Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/5qnljKvNs-GyzRnKmgBvr7ApfIg.roa
File: 5qnljKvNs-GyzRnKmgBvr7ApfIg.roa (raw, json)
Hash identifier: qoGNXZJPcOkwbbD45BtJZ/8uBUEnPR0NK+OHoG77IVY=
Subject key identifier: E6:A9:E5:8C:AB:CD:B3:E1:B2:CD:19:CA:9A:00:6F:AF:B0:29:7C:88
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019D8654D7A1F36DC4EB34599E3853CF6196
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/5qnljKvNs-GyzRnKmgBvr7ApfIg.roa
Signing time: Mon 13 Apr 2026 10:13:20 +0000
ROA not before: Mon 13 Apr 2026 10:13:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 33993
IP address blocks: 2.56.178.0/24 maxlen: 24
45.12.114.0/24 maxlen: 24
45.12.115.0/24 maxlen: 24
45.15.130.0/24 maxlen: 24
45.15.147.0/24 maxlen: 24
45.128.49.0/24 maxlen: 24
45.128.53.0/24 maxlen: 24
45.136.114.0/24 maxlen: 24
141.98.188.0/24 maxlen: 24
141.98.189.0/24 maxlen: 24
141.98.190.0/24 maxlen: 24
141.98.191.0/24 maxlen: 24
171.22.119.0/24 maxlen: 24
171.22.133.0/24 maxlen: 24
171.22.134.0/24 maxlen: 24
171.22.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 01:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:86:54:d7:a1:f3:6d:c4:eb:34:59:9e:38:53:cf:61:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Apr 13 10:13:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e6a9e58cabcdb3e1b2cd19ca9a006fafb0297c88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:80:23:a7:8e:29:2d:48:6d:28:de:b4:07:7c:
30:f3:0a:28:3a:41:86:82:d9:12:81:9c:fd:d2:85:
db:97:ff:51:6a:93:49:35:91:24:3a:d5:43:a9:94:
8c:6e:a8:d2:3b:1b:50:2d:cd:48:f6:59:b1:37:36:
1b:a1:25:6c:db:10:0c:38:60:05:81:d5:ad:37:e1:
97:0a:04:6d:bd:27:46:88:85:46:68:dc:2c:8b:0e:
a6:44:5e:25:f7:4a:2d:be:7e:e9:3d:67:f1:03:cb:
2b:52:77:b9:c5:a9:ff:89:a5:81:42:d3:21:6c:14:
36:48:37:ae:68:92:29:45:45:3c:97:dc:28:0b:d7:
b8:07:2d:04:bd:f9:5c:fa:44:3b:7f:89:cb:fb:7d:
8d:6e:0b:90:d5:fc:65:79:e2:01:c8:1a:06:d7:04:
71:b3:6e:1c:a9:3a:0d:97:41:d0:8a:3a:a7:f9:22:
d6:f5:e7:7c:15:16:51:5e:79:02:0f:38:ee:74:0d:
f6:35:ef:6a:b1:9b:95:58:20:07:04:1f:c7:ee:63:
c1:4e:06:af:d9:43:23:74:bc:24:24:7d:38:0f:f9:
dc:70:62:b9:e3:7c:72:1b:4d:c8:3a:58:7c:10:0a:
95:10:71:3f:f2:47:19:c2:fd:14:9b:df:7c:fa:9a:
5b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:A9:E5:8C:AB:CD:B3:E1:B2:CD:19:CA:9A:00:6F:AF:B0:29:7C:88
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/5qnljKvNs-GyzRnKmgBvr7ApfIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.178.0/24
