a1:de:5a:a4:53:e0:7e:a8:0f:d6:d1:f9:5e:ea:63:
48:07:08:dc:09:e5:35:c0:01:cc:4f:91:54:f1:18:23:ce:f6:
89:7e:5a:6e:dc:54:32:8e:87:a7:21:53:b9:ed:15:50:cd:27:
8d:a6:fa:1f:43:6f:b8:04:76:c8:69:50:62:20:b0:3e:81:ad:
98:38:00:03:1c:b3:33:5a:dc:fc:b9:c9:df:cc:7a:25:43:6c:
9f:86:39:08:cf:29:36:02:25:00:6e:df:62:fc:00:2d:2b:fe:
ce:e6:f1:3a:ac:4c:f1:ef:c8:ee:0e:a9:87:9b:d2:2f:4d:4e:
f4:4b:c8:4d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZyZslRSzu4U9FkSwdy7wPs8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjYwMjI2MTEyNTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTM3MDA4ODYwZTM4OGExZTc2YmE5NmVhZjZhNzMxM2JlZmQ2Y2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8KF3ckVy+jW4LWIzekVRRHwCcrCv
8xFCtuH1oaaUxHPDM2GUf1gueGxUGonX9rc2Dfr0Jf0IQk1pUW0piiYKNVEAwVuY
NcI0DlytcUj7w78a5aaIziGHHR64Or89i8XU2TDZvorddeC/ERVmP5Eh/wOrYpJy
2pqeXqMMHcUjQWL01HPiVmun7U5hhNFS32SKApTUkbKE5HPfvpHAgS3NTLAaU+ob
bK1c+eXVwsjYtopYiWVHtGOsP2gb7WT7CMbsAaqu/Bbx55AImDlE6UnD+KJ8Eg9U
xvObF/VxYJIYjIHLyDAXt5GwFZpB0e/WyI8BD0J6+oxPytp45WRlU6kRIwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLE3AIhg44ih52upbq9qcxO+/WzXMB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvc1RjQWlHRGppS0huYTZsdXIycHpFNzc5Yk5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBzbwGAwQB
zbw+AwQCzbzkAwQBzbz6MA0GCSqGSIb3DQEBCwUAA4IBAQBo4T6cJC3CEXpRH94X
bMurBeSai6eLGbG/hGuamfP+CSz5rCV+Ci4qGV/bT7MPAc/JEfLThnY5aKLMHD6R
X7cV5bRr4XMW7h0Z+R9Ak3y7sWdVVMmb0WPKXeaT/8bH6khE2ZkXonxBp44/B9/j
s2vjspnjSoQE36frZXIp4vprgr6h3lqkU+B+qA/W0fle6mNIBwjcCeU1wAHMT5FU
8RgjzvaJflpu3FQyjoenIVO57RVQzSeNpvofQ2+4BHbIaVBiILA+ga2YOAADHLMz
Wtz8ucnfzHolQ2yfhjkIzyk2AiUAbt9i/AAtK/7O5vE6rEzx78juDqmHm9IvTU70
S8hN
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:52:32 2026 by rpki-client