Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ryRsFMuncDI7fwcB7OFL4CIroCk.roa
File: ryRsFMuncDI7fwcB7OFL4CIroCk.roa (raw, json)
Hash identifier: xTIFFK8wJIdL8+Nm32Kj7pg11uBB8rzbL35pD7PoRuQ=
Subject key identifier: AF:24:6C:14:CB:A7:70:32:3B:7F:07:01:EC:E1:4B:E0:22:2B:A0:29
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019E9360BBA759E3FF65197C8397254B5E44
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ryRsFMuncDI7fwcB7OFL4CIroCk.roa
Signing time: Thu 04 Jun 2026 16:04:10 +0000
ROA not before: Thu 04 Jun 2026 16:04:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396356
IP address blocks: 5.253.44.0/24 maxlen: 24
5.253.45.0/24 maxlen: 24
5.253.47.0/24 maxlen: 24
45.8.188.0/24 maxlen: 24
45.8.189.0/24 maxlen: 24
45.8.194.0/24 maxlen: 24
45.8.206.0/24 maxlen: 24
45.9.4.0/24 maxlen: 24
45.9.6.0/24 maxlen: 24
45.9.7.0/24 maxlen: 24
45.66.152.0/24 maxlen: 24
45.66.154.0/24 maxlen: 24
45.66.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 23:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:93:60:bb:a7:59:e3:ff:65:19:7c:83:97:25:4b:5e:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jun 4 16:04:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=af246c14cba770323b7f0701ece14be0222ba029
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:9a:df:55:4f:dc:ff:d0:1e:ae:8c:f4:ea:75:
9b:59:4f:bd:5c:1b:f1:ef:49:4b:8a:0c:66:b8:84:
e6:23:a0:e9:e1:b1:e4:61:15:b3:4c:c5:e4:ef:f9:
12:1c:2c:4c:fd:c1:0a:73:74:bf:6e:5a:14:8b:0c:
2c:f6:0f:2f:3e:9c:db:ec:81:5d:58:c8:b9:e1:38:
05:11:b1:93:aa:46:24:1d:be:1e:0d:91:c6:27:20:
25:52:6b:9f:12:98:92:6b:4a:9b:fc:60:be:b3:ec:
2c:1c:71:f8:eb:28:97:41:73:f2:2c:fe:bb:02:d3:
eb:16:6d:63:8e:f8:6e:50:48:23:7f:ff:e0:79:bc:
2f:b9:ec:8f:9f:d3:61:c1:c8:ed:d8:d5:89:75:30:
18:f0:ba:be:6f:ec:30:e9:11:e8:ad:06:d4:ba:c3:
0d:03:a2:c1:6f:ec:39:9c:1d:a7:a7:3a:37:c0:64:
53:2f:5c:71:9c:95:65:8f:10:1a:14:7f:fc:88:84:
a9:3a:a8:d4:ea:38:64:92:18:2a:e7:71:f4:4b:81:
ba:31:a9:ed:52:7c:05:57:7c:d1:68:08:e1:d7:87:
58:1c:3e:a4:2d:ea:97:ed:76:b9:7f:f3:02:d2:5c:
58:75:4f:8c:3a:7c:27:53:93:72:1d:0a:94:58:a7:
fc:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:24:6C:14:CB:A7:70:32:3B:7F:07:01:EC:E1:4B:E0:22:2B:A0:29
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ryRsFMuncDI7fwcB7OFL4CIroCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.44.0/23
5.253.47.0/24
45.8.188.0/23
45.8.194.0/24
45.8.206.0/24
45.9.4.0/24
45.9.6.0/23
45.66.152.0/24
45.66.154.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:17:a6:a8:eb:69:b4:74:16:de:69:77:76:45:8e:f0:d9:01:
d7:86:03:20:ef:cd:18:d0:b7:db:4e:86:a1:5f:c6:8e:aa:ac:
cf:b4:f7:04:6f:84:3c:37:dc:61:b8:d8:a8:aa:ee:0f:7e:7f:
bf:e6:71:fc:02:8a:00:35:69:56:ac:8a:2d:8e:00:94:9e:dd:
3a:78:36:9c:50:ce:90:20:44:91:3b:e8:88:5b:a8:c4:c3:30:
ca:50:f1:93:0b:b4:83:bb:b1:aa:b0:37:a6:bf:5e:3f:f3:48:
50:ff:80:93:b1:08:95:e8:0d:23:64:9b:c5:05:bd:9e:32:cd:
cd:24:81:3c:fc:fd:8f:bf:ea:1f:aa:2f:bd:0e:60:a5:e1:01:
40:30:03:d6:59:15:46:c3:dc:2a:ac:85:84:0c:ef:9e:5f:ac:
2b:1f:b6:57:5d:64:f0:76:71:7b:f9:8f:c1:c9:fe:dd:91:50:
a9:e8:c9:fb:47:74:11:17:f3:65:d5:32:cd:fe:a2:6f:b4:20:
e5:9f:ce:ba:58:88:8a:b2:47:d9:6d:2b:2a:39:97:08:8f:20:
f2:41:ad:fc:87:b1:4f:62:e6:22:89:af:c3:e1:67:ca:94:93:
67:a3:0e:a7:f1:e0:7a:b5:50:01:09:68:40:f5:33:4e:d6:81:
15:84:9b:d8
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZ6TYLunWeP/ZRl8g5clS15EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwNjA0MTYwNDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjI0NmMxNGNiYTc3MDMyM2I3ZjA3MDFlY2UxNGJlMDIyMmJhMDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15rfVU/c/9Aeroz06nWbWU+9XBvx
70lLigxmuITmI6Dp4bHkYRWzTMXk7/kSHCxM/cEKc3S/bloUiwws9g8vPpzb7IFd
WMi54TgFEbGTqkYkHb4eDZHGJyAlUmufEpiSa0qb/GC+s+wsHHH46yiXQXPyLP67
AtPrFm1jjvhuUEgjf//gebwvueyPn9Nhwcjt2NWJdTAY8Lq+b+ww6RHorQbUusMN
A6LBb+w5nB2npzo3wGRTL1xxnJVljxAaFH/8iISpOqjU6jhkkhgq53H0S4G6Mant
UnwFV3zRaAjh14dYHD6kLeqX7Xa5f/MC0lxYdU+MOnwnU5NyHQqUWKf8zQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFK8kbBTLp3AyO38HAezhS+AiK6ApMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvcnlSc0ZNdW5jREk3ZndjQjdPRkw0Q0lyb0NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBBf0sAwQA
Bf0vAwQBLQi8AwQALQjCAwQALQjOAwQALQkEAwQBLQkGAwQALUKYAwQBLUKaMA0G
CSqGSIb3DQEBCwUAA4IBAQA8F6ao62m0dBbeaXd2RY7w2QHXhgMg780Y0LfbToah
X8aOqqzPtPcEb4Q8N9xhuNioqu4Pfn+/5nH8AooANWlWrIotjgCUnt06eDacUM6Q
IESRO+iIW6jEwzDKUPGTC7SDu7GqsDemv14/80hQ/4CTsQiV6A0jZJvFBb2eMs3N
JIE8/P2Pv+ofqi+9DmCl4QFAMAPWWRVGw9wqrIWEDO+eX6wrH7ZXXWTwdnF7+Y/B
yf7dkVCp6Mn7R3QRF/Nl1TLN/qJvtCDln866WIiKskfZbSsqOZcIjyDyQa38h7FP
YuYiia/D4WfKlJNnow6n8eB6tVABCWhA9TNO1oEVhJvY
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:39:21 2026 by rpki-client