Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/0bbALsEZlkbsRmfhGFXRcx9rUIY.roa
File: 0bbALsEZlkbsRmfhGFXRcx9rUIY.roa (raw, json)
Hash identifier: EaXePGtmmMVBTaGreFnLxK1TMZfGNFgqcqvlwBSKVRI=
Subject key identifier: D1:B6:C0:2E:C1:19:96:46:EC:46:67:E1:18:55:D1:73:1F:6B:50:86
Certificate issuer: /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial: 019C47C18DCEA93EC67492643DF549ACA703
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/0bbALsEZlkbsRmfhGFXRcx9rUIY.roa
Signing time: Tue 10 Feb 2026 13:33:12 +0000
ROA not before: Tue 10 Feb 2026 13:33:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 36007
IP address blocks: 45.91.171.0/24 maxlen: 24
45.248.37.0/24 maxlen: 24
79.108.160.0/24 maxlen: 24
79.108.161.0/24 maxlen: 24
91.202.170.0/24 maxlen: 24
91.223.169.0/24 maxlen: 24
93.93.205.0/24 maxlen: 24
103.45.245.0/24 maxlen: 24
103.45.246.0/24 maxlen: 24
103.240.146.0/24 maxlen: 24
103.240.147.0/24 maxlen: 24
103.241.66.0/24 maxlen: 24
103.241.67.0/24 maxlen: 24
185.47.172.0/24 maxlen: 24
185.53.209.0/24 maxlen: 24
185.139.228.0/24 maxlen: 24
185.144.156.0/22 maxlen: 22
193.168.172.0/24 maxlen: 24
193.168.175.0/24 maxlen: 24
2a06:c5c0:1500::/48 maxlen: 48
2a06:c5c0:1600::/48 maxlen: 48
2a06:c5c0:1700::/48 maxlen: 48
2a07:3b80::/48 maxlen: 48
2a07:3b80:8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.mft
rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:47:c1:8d:ce:a9:3e:c6:74:92:64:3d:f5:49:ac:a7:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Validity
Not Before: Feb 10 13:33:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d1b6c02ec1199646ec4667e11855d1731f6b5086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e9:59:87:7d:2c:a3:80:81:96:9a:e7:76:5b:
36:6b:79:06:a5:cc:1a:4e:7e:3d:cb:5d:41:4a:b9:
93:aa:f7:83:58:ba:4a:92:d5:4f:31:f0:bf:3e:23:
d0:4b:1f:02:20:22:bf:da:b1:a1:d1:79:17:81:a4:
cc:3e:e5:25:e5:fa:72:22:8d:fb:b8:15:10:65:db:
8b:e0:3b:b0:9b:4c:a5:66:2b:b8:58:9d:62:1e:d1:
89:5e:d0:cd:d8:8b:32:98:51:d4:3a:a1:1d:a6:c4:
4b:d2:5a:cf:5b:3b:b9:87:d5:25:d6:5e:90:b1:95:
0c:c5:3e:9c:45:d6:32:ca:0f:8d:5b:9b:bb:cb:33:
76:58:90:8c:20:7c:f9:f2:27:6b:9a:8a:86:86:6b:
3c:70:f9:b6:16:76:6c:09:b9:87:2e:6e:f0:4a:4b:
69:f1:a7:74:cc:d1:19:8c:c4:48:72:0b:f7:65:a0:
26:74:c6:c3:9e:9b:75:bc:55:32:8f:a2:41:06:95:
a2:1e:fd:ca:ca:fe:96:bb:26:28:53:91:b8:fc:51:
ed:95:97:93:bd:e1:eb:4c:db:2d:d7:1a:6e:6a:f7:
c7:bd:00:34:76:f7:bf:ce:ea:45:0b:dd:c1:d5:a4:
4c:af:4f:69:08:40:32:bf:28:14:5e:96:c0:d1:9e:
57:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:B6:C0:2E:C1:19:96:46:EC:46:67:E1:18:55:D1:73:1F:6B:50:86
X509v3 Authority Key Identifier:
keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/0bbALsEZlkbsRmfhGFXRcx9rUIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.171.0/24
