Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/5CLXXKkA4JcsyDrUBBM3fxn2kdc.roa
File: 5CLXXKkA4JcsyDrUBBM3fxn2kdc.roa (raw, json)
Hash identifier: gFWbYqwKSpr3zQtON6eHRCE0iX3y63ZJZklzBNANHsM=
Subject key identifier: E4:22:D7:5C:A9:00:E0:97:2C:C8:3A:D4:04:13:37:7F:19:F6:91:D7
Certificate issuer: /CN=f0ff2c6229af763a99f5349a32510df4a4526143
Certificate serial: 019C996E9522007A12DED99773282DE12F81
Authority key identifier: F0:FF:2C:62:29:AF:76:3A:99:F5:34:9A:32:51:0D:F4:A4:52:61:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8P8sYimvdjqZ9TSaMlEN9KRSYUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/5CLXXKkA4JcsyDrUBBM3fxn2kdc.roa
Signing time: Thu 26 Feb 2026 10:11:27 +0000
ROA not before: Thu 26 Feb 2026 10:11:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25472
IP address blocks: 37.6.0.0/16 maxlen: 24
46.190.0.0/17 maxlen: 24
62.169.192.0/18 maxlen: 24
79.107.0.0/16 maxlen: 24
80.245.160.0/20 maxlen: 24
81.92.48.0/20 maxlen: 24
84.254.0.0/18 maxlen: 24
91.140.0.0/17 maxlen: 24
109.242.0.0/16 maxlen: 24
176.58.128.0/17 maxlen: 24
185.3.220.0/22 maxlen: 24
188.73.192.0/18 maxlen: 24
212.152.72.0/22 maxlen: 22
212.152.80.0/22 maxlen: 22
2a03:f000::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/8P8sYimvdjqZ9TSaMlEN9KRSYUM.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/8P8sYimvdjqZ9TSaMlEN9KRSYUM.mft
rsync://rpki.ripe.net/repository/DEFAULT/8P8sYimvdjqZ9TSaMlEN9KRSYUM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:99:6e:95:22:00:7a:12:de:d9:97:73:28:2d:e1:2f:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0ff2c6229af763a99f5349a32510df4a4526143
Validity
Not Before: Feb 26 10:11:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e422d75ca900e0972cc83ad40413377f19f691d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d4:7c:a8:b0:11:d6:cd:1c:43:a7:45:d9:ea:
9a:92:3b:ae:00:8e:b5:df:a9:26:0c:3f:e4:63:62:
1f:fd:0b:45:9b:e9:bf:ea:02:c9:b5:44:da:7c:36:
ae:33:2b:3f:fc:0a:f1:38:e5:7d:00:68:23:94:73:
fe:36:2a:08:1a:a9:4d:82:7d:0b:cd:fc:c4:fd:94:
85:cd:a9:41:cf:17:b2:84:8f:12:27:59:6e:99:97:
75:b9:c1:ad:38:ad:d7:16:f7:00:f2:45:e6:37:d3:
aa:bf:18:34:28:0e:c0:22:a7:f8:13:db:e8:4e:83:
57:07:47:99:ac:33:89:53:1d:ee:b3:b8:36:b8:31:
07:f4:0a:be:38:c6:05:2f:b1:7e:16:8a:6a:4c:23:
84:1b:a8:cd:e2:08:82:d2:50:1e:9d:57:50:b4:7e:
4b:87:c0:af:56:78:0e:31:35:8a:20:cf:89:2f:12:
77:6d:d1:05:45:60:a0:b0:1d:4d:7b:07:e7:cd:11:
c2:dc:1e:eb:b7:92:d9:d1:eb:f9:2f:70:7f:78:c0:
d3:9e:58:6b:91:42:8c:6d:be:24:09:88:6c:3c:e3:
c8:5f:2b:d6:0d:2a:d7:bf:34:b4:a6:89:4a:51:cd:
45:2d:98:49:ab:fc:2b:24:85:ca:67:9d:11:08:9c:
b2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:22:D7:5C:A9:00:E0:97:2C:C8:3A:D4:04:13:37:7F:19:F6:91:D7
X509v3 Authority Key Identifier:
keyid:F0:FF:2C:62:29:AF:76:3A:99:F5:34:9A:32:51:0D:F4:A4:52:61:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8P8sYimvdjqZ9TSaMlEN9KRSYUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/5CLXXKkA4JcsyDrUBBM3fxn2kdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/8P8sYimvdjqZ9TSaMlEN9KRSYUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.6.0.0/16
