Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/7-5FXkLEwhC1Xxo7xjKu4F60EXI.roa
File: 7-5FXkLEwhC1Xxo7xjKu4F60EXI.roa (raw, json)
Hash identifier: ucTykSSMA4mgLZSWsX8h0H8ANki2lK6au/mQg7PDaVg=
Subject key identifier: EF:EE:45:5E:42:C4:C2:10:B5:5F:1A:3B:C6:32:AE:E0:5E:B4:11:72
Certificate issuer: /CN=8777b5b36f66e13c4388c9934da507856515d073
Certificate serial: 019C9ECDB367842AF173E4AE38829153A75D
Authority key identifier: 87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/7-5FXkLEwhC1Xxo7xjKu4F60EXI.roa
Signing time: Fri 27 Feb 2026 11:13:26 +0000
ROA not before: Fri 27 Feb 2026 11:13:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6696
IP address blocks: 5.149.136.0/23 maxlen: 23
5.149.138.0/24 maxlen: 24
5.149.140.0/23 maxlen: 23
5.149.142.0/24 maxlen: 24
37.19.8.0/21 maxlen: 24
46.18.33.0/24 maxlen: 24
46.18.34.0/23 maxlen: 24
46.18.34.0/24 maxlen: 24
46.18.36.0/22 maxlen: 24
62.112.29.0/24 maxlen: 24
62.112.31.0/24 maxlen: 24
85.88.34.0/24 maxlen: 24
85.119.216.0/21 maxlen: 24
86.107.120.0/22 maxlen: 22
86.107.124.0/23 maxlen: 23
86.107.126.0/24 maxlen: 24
87.238.225.0/24 maxlen: 24
87.238.228.0/22 maxlen: 24
94.139.39.0/24 maxlen: 24
109.69.216.0/23 maxlen: 24
109.69.217.16/28 maxlen: 28
109.69.219.0/24 maxlen: 24
109.69.220.0/23 maxlen: 23
109.69.220.0/24 maxlen: 24
109.69.221.0/24 maxlen: 24
109.69.221.192/28 maxlen: 28
109.69.222.0/24 maxlen: 24
185.64.64.0/22 maxlen: 24
185.185.228.0/24 maxlen: 24
185.185.229.0/24 maxlen: 24
2a00:1528::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.mft
rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9e:cd:b3:67:84:2a:f1:73:e4:ae:38:82:91:53:a7:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8777b5b36f66e13c4388c9934da507856515d073
Validity
Not Before: Feb 27 11:13:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=efee455e42c4c210b55f1a3bc632aee05eb41172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:15:15:75:dc:c2:a0:94:87:45:bf:9b:99:6c:
e4:93:f9:ed:15:fc:54:6b:9b:fa:d6:91:15:ba:e4:
b9:5f:d6:9c:91:0e:a5:02:0e:e7:a0:8c:33:5a:55:
ef:86:eb:be:da:62:1c:b7:f8:f4:68:9f:74:0d:6c:
bf:47:42:5b:e7:4f:9f:32:07:63:57:99:76:5e:54:
80:7e:ea:15:c7:c4:d7:2c:05:9d:ae:2c:c1:64:c0:
99:5a:3c:2a:ad:dc:11:9d:be:e0:46:31:d0:18:11:
88:87:8d:01:13:20:a5:e1:20:b5:f2:d9:32:72:0d:
bd:0a:ac:c6:fd:b8:b0:80:bc:4e:5b:f5:29:00:b2:
a9:24:d5:a2:8f:f0:27:d7:f5:2b:c0:9e:51:3c:f9:
0d:97:1a:b6:a4:b8:a3:85:6c:cf:83:ee:ed:17:1a:
b1:66:ab:4c:1a:e3:bd:78:48:fb:b8:4e:46:f6:a2:
94:f5:ee:ef:dd:2e:9d:c1:59:38:09:bb:55:08:c5:
57:ea:16:7a:a4:43:52:23:78:41:9a:de:d4:71:25:
6f:c7:15:17:b9:28:eb:83:a5:5c:50:04:45:41:f5:
ad:50:15:7e:3d:c9:9a:c3:1e:31:52:43:ba:e2:61:
16:9f:ef:c2:8a:e8:10:8e:7b:41:7c:a3:32:e7:8c:
0e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:EE:45:5E:42:C4:C2:10:B5:5F:1A:3B:C6:32:AE:E0:5E:B4:11:72
X509v3 Authority Key Identifier:
keyid:87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/7-5FXkLEwhC1Xxo7xjKu4F60EXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.136.0-5.149.138.255
