Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/5e54oDyTiKHtp31vWJTP5XM-iV8.roa
File: 5e54oDyTiKHtp31vWJTP5XM-iV8.roa (raw, json)
Hash identifier: CoEKmyPCbM+6ZClHX32yt6+iaogZBQ0nDalNysMTb0w=
Subject key identifier: E5:EE:78:A0:3C:93:88:A1:ED:A7:7D:6F:58:94:CF:E5:73:3E:89:5F
Certificate issuer: /CN=035e5285dedc35ab63527048b366ee553806ce04
Certificate serial: 019EAC2DED4E561CCFD1C61FC3915457778E
Authority key identifier: 03:5E:52:85:DE:DC:35:AB:63:52:70:48:B3:66:EE:55:38:06:CE:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A15Shd7cNatjUnBIs2buVTgGzgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/5e54oDyTiKHtp31vWJTP5XM-iV8.roa
Signing time: Tue 09 Jun 2026 11:39:11 +0000
ROA not before: Tue 09 Jun 2026 11:39:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 13009
IP address blocks: 91.213.208.0/24 maxlen: 24
91.213.215.0/24 maxlen: 24
91.213.217.0/24 maxlen: 24
91.213.220.0/24 maxlen: 24
2a0f:64c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/A15Shd7cNatjUnBIs2buVTgGzgQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/A15Shd7cNatjUnBIs2buVTgGzgQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/A15Shd7cNatjUnBIs2buVTgGzgQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Jun 2026 07:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ac:2d:ed:4e:56:1c:cf:d1:c6:1f:c3:91:54:57:77:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=035e5285dedc35ab63527048b366ee553806ce04
Validity
Not Before: Jun 9 11:39:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e5ee78a03c9388a1eda77d6f5894cfe5733e895f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d1:e3:15:c0:d9:6a:3c:67:39:d7:cb:69:1d:
4d:7d:a7:21:ce:aa:2c:bb:07:09:0c:f9:ea:0f:12:
28:d1:8c:62:2a:47:17:ed:72:1d:36:94:94:31:40:
6a:03:25:2c:60:26:b4:1e:e8:0c:85:2c:61:84:dc:
f4:7a:b4:a8:22:63:ed:2a:38:56:8a:49:4d:38:cf:
19:6e:49:a3:1c:5f:b0:70:56:b9:ce:1b:3b:72:a7:
73:af:cf:01:0a:b4:31:96:2b:64:c7:6c:46:94:45:
bd:40:dc:e9:e7:69:f7:6c:5c:36:8a:2f:e1:4c:1e:
b4:a1:ba:b6:70:3d:1f:55:35:55:ef:09:79:97:cf:
60:dc:3b:02:51:42:d5:b6:85:2b:59:ef:be:b9:c8:
04:f8:44:30:ca:3f:f6:ed:8b:d9:28:35:bf:a5:68:
9d:73:5c:37:36:95:69:74:36:84:9d:a0:aa:54:43:
2a:e4:5c:c1:d1:80:29:34:1a:29:a4:f4:47:b4:8f:
72:9e:6e:01:aa:a9:29:75:aa:65:bc:13:70:a5:35:
18:c3:34:52:fc:1b:49:ab:14:a4:70:98:73:c6:fe:
94:a0:d9:9e:22:90:1a:27:cd:0b:40:2c:ca:e2:71:
f1:7f:59:d3:a0:7e:8c:6c:64:62:c9:4d:92:00:18:
3e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:EE:78:A0:3C:93:88:A1:ED:A7:7D:6F:58:94:CF:E5:73:3E:89:5F
X509v3 Authority Key Identifier:
keyid:03:5E:52:85:DE:DC:35:AB:63:52:70:48:B3:66:EE:55:38:06:CE:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A15Shd7cNatjUnBIs2buVTgGzgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/5e54oDyTiKHtp31vWJTP5XM-iV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/A15Shd7cNatjUnBIs2buVTgGzgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.208.0/24