45.12.114.0/23
45.15.130.0/24
45.15.147.0/24
45.128.49.0/24
45.128.53.0/24
45.136.114.0/24
141.98.188.0/22
171.22.119.0/24
171.22.133.0-171.22.135.255
Signature Algorithm: sha256WithRSAEncryption
81:36:a5:dc:2a:e9:e0:09:2d:b0:94:95:b6:68:7e:a9:c9:85:
8a:d6:04:a2:77:b3:cb:7a:cf:ec:e2:1b:f4:47:cc:f2:4f:3c:
1d:ac:92:ed:f2:33:e5:8f:9a:e1:5c:d5:1c:08:89:c9:30:3c:
84:b2:bf:9c:96:4b:ea:08:09:35:32:2d:1e:a3:a4:a7:ca:93:
45:b8:bd:ac:e5:d1:8f:3b:da:ec:75:da:3a:1c:cd:d5:60:fd:
41:ba:e4:18:35:44:f6:8a:0b:31:42:e9:f3:19:00:67:f2:c9:
20:6c:f0:64:d0:29:1c:d8:1f:3d:df:92:4b:a2:59:0d:cc:ae:
64:5b:b9:50:d2:04:79:91:80:ee:a7:aa:1b:bf:47:6f:c8:28:
c8:af:ef:cd:e7:3b:ea:62:99:01:6f:cf:93:d5:86:66:94:46:
5d:7f:c3:92:4f:40:4b:42:26:ac:8a:e7:7b:f7:0e:82:41:1c:
dc:a6:bb:d8:f8:bd:06:f6:1e:8d:41:0c:00:99:98:f2:24:03:
f2:db:57:1d:d8:a6:a4:58:0f:c1:9b:48:69:39:ed:29:10:a7:
c4:cd:43:be:5b:28:f4:94:80:42:86:36:f7:a9:46:fa:a0:7f:
63:8b:2a:2c:f8:75:f4:c2:48:56:4c:85:e4:12:2b:09:6e:6b:
04:dd:34:ba
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZ2GVNeh823E6zRZnjhTz2GWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwNDEzMTAxMzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmE5ZTU4Y2FiY2RiM2UxYjJjZDE5Y2E5YTAwNmZhZmIwMjk3Yzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIAjp44pLUhtKN60B3ww8wooOkGG
gtkSgZz90oXbl/9RapNJNZEkOtVDqZSMbqjSOxtQLc1I9lmxNzYboSVs2xAMOGAF
gdWtN+GXCgRtvSdGiIVGaNwsiw6mRF4l90otvn7pPWfxA8srUne5xan/iaWBQtMh
bBQ2SDeuaJIpRUU8l9woC9e4By0Evflc+kQ7f4nL+32NbguQ1fxleeIByBoG1wRx
s24cqToNl0HQijqn+SLW9ed8FRZRXnkCDzjudA32Ne9qsZuVWCAHBB/H7mPBTgav
2UMjdLwkJH04D/nccGK543xyG03IOlh8EAqVEHE/8kcZwv0Um998+ppb5wIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFOap5YyrzbPhss0ZypoAb6+wKXyIMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvNXFubGpLdk5zLUd5elJuS21nQnZyN0FwZklnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAAjiyAwQB
LQxyAwQALQ+CAwQALQ+TAwQALYAxAwQALYA1AwQALYhyAwQCjWK8AwQAqxZ3MAwD
BACrFoUDBAOrFoAwDQYJKoZIhvcNAQELBQADggEBAIE2pdwq6eAJLbCUlbZofqnJ
hYrWBKJ3s8t6z+ziG/RHzPJPPB2sku3yM+WPmuFc1RwIickwPISyv5yWS+oICTUy
LR6jpKfKk0W4vazl0Y872ux12joczdVg/UG65Bg1RPaKCzFC6fMZAGfyySBs8GTQ
KRzYHz3fkkuiWQ3MrmRbuVDSBHmRgO6nqhu/R2/IKMiv783nO+pimQFvz5PVhmaU
Rl1/w5JPQEtCJqyK53v3DoJBHNymu9j4vQb2Ho1BDACZmPIkA/LbVx3YpqRYD8Gb
SGk57SkQp8TNQ75bKPSUgEKGNvepRvqgf2OLKiz4dfTCSFZMheQSKwluawTdNLo=
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:14:22 2026 by rpki-client