Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/5O4Qywr4G5vGR4CnllsAHoHXE3c.roa
File: 5O4Qywr4G5vGR4CnllsAHoHXE3c.roa (raw, json)
Hash identifier: 6B27b88IAgFkDxTqELlXG1aRObgI7R0ZM10hy8DvOwQ=
Subject key identifier: E4:EE:10:CB:0A:F8:1B:9B:C6:47:80:A7:96:5B:00:1E:81:D7:13:77
Certificate issuer: /CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Certificate serial: 019C61C6050BBD02CBA305335952FB8FB557
Authority key identifier: D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/5O4Qywr4G5vGR4CnllsAHoHXE3c.roa
Signing time: Sun 15 Feb 2026 14:48:13 +0000
ROA not before: Sun 15 Feb 2026 14:48:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12400
IP address blocks: 85.155.152.0/24 maxlen: 24
89.38.28.0/24 maxlen: 24
89.38.29.0/24 maxlen: 24
89.38.30.0/24 maxlen: 24
185.151.196.0/23 maxlen: 23
185.151.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 05:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:61:c6:05:0b:bd:02:cb:a3:05:33:59:52:fb:8f:b5:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Validity
Not Before: Feb 15 14:48:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e4ee10cb0af81b9bc64780a7965b001e81d71377
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:44:61:62:fc:b2:25:3b:f9:62:a0:d4:05:3d:
8c:e9:35:83:85:28:16:c3:81:84:83:3b:21:6e:0c:
b7:e2:32:87:12:96:2b:79:01:47:fe:31:31:56:76:
55:df:a2:87:cb:65:85:97:9c:d8:fa:23:b8:fd:3b:
94:c1:b0:d6:65:77:8f:a2:77:8f:24:7a:e9:af:87:
41:82:15:71:81:a9:ff:8f:11:5e:05:5f:a0:be:e0:
93:6c:79:85:3e:f9:fe:f2:0b:f9:dd:e3:52:66:f0:
75:ab:e0:cb:b0:fd:03:0c:a8:44:81:2d:43:29:45:
27:a7:b7:4d:2f:c6:a7:b2:8e:b8:99:67:05:8d:60:
56:5f:88:86:e5:21:cf:1b:76:af:05:86:da:f9:e0:
1b:c5:38:72:56:e4:ea:65:c2:e1:e8:c0:19:57:4e:
bb:71:90:43:dc:88:ea:06:d1:9a:f1:82:23:96:08:
df:78:b8:2b:be:47:ee:f8:4a:8e:e9:58:74:19:70:
f9:5d:8b:17:7a:62:ce:f6:e5:1c:9c:d1:3b:0d:2d:
2b:16:04:0f:4f:13:dd:59:17:f5:75:99:8f:a5:c7:
c0:b0:67:96:f7:6a:59:4f:af:7e:f5:61:7d:95:a4:
32:ea:2f:62:99:8a:d4:93:5d:b8:b8:04:e0:57:0c:
30:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:EE:10:CB:0A:F8:1B:9B:C6:47:80:A7:96:5B:00:1E:81:D7:13:77
X509v3 Authority Key Identifier:
keyid:D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/5O4Qywr4G5vGR4CnllsAHoHXE3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.155.152.0/24
89.38.28.0-89.38.30.255
185.151.196.0-185.151.198.255
Signature Algorithm: sha256WithRSAEncryption
48:62:52:d8:13:58:f7:73:9b:73:80:2a:35:a6:35:54:8f:4b:
65:d7:e3:96:84:cd:aa:a4:ae:64:59:2a:ff:5f:43:b1:6f:5d:
10:a9:34:9a:43:f7:19:52:4f:16:31:f1:de:f6:d1:ef:ac:40:
37:1b:76:ca:19:dd:c3:c6:84:b7:5d:be:3f:16:f1:44:bc:e5:
76:52:d1:7b:30:f0:f5:74:07:ee:f2:72:d9:4d:e0:57:7b:f2:
5e:fe:e3:73:b0:fe:2e:6a:36:ca:c2:23:98:19:56:7c:6e:5d:
9b:76:c3:1f:7d:55:51:8c:1b:e2:06:38:6d:af:c9:a6:44:3e:
4f:d4:38:56:56:5b:98:32:1e:dd:83:c4:7b:71:ff:9d:0b:73:
ff:d1:d4:30:b7:f5:64:8b:d5:e4:0f:5c:6a:59:cb:60:4b:4e:
03:83:f8:27:9b:ee:9f:14:f9:c8:9c:a2:a5:75:74:e2:b0:39:
1c:7e:86:21:18:ce:bd:9b:e2:c9:e2:aa:e1:a5:e0:5d:31:58:
27:c6:26:49:4a:b6:04:bf:9e:68:3f:3e:56:45:e2:61:98:21:
4d:4e:a9:05:2d:92:49:52:84:0e:b9:9d:b8:21:2a:8b:cc:f6:
1d:59:19:d7:89:d7:7e:08:31:3f:34:3c:38:ea:1e:23:bc:73:
64:fd:56:19
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZxhxgULvQLLowUzWVL7j7VXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZWZlOWQzNmY1Zjg4ZmRmMDQ3NDJjNDE0MGM3NTMyMDkw
YWI3NzAwHhcNMjYwMjE1MTQ0ODEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGVlMTBjYjBhZjgxYjliYzY0NzgwYTc5NjViMDAxZTgxZDcxMzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkRhYvyyJTv5YqDUBT2M6TWDhSgW
w4GEgzshbgy34jKHEpYreQFH/jExVnZV36KHy2WFl5zY+iO4/TuUwbDWZXePoneP
JHrpr4dBghVxgan/jxFeBV+gvuCTbHmFPvn+8gv53eNSZvB1q+DLsP0DDKhEgS1D
KUUnp7dNL8anso64mWcFjWBWX4iG5SHPG3avBYba+eAbxThyVuTqZcLh6MAZV067
cZBD3IjqBtGa8YIjlgjfeLgrvkfu+EqO6Vh0GXD5XYsXemLO9uUcnNE7DS0rFgQP
TxPdWRf1dZmPpcfAsGeW92pZT69+9WF9laQy6i9imYrUk124uATgVwwwNwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOTuEMsK+BubxkeAp5ZbAB6B1xN3MB8GA1UdIwQY
MBaAFNnv6dNvX4j98EdCxBQMdTIJCrdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1Yzkt
MzlmNmQ2NDI1MzM4LzEvNU80UXl3cjRHNXZHUjRDbmxsc0FIb0hYRTNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4
LzEvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQAVZuYMAwD
BAJZJhwDBABZJh4wDAMEArmXxAMEALmXxjANBgkqhkiG9w0BAQsFAAOCAQEASGJS
2BNY93Obc4AqNaY1VI9LZdfjloTNqqSuZFkq/19DsW9dEKk0mkP3GVJPFjHx3vbR
76xANxt2yhndw8aEt12+PxbxRLzldlLRezDw9XQH7vJy2U3gV3vyXv7jc7D+Lmo2
ysIjmBlWfG5dm3bDH31VUYwb4gY4ba/JpkQ+T9Q4VlZbmDIe3YPEe3H/nQtz/9HU
MLf1ZIvV5A9calnLYEtOA4P4J5vunxT5yJyipXV04rA5HH6GIRjOvZviyeKq4aXg
XTFYJ8YmSUq2BL+eaD8+VkXiYZghTU6pBS2SSVKEDrmduCEqi8z2HVkZ14nXfggx
PzQ8OOoeI7xzZP1WGQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:13:30 2026 by rpki-client