Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/d429b9-385e-430f-b2c4-81768c60ee08/1/5b2a6XWxXgUSZDKt5JWqFB4W1Qw.roa
File: 5b2a6XWxXgUSZDKt5JWqFB4W1Qw.roa (raw, json)
Hash identifier: hBPbCPHByhSWsVt7qW7PZzgH1YZH0pwO5Lkd4emW/JQ=
Subject key identifier: E5:BD:9A:E9:75:B1:5E:05:12:64:32:AD:E4:95:AA:14:1E:16:D5:0C
Certificate issuer: /CN=09a686e370d6d0608119eeb006c8aadaab078d22
Certificate serial: 019C8E837A4D09A27E0D734877EF503387A1
Authority key identifier: 09:A6:86:E3:70:D6:D0:60:81:19:EE:B0:06:C8:AA:DA:AB:07:8D:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CaaG43DW0GCBGe6wBsiq2qsHjSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/d429b9-385e-430f-b2c4-81768c60ee08/1/5b2a6XWxXgUSZDKt5JWqFB4W1Qw.roa
Signing time: Tue 24 Feb 2026 07:18:26 +0000
ROA not before: Tue 24 Feb 2026 07:18:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48881
IP address blocks: 46.102.254.0/24 maxlen: 24
86.105.26.0/24 maxlen: 24
185.104.180.0/22 maxlen: 22
2a06:1fc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/d429b9-385e-430f-b2c4-81768c60ee08/1/CaaG43DW0GCBGe6wBsiq2qsHjSI.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/d429b9-385e-430f-b2c4-81768c60ee08/1/CaaG43DW0GCBGe6wBsiq2qsHjSI.mft
rsync://rpki.ripe.net/repository/DEFAULT/CaaG43DW0GCBGe6wBsiq2qsHjSI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 07:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8e:83:7a:4d:09:a2:7e:0d:73:48:77:ef:50:33:87:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09a686e370d6d0608119eeb006c8aadaab078d22
Validity
Not Before: Feb 24 07:18:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e5bd9ae975b15e05126432ade495aa141e16d50c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4f:76:ce:6f:fc:8c:e1:33:bb:7d:a8:43:7b:
55:47:d8:42:71:a5:69:ed:af:5c:15:b5:cc:24:52:
f8:fa:1d:fb:f2:b2:4a:2e:b9:3d:5a:0f:6f:e0:cd:
c4:a8:7c:63:9e:e2:69:a2:90:a7:dd:ea:26:a3:52:
b9:33:e8:88:e0:8c:16:eb:8f:f5:bb:ea:50:12:74:
9b:7a:01:8e:8a:2f:e2:8e:10:21:ce:cb:9c:40:c7:
79:bb:2c:f8:f1:be:ce:60:47:63:e3:db:2a:dd:cf:
b5:ab:5a:09:86:d3:ab:6a:17:01:d5:53:4e:94:c7:
dc:4d:a5:4b:54:3a:62:9b:2a:07:13:ac:82:84:ac:
de:5f:e5:7f:6f:c0:9a:c5:5d:71:1e:5f:8a:b8:fe:
de:80:b6:63:5f:be:d3:35:81:8d:df:a7:7f:e8:46:
28:de:65:f4:fb:fd:15:94:bf:0d:dc:d0:3b:22:1c:
db:db:c8:bb:5e:54:f6:de:84:e2:29:d8:33:bb:bc:
30:9d:54:72:95:be:3c:d3:63:38:a1:e7:33:44:2e:
b4:6c:3c:6f:ac:df:86:4b:5c:24:15:a9:b4:80:dd:
c0:25:48:44:27:46:91:d5:1d:46:84:dd:89:fd:2a:
6e:44:98:fe:03:c8:9f:10:9f:28:61:5d:59:3a:30:
a8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:BD:9A:E9:75:B1:5E:05:12:64:32:AD:E4:95:AA:14:1E:16:D5:0C
X509v3 Authority Key Identifier:
