Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/TjvY6_wQh4ElWjrNHu6NMN5m1R4.roa
File: TjvY6_wQh4ElWjrNHu6NMN5m1R4.roa (raw, json)
Hash identifier: eLkaaEuqTRCkEOyM+frlXpUlpbL2ioneT/nqumVoi9c=
Subject key identifier: 4E:3B:D8:EB:FC:10:87:81:25:5A:3A:CD:1E:EE:8D:30:DE:66:D5:1E
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 019CA8A27D6337D17D12A235FEBA122D026D
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/TjvY6_wQh4ElWjrNHu6NMN5m1R4.roa
Signing time: Sun 01 Mar 2026 09:02:27 +0000
ROA not before: Sun 01 Mar 2026 09:02:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209737
IP address blocks: 5.180.104.0/24 maxlen: 24
5.180.105.0/24 maxlen: 24
5.180.106.0/24 maxlen: 24
5.180.107.0/24 maxlen: 24
45.74.242.0/24 maxlen: 24
45.74.243.0/24 maxlen: 24
45.74.244.0/24 maxlen: 24
45.74.246.0/24 maxlen: 24
45.74.247.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
45.131.1.0/24 maxlen: 24
45.136.4.0/24 maxlen: 24
45.136.5.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
77.83.203.0/24 maxlen: 24
91.208.204.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
2a0f:b700::/29 maxlen: 29
2a0f:e900::/29 maxlen: 29
2a0f:eb00::/29 maxlen: 29
2a0f:eb00::/32 maxlen: 32
2a0f:eb07::/32 maxlen: 32
2a0f:ed00::/29 maxlen: 29
2a0f:ed03::/32 maxlen: 32
2a0f:f900::/29 maxlen: 29
2a13:a440::/48 maxlen: 48
2a13:a440:1::/48 maxlen: 48
2a13:a440:2::/48 maxlen: 48
2a13:a440:3::/48 maxlen: 48
2a13:a440:4::/48 maxlen: 48
2a13:a440:5::/48 maxlen: 48
2a13:a440:7::/48 maxlen: 48
2a13:a441::/32 maxlen: 32
2a13:a442::/32 maxlen: 32
2a13:a445::/32 maxlen: 32
2a13:a447::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.mft
rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a8:a2:7d:63:37:d1:7d:12:a2:35:fe:ba:12:2d:02:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Mar 1 09:02:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4e3bd8ebfc108781255a3acd1eee8d30de66d51e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c3:f7:57:de:2b:df:d2:65:56:f1:04:91:5a:
8d:c7:f7:4f:be:a2:bd:30:a3:86:7c:0e:47:b8:e7:
2a:19:1f:4c:1c:4f:30:bd:99:02:e7:b0:0b:76:93:
6f:ef:f4:c8:d8:73:90:9a:bc:ae:aa:f0:95:fb:16:
67:3e:7f:9e:ef:a5:b6:5a:82:6a:9c:43:0c:f9:7b:
29:39:14:da:8c:53:29:16:9b:27:d0:7a:ee:b1:0a:
9c:3d:11:73:7c:8e:2e:d0:57:01:03:ca:06:bb:ee:
0c:57:65:d5:0d:ab:96:9e:40:02:c5:d7:8d:86:8c:
b2:3e:4d:42:a2:68:43:ec:62:cb:50:c4:db:c6:fa:
f0:bb:75:e7:27:ea:af:41:62:67:ff:91:ba:a1:79:
59:c8:7a:56:a4:e9:ec:18:21:6a:d2:70:c4:ba:da:
1c:d1:b8:e2:9a:e5:48:b0:72:19:4f:ea:b0:a3:57:
64:9a:88:c3:94:8e:f6:bc:e7:f6:90:a0:d7:18:2a:
ce:3d:a1:bb:78:46:b2:78:60:b7:68:69:f2:a8:88:
cd:21:62:a7:b3:a4:52:6a:8f:48:68:df:d8:0a:3c:
f2:e6:5c:60:ee:3f:a3:28:73:03:9e:9f:cb:5b:32:
40:f2:6f:68:f5:08:ba:f0:23:36:d2:e1:21:2a:92:
f5:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:3B:D8:EB:FC:10:87:81:25:5A:3A:CD:1E:EE:8D:30:DE:66:D5:1E
