Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/5ofwE8fWcu41y5nE1W98Xt08B9U.roa
File: 5ofwE8fWcu41y5nE1W98Xt08B9U.roa (raw, json)
Hash identifier: vBHKAReKnkwdzg96lnBkzkJIhU9wk+NEk4UwhyvZN8M=
Subject key identifier: E6:87:F0:13:C7:D6:72:EE:35:CB:99:C4:D5:6F:7C:5E:DD:3C:07:D5
Certificate issuer: /CN=3eb1788fe220e46434692d1cc437072d792d7888
Certificate serial: 019B79ECDA5DDD3F8C71ABCAC5AC01DF0757
Authority key identifier: 3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/5ofwE8fWcu41y5nE1W98Xt08B9U.roa
Signing time: Thu 01 Jan 2026 14:18:44 +0000
ROA not before: Thu 01 Jan 2026 14:18:44 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58069
IP address blocks: 157.180.228.0/22 maxlen: 22
157.180.232.0/22 maxlen: 22
192.108.45.0/24 maxlen: 24
192.108.46.0/23 maxlen: 23
192.108.68.0/24 maxlen: 24
2a00:139c::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.mft
rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 05:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:79:ec:da:5d:dd:3f:8c:71:ab:ca:c5:ac:01:df:07:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eb1788fe220e46434692d1cc437072d792d7888
Validity
Not Before: Jan 1 14:18:44 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e687f013c7d672ee35cb99c4d56f7c5edd3c07d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ee:01:0f:1f:2d:ec:f3:16:dd:0d:2a:9c:ec:
37:37:c4:8b:e7:55:85:eb:84:32:2f:48:01:38:3f:
b0:e8:ae:f2:fd:06:ea:d0:99:69:8e:a5:ff:e1:b4:
eb:05:9d:bb:33:e1:67:f3:2f:b1:30:68:3a:e7:3f:
a4:37:78:78:d7:32:fa:5f:53:fb:ad:a1:54:0d:2d:
7b:2e:e5:81:f1:84:d7:f4:bc:c2:e0:78:d9:96:c9:
5d:c1:c8:64:41:42:e7:5a:24:85:24:5c:9a:94:b3:
2e:7c:9b:92:2e:fc:36:6a:65:ea:1a:8c:86:ac:0e:
60:7b:a9:a7:df:6b:c9:3f:96:8d:ad:c7:ef:00:b7:
79:98:80:d4:9f:71:1a:cc:a3:22:dd:91:f8:7e:d0:
81:09:2e:3d:9a:92:c1:70:4d:ea:eb:5f:fb:75:f0:
84:6b:de:ee:ab:3f:00:ad:17:49:1f:c6:3c:38:16:
01:f4:36:64:95:80:ac:5a:f1:5a:23:51:f4:56:20:
cf:d4:6f:3d:a2:50:88:8d:61:22:ee:df:ae:f2:bf:
ca:73:6a:2a:4f:7e:ce:79:64:de:6a:26:16:2c:52:
41:e9:0a:f3:5f:5c:77:77:f5:8c:64:a5:d3:5b:10:
41:d4:f6:92:28:a6:d1:e2:c3:c2:e3:23:53:19:b9:
a8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:87:F0:13:C7:D6:72:EE:35:CB:99:C4:D5:6F:7C:5E:DD:3C:07:D5
X509v3 Authority Key Identifier:
keyid:3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/5ofwE8fWcu41y5nE1W98Xt08B9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.180.228.0-157.180.235.255
192.108.45.0-192.108.47.255
192.108.68.0/24
IPv6:
2a00:139c::/32
Signature Algorithm: sha256WithRSAEncryption
