Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/5LdG0DkwRbHvxCN-jFn2coUcAiM.roa
File: 5LdG0DkwRbHvxCN-jFn2coUcAiM.roa (raw, json)
Hash identifier: Nv1kP9EET3jYZdK3PjT5lXAhT9j6I3rPJ5QHRWNYOP0=
Subject key identifier: E4:B7:46:D0:39:30:45:B1:EF:C4:23:7E:8C:59:F6:72:85:1C:02:23
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 019D6C0E7563905A485FB6A0481B40A4BF8D
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/5LdG0DkwRbHvxCN-jFn2coUcAiM.roa
Signing time: Wed 08 Apr 2026 07:46:20 +0000
ROA not before: Wed 08 Apr 2026 07:46:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197703
IP address blocks: 132.243.30.0/23 maxlen: 23
135.136.182.0/23 maxlen: 23
135.136.182.0/24 maxlen: 24
135.136.183.0/24 maxlen: 24
2a0c:5d00:3011::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 10:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6c:0e:75:63:90:5a:48:5f:b6:a0:48:1b:40:a4:bf:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Apr 8 07:46:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e4b746d0393045b1efc4237e8c59f672851c0223
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:1e:e1:01:db:47:c7:52:b9:72:5b:21:a0:ff:
fb:2e:6a:19:e0:10:44:e8:97:5a:0f:66:1a:32:2f:
48:f2:0a:07:bc:e0:5f:a2:a8:95:c5:82:2e:18:33:
22:72:7d:9d:59:3c:f4:85:66:3a:21:1e:55:46:93:
32:4b:e3:18:94:6b:5e:8c:94:b9:92:d6:4f:77:63:
84:ee:ac:6b:c0:cb:b0:f5:d7:87:c2:11:fd:db:96:
9d:11:c7:67:49:4c:53:28:d4:e5:c6:9d:21:5f:9c:
b5:f5:a2:d3:41:5c:a6:92:71:1d:60:48:a5:dc:a0:
01:40:4f:d4:f3:a0:fd:a7:8f:c0:e1:59:88:7c:dd:
43:7b:0f:62:f3:de:b4:20:d3:48:3b:23:00:85:d9:
a8:60:d3:c3:d1:aa:50:18:35:68:97:d9:c3:69:73:
ae:3d:01:54:c3:dd:c3:24:b4:f5:03:c7:52:a7:ec:
20:f4:79:28:91:99:4b:5d:e3:b8:c7:47:49:e7:ac:
74:3f:15:6e:9a:fe:21:f1:8d:e6:e7:99:56:22:3f:
cc:a6:6a:fe:f0:0d:0e:5f:1d:cf:e9:0a:f8:c7:6f:
08:12:13:00:9e:4b:ed:1a:bf:d6:2a:b3:ca:06:8c:
7c:3b:fb:82:bb:c6:19:53:18:84:1c:4b:7a:4f:59:
87:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:B7:46:D0:39:30:45:B1:EF:C4:23:7E:8C:59:F6:72:85:1C:02:23
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/5LdG0DkwRbHvxCN-jFn2coUcAiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.243.30.0/23
135.136.182.0/23
IPv6:
2a0c:5d00:3011::/48
Signature Algorithm: sha256WithRSAEncryption
ad:de:2e:49:30:ac:29:ea:3c:b7:27:f0:cc:9c:e6:24:e0:b2:
f5:72:b1:4b:ee:fa:95:40:92:c0:12:9d:20:35:42:48:02:ee:
22:cc:e0:a8:89:78:60:c2:ab:1b:b6:88:97:fe:45:6a:28:a4:
cb:77:79:0d:21:74:1b:2b:83:ba:d1:7f:f7:57:35:d9:69:4a:
92:a4:cb:36:06:59:2d:e5:ca:85:1e:bf:91:72:96:5c:b7:13:
0b:59:b7:8e:8d:fe:8f:c7:ce:5c:91:84:f3:6f:7f:bb:3d:8b:
d0:9b:cb:44:3d:3a:cc:62:99:90:1d:f7:36:5d:71:0e:2b:bc:
d3:58:4e:73:cf:50:41:c6:33:3d:76:36:5a:9a:bb:c3:65:41:
e7:00:0d:00:c8:4d:f3:19:52:2b:4a:d2:9d:4e:77:88:bd:c6:
29:25:d3:1a:e8:0b:fb:ec:c6:f5:91:41:55:aa:fe:11:6d:15:
78:21:a3:c8:21:9e:b7:d5:85:73:da:1a:3a:dc:be:47:12:ed:
87:6f:ba:99:ff:98:de:e4:05:a2:c2:07:57:42:20:80:ec:ea:
fe:04:10:c2:f2:4e:8e:dd:26:22:b2:26:2b:33:cd:e7:85:81:
d7:bc:77:b8:b6:3b:1a:ac:90:0f:71:ac:a5:66:3a:e8:7f:47:
ae:30:a2:c7
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1sDnVjkFpIX7agSBtApL+NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjYwNDA4MDc0NjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGI3NDZkMDM5MzA0NWIxZWZjNDIzN2U4YzU5ZjY3Mjg1MWMwMjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5x7hAdtHx1K5clshoP/7LmoZ4BBE
6JdaD2YaMi9I8goHvOBfoqiVxYIuGDMicn2dWTz0hWY6IR5VRpMyS+MYlGtejJS5
ktZPd2OE7qxrwMuw9deHwhH925adEcdnSUxTKNTlxp0hX5y19aLTQVymknEdYEil
3KABQE/U86D9p4/A4VmIfN1Dew9i8960INNIOyMAhdmoYNPD0apQGDVol9nDaXOu
PQFUw93DJLT1A8dSp+wg9HkokZlLXeO4x0dJ56x0PxVumv4h8Y3m55lWIj/Mpmr+
8A0OXx3P6Qr4x28IEhMAnkvtGr/WKrPKBox8O/uCu8YZUxiEHEt6T1mHwwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOS3RtA5MEWx78QjfoxZ9nKFHAIjMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvNUxkRzBEa3dSYkh2eENOLWpGbjJjb1VjQWlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBhPMeAwQB
h4i2MA8EAgACMAkDBwAqDF0AMBEwDQYJKoZIhvcNAQELBQADggEBAK3eLkkwrCnq
PLcn8Myc5iTgsvVysUvu+pVAksASnSA1QkgC7iLM4KiJeGDCqxu2iJf+RWoopMt3
eQ0hdBsrg7rRf/dXNdlpSpKkyzYGWS3lyoUev5Fylly3EwtZt46N/o/HzlyRhPNv
f7s9i9Cby0Q9OsximZAd9zZdcQ4rvNNYTnPPUEHGMz12Nlqau8NlQecADQDITfMZ
UitK0p1Od4i9xikl0xroC/vsxvWRQVWq/hFtFXgho8ghnrfVhXPaGjrcvkcS7Ydv
upn/mN7kBaLCB1dCIIDs6v4EEMLyTo7dJiKyJiszzeeFgde8d7i2OxqskA9xrKVm
Ouh/R64wosc=
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:49:19 2026 by rpki-client