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/TjvY6_wQh4ElWjrNHu6NMN5m1R4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.104.0/22
45.74.242.0-45.74.244.255
45.74.246.0/23
45.131.0.0/23
45.136.4.0/23
77.83.200.0/22
91.208.204.0/24
194.116.237.0/24
IPv6:
2a09:8780::/29
2a0f:b700::/29
2a0f:e900::/29
2a0f:eb00::/29
2a0f:ed00::/29
2a0f:f900::/29
2a13:a440::-2a13:a440:5:ffff:ffff:ffff:ffff:ffff
2a13:a440:7::/48
2a13:a441::-2a13:a442:ffff:ffff:ffff:ffff:ffff:ffff
2a13:a445::/32
2a13:a447::/32
Signature Algorithm: sha256WithRSAEncryption
10:be:cd:b2:b6:90:33:b1:d2:21:e1:f2:2d:d2:f4:a7:d6:04:
bb:a0:07:74:47:89:79:03:b3:25:7d:b3:f2:18:77:0a:ce:d9:
ce:dc:32:48:96:dc:d0:22:b4:09:e9:42:cf:22:7f:a5:52:84:
84:3b:bb:c2:5b:ae:ba:da:29:b6:33:80:99:3d:55:1f:e3:2b:
ff:69:20:d8:4d:a2:2b:65:cc:ed:02:7a:26:a6:83:9b:e4:1f:
5e:12:5e:e4:18:1e:93:36:da:95:ab:5e:a7:76:59:bd:cd:fb:
da:57:1b:1f:09:40:eb:bb:7e:c5:b2:69:b8:80:0e:4a:7d:ee:
85:e6:49:9c:ba:dd:06:8e:7e:f7:3c:b0:57:39:e0:16:01:17:
6a:9b:4c:d1:cc:75:5b:64:89:4f:50:68:52:ec:65:bf:75:17:
18:da:15:f3:96:be:15:2b:c9:bb:b8:05:3e:da:82:fe:5a:2f:
8c:59:cf:be:03:8f:13:85:63:85:d3:d9:4c:75:3a:52:bc:3e:
d3:e5:7f:15:74:6c:62:c0:08:f4:b2:39:ea:34:c9:44:03:93:
05:cb:ba:9d:4a:a2:a4:be:40:92:aa:bd:9a:79:a1:d1:35:4e:
14:4d:9d:1f:a0:9a:80:88:3c:8a:47:34:c3:30:bf:c2:da:4e:
bf:fc:19:60
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgISAZyoon1jN9F9EqI1/roSLQJtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjYwMzAxMDkwMjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTNiZDhlYmZjMTA4NzgxMjU1YTNhY2QxZWVlOGQzMGRlNjZkNTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8P3V94r39JlVvEEkVqNx/dPvqK9
MKOGfA5HuOcqGR9MHE8wvZkC57ALdpNv7/TI2HOQmryuqvCV+xZnPn+e76W2WoJq
nEMM+XspORTajFMpFpsn0HrusQqcPRFzfI4u0FcBA8oGu+4MV2XVDauWnkACxdeN
hoyyPk1ComhD7GLLUMTbxvrwu3XnJ+qvQWJn/5G6oXlZyHpWpOnsGCFq0nDEutoc
0bjimuVIsHIZT+qwo1dkmojDlI72vOf2kKDXGCrOPaG7eEayeGC3aGnyqIjNIWKn
s6RSao9IaN/YCjzy5lxg7j+jKHMDnp/LWzJA8m9o9Qi68CM20uEhKpL1xwIDAQAB
o4ICqTCCAqUwHQYDVR0OBBYEFE472Ov8EIeBJVo6zR7ujTDeZtUeMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvVGp2WTZfd1FoNEVsV2pyTkh1Nk5NTjVtMVI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG+BggrBgEFBQcBBwEB/wSBrjCBqzA+BAIAATA4AwQCBbRo
MAwDBAEtSvIDBAAtSvQDBAEtSvYDBAEtgwADBAEtiAQDBAJNU8gDBABb0MwDBADC
dO0waQQCAAIwYwMFAyoJh4ADBQMqD7cAAwUDKg/pAAMFAyoP6wADBQMqD+0AAwUD
Kg/5ADAQAwUGKhOkQAMHASoTpEAABAMHACoTpEAABzAOAwUAKhOkQQMFACoTpEID
BQAqE6RFAwUAKhOkRzANBgkqhkiG9w0BAQsFAAOCAQEAEL7NsraQM7HSIeHyLdL0
p9YEu6AHdEeJeQOzJX2z8hh3Cs7ZztwySJbc0CK0CelCzyJ/pVKEhDu7wluuutop
tjOAmT1VH+Mr/2kg2E2iK2XM7QJ6JqaDm+QfXhJe5Bgekzbalatep3ZZvc372lcb
HwlA67t+xbJpuIAOSn3uheZJnLrdBo5+9zywVzngFgEXaptM0cx1W2SJT1BoUuxl
v3UXGNoV85a+FSvJu7gFPtqC/lovjFnPvgOPE4VjhdPZTHU6Urw+0+V/FXRsYsAI
9LI56jTJRAOTBcu6nUqipL5Akqq9mnmh0TVOFE2dH6CagIg8ikc0wzC/wtpOv/wZ
YA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:56:23 2026 by rpki-client