Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/722ccd-47c2-4b48-b957-bc5d3c91673b/1/p3lOFBA7znd_xsRdsxEmFM9yH7g.roa
File: p3lOFBA7znd_xsRdsxEmFM9yH7g.roa (raw, json)
Hash identifier: CG+fcDr3x45VSiNKnFMrel+5ShCNJ8mgmgJZBesP+MY=
Subject key identifier: A7:79:4E:14:10:3B:CE:77:7F:C6:C4:5D:B3:11:26:14:CF:72:1F:B8
Certificate issuer: /CN=4cd3f4e567fd541e5af0c9e88d11a90d3e21d467
Certificate serial: 019C8A96FD37B46C2BED186818387F3711B6
Authority key identifier: 4C:D3:F4:E5:67:FD:54:1E:5A:F0:C9:E8:8D:11:A9:0D:3E:21:D4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TNP05Wf9VB5a8MnojRGpDT4h1Gc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/722ccd-47c2-4b48-b957-bc5d3c91673b/1/p3lOFBA7znd_xsRdsxEmFM9yH7g.roa
Signing time: Mon 23 Feb 2026 13:01:16 +0000
ROA not before: Mon 23 Feb 2026 13:01:16 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204527
IP address blocks: 185.130.5.0/24 maxlen: 24
185.130.6.0/24 maxlen: 24
185.130.7.0/24 maxlen: 24
2a07:db01::/48 maxlen: 48
2a07:db01:1::/48 maxlen: 48
2a07:db01:3::/48 maxlen: 48
2a07:db01:40::/42 maxlen: 42
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/722ccd-47c2-4b48-b957-bc5d3c91673b/1/TNP05Wf9VB5a8MnojRGpDT4h1Gc.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/722ccd-47c2-4b48-b957-bc5d3c91673b/1/TNP05Wf9VB5a8MnojRGpDT4h1Gc.mft
rsync://rpki.ripe.net/repository/DEFAULT/TNP05Wf9VB5a8MnojRGpDT4h1Gc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 21:16:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8a:96:fd:37:b4:6c:2b:ed:18:68:18:38:7f:37:11:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cd3f4e567fd541e5af0c9e88d11a90d3e21d467
Validity
Not Before: Feb 23 13:01:16 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a7794e14103bce777fc6c45db3112614cf721fb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d9:c9:dd:f7:03:11:29:3f:30:4f:88:24:ee:
fb:65:58:82:58:80:d1:0c:4a:fb:08:5b:45:69:66:
41:f3:c1:60:16:68:42:e9:7c:a7:2b:7d:b2:5b:60:
95:92:6c:60:dc:7b:ec:b3:76:dc:0a:74:78:f4:b5:
4c:35:3d:5b:38:9e:3c:f6:94:e7:a7:04:f0:76:ca:
60:8d:6d:2b:f0:b1:3c:c7:c4:ce:b4:81:ec:f5:2e:
a5:f5:9a:5f:c1:e4:0d:3c:6a:a1:ce:5a:79:a1:de:
d1:f8:d5:d6:de:87:15:0a:6c:7b:b0:35:60:fd:f6:
07:5b:35:3f:33:f4:f6:ee:a9:51:bb:32:af:d5:56:
b6:63:97:0c:85:e4:3b:aa:d8:25:17:06:ad:4c:84:
f1:e2:05:b3:48:32:8a:c9:1f:73:a6:16:20:0f:9d:
5f:92:86:ef:ce:6e:52:c5:17:8f:86:4c:5b:b2:20:
0c:00:96:3c:c7:7e:38:e9:8d:b2:99:2d:44:3e:a1:
34:5c:61:6d:b5:51:bf:bb:92:fc:f2:a5:c3:32:b7:
97:0c:83:26:5e:3f:e6:ed:68:89:e2:56:72:18:6f:
79:6d:f0:3f:c0:aa:ad:13:50:d2:6d:54:8a:70:96:
37:e6:01:27:f1:76:8e:b2:83:16:5a:c3:16:40:03:
18:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:79:4E:14:10:3B:CE:77:7F:C6:C4:5D:B3:11:26:14:CF:72:1F:B8
X509v3 Authority Key Identifier:
