Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5ca328-f114-4b3f-b8ba-50d7d94e2b9f/1/D4uyY53Lmy1XuEBR8gb-mU5orsY.roa
File: D4uyY53Lmy1XuEBR8gb-mU5orsY.roa (raw, json)
Hash identifier: 8oSSSK/7hQ8ikVIjak5cGWlYgkzTSsHj01P8F5aOk0c=
Subject key identifier: 0F:8B:B2:63:9D:CB:9B:2D:57:B8:40:51:F2:06:FE:99:4E:68:AE:C6
Certificate issuer: /CN=cf58cbc4aae3f80c49b372911a8d44861cdfeecb
Certificate serial: 019C9933FD7E72CCA870E7CCA6CD3EAFBA0E
Authority key identifier: CF:58:CB:C4:AA:E3:F8:0C:49:B3:72:91:1A:8D:44:86:1C:DF:EE:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z1jLxKrj-AxJs3KRGo1Ehhzf7ss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5ca328-f114-4b3f-b8ba-50d7d94e2b9f/1/D4uyY53Lmy1XuEBR8gb-mU5orsY.roa
Signing time: Thu 26 Feb 2026 09:07:27 +0000
ROA not before: Thu 26 Feb 2026 09:07:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200924
IP address blocks: 5.83.176.0/20 maxlen: 20
31.22.24.0/21 maxlen: 21
46.167.24.0/21 maxlen: 21
161.104.176.0/21 maxlen: 21
185.6.120.0/22 maxlen: 22
185.27.212.0/22 maxlen: 22
185.37.248.0/22 maxlen: 22
185.44.132.0/22 maxlen: 22
185.75.164.0/22 maxlen: 22
194.56.213.0/24 maxlen: 24
217.147.55.0/24 maxlen: 24
217.147.60.0/24 maxlen: 24
2a01:7420::/32 maxlen: 32
2a05:5800::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/5ca328-f114-4b3f-b8ba-50d7d94e2b9f/1/z1jLxKrj-AxJs3KRGo1Ehhzf7ss.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/5ca328-f114-4b3f-b8ba-50d7d94e2b9f/1/z1jLxKrj-AxJs3KRGo1Ehhzf7ss.mft
rsync://rpki.ripe.net/repository/DEFAULT/z1jLxKrj-AxJs3KRGo1Ehhzf7ss.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 12:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:99:33:fd:7e:72:cc:a8:70:e7:cc:a6:cd:3e:af:ba:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf58cbc4aae3f80c49b372911a8d44861cdfeecb
Validity
Not Before: Feb 26 09:07:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0f8bb2639dcb9b2d57b84051f206fe994e68aec6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:1a:18:ae:ff:45:cd:bd:af:56:90:dc:83:c7:
e6:2d:c5:9b:ae:02:a7:8d:70:41:5d:1a:da:72:58:
76:0c:8f:77:8a:ed:07:a1:56:0a:de:e7:83:38:53:
5d:50:a1:c1:e7:d0:fe:9e:25:3d:64:40:47:5c:69:
98:34:29:1c:12:6c:20:96:fc:98:3b:18:4f:52:18:
30:e3:2e:b1:ec:7a:6c:07:e8:13:a0:fd:f1:a0:86:
01:69:af:01:ad:7a:43:d0:53:8b:e6:e5:ef:6e:8d:
b0:5d:34:f2:3a:8a:04:b5:9b:1a:e0:8a:b6:34:c1:
88:12:10:67:84:ac:34:ba:04:d8:1f:dd:2f:d4:93:
90:f3:15:14:8e:eb:a4:e8:fa:9c:68:59:59:0f:7d:
d4:b2:85:65:f1:95:42:3c:5b:24:d2:98:12:fc:15:
24:ea:b6:78:3b:a7:d0:bd:26:0b:4a:60:98:72:47:
49:e8:46:cd:82:55:12:6d:df:d4:c0:62:39:88:62:
68:fd:17:a0:36:bb:92:e2:dd:47:48:50:99:9f:61:
ab:72:34:86:c1:d3:2b:b8:20:f6:14:64:6f:e0:1a:
40:fb:c9:2a:72:fe:a6:69:5c:79:73:cb:2a:c0:e2:
fa:64:ce:4e:c6:2d:b4:c2:b2:6b:b9:9b:f4:b9:52:
a0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:8B:B2:63:9D:CB:9B:2D:57:B8:40:51:F2:06:FE:99:4E:68:AE:C6
X509v3 Authority Key Identifier:
