Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/FX4SeiAfVk1oJ3ZX0t___kVvznw.roa
File: FX4SeiAfVk1oJ3ZX0t___kVvznw.roa (raw, json)
Hash identifier: sXBIiV4q77E68XFfHYdEfXRYe3LlOJvfM3L5/gohbgE=
Subject key identifier: 15:7E:12:7A:20:1F:56:4D:68:27:76:57:D2:DF:FF:FE:45:6F:CE:7C
Certificate issuer: /CN=b4425cf5501344ac5acc307abd0af013fac67073
Certificate serial: 019D7105366B63693D44B02289ADF8252D2A
Authority key identifier: B4:42:5C:F5:50:13:44:AC:5A:CC:30:7A:BD:0A:F0:13:FA:C6:70:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tEJc9VATRKxazDB6vQrwE_rGcHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/FX4SeiAfVk1oJ3ZX0t___kVvznw.roa
Signing time: Thu 09 Apr 2026 06:54:20 +0000
ROA not before: Thu 09 Apr 2026 06:54:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202709
IP address blocks: 5.61.216.0/21 maxlen: 21
45.82.132.0/22 maxlen: 22
46.149.98.0/24 maxlen: 24
185.58.132.0/22 maxlen: 22
185.119.228.0/22 maxlen: 22
185.142.20.0/22 maxlen: 22
185.142.20.0/24 maxlen: 24
185.142.21.0/24 maxlen: 24
185.142.22.0/24 maxlen: 24
185.142.23.0/24 maxlen: 24
193.25.255.0/24 maxlen: 24
193.26.0.0/24 maxlen: 24
193.26.2.0/24 maxlen: 24
193.26.12.0/24 maxlen: 24
194.48.180.0/22 maxlen: 22
2a02:63e0::/32 maxlen: 32
2a0e:6b80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/tEJc9VATRKxazDB6vQrwE_rGcHM.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/tEJc9VATRKxazDB6vQrwE_rGcHM.mft
rsync://rpki.ripe.net/repository/DEFAULT/tEJc9VATRKxazDB6vQrwE_rGcHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 04:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:71:05:36:6b:63:69:3d:44:b0:22:89:ad:f8:25:2d:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4425cf5501344ac5acc307abd0af013fac67073
Validity
Not Before: Apr 9 06:54:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=157e127a201f564d68277657d2dffffe456fce7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:59:a3:f3:b6:87:a0:10:f9:45:6a:1f:75:6b:
f4:7f:e2:27:34:46:6a:59:3e:56:23:f7:04:73:b9:
bc:d6:8a:41:21:04:97:75:21:ba:bc:12:be:64:61:
89:11:c4:ea:42:6a:8c:23:be:b8:12:94:d6:2c:43:
b3:ef:5b:0d:b6:a8:97:19:2f:9e:d3:65:74:02:fe:
52:76:70:99:d9:21:95:9c:db:73:c0:8f:53:15:4e:
09:07:38:24:91:d8:d0:65:16:04:aa:ef:49:0f:ca:
0b:82:02:e9:99:21:a1:3e:4a:80:ea:82:d6:ee:81:
fc:17:79:a4:46:a5:03:28:4b:b7:3d:28:8e:bd:43:
65:81:30:27:a6:e4:0b:af:af:39:d9:52:ab:11:de:
c0:60:11:10:09:48:0b:89:88:35:53:7b:9f:88:dc:
ca:fa:ff:f4:65:f8:8f:18:27:03:2e:33:0c:d3:58:
e9:40:e1:bc:9b:f2:69:89:5b:3d:ce:49:50:38:ce:
7c:5e:c7:de:14:36:87:ee:b9:10:b8:bf:3a:66:ed:
cf:72:90:b0:c0:b2:15:b7:e1:b3:fc:a6:5a:ed:6a:
d0:aa:71:fb:b4:4e:49:1c:8d:c7:73:20:fa:f7:67:
91:fd:02:a2:71:d0:ff:56:37:f9:d1:a5:77:92:17:
97:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:7E:12:7A:20:1F:56:4D:68:27:76:57:D2:DF:FF:FE:45:6F:CE:7C
X509v3 Authority Key Identifier:
keyid:B4:42:5C:F5:50:13:44:AC:5A:CC:30:7A:BD:0A:F0:13:FA:C6:70:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tEJc9VATRKxazDB6vQrwE_rGcHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/FX4SeiAfVk1oJ3ZX0t___kVvznw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/tEJc9VATRKxazDB6vQrwE_rGcHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.216.0/21