keyid:09:A6:86:E3:70:D6:D0:60:81:19:EE:B0:06:C8:AA:DA:AB:07:8D:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CaaG43DW0GCBGe6wBsiq2qsHjSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/d429b9-385e-430f-b2c4-81768c60ee08/1/5b2a6XWxXgUSZDKt5JWqFB4W1Qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/d429b9-385e-430f-b2c4-81768c60ee08/1/CaaG43DW0GCBGe6wBsiq2qsHjSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.254.0/24
86.105.26.0/24
185.104.180.0/22
IPv6:
2a06:1fc0::/29
Signature Algorithm: sha256WithRSAEncryption
00:b5:fa:3d:f6:00:ba:3d:fe:b7:ec:bb:89:bf:b0:d1:48:80:
f2:68:8a:85:36:7a:17:ba:55:27:ee:0b:ca:08:94:26:d8:84:
4c:a1:92:44:0e:18:2e:48:d7:c5:24:04:7b:2c:c8:cf:97:93:
55:77:74:82:7d:a3:fb:c7:0e:a2:cc:30:da:41:46:22:a8:d5:
8b:37:a2:6b:f7:b8:26:fb:7b:03:be:78:e2:10:d0:67:b1:95:
57:70:bc:39:22:9f:e6:85:98:de:09:13:94:b1:39:b4:62:fa:
8c:b9:4a:08:7a:1f:fd:20:fc:73:ba:88:16:f9:05:17:3e:30:
25:e9:94:a0:a3:86:80:bc:86:b2:32:2a:69:3f:b2:c1:9d:37:
7e:5b:71:4f:33:f6:d9:7f:28:55:20:96:9a:81:d4:74:1b:23:
78:d8:e4:08:de:56:a9:46:70:94:51:55:87:08:0b:23:95:40:
23:10:dd:ee:a7:7c:ed:91:11:6b:62:08:e3:74:cd:2a:65:f3:
22:f8:95:f8:60:26:be:67:1a:22:c1:6f:25:9c:7c:a4:dd:95:
7a:ef:f7:54:36:6d:4c:9a:e5:5d:a0:92:44:95:7d:8f:2e:b4:
3f:d1:2a:c2:be:a6:bf:a6:42:02:15:9c:74:18:0f:2e:52:08:
81:43:51:b4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZyOg3pNCaJ+DXNId+9QM4ehMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5YTY4NmUzNzBkNmQwNjA4MTE5ZWViMDA2YzhhYWRhYWIw
NzhkMjIwHhcNMjYwMjI0MDcxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWJkOWFlOTc1YjE1ZTA1MTI2NDMyYWRlNDk1YWExNDFlMTZkNTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtE92zm/8jOEzu32oQ3tVR9hCcaVp
7a9cFbXMJFL4+h378rJKLrk9Wg9v4M3EqHxjnuJpopCn3eomo1K5M+iI4IwW64/1
u+pQEnSbegGOii/ijhAhzsucQMd5uyz48b7OYEdj49sq3c+1q1oJhtOrahcB1VNO
lMfcTaVLVDpimyoHE6yChKzeX+V/b8CaxV1xHl+KuP7egLZjX77TNYGN36d/6EYo
3mX0+/0VlL8N3NA7Ihzb28i7XlT23oTiKdgzu7wwnVRylb4802M4oeczRC60bDxv
rN+GS1wkFam0gN3AJUhEJ0aR1R1GhN2J/SpuRJj+A8ifEJ8oYV1ZOjCouwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOW9mul1sV4FEmQyreSVqhQeFtUMMB8GA1UdIwQY
MBaAFAmmhuNw1tBggRnusAbIqtqrB40iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2FhRzQzRFcwR0NCR2U2d0JzaXEycXNIalNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9kNDI5YjktMzg1ZS00MzBmLWIyYzQt
ODE3NjhjNjBlZTA4LzEvNWIyYTZYV3hYZ1VTWkRLdDVKV3FGQjRXMVF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9kNDI5YjktMzg1ZS00MzBmLWIyYzQtODE3NjhjNjBlZTA4
LzEvQ2FhRzQzRFcwR0NCR2U2d0JzaXEycXNIalNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALmb+AwQA
VmkaAwQCuWi0MA0EAgACMAcDBQMqBh/AMA0GCSqGSIb3DQEBCwUAA4IBAQAAtfo9
9gC6Pf637LuJv7DRSIDyaIqFNnoXulUn7gvKCJQm2IRMoZJEDhguSNfFJAR7LMjP
l5NVd3SCfaP7xw6izDDaQUYiqNWLN6Jr97gm+3sDvnjiENBnsZVXcLw5Ip/mhZje
CROUsTm0YvqMuUoIeh/9IPxzuogW+QUXPjAl6ZSgo4aAvIayMippP7LBnTd+W3FP
M/bZfyhVIJaagdR0GyN42OQI3lapRnCUUVWHCAsjlUAjEN3up3ztkRFrYgjjdM0q
ZfMi+JX4YCa+ZxoiwW8lnHyk3ZV67/dUNm1MmuVdoJJElX2PLrQ/0SrCvqa/pkIC
FZx0GA8uUgiBQ1G0
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:37:48 2026 by rpki-client