Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/cLJsj5GbZFPDLqBTAGoEw4keZjc.roa
File: cLJsj5GbZFPDLqBTAGoEw4keZjc.roa (raw, json)
Hash identifier: ONjTw1gt4vqkoZ/+zv3GVV+vpr1bahhrBgTFsZguWy0=
Subject key identifier: 70:B2:6C:8F:91:9B:64:53:C3:2E:A0:53:00:6A:04:C3:89:1E:66:37
Certificate issuer: /CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Certificate serial: 019C568E0102BD9E49068B4970DF4CFAD7EF
Authority key identifier: B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/cLJsj5GbZFPDLqBTAGoEw4keZjc.roa
Signing time: Fri 13 Feb 2026 10:31:12 +0000
ROA not before: Fri 13 Feb 2026 10:31:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6718
IP address blocks: 5.154.171.0/24 maxlen: 24
5.154.224.0/24 maxlen: 24
37.156.37.0/24 maxlen: 24
89.35.4.0/24 maxlen: 24
89.35.5.0/24 maxlen: 24
89.37.186.0/24 maxlen: 24
89.37.187.0/24 maxlen: 24
89.40.133.0/24 maxlen: 24
89.43.240.0/24 maxlen: 24
89.43.241.0/24 maxlen: 24
89.43.242.0/24 maxlen: 24
89.43.243.0/24 maxlen: 24
89.43.244.0/24 maxlen: 24
89.43.245.0/24 maxlen: 24
89.43.246.0/24 maxlen: 24
89.43.247.0/24 maxlen: 24
89.46.24.0/24 maxlen: 24
89.46.25.0/24 maxlen: 24
89.46.26.0/24 maxlen: 24
89.46.27.0/24 maxlen: 24
89.46.28.0/24 maxlen: 24
89.46.29.0/24 maxlen: 24
89.46.30.0/24 maxlen: 24
89.46.31.0/24 maxlen: 24
91.208.75.0/24 maxlen: 24
91.239.230.0/24 maxlen: 24
92.114.88.0/24 maxlen: 24
92.114.89.0/24 maxlen: 24
92.114.90.0/24 maxlen: 24
92.114.91.0/24 maxlen: 24
94.176.186.0/24 maxlen: 24
94.176.187.0/24 maxlen: 24
128.0.34.0/24 maxlen: 24
128.0.36.0/24 maxlen: 24
185.36.252.0/24 maxlen: 24
188.241.111.0/24 maxlen: 24
193.93.142.0/23 maxlen: 23
193.162.136.0/24 maxlen: 24
195.206.164.0/24 maxlen: 24
2a00:ece0::/32 maxlen: 32
2a04:6c80::/32 maxlen: 32
2a04:6c81::/32 maxlen: 32
2a04:6c82::/32 maxlen: 32
2a04:6c83::/32 maxlen: 32
2a04:6c84::/32 maxlen: 32
2a04:6c85::/32 maxlen: 32
2a04:6c86::/32 maxlen: 32
2a04:6c87::/32 maxlen: 32
2a05:1c00::/32 maxlen: 32
2a05:1c01::/32 maxlen: 32
2a05:1c02::/32 maxlen: 32
2a05:1c03::/32 maxlen: 32
2a05:1c04::/32 maxlen: 32
2a05:1c05::/32 maxlen: 32
2a05:1c06::/32 maxlen: 32
2a05:1c07::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.mft
rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:56:8e:01:02:bd:9e:49:06:8b:49:70:df:4c:fa:d7:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Validity
Not Before: Feb 13 10:31:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=70b26c8f919b6453c32ea053006a04c3891e6637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:07:6d:4b:7c:a3:07:ec:c5:52:f1:18:34:7f:
ac:d0:40:9a:c6:52:1e:4f:17:fd:f1:dd:f3:a5:5e:
bf:f8:d4:85:d3:08:a7:cf:d7:b9:f2:37:37:77:b5:
19:61:79:5d:e4:e2:43:19:54:bc:8f:99:36:d4:6e:
50:1b:29:49:c8:99:89:ce:1c:4e:f5:a7:c8:47:ae:
31:64:c7:f1:28:cd:ae:36:bd:35:f0:f4:80:ee:72:
d5:f8:18:88:11:8c:03:84:82:5f:ed:ca:14:30:8d:
92:19:b1:6f:eb:40:47:35:0d:68:ff:8d:1f:95:8c:
0d:77:a5:7f:df:a2:95:3c:a0:18:53:f3:3e:89:e0:
f8:5f:32:43:d7:1b:76:8b:43:44:4c:bf:97:3f:3a:
bb:a7:ca:6a:19:45:ea:4f:91:d6:23:61:5d:1b:28:
d4:91:a2:4e:bf:53:9e:0b:f7:53:ef:c1:3d:f5:c8:
5e:28:d7:e3:ce:28:22:40:78:c0:32:03:f5:0e:67:
e3:8c:d1:92:dc:8c:9d:68:47:ca:84:51:88:4a:74:
c6:d0:8d:4a:19:24:e5:8d:1d:d6:75:c3:69:b1:18:
64:69:94:7b:8d:f9:c6:20:e0:e9:60:26:b3:73:99:
