Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/5zM1H58CgWiCY8UR19U-VgK_Cx8.roa
File: 5zM1H58CgWiCY8UR19U-VgK_Cx8.roa (raw, json)
Hash identifier: esGeTGlZWMdYYKlLG4KX2N8IE9BUWKhrf0Y+NkAB/B8=
Subject key identifier: E7:33:35:1F:9F:02:81:68:82:63:C5:11:D7:D5:3E:56:02:BF:0B:1F
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019BFFA7E1D1E4D1FAD67AF3C2ACBDB2310A
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/5zM1H58CgWiCY8UR19U-VgK_Cx8.roa
Signing time: Tue 27 Jan 2026 13:32:30 +0000
ROA not before: Tue 27 Jan 2026 13:32:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39351
IP address blocks: 45.92.231.0/24 maxlen: 24
45.130.118.0/24 maxlen: 24
45.132.193.0/24 maxlen: 24
45.149.104.0/24 maxlen: 24
91.206.168.0/24 maxlen: 24
194.34.172.0/24 maxlen: 24
2a07:e340::/32 maxlen: 32
2a07:e341::/32 maxlen: 32
2a07:e344::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:ff:a7:e1:d1:e4:d1:fa:d6:7a:f3:c2:ac:bd:b2:31:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 27 13:32:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e733351f9f0281688263c511d7d53e5602bf0b1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:04:78:79:47:6d:38:c6:14:0c:c4:21:f5:4c:
fe:a7:3d:f3:64:f0:5d:ec:3c:dd:e9:8e:5b:13:8d:
70:a7:04:51:e7:4c:1f:b1:60:df:b6:13:4e:f0:87:
f1:57:de:b9:c2:5b:d1:03:bc:63:41:17:0c:fa:c8:
5f:15:0e:fb:d7:66:96:65:b1:96:ec:1e:61:94:81:
cb:3e:d2:f9:18:50:97:d7:d6:4a:fd:c7:68:e3:75:
0b:b6:52:59:ca:87:a3:fb:ee:8f:e7:25:be:2f:7d:
e1:48:5a:24:e3:13:7c:dc:fb:73:54:22:3f:b8:c5:
de:15:31:b3:4e:e6:a1:85:34:18:a8:e4:9e:ee:33:
27:b2:77:78:62:ff:16:6a:f1:09:a6:e3:80:6b:ff:
35:e5:f0:92:7a:d6:70:9d:fb:bd:9a:56:b7:58:89:
40:61:62:8a:fc:29:67:ae:86:5a:a6:c5:80:c9:fc:
43:bd:ee:7b:e7:00:11:fa:de:c0:31:7a:93:07:31:
42:f3:3c:ff:a8:62:d6:a2:91:3f:4b:89:bc:86:7f:
87:71:75:c9:3c:a2:a7:91:1a:6f:03:19:6f:cc:ba:
7e:1b:4e:82:53:7b:ff:b9:ba:89:71:eb:2e:d5:bf:
de:42:98:aa:54:aa:df:19:3b:89:7c:4e:eb:e7:f4:
f2:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:33:35:1F:9F:02:81:68:82:63:C5:11:D7:D5:3E:56:02:BF:0B:1F
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/5zM1H58CgWiCY8UR19U-VgK_Cx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.231.0/24
45.130.118.0/24
45.132.193.0/24
45.149.104.0/24
91.206.168.0/24
194.34.172.0/24
IPv6:
2a07:e340::/31
2a07:e344::/32
Signature Algorithm: sha256WithRSAEncryption
bd:a8:75:f4:41:63:d0:d4:8b:45:f4:03:56:7d:0a:d6:b1:23:
13:f7:0d:dc:b9:7a:47:29:ca:c7:50:ac:0d:8d:f8:57:5e:eb:
03:5c:aa:07:b8:dd:9f:aa:6f:7a:30:d2:51:63:d3:d8:d9:c4:
72:69:55:48:e7:31:8b:6f:9f:07:33:fa:5d:77:14:25:b2:07:
47:43:c9:c9:d6:fd:68:35:77:1e:ab:95:8b:58:47:37:15:7f:
5b:db:ba:6e:68:97:17:fa:77:8a:e7:df:b8:2d:95:9e:62:fd:
dc:2b:6c:27:3e:8b:d7:6c:e5:43:2d:a8:2d:3f:fc:4a:88:b3:
04:df:9e:7e:67:30:2a:86:7f:08:88:1d:30:79:6f:6d:60:58:
af:67:14:a9:d4:07:8a:64:0e:1a:15:56:23:5c:a9:de:6b:27:
9b:08:46:fd:a4:fe:13:df:87:84:f1:7d:ac:2e:e0:66:c5:8a:
c2:e6:b2:d6:85:c1:60:4b:c3:21:8a:f3:43:46:6e:5c:f1:c0:
2e:bd:03:2b:04:ff:45:e2:32:b9:0e:b2:32:b2:5b:81:c4:c0:
c6:8d:0b:df:d4:47:95:c8:5f:25:6c:4c:a4:46:df:d0:07:93:
4e:1b:75:ca:78:ed:fa:96:91:84:d0:7f:69:02:8d:ec:be:b6:
d4:00:bc:1b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZv/p+HR5NH61nrzwqy9sjEKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjYwMTI3MTMzMjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzMzMzUxZjlmMDI4MTY4ODI2M2M1MTFkN2Q1M2U1NjAyYmYwYjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwR4eUdtOMYUDMQh9Uz+pz3zZPBd
7Dzd6Y5bE41wpwRR50wfsWDfthNO8IfxV965wlvRA7xjQRcM+shfFQ7712aWZbGW
7B5hlIHLPtL5GFCX19ZK/cdo43ULtlJZyoej++6P5yW+L33hSFok4xN83PtzVCI/
uMXeFTGzTuahhTQYqOSe7jMnsnd4Yv8WavEJpuOAa/815fCSetZwnfu9mla3WIlA
YWKK/ClnroZapsWAyfxDve575wAR+t7AMXqTBzFC8zz/qGLWopE/S4m8hn+HcXXJ
PKKnkRpvAxlvzLp+G06CU3v/ubqJcesu1b/eQpiqVKrfGTuJfE7r5/TyGwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFOczNR+fAoFogmPFEdfVPlYCvwsfMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvNXpNMUg1OENnV2lDWThVUjE5VS1WZ0tfQ3g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQALVznAwQA
LYJ2AwQALYTBAwQALZVoAwQAW86oAwQAwiKsMBQEAgACMA4DBQEqB+NAAwUAKgfj
RDANBgkqhkiG9w0BAQsFAAOCAQEAvah19EFj0NSLRfQDVn0K1rEjE/cN3Ll6RynK
x1CsDY34V17rA1yqB7jdn6pvejDSUWPT2NnEcmlVSOcxi2+fBzP6XXcUJbIHR0PJ
ydb9aDV3HquVi1hHNxV/W9u6bmiXF/p3iuffuC2VnmL93CtsJz6L12zlQy2oLT/8
SoizBN+efmcwKoZ/CIgdMHlvbWBYr2cUqdQHimQOGhVWI1yp3msnmwhG/aT+E9+H
hPF9rC7gZsWKwuay1oXBYEvDIYrzQ0ZuXPHALr0DKwT/ReIyuQ6yMrJbgcTAxo0L
39RHlchfJWxMpEbf0AeTTht1ynjt+paRhNB/aQKN7L621AC8Gw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:09:42 2026 by rpki-client