Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/TieuC1DoyThjRQq3uG3ihjLScTo.roa
File: TieuC1DoyThjRQq3uG3ihjLScTo.roa (raw, json)
Hash identifier: vC9rnpVx2T8cbVOPfkfZTZYOxBuzPINUpSnwkUZDkSE=
Subject key identifier: 4E:27:AE:0B:50:E8:C9:38:63:45:0A:B7:B8:6D:E2:86:32:D2:71:3A
Certificate issuer: /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial: 019D9613E9C4BB3245A09CD829E421461226
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/TieuC1DoyThjRQq3uG3ihjLScTo.roa
Signing time: Thu 16 Apr 2026 11:36:20 +0000
ROA not before: Thu 16 Apr 2026 11:36:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211642
IP address blocks: 5.253.60.0/24 maxlen: 24
5.253.61.0/24 maxlen: 24
45.128.206.0/24 maxlen: 24
45.128.207.0/24 maxlen: 24
185.219.40.0/24 maxlen: 24
185.219.42.0/24 maxlen: 24
185.219.43.0/24 maxlen: 24
185.240.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 05:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:96:13:e9:c4:bb:32:45:a0:9c:d8:29:e4:21:46:12:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
Validity
Not Before: Apr 16 11:36:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4e27ae0b50e8c93863450ab7b86de28632d2713a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:35:b0:41:a0:e0:c2:b5:72:85:b6:5f:d0:65:
21:f8:6f:bf:e9:c6:f0:b2:3a:a3:d0:99:da:67:e2:
51:16:a7:a6:a0:4f:cb:e9:c3:53:e7:0a:ad:f7:dd:
81:b8:ec:00:66:6e:bf:71:5e:a3:2b:f0:cf:ab:1b:
2c:ff:55:f8:87:44:e7:54:36:43:1f:3e:48:b1:ab:
68:97:67:34:05:c2:68:6c:38:64:84:f1:be:e2:7d:
a5:b1:ca:bf:aa:fd:20:79:be:59:77:ba:65:bb:fe:
ef:a8:08:44:65:20:64:10:83:6c:83:6c:a4:db:8f:
ca:ae:80:f2:f2:b6:86:a5:72:b5:ff:87:1a:60:2e:
c9:43:68:71:63:b5:8c:12:29:c6:63:07:80:1d:63:
ae:78:e9:5c:fb:fb:cd:11:09:56:ec:6f:85:8f:7e:
65:9c:5f:72:2e:74:6d:bd:b2:5c:ef:bb:8d:76:96:
c2:84:80:6b:e9:5a:6e:6d:04:d2:cf:7c:2e:20:0c:
b5:d7:bf:87:ae:d2:2b:84:17:83:b9:4a:c0:39:0e:
f6:6f:15:35:71:d2:ee:a9:07:84:b1:d0:79:01:a7:
44:fa:1f:69:37:63:b1:cb:3f:8f:1a:35:26:55:0f:
ec:98:cd:73:5a:c8:ef:65:69:07:e6:06:7e:9c:b3:
17:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:27:AE:0B:50:E8:C9:38:63:45:0A:B7:B8:6D:E2:86:32:D2:71:3A
X509v3 Authority Key Identifier:
keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/TieuC1DoyThjRQq3uG3ihjLScTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.60.0/23
45.128.206.0/23
185.219.40.0/24
185.219.42.0/23
185.240.102.0/24
Signature Algorithm: sha256WithRSAEncryption
69:cd:8d:a8:b0:c9:a7:36:40:cb:96:9b:21:b3:ee:3e:8d:4a:
30:cb:7d:ed:26:27:c2:f0:a2:bd:f8:25:79:8b:3d:a0:eb:06:
b3:02:70:a3:2b:2a:4a:ae:07:71:25:6b:f0:42:9a:98:51:45:
2c:34:b7:86:2d:d9:ed:db:bb:4a:11:3d:ee:f3:94:4a:85:e5:
49:d3:3d:9e:ff:87:0f:8c:7e:a3:be:5a:3f:d5:2d:8f:5b:7f:
17:58:23:3e:a3:5d:60:ff:3c:5e:aa:05:8b:da:bb:d9:f1:17:
46:01:0c:40:82:6a:00:b0:77:55:d2:2a:23:24:c6:6d:50:48:
db:78:e4:4c:2e:0a:97:ea:51:ec:4c:33:ee:7b:94:6a:36:d8:
90:7d:a9:fc:91:e3:97:28:89:c0:da:38:3f:f9:b4:77:ac:cb:
21:33:7e:91:d8:bc:43:4b:f9:5f:15:d8:f5:78:21:e0:37:5a:
c3:44:8f:22:20:fe:60:a2:62:cc:84:d5:18:51:65:95:31:8d:
d3:4d:58:72:18:3b:12:d8:aa:bc:66:86:46:d4:01:1e:0a:9a:
f0:71:9f:12:e0:dd:e5:e9:73:03:e0:c7:c2:3c:23:d0:65:3c:
70:1d:82:4f:86:24:10:eb:86:bc:67:22:17:73:88:7f:dc:5a:
eb:cd:9b:c7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ2WE+nEuzJFoJzYKeQhRhImMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjYwNDE2MTEzNjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTI3YWUwYjUwZThjOTM4NjM0NTBhYjdiODZkZTI4NjMyZDI3MTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDWwQaDgwrVyhbZf0GUh+G+/6cbw
sjqj0JnaZ+JRFqemoE/L6cNT5wqt992BuOwAZm6/cV6jK/DPqxss/1X4h0TnVDZD
Hz5Isatol2c0BcJobDhkhPG+4n2lscq/qv0geb5Zd7plu/7vqAhEZSBkEINsg2yk
24/KroDy8raGpXK1/4caYC7JQ2hxY7WMEinGYweAHWOueOlc+/vNEQlW7G+Fj35l
nF9yLnRtvbJc77uNdpbChIBr6VpubQTSz3wuIAy117+HrtIrhBeDuUrAOQ72bxU1
cdLuqQeEsdB5AadE+h9pN2Oxyz+PGjUmVQ/smM1zWsjvZWkH5gZ+nLMX/QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFE4nrgtQ6Mk4Y0UKt7ht4oYy0nE6MB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvVGlldUMxRG95VGhqUlFxM3VHM2loakxTY1RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBBf08AwQB
LYDOAwQAudsoAwQBudsqAwQAufBmMA0GCSqGSIb3DQEBCwUAA4IBAQBpzY2osMmn
NkDLlpshs+4+jUowy33tJifC8KK9+CV5iz2g6wazAnCjKypKrgdxJWvwQpqYUUUs
NLeGLdnt27tKET3u85RKheVJ0z2e/4cPjH6jvlo/1S2PW38XWCM+o11g/zxeqgWL
2rvZ8RdGAQxAgmoAsHdV0iojJMZtUEjbeORMLgqX6lHsTDPue5RqNtiQfan8keOX
KInA2jg/+bR3rMshM36R2LxDS/lfFdj1eCHgN1rDRI8iIP5gomLMhNUYUWWVMY3T
TVhyGDsS2Kq8ZoZG1AEeCprwcZ8S4N3l6XMD4MfCPCPQZTxwHYJPhiQQ64a8ZyIX
c4h/3FrrzZvH
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:51:01 2026 by rpki-client