91.213.215.0/24
91.213.217.0/24
91.213.220.0/24
IPv6:
2a0f:64c0::/29
Signature Algorithm: sha256WithRSAEncryption
52:bf:55:a7:de:82:65:8e:c6:fd:15:39:88:99:e4:69:9d:10:
da:53:e0:cf:63:64:a9:bb:43:46:af:35:23:69:8a:db:64:98:
ef:dc:35:12:a0:e3:68:16:2e:2c:c9:4a:73:5d:b4:e2:b0:e8:
e4:95:04:24:bc:ec:22:9d:b3:8a:37:e0:4b:59:c6:6c:5b:d0:
33:ec:34:60:d3:4a:c7:b8:30:2d:a8:e0:a6:f9:b1:bf:90:0a:
38:cb:d0:d2:5a:33:6c:fc:b2:44:bb:18:1e:13:26:2e:da:f7:
88:e7:a8:4c:5f:71:7c:a6:fc:15:a7:c1:7f:d4:7d:09:13:4a:
9b:14:46:c6:b3:2e:71:e6:69:b8:54:a2:a3:f8:ac:27:8d:37:
33:76:dd:8d:58:20:1b:7b:42:bf:73:52:2c:94:94:2e:e6:0b:
a7:d5:8c:13:2e:99:ed:85:2a:f4:77:dd:01:9e:c3:b7:41:42:
0d:71:be:e3:69:b9:30:cb:d6:bb:b5:61:7e:c8:c3:82:a7:2e:
f7:14:1b:e7:fa:eb:8e:8f:9d:02:43:bf:c0:ab:05:fb:d8:59:
6a:98:ff:21:51:ca:33:00:6b:6c:12:a9:53:23:ae:3d:ca:01:
fa:c7:98:0b:94:6f:5c:3b:a6:2f:6a:ba:f8:91:84:f2:b8:fd:
79:a7:68:74
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZ6sLe1OVhzP0cYfw5FUV3eOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNWU1Mjg1ZGVkYzM1YWI2MzUyNzA0OGIzNjZlZTU1Mzgw
NmNlMDQwHhcNMjYwNjA5MTEzOTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWVlNzhhMDNjOTM4OGExZWRhNzdkNmY1ODk0Y2ZlNTczM2U4OTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9HjFcDZajxnOdfLaR1Nfachzqos
uwcJDPnqDxIo0YxiKkcX7XIdNpSUMUBqAyUsYCa0HugMhSxhhNz0erSoImPtKjhW
iklNOM8ZbkmjHF+wcFa5zhs7cqdzr88BCrQxlitkx2xGlEW9QNzp52n3bFw2ii/h
TB60obq2cD0fVTVV7wl5l89g3DsCUULVtoUrWe++ucgE+EQwyj/27YvZKDW/pWid
c1w3NpVpdDaEnaCqVEMq5FzB0YApNBoppPRHtI9ynm4BqqkpdaplvBNwpTUYwzRS
/BtJqxSkcJhzxv6UoNmeIpAaJ80LQCzK4nHxf1nToH6MbGRiyU2SABg+nwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFOXueKA8k4ih7ad9b1iUz+VzPolfMB8GA1UdIwQY
MBaAFANeUoXe3DWrY1JwSLNm7lU4Bs4EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTE1U2hkN2NOYXRqVW5CSXMyYnVWVGdHemdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mMTk0NGItMTAxYS00MTgxLWEzNmIt
MmMyNzA3NzM2ZmRiLzEvNWU1NG9EeVRpS0h0cDMxdldKVFA1WE0taVY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mMTk0NGItMTAxYS00MTgxLWEzNmItMmMyNzA3NzM2ZmRi
LzEvQTE1U2hkN2NOYXRqVW5CSXMyYnVWVGdHemdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW9XQAwQA
W9XXAwQAW9XZAwQAW9XcMA0EAgACMAcDBQMqD2TAMA0GCSqGSIb3DQEBCwUAA4IB
AQBSv1Wn3oJljsb9FTmImeRpnRDaU+DPY2Spu0NGrzUjaYrbZJjv3DUSoONoFi4s
yUpzXbTisOjklQQkvOwinbOKN+BLWcZsW9Az7DRg00rHuDAtqOCm+bG/kAo4y9DS
WjNs/LJEuxgeEyYu2veI56hMX3F8pvwVp8F/1H0JE0qbFEbGsy5x5mm4VKKj+Kwn
jTczdt2NWCAbe0K/c1IslJQu5gun1YwTLpnthSr0d90BnsO3QUINcb7jabkwy9a7
tWF+yMOCpy73FBvn+uuOj50CQ7/AqwX72FlqmP8hUcozAGtsEqlTI649ygH6x5gL
lG9cO6Yvarr4kYTyuP15p2h0
-----END CERTIFICATE-----
Generated at Mon Jun 15 12:44:11 2026 by rpki-client