Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/80e740-2c8c-45a6-938c-219b9f6f9087/1/TuInl5IxseRhLtbZY1X_lYI6Hbk.roa
File: TuInl5IxseRhLtbZY1X_lYI6Hbk.roa (raw, json)
Hash identifier: lryzFZqAm22jNaG1JE0uiAUiFqU+yZbKbV6Mt0hLWnI=
Subject key identifier: 4E:E2:27:97:92:31:B1:E4:61:2E:D6:D9:63:55:FF:95:82:3A:1D:B9
Certificate issuer: /CN=1f046cde8512802b14933b34a22f7765e295d2ab
Certificate serial: 019B7CEE1B996FC95FDCA09A09C868506F1E
Authority key identifier: 1F:04:6C:DE:85:12:80:2B:14:93:3B:34:A2:2F:77:65:E2:95:D2:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HwRs3oUSgCsUkzs0oi93ZeKV0qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/80e740-2c8c-45a6-938c-219b9f6f9087/1/TuInl5IxseRhLtbZY1X_lYI6Hbk.roa
Signing time: Fri 02 Jan 2026 04:18:57 +0000
ROA not before: Fri 02 Jan 2026 04:18:57 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198292
IP address blocks: 5.133.61.0/24 maxlen: 24
5.133.62.0/24 maxlen: 24
5.133.63.0/24 maxlen: 24
134.255.160.0/22 maxlen: 22
134.255.172.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/80e740-2c8c-45a6-938c-219b9f6f9087/1/HwRs3oUSgCsUkzs0oi93ZeKV0qs.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/80e740-2c8c-45a6-938c-219b9f6f9087/1/HwRs3oUSgCsUkzs0oi93ZeKV0qs.mft
rsync://rpki.ripe.net/repository/DEFAULT/HwRs3oUSgCsUkzs0oi93ZeKV0qs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 16:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:ee:1b:99:6f:c9:5f:dc:a0:9a:09:c8:68:50:6f:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f046cde8512802b14933b34a22f7765e295d2ab
Validity
Not Before: Jan 2 04:18:57 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4ee227979231b1e4612ed6d96355ff95823a1db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:1a:7f:29:2c:a7:7d:4b:e5:a2:b8:01:69:dc:
0a:57:b9:9e:1f:44:f7:6a:0a:c2:a0:c7:8a:00:e6:
5c:67:67:45:38:fc:e1:69:8b:33:a3:fb:00:9b:78:
62:0c:81:ac:52:49:f8:4c:a3:6c:e2:34:d6:4b:30:
13:f6:36:8b:ba:50:19:0e:93:2a:7c:24:fb:af:7e:
59:bc:a4:b1:a8:0f:3c:0e:6d:c6:ac:c4:78:54:26:
db:0d:65:4b:4b:b4:62:5b:60:19:96:ee:a5:dd:53:
7c:df:a4:38:3d:19:f7:be:0d:fd:7a:fa:fd:85:41:
f7:20:d0:bd:1f:2b:6c:db:43:34:3e:60:6c:21:b2:
24:e2:27:5f:bb:95:13:95:2d:cd:66:84:5d:5b:1b:
df:8b:8d:af:b0:ca:eb:4a:3c:52:9e:08:cc:1c:06:
e8:58:fe:57:9f:14:05:9f:05:cb:cb:a3:99:a1:50:
10:e7:8a:9d:35:0d:a2:48:20:3d:0e:59:ed:eb:f6:
90:94:66:a1:ac:0c:1c:79:67:3e:73:4a:d5:fb:52:
cd:23:cc:fa:e6:44:f0:ef:07:53:b5:7a:e9:93:05:
56:de:e9:b1:2d:45:1c:fd:08:42:dc:4e:04:d1:a8:
d3:bc:2d:c5:0b:5c:03:43:53:84:93:e4:95:31:76:
5c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:E2:27:97:92:31:B1:E4:61:2E:D6:D9:63:55:FF:95:82:3A:1D:B9
X509v3 Authority Key Identifier:
