Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/fhNDpez0tEXT55T0FQuT3YRDXos.roa
File: fhNDpez0tEXT55T0FQuT3YRDXos.roa (raw, json)
Hash identifier: +VEaHjpilB4sNBhuKG3GgrFbP8VWjeNr6HEMkdwaBYk=
Subject key identifier: 7E:13:43:A5:EC:F4:B4:45:D3:E7:94:F4:15:0B:93:DD:84:43:5E:8B
Certificate issuer: /CN=4e5146bb4e219744f58c268e9ec621c18dd229c3
Certificate serial: 019E9BA4812C3D3837FC487F8064A5F3A7AE
Authority key identifier: 4E:51:46:BB:4E:21:97:44:F5:8C:26:8E:9E:C6:21:C1:8D:D2:29:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TlFGu04hl0T1jCaOnsYhwY3SKcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/fhNDpez0tEXT55T0FQuT3YRDXos.roa
Signing time: Sat 06 Jun 2026 06:35:09 +0000
ROA not before: Sat 06 Jun 2026 06:35:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198102
IP address blocks: 5.133.48.0/20 maxlen: 20
78.111.224.0/20 maxlen: 20
86.105.236.0/22 maxlen: 22
89.35.168.0/22 maxlen: 22
89.45.212.0/22 maxlen: 22
91.231.62.0/24 maxlen: 24
128.65.200.0/21 maxlen: 21
134.255.160.0/20 maxlen: 20
185.11.224.0/22 maxlen: 22
185.85.192.0/22 maxlen: 22
195.28.8.0/23 maxlen: 23
195.210.40.0/23 maxlen: 23
195.225.40.0/23 maxlen: 23
195.238.80.0/23 maxlen: 23
213.225.240.0/20 maxlen: 20
2a00:4060::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/TlFGu04hl0T1jCaOnsYhwY3SKcM.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/TlFGu04hl0T1jCaOnsYhwY3SKcM.mft
rsync://rpki.ripe.net/repository/DEFAULT/TlFGu04hl0T1jCaOnsYhwY3SKcM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 00:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:9b:a4:81:2c:3d:38:37:fc:48:7f:80:64:a5:f3:a7:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e5146bb4e219744f58c268e9ec621c18dd229c3
Validity
Not Before: Jun 6 06:35:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7e1343a5ecf4b445d3e794f4150b93dd84435e8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:49:d8:f5:1f:30:3a:ed:40:c6:5e:53:34:8c:
99:66:bf:3f:05:6a:1c:fb:2d:aa:5b:bb:1c:da:4f:
d8:a9:a7:6f:6c:c9:62:40:83:dd:42:b6:1d:50:c1:
13:d7:70:f0:37:1c:e1:aa:b5:a9:7c:0e:67:5a:6f:
c4:31:dc:bc:10:ad:0c:d7:71:8f:8b:0b:5a:5f:35:
78:e6:47:37:ec:8f:2f:e1:d5:36:46:59:a7:b9:ab:
fa:57:a1:88:17:82:cf:24:b4:40:9f:1d:52:44:0f:
4a:b8:3a:0f:90:25:51:e7:08:7c:2c:e4:95:0c:8e:
6a:db:e1:c7:a2:23:be:6b:ec:23:cd:50:14:cf:9a:
e8:87:9d:eb:26:2d:f2:f3:30:86:9d:34:8c:e0:dc:
5e:ce:84:55:9f:34:37:f9:61:12:aa:33:06:d1:f7:
e9:8f:be:f7:3e:71:37:ab:64:d0:83:2d:b1:e4:c4:
16:85:e1:52:e1:e7:5b:ef:24:20:40:5c:d3:8c:88:
cf:a5:31:32:51:86:b5:58:e5:88:81:f6:15:ac:8e:
36:ba:11:71:0e:c2:f2:03:62:ea:80:b7:0f:36:95:
67:90:93:62:7b:1b:9d:bd:c4:38:20:3a:0f:cb:92:
5b:a1:af:f0:01:ba:2a:d0:67:52:cf:5d:f0:ea:14:
ca:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:13:43:A5:EC:F4:B4:45:D3:E7:94:F4:15:0B:93:DD:84:43:5E:8B
X509v3 Authority Key Identifier:
keyid:4E:51:46:BB:4E:21:97:44:F5:8C:26:8E:9E:C6:21:C1:8D:D2:29:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TlFGu04hl0T1jCaOnsYhwY3SKcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/fhNDpez0tEXT55T0FQuT3YRDXos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/TlFGu04hl0T1jCaOnsYhwY3SKcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.48.0/20
