Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/b4dc3c-ecab-436d-ac52-595307f47110/1/kqPwo-tGhdHXOEYZAA2rZ5T34g4.roa
File: kqPwo-tGhdHXOEYZAA2rZ5T34g4.roa (raw, json)
Hash identifier: 4MUqRPaEDTzgXrU6Y0k0IEZ7T2M+taIszXucXEvAMGs=
Subject key identifier: 92:A3:F0:A3:EB:46:85:D1:D7:38:46:19:00:0D:AB:67:94:F7:E2:0E
Certificate issuer: /CN=e5805c5fe3450287dcde6ade0d9c9558ba615e32
Certificate serial: 019E729B1763848A69B70C35556FC415D1FA
Authority key identifier: E5:80:5C:5F:E3:45:02:87:DC:DE:6A:DE:0D:9C:95:58:BA:61:5E:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5YBcX-NFAofc3mreDZyVWLphXjI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/b4dc3c-ecab-436d-ac52-595307f47110/1/kqPwo-tGhdHXOEYZAA2rZ5T34g4.roa
Signing time: Fri 29 May 2026 07:20:27 +0000
ROA not before: Fri 29 May 2026 07:20:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48817
IP address blocks: 45.67.64.0/22 maxlen: 24
80.244.1.0/24 maxlen: 24
185.139.248.0/22 maxlen: 22
185.252.48.0/22 maxlen: 24
193.22.15.0/24 maxlen: 24
2a10:db40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/b4dc3c-ecab-436d-ac52-595307f47110/1/5YBcX-NFAofc3mreDZyVWLphXjI.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/b4dc3c-ecab-436d-ac52-595307f47110/1/5YBcX-NFAofc3mreDZyVWLphXjI.mft
rsync://rpki.ripe.net/repository/DEFAULT/5YBcX-NFAofc3mreDZyVWLphXjI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 16:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:72:9b:17:63:84:8a:69:b7:0c:35:55:6f:c4:15:d1:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5805c5fe3450287dcde6ade0d9c9558ba615e32
Validity
Not Before: May 29 07:20:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=92a3f0a3eb4685d1d7384619000dab6794f7e20e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:90:98:fc:04:aa:8f:87:ce:b4:8a:fe:88:bc:
89:72:47:f9:9c:70:82:e4:c6:4f:5b:70:71:06:cf:
51:56:39:21:8c:0e:5a:e1:6d:20:1e:c8:8d:ba:e4:
85:c1:4c:85:a1:8e:66:05:ae:34:2c:f5:f7:79:c6:
b6:3d:37:74:31:c9:52:9e:3e:11:cb:df:77:af:f1:
d8:85:17:4c:4e:10:7b:89:fc:29:a0:a8:a8:b0:86:
42:69:d6:40:23:21:dd:5e:70:61:f3:49:2b:f8:08:
b1:61:bc:eb:a1:ed:57:03:71:3e:2a:f3:de:97:58:
ff:b4:b2:9d:74:d3:88:a9:6e:94:99:f8:92:89:b4:
0f:78:78:c2:f7:dd:e5:3e:b1:a7:8e:dd:da:55:61:
da:6f:e9:c2:1b:68:90:fd:0d:2e:ae:d1:52:76:4e:
1a:56:45:89:cd:9c:7f:0d:fe:63:fa:15:09:69:e1:
a2:37:46:2e:5b:b9:02:1d:c2:5d:87:25:77:d0:11:
4b:3f:98:aa:e1:cc:fc:cc:1b:eb:96:e8:92:f7:b6:
ad:44:97:d7:da:ca:f7:1a:a8:d2:71:96:c2:82:bd:
f4:c6:15:9d:d4:7f:e8:c3:92:1b:6a:74:47:10:4f:
fa:f5:64:91:34:cd:bc:0e:ad:d5:e7:b5:e8:bf:dc:
1f:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:A3:F0:A3:EB:46:85:D1:D7:38:46:19:00:0D:AB:67:94:F7:E2:0E
X509v3 Authority Key Identifier:
keyid:E5:80:5C:5F:E3:45:02:87:DC:DE:6A:DE:0D:9C:95:58:BA:61:5E:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5YBcX-NFAofc3mreDZyVWLphXjI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/b4dc3c-ecab-436d-ac52-595307f47110/1/kqPwo-tGhdHXOEYZAA2rZ5T34g4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/b4dc3c-ecab-436d-ac52-595307f47110/1/5YBcX-NFAofc3mreDZyVWLphXjI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.64.0/22
80.244.1.0/24
185.139.248.0/22
185.252.48.0/22
193.22.15.0/24
IPv6:
2a10:db40::/29
Signature Algorithm: sha256WithRSAEncryption
75:f6:d9:4e:be:62:2d:bc:fd:3b:a0:16:d6:6e:ed:16:85:fe:
91:10:c7:c0:ef:46:cd:e6:de:74:62:8f:91:89:1f:ee:35:10:
1a:59:c3:40:f5:6f:e2:30:0b:ce:ce:8a:00:7b:77:c2:ee:d1:
4f:23:75:48:80:c7:9e:12:f3:a9:6b:2b:e7:2c:27:5c:a7:5e:
3b:90:53:aa:25:a9:4f:a7:15:63:86:f8:a6:15:31:e6:9b:fa:
81:32:dd:71:d8:82:42:bf:47:2e:b0:f5:a2:63:31:ba:0c:ec:
2f:3e:a4:ec:3b:14:cc:74:53:f4:12:45:b9:c1:0f:8c:ee:59:
df:0b:c9:4c:5f:e7:09:b8:74:f5:23:ed:6d:09:c6:20:2e:f5:
7a:aa:d9:21:ee:1d:5e:7d:f5:0f:57:c7:fe:e3:51:e6:90:64:
b5:d9:43:48:58:2e:e5:cc:bc:89:0b:0f:81:c5:2d:3c:2f:e0:
10:5e:49:00:6e:15:86:3b:77:72:b5:55:fd:1f:d2:fe:26:99:
81:ee:0b:eb:ed:41:02:83:b9:0e:28:e4:08:86:9f:0d:fd:e7:
fa:4a:fd:3c:4a:cb:d1:c1:d8:17:96:cd:01:ea:39:92:be:c0:
87:19:04:0d:5e:cd:7f:e8:5b:36:c7:15:72:f2:92:fa:e1:6f:
24:4a:90:aa
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZ5ymxdjhIpptww1VW/EFdH6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ODA1YzVmZTM0NTAyODdkY2RlNmFkZTBkOWM5NTU4YmE2
MTVlMzIwHhcNMjYwNTI5MDcyMDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmEzZjBhM2ViNDY4NWQxZDczODQ2MTkwMDBkYWI2Nzk0ZjdlMjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZCY/ASqj4fOtIr+iLyJckf5nHCC
5MZPW3BxBs9RVjkhjA5a4W0gHsiNuuSFwUyFoY5mBa40LPX3eca2PTd0MclSnj4R
y993r/HYhRdMThB7ifwpoKiosIZCadZAIyHdXnBh80kr+AixYbzroe1XA3E+KvPe
l1j/tLKddNOIqW6UmfiSibQPeHjC993lPrGnjt3aVWHab+nCG2iQ/Q0urtFSdk4a
VkWJzZx/Df5j+hUJaeGiN0YuW7kCHcJdhyV30BFLP5iq4cz8zBvrluiS97atRJfX
2sr3GqjScZbCgr30xhWd1H/ow5IbanRHEE/69WSRNM28Dq3V57Xov9wfzQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJKj8KPrRoXR1zhGGQANq2eU9+IOMB8GA1UdIwQY
MBaAFOWAXF/jRQKH3N5q3g2clVi6YV4yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVlCY1gtTkZBb2ZjM21yZURaeVZXTHBoWGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9iNGRjM2MtZWNhYi00MzZkLWFjNTIt
NTk1MzA3ZjQ3MTEwLzEva3FQd28tdEdoZEhYT0VZWkFBMnJaNVQzNGc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9iNGRjM2MtZWNhYi00MzZkLWFjNTItNTk1MzA3ZjQ3MTEw
LzEvNVlCY1gtTkZBb2ZjM21yZURaeVZXTHBoWGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLUNAAwQA
UPQBAwQCuYv4AwQCufwwAwQAwRYPMA0EAgACMAcDBQMqENtAMA0GCSqGSIb3DQEB
CwUAA4IBAQB19tlOvmItvP07oBbWbu0Whf6REMfA70bN5t50Yo+RiR/uNRAaWcNA
9W/iMAvOzooAe3fC7tFPI3VIgMeeEvOpayvnLCdcp147kFOqJalPpxVjhvimFTHm
m/qBMt1x2IJCv0cusPWiYzG6DOwvPqTsOxTMdFP0EkW5wQ+M7lnfC8lMX+cJuHT1
I+1tCcYgLvV6qtkh7h1effUPV8f+41HmkGS12UNIWC7lzLyJCw+BxS08L+AQXkkA
bhWGO3dytVX9H9L+JpmB7gvr7UECg7kOKOQIhp8N/ef6Sv08SsvRwdgXls0B6jmS
vsCHGQQNXs1/6Fs2xxVy8pL64W8kSpCq
-----END CERTIFICATE-----
Generated at Sat Jun 13 22:06:11 2026 by rpki-client