keyid:CF:58:CB:C4:AA:E3:F8:0C:49:B3:72:91:1A:8D:44:86:1C:DF:EE:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z1jLxKrj-AxJs3KRGo1Ehhzf7ss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5ca328-f114-4b3f-b8ba-50d7d94e2b9f/1/D4uyY53Lmy1XuEBR8gb-mU5orsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5ca328-f114-4b3f-b8ba-50d7d94e2b9f/1/z1jLxKrj-AxJs3KRGo1Ehhzf7ss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.176.0/20
31.22.24.0/21
46.167.24.0/21
161.104.176.0/21
185.6.120.0/22
185.27.212.0/22
185.37.248.0/22
185.44.132.0/22
185.75.164.0/22
194.56.213.0/24
217.147.55.0/24
217.147.60.0/24
IPv6:
2a01:7420::/32
2a05:5800::/29
Signature Algorithm: sha256WithRSAEncryption
2f:e2:53:b8:e5:4d:4b:86:10:84:7b:5f:24:d1:99:a8:91:58:
aa:cb:65:45:ab:33:35:c5:31:49:ae:ea:c0:f9:c8:24:6a:00:
ec:43:d8:5d:95:95:8b:4d:57:dd:cb:60:fc:91:2b:f6:76:50:
ff:4c:53:9f:01:24:6d:50:ac:8d:6c:63:88:bb:3c:40:83:09:
c7:eb:88:ad:ec:41:8b:c6:ae:55:ab:d8:c1:b2:59:1d:ef:40:
60:79:3c:50:d8:0e:bc:8b:b0:ce:61:c0:f6:d5:ae:39:f9:99:
f6:2b:c2:ce:c5:cd:c1:22:41:3b:f2:08:a1:bf:32:08:73:f4:
95:d8:b8:b5:4f:e3:8e:10:b8:39:7f:85:88:26:55:ea:6e:fb:
f1:3d:64:52:83:50:bf:45:5f:7c:b9:68:e5:cb:8e:62:70:09:
8a:d2:66:be:54:60:58:e6:0a:ef:77:56:2e:e2:33:51:a5:4d:
dd:eb:89:f9:a2:89:6e:b4:90:a3:de:ab:94:d6:ee:43:0a:a9:
25:7a:81:63:2d:9c:49:3b:21:5c:32:ba:4e:66:fc:f7:a6:c5:
8e:3a:85:d3:ed:4e:ed:da:9c:8c:35:54:c5:0b:2d:5f:08:23:
b6:32:52:63:fa:22:52:7e:c2:41:8f:e1:fa:5d:be:a2:67:2f:
ba:12:1f:86
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZyZM/1+csyocOfMps0+r7oOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNThjYmM0YWFlM2Y4MGM0OWIzNzI5MTFhOGQ0NDg2MWNk
ZmVlY2IwHhcNMjYwMjI2MDkwNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjhiYjI2MzlkY2I5YjJkNTdiODQwNTFmMjA2ZmU5OTRlNjhhZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohoYrv9Fzb2vVpDcg8fmLcWbrgKn
jXBBXRraclh2DI93iu0HoVYK3ueDOFNdUKHB59D+niU9ZEBHXGmYNCkcEmwglvyY
OxhPUhgw4y6x7HpsB+gToP3xoIYBaa8BrXpD0FOL5uXvbo2wXTTyOooEtZsa4Iq2
NMGIEhBnhKw0ugTYH90v1JOQ8xUUjuuk6PqcaFlZD33UsoVl8ZVCPFsk0pgS/BUk
6rZ4O6fQvSYLSmCYckdJ6EbNglUSbd/UwGI5iGJo/RegNruS4t1HSFCZn2GrcjSG
wdMruCD2FGRv4BpA+8kqcv6maVx5c8sqwOL6ZM5Oxi20wrJruZv0uVKgvwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFA+LsmOdy5stV7hAUfIG/plOaK7GMB8GA1UdIwQY
MBaAFM9Yy8Sq4/gMSbNykRqNRIYc3+7LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejFqTHhLcmotQXhKczNLUkdvMUVoaHpmN3NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81Y2EzMjgtZjExNC00YjNmLWI4YmEt
NTBkN2Q5NGUyYjlmLzEvRDR1eVk1M0xteTFYdUVCUjhnYi1tVTVvcnNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81Y2EzMjgtZjExNC00YjNmLWI4YmEtNTBkN2Q5NGUyYjlm
LzEvejFqTHhLcmotQXhKczNLUkdvMUVoaHpmN3NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBOBAIAATBIAwQEBVOwAwQD
HxYYAwQDLqcYAwQDoWiwAwQCuQZ4AwQCuRvUAwQCuSX4AwQCuSyEAwQCuUukAwQA
wjjVAwQA2ZM3AwQA2ZM8MBQEAgACMA4DBQAqAXQgAwUDKgVYADANBgkqhkiG9w0B
AQsFAAOCAQEAL+JTuOVNS4YQhHtfJNGZqJFYqstlRaszNcUxSa7qwPnIJGoA7EPY
XZWVi01X3ctg/JEr9nZQ/0xTnwEkbVCsjWxjiLs8QIMJx+uIrexBi8auVavYwbJZ
He9AYHk8UNgOvIuwzmHA9tWuOfmZ9ivCzsXNwSJBO/IIob8yCHP0ldi4tU/jjhC4
OX+FiCZV6m778T1kUoNQv0VffLlo5cuOYnAJitJmvlRgWOYK73dWLuIzUaVN3euJ
+aKJbrSQo96rlNbuQwqpJXqBYy2cSTshXDK6Tmb896bFjjqF0+1O7dqcjDVUxQst
XwgjtjJSY/oiUn7CQY/h+l2+omcvuhIfhg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:10:44 2026 by rpki-client