78.111.224.0/20
86.105.236.0/22
89.35.168.0/22
89.45.212.0/22
91.231.62.0/24
128.65.200.0/21
134.255.160.0/20
185.11.224.0/22
185.85.192.0/22
195.28.8.0/23
195.210.40.0/23
195.225.40.0/23
195.238.80.0/23
213.225.240.0/20
IPv6:
2a00:4060::/29
Signature Algorithm: sha256WithRSAEncryption
91:32:7d:01:9f:e9:d6:3c:a3:9b:51:03:59:88:26:40:38:29:
65:9e:cf:34:7f:25:b8:90:90:c3:cb:ac:de:97:15:17:b1:2d:
3d:91:25:5e:e9:40:cc:99:46:e1:0b:91:77:a8:dc:cd:c9:7c:
bb:84:16:7a:c5:db:99:f8:1c:48:90:23:af:95:ae:35:0c:d6:
bc:39:4e:29:18:90:66:d0:58:8e:4e:7f:62:21:90:f2:31:c7:
81:64:fe:9f:12:e4:d1:ae:18:c9:56:be:34:ac:fb:77:bc:d2:
d4:65:a7:63:a4:92:fe:d2:65:0f:55:58:33:7f:bf:72:82:a8:
9a:7b:13:17:44:1a:31:11:17:7d:57:4e:1c:7a:2e:6e:0b:ed:
fc:e3:e9:84:e5:e3:43:7f:eb:f3:1e:80:2d:c0:ae:4e:46:a0:
4d:a5:67:7e:80:39:58:6e:b8:d3:09:ee:c5:89:69:a1:76:39:
80:ce:11:7e:3a:41:5b:c6:96:21:e2:07:c0:ba:74:fb:bc:ca:
a3:99:ef:1a:8a:23:72:6b:56:b6:0d:4d:e3:5f:fc:8b:05:0e:
a5:25:ce:28:4e:cf:0c:61:f1:5e:d0:5c:01:97:51:0a:2b:0b:
cc:4d:ec:4d:00:f4:fc:3c:0f:2e:13:ec:16:d8:5b:08:e4:8a:
aa:45:52:83
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZ6bpIEsPTg3/Eh/gGSl86euMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNTE0NmJiNGUyMTk3NDRmNThjMjY4ZTllYzYyMWMxOGRk
MjI5YzMwHhcNMjYwNjA2MDYzNTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTEzNDNhNWVjZjRiNDQ1ZDNlNzk0ZjQxNTBiOTNkZDg0NDM1ZThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEnY9R8wOu1Axl5TNIyZZr8/BWoc
+y2qW7sc2k/YqadvbMliQIPdQrYdUMET13DwNxzhqrWpfA5nWm/EMdy8EK0M13GP
iwtaXzV45kc37I8v4dU2Rlmnuav6V6GIF4LPJLRAnx1SRA9KuDoPkCVR5wh8LOSV
DI5q2+HHoiO+a+wjzVAUz5roh53rJi3y8zCGnTSM4NxezoRVnzQ3+WESqjMG0ffp
j773PnE3q2TQgy2x5MQWheFS4edb7yQgQFzTjIjPpTEyUYa1WOWIgfYVrI42uhFx
DsLyA2LqgLcPNpVnkJNiexudvcQ4IDoPy5Jboa/wAboq0GdSz13w6hTKpQIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFH4TQ6Xs9LRF0+eU9BULk92EQ16LMB8GA1UdIwQY
MBaAFE5RRrtOIZdE9Ywmjp7GIcGN0inDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGxGR3UwNGhsMFQxakNhT25zWWh3WTNTS2NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yNWI1NGEtZTc3MC00NGFiLWEwMDQt
YzkyMGM1MTdkNjAwLzEvZmhORHBlejB0RVhUNTVUMEZRdVQzWVJEWG9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yNWI1NGEtZTc3MC00NGFiLWEwMDQtYzkyMGM1MTdkNjAw
LzEvVGxGR3UwNGhsMFQxakNhT25zWWh3WTNTS2NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEBAWFMAME
BE5v4AMEAlZp7AMEAlkjqAMEAlkt1AMEAFvnPgMEA4BByAMEBIb/oAMEArkL4AME
ArlVwAMEAcMcCAMEAcPSKAMEAcPhKAMEAcPuUAMEBNXh8DANBAIAAjAHAwUDKgBA
YDANBgkqhkiG9w0BAQsFAAOCAQEAkTJ9AZ/p1jyjm1EDWYgmQDgpZZ7PNH8luJCQ
w8us3pcVF7EtPZElXulAzJlG4QuRd6jczcl8u4QWesXbmfgcSJAjr5WuNQzWvDlO
KRiQZtBYjk5/YiGQ8jHHgWT+nxLk0a4YyVa+NKz7d7zS1GWnY6SS/tJlD1VYM3+/
coKomnsTF0QaMREXfVdOHHoubgvt/OPphOXjQ3/r8x6ALcCuTkagTaVnfoA5WG64
0wnuxYlpoXY5gM4RfjpBW8aWIeIHwLp0+7zKo5nvGoojcmtWtg1N41/8iwUOpSXO
KE7PDGHxXtBcAZdRCisLzE3sTQD0/DwPLhPsFthbCOSKqkVSgw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:06:55 2026 by rpki-client