keyid:4C:D3:F4:E5:67:FD:54:1E:5A:F0:C9:E8:8D:11:A9:0D:3E:21:D4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TNP05Wf9VB5a8MnojRGpDT4h1Gc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/722ccd-47c2-4b48-b957-bc5d3c91673b/1/p3lOFBA7znd_xsRdsxEmFM9yH7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/722ccd-47c2-4b48-b957-bc5d3c91673b/1/TNP05Wf9VB5a8MnojRGpDT4h1Gc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.5.0-185.130.7.255
IPv6:
2a07:db01::/47
2a07:db01:3::/48
2a07:db01:40::/42
Signature Algorithm: sha256WithRSAEncryption
10:b9:30:49:57:34:59:8e:8d:57:bf:93:9e:13:87:e0:c9:35:
42:02:24:dc:39:2a:47:89:0a:e9:e2:62:55:70:4b:e7:f6:aa:
ad:33:d3:26:5e:8a:40:7f:98:0a:53:99:0e:a4:ef:60:70:b9:
fc:ee:05:1d:55:ee:83:a5:6b:8f:d5:31:8a:4b:a5:1d:44:7b:
d9:79:24:3c:37:09:a7:60:ce:c6:3c:4e:38:d5:ce:41:cf:65:
dd:da:f4:83:8a:59:f3:a0:a2:0d:a8:6f:67:54:82:bd:d7:68:
0e:e4:67:01:f2:81:da:51:52:1c:3a:9a:f2:99:c5:bd:49:6d:
c4:7b:9e:75:9c:32:94:b4:84:03:f0:11:54:07:56:16:45:d9:
b6:1a:11:38:e1:73:9c:4e:68:31:b7:fd:28:a9:41:3a:85:98:
7b:31:5d:01:ff:cb:89:d3:e4:08:05:10:88:42:78:51:f5:00:
70:c4:fc:51:3a:90:c8:9d:5e:fa:ee:bb:7b:a7:2c:52:05:9c:
7a:9e:7a:89:41:ec:33:c0:b4:55:16:04:2c:72:85:83:71:fc:
1a:46:93:70:79:64:04:e1:0a:81:71:47:bb:4c:01:62:01:24:
6b:90:c4:26:b0:82:5b:05:75:d5:56:40:8e:df:76:44:85:24:
1a:d6:1f:d5
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZyKlv03tGwr7RhoGDh/NxG2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZDNmNGU1NjdmZDU0MWU1YWYwYzllODhkMTFhOTBkM2Uy
MWQ0NjcwHhcNMjYwMjIzMTMwMTE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzc5NGUxNDEwM2JjZTc3N2ZjNmM0NWRiMzExMjYxNGNmNzIxZmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltnJ3fcDESk/ME+IJO77ZViCWIDR
DEr7CFtFaWZB88FgFmhC6XynK32yW2CVkmxg3Hvss3bcCnR49LVMNT1bOJ489pTn
pwTwdspgjW0r8LE8x8TOtIHs9S6l9ZpfweQNPGqhzlp5od7R+NXW3ocVCmx7sDVg
/fYHWzU/M/T27qlRuzKv1Va2Y5cMheQ7qtglFwatTITx4gWzSDKKyR9zphYgD51f
kobvzm5SxRePhkxbsiAMAJY8x3446Y2ymS1EPqE0XGFttVG/u5L88qXDMreXDIMm
Xj/m7WiJ4lZyGG95bfA/wKqtE1DSbVSKcJY35gEn8XaOsoMWWsMWQAMY6wIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFKd5ThQQO853f8bEXbMRJhTPch+4MB8GA1UdIwQY
MBaAFEzT9OVn/VQeWvDJ6I0RqQ0+IdRnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE5QMDVXZjlWQjVhOE1ub2pSR3BEVDRoMUdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS83MjJjY2QtNDdjMi00YjQ4LWI5NTct
YmM1ZDNjOTE2NzNiLzEvcDNsT0ZCQTd6bmRfeHNSZHN4RW1GTTl5SDdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS83MjJjY2QtNDdjMi00YjQ4LWI5NTctYmM1ZDNjOTE2NzNi
LzEvVE5QMDVXZjlWQjVhOE1ub2pSR3BEVDRoMUdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAUBAIAATAOMAwDBAC5ggUD
BAO5ggAwIQQCAAIwGwMHASoH2wEAAAMHACoH2wEAAwMHBioH2wEAQDANBgkqhkiG
9w0BAQsFAAOCAQEAELkwSVc0WY6NV7+TnhOH4Mk1QgIk3DkqR4kK6eJiVXBL5/aq
rTPTJl6KQH+YClOZDqTvYHC5/O4FHVXug6Vrj9UxikulHUR72XkkPDcJp2DOxjxO
ONXOQc9l3dr0g4pZ86CiDahvZ1SCvddoDuRnAfKB2lFSHDqa8pnFvUltxHuedZwy
lLSEA/ARVAdWFkXZthoROOFznE5oMbf9KKlBOoWYezFdAf/LidPkCAUQiEJ4UfUA
cMT8UTqQyJ1e+u67e6csUgWcep56iUHsM8C0VRYELHKFg3H8GkaTcHlkBOEKgXFH
u0wBYgEka5DEJrCCWwV11VZAjt92RIUkGtYf1Q==
-----END CERTIFICATE-----
Generated at Tue Mar 3 05:23:16 2026 by rpki-client