79:b8:09:1c:56:4d:ae:bc:ad:6f:0a:bc:0e:bd:d0:b2:32:01:
6a:c0:45:57:76:d1:c6:82:ab:39:52:d8:9a:50:e2:cc:fa:79:
ed:11:20:8d:01:ee:de:4c:56:e7:da:d5:ae:98:08:a5:1f:e0:
78:0b:b5:ed:1f:8e:0e:37:ca:6b:a6:37:33:09:8e:b9:e8:eb:
53:61:90:f7:3f:63:87:02:e2:6c:1f:8a:0d:66:da:56:7d:5a:
7f:af:33:8e:9f:80:92:64:b0:fe:64:81:c8:ba:ed:9f:0a:08:
65:10:1a:10:21:76:03:8b:d6:3a:0f:ca:6f:ef:c8:9e:2d:1a:
f6:50:7e:96:30:53:ac:ce:b6:9a:68:69:45:94:a7:96:bb:a9:
6d:3a:81:b5:7b:23:43:d9:1f:2e:eb:14:9d:26:7d:93:0d:cd:
c9:78:e2:de:62:c1:3f:98:60:3d:65:5a:b1:2f:5f:65:83:fc:
d1:cb:45:2a:30:fb:36:86:57:1a:b9:5d:22:99:c7:d7:0a:5c:
3b:eb:01:02:1f:47:9f:fb:52:eb:b6:c5:6c:be:f6:77:6e:41:
2d:89:b0:05:53:f0:6c:7a:5e:a8:b4:b2:0f:a4:6d:f4:7e:96:
95:dc:39:3b:b0:e3:57:61:67:67:47:c9:71:fb:15:8a:08:10:
42:7a:24:c7
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZt57Npd3T+McavKxawB3wdXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYjE3ODhmZTIyMGU0NjQzNDY5MmQxY2M0MzcwNzJkNzky
ZDc4ODgwHhcNMjYwMTAxMTQxODQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjg3ZjAxM2M3ZDY3MmVlMzVjYjk5YzRkNTZmN2M1ZWRkM2MwN2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAue4BDx8t7PMW3Q0qnOw3N8SL51WF
64QyL0gBOD+w6K7y/Qbq0JlpjqX/4bTrBZ27M+Fn8y+xMGg65z+kN3h41zL6X1P7
raFUDS17LuWB8YTX9LzC4HjZlsldwchkQULnWiSFJFyalLMufJuSLvw2amXqGoyG
rA5ge6mn32vJP5aNrcfvALd5mIDUn3EazKMi3ZH4ftCBCS49mpLBcE3q61/7dfCE
a97uqz8ArRdJH8Y8OBYB9DZklYCsWvFaI1H0ViDP1G89olCIjWEi7t+u8r/Kc2oq
T37OeWTeaiYWLFJB6QrzX1x3d/WMZKXTWxBB1PaSKKbR4sPC4yNTGbmo4wIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFOaH8BPH1nLuNcuZxNVvfF7dPAfVMB8GA1UdIwQY
MBaAFD6xeI/iIORkNGktHMQ3By15LXiIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHJGNGotSWc1R1EwYVMwY3hEY0hMWGt0ZUlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8yMmY1NzAtMGIyNi00MDA0LThlZDAt
ZDk1MDk0NzMwNzJjLzEvNW9md0U4ZldjdTQxeTVuRTFXOThYdDA4QjlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8yMmY1NzAtMGIyNi00MDA0LThlZDAtZDk1MDk0NzMwNzJj
LzEvUHJGNGotSWc1R1EwYVMwY3hEY0hMWGt0ZUlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAoBAIAATAiMAwDBAKdtOQD
BAKdtOgwDAMEAMBsLQMEBMBsIAMEAMBsRDANBAIAAjAHAwUAKgATnDANBgkqhkiG
9w0BAQsFAAOCAQEAebgJHFZNrrytbwq8Dr3QsjIBasBFV3bRxoKrOVLYmlDizPp5
7REgjQHu3kxW59rVrpgIpR/geAu17R+ODjfKa6Y3MwmOuejrU2GQ9z9jhwLibB+K
DWbaVn1af68zjp+AkmSw/mSByLrtnwoIZRAaECF2A4vWOg/Kb+/Ini0a9lB+ljBT
rM62mmhpRZSnlrupbTqBtXsjQ9kfLusUnSZ9kw3NyXji3mLBP5hgPWVasS9fZYP8
0ctFKjD7NoZXGrldIpnH1wpcO+sBAh9Hn/tS67bFbL72d25BLYmwBVPwbHpeqLSy
D6Rt9H6Wldw5O7DjV2FnZ0fJcfsViggQQnokxw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:17:58 2026 by rpki-client