Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/5_UuoRyDgdxjbE2TE8dugH7B9IY.roa
File: 5_UuoRyDgdxjbE2TE8dugH7B9IY.roa (raw, json)
Hash identifier: 2Xf+XBSf9Ny6F9aoTggMTGoccNI76d0CGvOX/LmC/mA=
Subject key identifier: E7:F5:2E:A1:1C:83:81:DC:63:6C:4D:93:13:C7:6E:80:7E:C1:F4:86
Certificate issuer: /CN=db239685409f64ba1c3a54a8ef141c924e71d892
Certificate serial: 019E6EDAB3031C6A34FF0600DFA528E6174D
Authority key identifier: DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/5_UuoRyDgdxjbE2TE8dugH7B9IY.roa
Signing time: Thu 28 May 2026 13:51:26 +0000
ROA not before: Thu 28 May 2026 13:51:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8426
IP address blocks: 31.3.136.0/21 maxlen: 21
46.18.128.0/21 maxlen: 21
62.240.224.0/19 maxlen: 19
79.99.32.0/21 maxlen: 21
89.185.32.0/19 maxlen: 19
91.208.181.0/24 maxlen: 24
94.198.144.0/21 maxlen: 21
94.198.146.0/24 maxlen: 24
95.131.136.0/21 maxlen: 24
146.185.40.0/21 maxlen: 24
185.7.36.0/22 maxlen: 24
185.29.40.0/22 maxlen: 22
185.29.43.0/24 maxlen: 24
185.88.104.0/22 maxlen: 22
185.93.36.0/22 maxlen: 22
194.146.172.0/22 maxlen: 22
212.43.192.0/18 maxlen: 18
2001:a70::/32 maxlen: 32
2a01:4580::/29 maxlen: 29
2a02:1f8::/32 maxlen: 32
2a02:c70::/32 maxlen: 32
2a02:2328::/32 maxlen: 32
2a03:7300::/32 maxlen: 32
2a03:7300::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/2yOWhUCfZLocOlSo7xQckk5x2JI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/2yOWhUCfZLocOlSo7xQckk5x2JI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6e:da:b3:03:1c:6a:34:ff:06:00:df:a5:28:e6:17:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db239685409f64ba1c3a54a8ef141c924e71d892
Validity
Not Before: May 28 13:51:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e7f52ea11c8381dc636c4d9313c76e807ec1f486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:fe:d9:8d:c3:ca:bf:69:e0:24:e8:eb:94:1a:
d0:32:65:80:91:f8:f8:0d:54:a3:38:aa:d2:a2:b1:
47:10:a5:d4:65:6c:eb:ad:c8:a8:19:5a:a2:a3:5d:
5d:f4:65:ba:bd:1d:95:07:a3:ca:c2:08:f7:36:44:
61:0d:ca:03:68:42:6a:9f:38:69:47:21:e3:d0:c6:
14:06:d2:71:d1:7b:2a:a6:f5:32:5c:60:e6:9b:e0:
1c:68:72:07:19:f2:e4:5c:ea:0c:0b:55:28:93:14:
0d:8a:8f:12:08:e3:00:ef:0f:59:d3:18:2b:e2:09:
42:86:38:62:0c:6a:33:51:90:70:33:83:da:8d:db:
8d:06:02:51:00:22:72:47:2f:f9:2b:ac:1f:2e:a2:
ee:7e:89:23:30:d5:b6:0c:42:55:16:4d:44:df:1e:
1e:92:49:de:49:67:53:0a:06:99:cb:71:17:d4:39:
e6:d3:9d:e6:8b:3b:2d:d0:21:e1:00:e1:2b:58:e2:
1e:b4:14:e5:88:b8:4e:a5:35:c9:f8:5f:d8:6e:77:
3e:c7:a2:7d:b8:06:d1:7d:d7:79:55:76:26:8e:09:
4c:e2:4e:1b:48:fa:1f:fd:5d:f6:f5:fe:fd:f8:db:
24:d3:54:de:3f:cc:8f:90:43:b2:49:fd:1d:99:48:
9e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:F5:2E:A1:1C:83:81:DC:63:6C:4D:93:13:C7:6E:80:7E:C1:F4:86
X509v3 Authority Key Identifier:
keyid:DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/5_UuoRyDgdxjbE2TE8dugH7B9IY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/2yOWhUCfZLocOlSo7xQckk5x2JI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.136.0/21