46.190.0.0/17
62.169.192.0/18
79.107.0.0/16
80.245.160.0/20
81.92.48.0/20
84.254.0.0/18
91.140.0.0/17
109.242.0.0/16
176.58.128.0/17
185.3.220.0/22
188.73.192.0/18
212.152.72.0/22
212.152.80.0/22
IPv6:
2a03:f000::/29
Signature Algorithm: sha256WithRSAEncryption
c7:37:7f:a5:67:55:3d:54:e8:e0:e0:a5:db:b0:ab:a7:e0:b3:
da:33:b1:f5:25:3c:80:71:d6:76:51:b4:31:95:20:7b:6a:0d:
ed:04:00:84:85:19:59:2c:b1:d8:b5:ba:24:a5:2e:e4:38:a4:
ff:d6:59:d7:54:52:c1:4a:fb:46:83:ed:bf:5a:76:08:91:b6:
a4:0a:2d:a6:fc:22:a8:2f:d2:c3:4e:24:8a:8a:56:a7:22:2c:
19:7d:38:73:b4:8c:24:40:11:50:79:49:b3:a7:00:49:7d:ee:
13:da:3e:eb:e4:84:34:92:d4:40:94:50:4c:80:22:e7:0f:2e:
3f:2b:8d:85:e3:9b:ed:3c:44:7f:b1:05:65:d5:86:3b:11:42:
f7:47:5a:c5:8e:65:0f:68:46:d5:fa:77:e8:7c:71:95:c7:19:
b3:0f:86:23:3f:e5:bf:49:16:fc:15:8b:ce:98:c6:63:e0:c4:
56:95:bc:ed:cd:10:60:96:44:78:14:26:ba:bf:57:04:f0:d2:
12:95:db:21:14:2a:33:b5:07:6e:49:79:f2:d1:eb:cc:53:d6:
e0:17:ce:53:c7:aa:58:fe:1c:69:ae:fd:c3:76:46:49:26:44:
ec:b9:97:74:50:1e:61:62:30:03:5c:07:65:7f:53:66:d8:2a:
3a:01:3b:db
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZyZbpUiAHoS3tmXcygt4S+BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZmYyYzYyMjlhZjc2M2E5OWY1MzQ5YTMyNTEwZGY0YTQ1
MjYxNDMwHhcNMjYwMjI2MTAxMTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDIyZDc1Y2E5MDBlMDk3MmNjODNhZDQwNDEzMzc3ZjE5ZjY5MWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNR8qLAR1s0cQ6dF2eqakjuuAI61
36kmDD/kY2If/QtFm+m/6gLJtUTafDauMys//ArxOOV9AGgjlHP+NioIGqlNgn0L
zfzE/ZSFzalBzxeyhI8SJ1lumZd1ucGtOK3XFvcA8kXmN9Oqvxg0KA7AIqf4E9vo
ToNXB0eZrDOJUx3us7g2uDEH9Aq+OMYFL7F+FopqTCOEG6jN4giC0lAenVdQtH5L
h8CvVngOMTWKIM+JLxJ3bdEFRWCgsB1NewfnzRHC3B7rt5LZ0ev5L3B/eMDTnlhr
kUKMbb4kCYhsPOPIXyvWDSrXvzS0polKUc1FLZhJq/wrJIXKZ50RCJyySwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFOQi11ypAOCXLMg61AQTN38Z9pHXMB8GA1UdIwQY
MBaAFPD/LGIpr3Y6mfU0mjJRDfSkUmFDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFA4c1lpbXZkanFaOVRTYU1sRU45S1JTWVVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTFmYTItYzU4MC00YTAyLWExODYt
ZTY5ZjdhNWQyZDkwLzEvNUNMWFhLa0E0SmNzeURyVUJCTTNmeG4ya2RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNTFmYTItYzU4MC00YTAyLWExODYtZTY5ZjdhNWQyZDkw
LzEvOFA4c1lpbXZkanFaOVRTYU1sRU45S1JTWVVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBXBAIAATBRAwMAJQYDBAcu
vgADBAY+qcADAwBPawMEBFD1oAMEBFFcMAMEBlT+AAMEB1uMAAMDAG3yAwQHsDqA
AwQCuQPcAwQGvEnAAwQC1JhIAwQC1JhQMA0EAgACMAcDBQMqA/AAMA0GCSqGSIb3
DQEBCwUAA4IBAQDHN3+lZ1U9VOjg4KXbsKun4LPaM7H1JTyAcdZ2UbQxlSB7ag3t
BACEhRlZLLHYtbokpS7kOKT/1lnXVFLBSvtGg+2/WnYIkbakCi2m/CKoL9LDTiSK
ilanIiwZfThztIwkQBFQeUmzpwBJfe4T2j7r5IQ0ktRAlFBMgCLnDy4/K42F45vt
PER/sQVl1YY7EUL3R1rFjmUPaEbV+nfofHGVxxmzD4YjP+W/SRb8FYvOmMZj4MRW
lbztzRBglkR4FCa6v1cE8NISldshFCoztQduSXny0evMU9bgF85Tx6pY/hxprv3D
dkZJJkTsuZd0UB5hYjADXAdlf1Nm2Co6ATvb
-----END CERTIFICATE-----
Generated at Tue Mar 3 00:23:23 2026 by rpki-client