Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/CiNhwzJsM6ZFV5GCT0q6BXhT6DI.roa
File: CiNhwzJsM6ZFV5GCT0q6BXhT6DI.roa (raw, json)
Hash identifier: KWZXDRfpaCL2QK5Ff1vICptorEtdR6f4RpWBfQJGxXA=
Subject key identifier: 0A:23:61:C3:32:6C:33:A6:45:57:91:82:4F:4A:BA:05:78:53:E8:32
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 019D9BE7E408C1D8F2DBEB957A6510640CC5
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/CiNhwzJsM6ZFV5GCT0q6BXhT6DI.roa
Signing time: Fri 17 Apr 2026 14:45:58 +0000
ROA not before: Fri 17 Apr 2026 14:45:58 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203020
IP address blocks: 5.183.94.0/24 maxlen: 24
45.82.223.0/24 maxlen: 24
85.208.32.0/23 maxlen: 24
185.244.8.0/23 maxlen: 24
185.244.11.0/24 maxlen: 24
193.42.226.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 14:45:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:e7:e4:08:c1:d8:f2:db:eb:95:7a:65:10:64:0c:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Apr 17 14:45:58 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0a2361c3326c33a6455791824f4aba057853e832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:db:df:a3:eb:a7:90:28:f8:3e:15:ee:a5:bf:
15:6d:3a:1c:13:48:61:c9:88:56:15:c6:4a:79:6c:
69:12:d5:2c:6c:d2:8f:3a:6d:db:86:54:6a:b8:c2:
d1:88:96:30:45:dd:29:3c:03:ef:e4:72:a6:5a:32:
6a:dd:57:61:28:0c:56:73:ae:98:48:83:61:a2:14:
f6:9a:c2:90:b2:d2:d2:0d:c6:4d:a5:27:ca:da:b7:
30:58:43:5f:c6:3f:34:0b:be:ee:41:af:de:ab:e3:
a7:83:5f:6b:37:e0:7c:98:2b:80:c5:13:97:29:96:
46:1a:6e:4f:6d:86:11:e5:60:6e:7f:0b:cf:6e:29:
d5:21:f2:7a:97:e8:37:84:c0:ec:6f:c7:89:22:0e:
91:19:69:0f:76:4f:0f:e3:ef:74:52:2e:da:94:98:
11:6b:3e:50:8c:5e:1b:1c:67:09:b8:73:ae:dc:20:
58:22:15:4a:97:6b:fa:aa:f0:15:63:61:97:f7:ce:
95:a1:4c:f5:7e:b2:91:16:91:cf:f2:51:f3:4e:f8:
24:6f:7b:b0:19:93:0e:5f:76:61:46:2e:5b:39:80:
43:dd:2b:9d:62:ce:0f:30:9a:6d:e5:da:14:cd:bd:
b8:b8:01:de:51:20:40:7e:24:cc:a2:df:59:5c:db:
9c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:23:61:C3:32:6C:33:A6:45:57:91:82:4F:4A:BA:05:78:53:E8:32
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/CiNhwzJsM6ZFV5GCT0q6BXhT6DI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.94.0/24
45.82.223.0/24
85.208.32.0/23
185.244.8.0/23
185.244.11.0/24
193.42.226.0/23
Signature Algorithm: sha256WithRSAEncryption
84:28:b5:52:4d:64:47:76:52:22:bb:0a:44:98:e1:be:95:92:
8a:16:b7:9f:c1:a1:9e:53:73:c6:55:ee:dd:c5:87:c4:e7:7d:
94:13:70:9e:d0:76:4c:93:fb:51:0e:2b:c0:ff:34:51:65:e2:
c0:2a:d2:50:43:7a:a3:fc:78:b1:5f:cd:70:2c:af:23:56:8d:
fe:cc:d2:2e:2f:c9:68:09:4c:cc:9a:ef:53:87:14:29:7b:fe:
8b:fe:db:83:51:32:2d:13:42:fd:c8:87:69:60:57:cc:ce:0c:
64:7c:d9:45:79:35:b5:49:c2:34:14:06:d0:ea:2e:0f:2f:e9:
56:05:c9:c6:07:24:8a:be:93:2f:64:11:71:eb:47:a6:02:64:
c8:55:07:ac:00:49:43:b4:3c:71:9d:28:02:b7:7c:af:11:ca:
60:97:d0:da:5b:96:55:c2:76:66:6d:c1:ee:dc:7d:b3:06:bf:
60:13:2f:30:42:ce:c6:2a:e3:44:b7:7e:a7:ef:fb:b8:81:2e:
eb:6a:14:9e:2d:5f:e9:44:93:84:a3:a0:0f:c7:37:d7:6f:c1:
0c:f5:41:38:b0:10:ac:f4:46:7f:ba:76:81:f4:1f:59:a2:89:
cc:fa:38:7e:71:ec:c0:8a:87:27:18:c0:02:70:c6:44:cd:45:
5f:d9:f6:a3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ2b5+QIwdjy2+uVemUQZAzFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDBjNDlhMGU5N2UwZDVmM2NlZDNiN2I2YjlmNzJjYTBj
YjUzZDYwHhcNMjYwNDE3MTQ0NTU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTIzNjFjMzMyNmMzM2E2NDU1NzkxODI0ZjRhYmEwNTc4NTNlODMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9vfo+unkCj4PhXupb8VbTocE0hh
yYhWFcZKeWxpEtUsbNKPOm3bhlRquMLRiJYwRd0pPAPv5HKmWjJq3VdhKAxWc66Y
SINhohT2msKQstLSDcZNpSfK2rcwWENfxj80C77uQa/eq+Ong19rN+B8mCuAxROX
KZZGGm5PbYYR5WBufwvPbinVIfJ6l+g3hMDsb8eJIg6RGWkPdk8P4+90Ui7alJgR
az5QjF4bHGcJuHOu3CBYIhVKl2v6qvAVY2GX986VoUz1frKRFpHP8lHzTvgkb3uw
GZMOX3ZhRi5bOYBD3SudYs4PMJpt5doUzb24uAHeUSBAfiTMot9ZXNucGwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAojYcMybDOmRVeRgk9KugV4U+gyMB8GA1UdIwQY
MBaAFOLQxJoOl+DV887Tt7a59yygy1PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEt
NDY5MGEwMDcxNDFmLzEvQ2lOaHd6SnNNNlpGVjVHQ1QwcTZCWGhUNkRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEtNDY5MGEwMDcxNDFm
LzEvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABbdeAwQA
LVLfAwQBVdAgAwQBufQIAwQAufQLAwQBwSriMA0GCSqGSIb3DQEBCwUAA4IBAQCE
KLVSTWRHdlIiuwpEmOG+lZKKFrefwaGeU3PGVe7dxYfE532UE3Ce0HZMk/tRDivA
/zRRZeLAKtJQQ3qj/HixX81wLK8jVo3+zNIuL8loCUzMmu9ThxQpe/6L/tuDUTIt
E0L9yIdpYFfMzgxkfNlFeTW1ScI0FAbQ6i4PL+lWBcnGBySKvpMvZBFx60emAmTI
VQesAElDtDxxnSgCt3yvEcpgl9DaW5ZVwnZmbcHu3H2zBr9gEy8wQs7GKuNEt36n
7/u4gS7rahSeLV/pRJOEo6APxzfXb8EM9UE4sBCs9EZ/unaB9B9ZoonM+jh+cezA
iocnGMACcMZEzUVf2faj
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:38:10 2026 by rpki-client