keyid:1F:04:6C:DE:85:12:80:2B:14:93:3B:34:A2:2F:77:65:E2:95:D2:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HwRs3oUSgCsUkzs0oi93ZeKV0qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/80e740-2c8c-45a6-938c-219b9f6f9087/1/TuInl5IxseRhLtbZY1X_lYI6Hbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/80e740-2c8c-45a6-938c-219b9f6f9087/1/HwRs3oUSgCsUkzs0oi93ZeKV0qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.61.0-5.133.63.255
134.255.160.0/22
134.255.172.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:e1:9b:c8:ef:8b:6b:ee:85:08:ab:ec:cd:29:f1:79:55:cb:
10:cb:4e:15:0f:53:4c:af:17:f5:eb:72:40:56:02:3e:15:28:
4b:f4:c7:4c:fa:07:fb:00:4f:50:ae:94:bd:c4:5c:b1:3d:c1:
40:c8:50:de:5c:2d:a7:f4:a8:78:de:ff:a8:d6:dc:17:f6:a7:
c2:fc:6c:8a:3e:75:91:fc:51:69:eb:77:8f:8c:06:4a:11:ad:
4f:9a:65:52:f5:a7:4f:cf:ff:55:3c:03:de:8f:9c:91:ea:53:
bb:2f:47:c7:07:e7:6c:8e:43:54:cc:30:b9:88:31:96:dd:f4:
73:b2:c0:56:27:cf:16:c6:08:50:00:e8:5f:9a:28:c6:ff:85:
1a:08:4b:5a:43:6c:58:0c:d0:3b:7b:35:9e:a6:ac:0c:51:59:
71:b1:2c:ec:a7:90:95:52:76:10:b0:61:f6:78:f7:c4:2e:6b:
6b:56:15:86:d7:2f:e8:e0:46:6f:fa:48:42:6d:d7:95:25:cc:
dd:f8:f5:ca:3b:f1:36:d4:b9:af:bf:c6:60:72:79:86:24:e6:
f8:52:a1:48:e0:af:12:07:39:96:08:06:66:ef:fe:2b:6e:5f:
36:0d:b7:d6:b8:d1:c9:0b:83:c8:a6:10:88:9e:3e:bf:ab:53:
37:e5:9c:38
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZt87huZb8lf3KCaCchoUG8eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMDQ2Y2RlODUxMjgwMmIxNDkzM2IzNGEyMmY3NzY1ZTI5
NWQyYWIwHhcNMjYwMTAyMDQxODU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWUyMjc5NzkyMzFiMWU0NjEyZWQ2ZDk2MzU1ZmY5NTgyM2ExZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Bp/KSynfUvlorgBadwKV7meH0T3
agrCoMeKAOZcZ2dFOPzhaYszo/sAm3hiDIGsUkn4TKNs4jTWSzAT9jaLulAZDpMq
fCT7r35ZvKSxqA88Dm3GrMR4VCbbDWVLS7RiW2AZlu6l3VN836Q4PRn3vg39evr9
hUH3INC9Hyts20M0PmBsIbIk4idfu5UTlS3NZoRdWxvfi42vsMrrSjxSngjMHAbo
WP5XnxQFnwXLy6OZoVAQ54qdNQ2iSCA9Dlnt6/aQlGahrAwceWc+c0rV+1LNI8z6
5kTw7wdTtXrpkwVW3umxLUUc/QhC3E4E0ajTvC3FC1wDQ1OEk+SVMXZcJQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFE7iJ5eSMbHkYS7W2WNV/5WCOh25MB8GA1UdIwQY
MBaAFB8EbN6FEoArFJM7NKIvd2XildKrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHdSczNvVVNnQ3NVa3pzMG9pOTNaZUtWMHFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS84MGU3NDAtMmM4Yy00NWE2LTkzOGMt
MjE5YjlmNmY5MDg3LzEvVHVJbmw1SXhzZVJoTHRiWlkxWF9sWUk2SGJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS84MGU3NDAtMmM4Yy00NWE2LTkzOGMtMjE5YjlmNmY5MDg3
LzEvSHdSczNvVVNnQ3NVa3pzMG9pOTNaZUtWMHFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAFhT0D
BAYFhQADBAKG/6ADBAKG/6wwDQYJKoZIhvcNAQELBQADggEBAKThm8jvi2vuhQir
7M0p8XlVyxDLThUPU0yvF/XrckBWAj4VKEv0x0z6B/sAT1CulL3EXLE9wUDIUN5c
Laf0qHje/6jW3Bf2p8L8bIo+dZH8UWnrd4+MBkoRrU+aZVL1p0/P/1U8A96PnJHq
U7svR8cH52yOQ1TMMLmIMZbd9HOywFYnzxbGCFAA6F+aKMb/hRoIS1pDbFgM0Dt7
NZ6mrAxRWXGxLOynkJVSdhCwYfZ498Qua2tWFYbXL+jgRm/6SEJt15UlzN349co7
8TbUua+/xmByeYYk5vhSoUjgrxIHOZYIBmbv/ituXzYNt9a40ckLg8imEIiePr+r
UzflnDg=
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:59:06 2026 by rpki-client