45.82.132.0/22
46.149.98.0/24
185.58.132.0/22
185.119.228.0/22
185.142.20.0/22
193.25.255.0-193.26.0.255
193.26.2.0/24
193.26.12.0/24
194.48.180.0/22
IPv6:
2a02:63e0::/32
2a0e:6b80::/29
Signature Algorithm: sha256WithRSAEncryption
6f:83:78:ef:bb:74:2f:db:a3:74:a8:37:17:39:2f:f1:1d:f1:
1b:f5:75:4f:f2:51:d9:72:3d:2e:ea:01:c4:59:1c:12:a9:fa:
28:7a:57:02:ac:23:34:23:f0:b0:66:fd:c3:92:c5:6a:aa:88:
af:33:b3:a0:c5:61:2b:07:b0:cd:46:29:d2:c9:4d:ed:6c:ba:
63:48:91:69:f1:da:a0:cf:8c:17:70:e2:7d:28:8c:40:e2:a6:
1f:27:5e:65:ea:54:f5:63:83:1f:83:51:3f:e9:87:38:ca:dc:
c0:63:b2:9a:7c:1b:10:4d:1c:cd:49:01:af:f9:50:86:8a:a4:
a7:a1:96:35:ac:70:54:b9:53:b6:35:38:4b:63:72:55:db:38:
c1:35:38:f5:0b:15:dd:a2:9a:7a:3b:75:65:a4:5d:93:4d:d4:
7d:51:e6:60:6a:d3:fa:60:3d:5b:1d:76:57:58:fa:1e:c6:e1:
d6:c1:83:3d:61:73:45:79:c7:6a:e0:16:ff:e3:8e:f0:a0:56:
62:f1:38:5c:f5:88:0f:23:63:88:31:8d:31:f5:d7:af:e5:20:
79:af:cc:9f:73:c5:5f:63:d7:2b:31:14:0e:1b:9b:d8:73:1e:
c9:26:28:e1:1c:11:a4:d6:12:c9:36:74:a3:65:f0:07:70:b5:
14:88:80:c1
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZ1xBTZrY2k9RLAiia34JS0qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NDI1Y2Y1NTAxMzQ0YWM1YWNjMzA3YWJkMGFmMDEzZmFj
NjcwNzMwHhcNMjYwNDA5MDY1NDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTdlMTI3YTIwMWY1NjRkNjgyNzc2NTdkMmRmZmZmZTQ1NmZjZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Fmj87aHoBD5RWofdWv0f+InNEZq
WT5WI/cEc7m81opBIQSXdSG6vBK+ZGGJEcTqQmqMI764EpTWLEOz71sNtqiXGS+e
02V0Av5SdnCZ2SGVnNtzwI9TFU4JBzgkkdjQZRYEqu9JD8oLggLpmSGhPkqA6oLW
7oH8F3mkRqUDKEu3PSiOvUNlgTAnpuQLr6852VKrEd7AYBEQCUgLiYg1U3ufiNzK
+v/0ZfiPGCcDLjMM01jpQOG8m/JpiVs9zklQOM58XsfeFDaH7rkQuL86Zu3PcpCw
wLIVt+Gz/KZa7WrQqnH7tE5JHI3HcyD692eR/QKicdD/Vjf50aV3kheXAQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFBV+EnogH1ZNaCd2V9Lf//5Fb858MB8GA1UdIwQY
MBaAFLRCXPVQE0SsWswwer0K8BP6xnBzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEVKYzlWQVRSS3hhekRCNnZRcndFX3JHY0hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82YWMwYTItNWM2Yy00MzU3LTk3ZTQt
Y2ViOGFiNmQxMTJlLzEvRlg0U2VpQWZWazFvSjNaWDB0X19fa1Z2em53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82YWMwYTItNWM2Yy00MzU3LTk3ZTQtY2ViOGFiNmQxMTJl
LzEvdEVKYzlWQVRSS3hhekRCNnZRcndFX3JHY0hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBKBAIAATBEAwQDBT3YAwQC
LVKEAwQALpViAwQCuTqEAwQCuXfkAwQCuY4UMAwDBADBGf8DBADBGgADBADBGgID
BADBGgwDBALCMLQwFAQCAAIwDgMFACoCY+ADBQMqDmuAMA0GCSqGSIb3DQEBCwUA
A4IBAQBvg3jvu3Qv26N0qDcXOS/xHfEb9XVP8lHZcj0u6gHEWRwSqfooelcCrCM0
I/CwZv3DksVqqoivM7OgxWErB7DNRinSyU3tbLpjSJFp8dqgz4wXcOJ9KIxA4qYf
J15l6lT1Y4Mfg1E/6Yc4ytzAY7KafBsQTRzNSQGv+VCGiqSnoZY1rHBUuVO2NThL
Y3JV2zjBNTj1CxXdopp6O3VlpF2TTdR9UeZgatP6YD1bHXZXWPoexuHWwYM9YXNF
ecdq4Bb/447woFZi8Thc9YgPI2OIMY0x9dev5SB5r8yfc8VfY9crMRQOG5vYcx7J
JijhHBGk1hLJNnSjZfAHcLUUiIDB
-----END CERTIFICATE-----
Generated at Sun Apr 19 12:53:10 2026 by rpki-client