5c:3c:c7:1b:e1:3e:b6:07:54:ec:e1:c7:00:b9:4f:
5a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:B2:6C:8F:91:9B:64:53:C3:2E:A0:53:00:6A:04:C3:89:1E:66:37
X509v3 Authority Key Identifier:
keyid:B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/cLJsj5GbZFPDLqBTAGoEw4keZjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.171.0/24
5.154.224.0/24
37.156.37.0/24
89.35.4.0/23
89.37.186.0/23
89.40.133.0/24
89.43.240.0/21
89.46.24.0/21
91.208.75.0/24
91.239.230.0/24
92.114.88.0/22
94.176.186.0/23
128.0.34.0/24
128.0.36.0/24
185.36.252.0/24
188.241.111.0/24
193.93.142.0/23
193.162.136.0/24
195.206.164.0/24
IPv6:
2a00:ece0::/32
2a04:6c80::/29
2a05:1c00::/29
Signature Algorithm: sha256WithRSAEncryption
a7:97:cc:45:50:0a:0a:d4:2d:e7:5c:f4:ec:d1:4b:e0:6f:1c:
6e:8f:0f:eb:88:e5:4b:10:2e:e0:67:d8:19:f3:da:16:bf:1e:
fe:6e:3a:28:a5:83:20:22:8d:0e:fb:08:a0:be:74:83:7a:1d:
49:1c:a5:a1:19:d5:68:77:f6:06:c1:e3:1f:9a:d0:2b:54:0a:
84:8f:3a:22:60:2c:69:dd:91:e0:dd:06:83:ac:0e:9e:e5:71:
d9:eb:77:85:b8:b1:93:66:0f:3d:c4:f2:72:9e:23:62:1b:e0:
d3:0a:ba:93:37:be:16:29:32:bb:b0:96:0c:e1:c7:be:c1:9f:
70:ad:6a:8d:eb:4c:4f:d8:6a:96:15:0c:a0:58:c6:bf:8e:a1:
41:be:3e:ae:73:71:a4:6f:fc:04:7f:ac:d7:94:33:05:ff:9d:
56:1c:2e:80:34:2c:3e:7c:2f:d6:11:09:e7:50:54:07:23:c7:
b4:1f:15:d0:8e:1e:ac:96:9d:de:49:0f:c4:3f:dd:7d:32:11:
99:51:67:d6:e9:09:94:24:12:ea:71:6d:66:63:ac:52:f6:ba:
16:a8:ad:c4:e8:5f:3f:41:53:b2:e1:74:75:6d:a6:e8:de:aa:
93:56:c7:67:8b:43:b1:b6:67:a0:94:d0:1a:42:c0:14:da:41:
4a:26:7e:8e
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgISAZxWjgECvZ5JBotJcN9M+tfvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYzIwYWUxZGFjY2EzMTgxNWIyNzQ3MDI5MjdjMWE1YTlk
YmM3YjMwHhcNMjYwMjEzMTAzMTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGIyNmM4ZjkxOWI2NDUzYzMyZWEwNTMwMDZhMDRjMzg5MWU2NjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAdtS3yjB+zFUvEYNH+s0ECaxlIe
Txf98d3zpV6/+NSF0winz9e58jc3d7UZYXld5OJDGVS8j5k21G5QGylJyJmJzhxO
9afIR64xZMfxKM2uNr018PSA7nLV+BiIEYwDhIJf7coUMI2SGbFv60BHNQ1o/40f
lYwNd6V/36KVPKAYU/M+ieD4XzJD1xt2i0NETL+XPzq7p8pqGUXqT5HWI2FdGyjU
kaJOv1OeC/dT78E99cheKNfjzigiQHjAMgP1DmfjjNGS3IydaEfKhFGISnTG0I1K
GSTljR3WdcNpsRhkaZR7jfnGIODpYCazc5lcPMcb4T62B1Ts4ccAuU9aAQIDAQAB
o4IClTCCApEwHQYDVR0OBBYEFHCybI+Rm2RTwy6gUwBqBMOJHmY3MB8GA1UdIwQY
MBaAFLDCCuHazKMYFbJ0cCknwaWp28ezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYt
NTQ4NDQwMmNlYjdhLzEvY0xKc2o1R2JaRlBETHFCVEFHb0V3NGtlWmpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYtNTQ4NDQwMmNlYjdh
LzEvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGqBggrBgEFBQcBBwEB/wSBmjCBlzB4BAIAATByAwQABZqr
AwQABZrgAwQAJZwlAwQBWSMEAwQBWSW6AwQAWSiFAwQDWSvwAwQDWS4YAwQAW9BL
AwQAW+/mAwQCXHJYAwQBXrC6AwQAgAAiAwQAgAAkAwQAuST8AwQAvPFvAwQBwV2O
AwQAwaKIAwQAw86kMBsEAgACMBUDBQAqAOzgAwUDKgRsgAMFAyoFHAAwDQYJKoZI
hvcNAQELBQADggEBAKeXzEVQCgrULedc9OzRS+BvHG6PD+uI5UsQLuBn2Bnz2ha/
Hv5uOiilgyAijQ77CKC+dIN6HUkcpaEZ1Wh39gbB4x+a0CtUCoSPOiJgLGndkeDd
BoOsDp7lcdnrd4W4sZNmDz3E8nKeI2Ib4NMKupM3vhYpMruwlgzhx77Bn3Ctao3r
TE/YapYVDKBYxr+OoUG+Pq5zcaRv/AR/rNeUMwX/nVYcLoA0LD58L9YRCedQVAcj
x7QfFdCOHqyWnd5JD8Q/3X0yEZlRZ9bpCZQkEupxbWZjrFL2uhaorcToXz9BU7Lh
dHVtpujeqpNWx2eLQ7G2Z6CU0BpCwBTaQUomfo4=
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:52:59 2026 by rpki-client