5.149.140.0-5.149.142.255
37.19.8.0/21
46.18.33.0-46.18.39.255
62.112.29.0/24
62.112.31.0/24
85.88.34.0/24
85.119.216.0/21
86.107.120.0-86.107.126.255
87.238.225.0/24
87.238.228.0/22
94.139.39.0/24
109.69.216.0/23
109.69.219.0-109.69.222.255
185.64.64.0/22
185.185.228.0/23
IPv6:
2a00:1528::/32
Signature Algorithm: sha256WithRSAEncryption
98:67:72:3e:f2:d4:4c:cc:4b:5c:55:e9:51:31:3f:77:45:67:
60:63:03:1e:fb:92:25:51:00:55:39:8f:22:6d:32:2c:28:64:
d5:b8:dc:0d:ae:74:55:e5:76:fd:1a:df:2c:37:1b:7b:0f:b3:
40:14:54:65:d6:9b:cc:09:84:30:71:2d:12:52:82:f3:35:90:
4e:4a:ce:4a:ce:21:50:53:48:0d:4b:f9:56:78:51:3b:9b:a2:
7b:5c:c9:11:fd:3a:2e:2a:f1:1d:70:0e:dd:e9:c6:df:a5:99:
6d:3b:55:8b:12:42:f4:ae:bf:b7:8a:8b:a2:c3:d5:cf:42:aa:
03:49:36:d6:bc:50:d1:19:d2:ab:37:03:00:e7:83:ce:e3:f6:
32:df:08:26:41:b1:60:33:cc:7b:94:b5:32:8e:93:50:9c:5f:
eb:43:46:db:1d:49:6f:7e:2f:b3:64:4c:03:96:01:f2:df:5c:
24:19:3f:23:75:9e:0a:4b:37:29:38:43:f6:a4:8a:67:df:94:
6d:4d:23:a2:56:a5:d1:92:34:ad:71:bc:e7:72:e2:9c:9c:2c:
bc:65:f4:1b:42:14:96:0d:c4:e9:ac:2a:cd:12:c4:6e:a4:73:
c3:ab:37:14:17:a3:e0:72:59:ab:dd:0a:b6:f7:fe:d7:98:6f:
c5:0c:a3:fa
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZyezbNnhCrxc+SuOIKRU6ddMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzdiNWIzNmY2NmUxM2M0Mzg4Yzk5MzRkYTUwNzg1NjUx
NWQwNzMwHhcNMjYwMjI3MTExMzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmVlNDU1ZTQyYzRjMjEwYjU1ZjFhM2JjNjMyYWVlMDVlYjQxMTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxUVddzCoJSHRb+bmWzkk/ntFfxU
a5v61pEVuuS5X9ackQ6lAg7noIwzWlXvhuu+2mIct/j0aJ90DWy/R0Jb50+fMgdj
V5l2XlSAfuoVx8TXLAWdrizBZMCZWjwqrdwRnb7gRjHQGBGIh40BEyCl4SC18tky
cg29CqzG/biwgLxOW/UpALKpJNWij/An1/UrwJ5RPPkNlxq2pLijhWzPg+7tFxqx
ZqtMGuO9eEj7uE5G9qKU9e7v3S6dwVk4CbtVCMVX6hZ6pENSI3hBmt7UcSVvxxUX
uSjrg6VcUARFQfWtUBV+Pcmawx4xUkO64mEWn+/CiugQjntBfKMy54wOjwIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFO/uRV5CxMIQtV8aO8YyruBetBFyMB8GA1UdIwQY
MBaAFId3tbNvZuE8Q4jJk02lB4VlFdBzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2Mt
ZWQxZjMwY2MxYzU3LzEvNy01RlhrTEV3aEMxWHhvN3hqS3U0RjYwRVhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2MtZWQxZjMwY2MxYzU3
LzEvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTCBjwQCAAEwgYgwDAME
AwWViAMEAAWVijAMAwQCBZWMAwQABZWOAwQDJRMIMAwDBAAuEiEDBAMuEiADBAA+
cB0DBAA+cB8DBABVWCIDBANVd9gwDAMEA1ZreAMEAFZrfgMEAFfu4QMEAlfu5AME
AF6LJwMEAW1F2DAMAwQAbUXbAwQAbUXeAwQCuUBAAwQBubnkMA0EAgACMAcDBQAq
ABUoMA0GCSqGSIb3DQEBCwUAA4IBAQCYZ3I+8tRMzEtcVelRMT93RWdgYwMe+5Il
UQBVOY8ibTIsKGTVuNwNrnRV5Xb9Gt8sNxt7D7NAFFRl1pvMCYQwcS0SUoLzNZBO
Ss5KziFQU0gNS/lWeFE7m6J7XMkR/TouKvEdcA7d6cbfpZltO1WLEkL0rr+3ioui
w9XPQqoDSTbWvFDRGdKrNwMA54PO4/Yy3wgmQbFgM8x7lLUyjpNQnF/rQ0bbHUlv
fi+zZEwDlgHy31wkGT8jdZ4KSzcpOEP2pIpn35RtTSOiVqXRkjStcbzncuKcnCy8
ZfQbQhSWDcTprCrNEsRupHPDqzcUF6Pgclmr3Qq29/7XmG/FDKP6
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:58:10 2026 by rpki-client