45.248.37.0/24
79.108.160.0/23
91.202.170.0/24
91.223.169.0/24
93.93.205.0/24
103.45.245.0-103.45.246.255
103.240.146.0/23
103.241.66.0/23
185.47.172.0/24
185.53.209.0/24
185.139.228.0/24
185.144.156.0/22
193.168.172.0/24
193.168.175.0/24
IPv6:
2a06:c5c0:1500::/48
2a06:c5c0:1600::/48
2a06:c5c0:1700::/48
2a07:3b80::/48
2a07:3b80:8::/48
Signature Algorithm: sha256WithRSAEncryption
60:c6:b9:9a:7c:70:f4:ec:ec:3d:bf:40:d5:fa:1a:52:d3:d3:
9e:ee:20:60:1f:df:4f:1f:fe:89:06:ce:da:93:22:f1:b4:fe:
5a:e6:e5:4b:8a:53:27:fe:13:e2:62:36:df:f1:4a:73:19:01:
89:92:16:e2:47:6a:60:21:09:7c:ae:61:cb:d6:e3:16:0b:4f:
4c:f4:89:d1:35:3d:7e:90:aa:13:cc:c5:85:ea:99:cf:60:e0:
d4:fb:a7:f7:04:80:5e:45:f1:18:9e:5a:0e:16:5c:52:e5:8f:
43:dd:4e:e1:74:a3:01:5f:b4:8d:9d:74:5a:e5:88:ca:9f:ae:
2f:2f:93:bb:85:6b:dd:53:91:cd:97:91:50:07:fa:5a:4e:1a:
33:1b:14:e7:c3:e7:34:0a:8b:85:9a:8a:8c:5b:bd:98:c2:9e:
3c:3a:be:cb:95:11:86:4f:52:72:09:11:68:d2:55:cb:60:dd:
df:ee:10:41:4e:93:54:ee:29:76:8a:b0:38:78:78:8f:37:62:
60:37:87:56:d4:ce:0d:50:87:74:d9:14:18:71:83:be:7c:07:
c0:9e:90:ca:79:90:b9:be:83:ca:87:f4:d8:2f:d3:fc:f3:68:
d2:f7:12:c6:0d:27:50:59:74:00:77:13:81:18:d8:c8:af:25:
a0:a8:6d:6a
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgISAZxHwY3OqT7GdJJkPfVJrKcDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjYwMjEwMTMzMzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWI2YzAyZWMxMTk5NjQ2ZWM0NjY3ZTExODU1ZDE3MzFmNmI1MDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+lZh30so4CBlprndls2a3kGpcwa
Tn49y11BSrmTqveDWLpKktVPMfC/PiPQSx8CICK/2rGh0XkXgaTMPuUl5fpyIo37
uBUQZduL4Duwm0ylZiu4WJ1iHtGJXtDN2IsymFHUOqEdpsRL0lrPWzu5h9Ul1l6Q
sZUMxT6cRdYyyg+NW5u7yzN2WJCMIHz58idrmoqGhms8cPm2FnZsCbmHLm7wSktp
8ad0zNEZjMRIcgv3ZaAmdMbDnpt1vFUyj6JBBpWiHv3Kyv6WuyYoU5G4/FHtlZeT
veHrTNst1xpuavfHvQA0dve/zupFC93B1aRMr09pCEAyvygUXpbA0Z5X0wIDAQAB
o4ICnTCCApkwHQYDVR0OBBYEFNG2wC7BGZZG7EZn4RhV0XMfa1CGMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvMGJiQUxzRVpsa2JzUm1maEdGWFJjeDlyVUlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGyBggrBgEFBQcBBwEB/wSBojCBnzBoBAIAATBiAwQALVur
AwQALfglAwQBT2ygAwQAW8qqAwQAW9+pAwQAXV3NMAwDBABnLfUDBABnLfYDBAFn
8JIDBAFn8UIDBAC5L6wDBAC5NdEDBAC5i+QDBAK5kJwDBADBqKwDBADBqK8wMwQC
AAIwLQMHACoGxcAVAAMHACoGxcAWAAMHACoGxcAXAAMHACoHO4AAAAMHACoHO4AA
CDANBgkqhkiG9w0BAQsFAAOCAQEAYMa5mnxw9OzsPb9A1foaUtPTnu4gYB/fTx/+
iQbO2pMi8bT+WublS4pTJ/4T4mI23/FKcxkBiZIW4kdqYCEJfK5hy9bjFgtPTPSJ
0TU9fpCqE8zFheqZz2Dg1Pun9wSAXkXxGJ5aDhZcUuWPQ91O4XSjAV+0jZ10WuWI
yp+uLy+Tu4Vr3VORzZeRUAf6Wk4aMxsU58PnNAqLhZqKjFu9mMKePDq+y5URhk9S
cgkRaNJVy2Dd3+4QQU6TVO4pdoqwOHh4jzdiYDeHVtTODVCHdNkUGHGDvnwHwJ6Q
ynmQub6Dyof02C/T/PNo0vcSxg0nUFl0AHcTgRjYyK8loKhtag==
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:06:06 2026 by rpki-client