46.18.128.0/21
62.240.224.0/19
79.99.32.0/21
89.185.32.0/19
91.208.181.0/24
94.198.144.0/21
95.131.136.0/21
146.185.40.0/21
185.7.36.0/22
185.29.40.0/22
185.88.104.0/22
185.93.36.0/22
194.146.172.0/22
212.43.192.0/18
IPv6:
2001:a70::/32
2a01:4580::/29
2a02:1f8::/32
2a02:c70::/32
2a02:2328::/32
2a03:7300::/32
Signature Algorithm: sha256WithRSAEncryption
9b:0b:b9:25:2b:91:26:4c:1c:96:3d:9a:2f:e9:be:87:86:25:
bb:dc:78:50:ad:71:77:67:79:43:9c:09:c6:a0:51:cf:ce:c5:
1d:fd:11:20:5a:cf:5e:9a:cc:08:b2:65:88:dd:07:33:61:96:
f8:19:fd:2d:f4:7f:ee:7f:78:d1:58:ee:11:f4:f9:a3:43:71:
12:42:35:b3:2c:d0:e9:42:97:74:ec:4d:95:d7:99:bf:11:1e:
86:a3:5b:b0:0b:1b:be:e0:41:4d:79:18:e5:b7:7a:68:2d:72:
de:ab:85:df:05:15:71:cf:ad:35:58:a6:45:17:60:79:e6:05:
30:33:0c:ee:93:a5:b6:89:bf:df:e1:55:11:d2:84:00:da:53:
0b:bf:2e:ac:ef:dd:a1:3c:f0:dd:d5:27:89:29:48:82:36:c7:
33:12:d9:05:02:d5:0e:c9:1d:12:24:ea:82:16:82:b7:ab:47:
3a:7c:6f:4b:ab:75:df:f3:01:a5:41:ae:c4:ad:85:91:d4:d6:
d1:bc:c5:40:a1:35:73:4c:2d:7f:6c:1e:d2:26:40:37:98:a2:
a6:86:9b:55:2c:ca:12:42:de:c6:6f:69:16:94:6e:84:56:90:
76:4d:16:2d:2f:5b:fd:35:e4:66:0e:81:dd:f2:d3:f4:68:f7:
56:d4:1d:ad
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZ5u2rMDHGo0/wYA36Uo5hdNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjM5Njg1NDA5ZjY0YmExYzNhNTRhOGVmMTQxYzkyNGU3
MWQ4OTIwHhcNMjYwNTI4MTM1MTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2Y1MmVhMTFjODM4MWRjNjM2YzRkOTMxM2M3NmU4MDdlYzFmNDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/7ZjcPKv2ngJOjrlBrQMmWAkfj4
DVSjOKrSorFHEKXUZWzrrcioGVqio11d9GW6vR2VB6PKwgj3NkRhDcoDaEJqnzhp
RyHj0MYUBtJx0XsqpvUyXGDmm+AcaHIHGfLkXOoMC1UokxQNio8SCOMA7w9Z0xgr
4glChjhiDGozUZBwM4PajduNBgJRACJyRy/5K6wfLqLufokjMNW2DEJVFk1E3x4e
kkneSWdTCgaZy3EX1Dnm053mizst0CHhAOErWOIetBTliLhOpTXJ+F/Ybnc+x6J9
uAbRfdd5VXYmjglM4k4bSPof/V329f79+Nsk01TeP8yPkEOySf0dmUieSwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFOf1LqEcg4HcY2xNkxPHboB+wfSGMB8GA1UdIwQY
MBaAFNsjloVAn2S6HDpUqO8UHJJOcdiSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmIt
MmVmNDQ3ZTFiMDhjLzEvNV9VdW9SeURnZHhqYkUyVEU4ZHVnSDdCOUlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmItMmVmNDQ3ZTFiMDhj
LzEvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDBgBAIAATBaAwQDHwOI
AwQDLhKAAwQFPvDgAwQDT2MgAwQFWbkgAwQAW9C1AwQDXsaQAwQDX4OIAwQDkrko
AwQCuQckAwQCuR0oAwQCuVhoAwQCuV0kAwQCwpKsAwQG1CvAMDAEAgACMCoDBQAg
AQpwAwUDKgFFgAMFACoCAfgDBQAqAgxwAwUAKgIjKAMFACoDcwAwDQYJKoZIhvcN
AQELBQADggEBAJsLuSUrkSZMHJY9mi/pvoeGJbvceFCtcXdneUOcCcagUc/OxR39
ESBaz16azAiyZYjdBzNhlvgZ/S30f+5/eNFY7hH0+aNDcRJCNbMs0OlCl3TsTZXX
mb8RHoajW7ALG77gQU15GOW3emgtct6rhd8FFXHPrTVYpkUXYHnmBTAzDO6TpbaJ
v9/hVRHShADaUwu/Lqzv3aE88N3VJ4kpSII2xzMS2QUC1Q7JHRIk6oIWgrerRzp8
b0urdd/zAaVBrsSthZHU1tG8xUChNXNMLX9sHtImQDeYoqaGm1UsyhJC3sZvaRaU
boRWkHZNFi0vW/015GYOgd3y0/Ro91bUHa0=
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:38:07 2026 by rpki-client