Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/sipouLFaZnWU6kMc1W3IF6GY8o8.roa
File: sipouLFaZnWU6kMc1W3IF6GY8o8.roa (raw, json)
Hash identifier: 14mOYOBWNZmrManBAJsUtMkbRrujOhvUzwWkYhZ1qx4=
Subject key identifier: B2:2A:68:B8:B1:5A:66:75:94:EA:43:1C:D5:6D:C8:17:A1:98:F2:8F
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 019D48790ECA92A4776E315767C716D2FFE0
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/sipouLFaZnWU6kMc1W3IF6GY8o8.roa
Signing time: Wed 01 Apr 2026 09:56:26 +0000
ROA not before: Wed 01 Apr 2026 09:56:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200740
IP address blocks: 45.134.12.0/23 maxlen: 23
45.134.14.0/23 maxlen: 23
80.76.32.0/23 maxlen: 23
80.76.34.0/23 maxlen: 23
89.44.84.0/23 maxlen: 23
91.200.14.0/24 maxlen: 24
91.200.15.0/24 maxlen: 24
92.118.8.0/23 maxlen: 23
95.81.77.0/24 maxlen: 24
95.81.93.0/24 maxlen: 24
95.81.94.0/23 maxlen: 23
95.81.112.0/24 maxlen: 24
95.81.113.0/24 maxlen: 24
95.81.119.0/24 maxlen: 24
95.81.120.0/24 maxlen: 24
103.85.112.0/24 maxlen: 24
103.85.113.0/24 maxlen: 24
103.249.132.0/23 maxlen: 23
103.249.134.0/23 maxlen: 23
104.128.131.0/24 maxlen: 24
104.128.138.0/23 maxlen: 23
104.128.142.0/23 maxlen: 23
104.128.142.0/24 maxlen: 24
104.128.143.0/24 maxlen: 24
109.69.56.0/23 maxlen: 23
109.69.58.0/23 maxlen: 23
135.136.182.0/24 maxlen: 24
135.136.183.0/24 maxlen: 24
135.136.184.0/23 maxlen: 23
135.136.184.0/24 maxlen: 24
135.136.185.0/24 maxlen: 24
135.136.189.0/24 maxlen: 24
185.103.252.0/23 maxlen: 23
185.103.254.0/23 maxlen: 23
185.114.72.0/23 maxlen: 23
193.239.160.0/23 maxlen: 23
193.239.166.0/23 maxlen: 23
2a0c:5d00:3002::/48 maxlen: 48
2a0c:5d00:3004::/48 maxlen: 48
2a0c:5d00:3005::/48 maxlen: 48
2a0c:5d00:3007::/48 maxlen: 48
2a0c:5d00:3008::/48 maxlen: 48
2a0c:5d00:3010::/48 maxlen: 48
2a0c:5d00:3012::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 10:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:48:79:0e:ca:92:a4:77:6e:31:57:67:c7:16:d2:ff:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Apr 1 09:56:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b22a68b8b15a667594ea431cd56dc817a198f28f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:5b:15:b2:7d:d1:e1:e7:22:0c:20:d4:3d:fa:
0b:6b:5a:d6:cf:c8:e9:43:2a:c7:bb:9b:cb:b4:31:
23:0b:ce:12:c7:1c:88:62:bc:a4:aa:7c:3a:f3:9e:
e7:65:b9:47:3b:84:3f:a1:93:7b:aa:79:86:83:bb:
8a:ea:bd:62:32:27:6f:77:3d:e4:49:97:4b:76:26:
e6:5d:0d:cd:89:5c:12:6b:ea:3e:b3:d8:fe:7c:04:
70:f6:fc:c9:d1:54:f9:72:e8:9a:64:23:74:b9:ec:
89:c4:83:6c:f8:4d:e1:f7:69:b8:99:67:d0:3a:67:
fb:ee:5f:40:7b:a3:60:9d:88:36:fa:81:e5:1b:49:
9e:04:38:b3:15:91:6a:a3:bc:a7:8f:68:e1:c9:61:
ab:08:f5:c1:1b:37:dd:3b:77:18:c7:fb:af:bf:39:
28:ab:c4:37:24:f6:8e:cf:86:5d:0e:c2:4c:4a:82:
59:0d:bc:3e:fd:88:0d:8c:52:b9:1b:af:6d:f5:b2:
5a:40:54:92:42:b4:90:1d:3e:94:68:44:31:fb:fc:
42:28:34:58:92:a6:00:3e:f4:46:b9:2f:01:4d:7f:
b5:6d:4e:c7:92:c9:ce:3c:47:e1:82:bc:98:2c:eb:
3c:63:2a:f2:d6:4f:b5:03:73:17:01:e5:6b:a6:d6:
4d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:2A:68:B8:B1:5A:66:75:94:EA:43:1C:D5:6D:C8:17:A1:98:F2:8F
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/sipouLFaZnWU6kMc1W3IF6GY8o8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.12.0/22
80.76.32.0/22
89.44.84.0/23
91.200.14.0/23
92.118.8.0/23
95.81.77.0/24
95.81.93.0-95.81.95.255
95.81.112.0/23
95.81.119.0-95.81.120.255
103.85.112.0/23
103.249.132.0/22
104.128.131.0/24
104.128.138.0/23
104.128.142.0/23
109.69.56.0/22
135.136.182.0-135.136.185.255
135.136.189.0/24
185.103.252.0/22
185.114.72.0/23
193.239.160.0/23
193.239.166.0/23
IPv6:
2a0c:5d00:3002::/48
2a0c:5d00:3004::/47
2a0c:5d00:3007::-2a0c:5d00:3008:ffff:ffff:ffff:ffff:ffff
2a0c:5d00:3010::/48
2a0c:5d00:3012::/48
Signature Algorithm: sha256WithRSAEncryption
07:6e:74:2f:f1:ff:85:35:0c:6d:a3:a6:fa:64:a8:4d:2c:0a:
78:3a:56:d3:27:4f:3e:c2:18:92:6c:6c:e8:fc:3d:0f:07:e5:
8e:50:74:09:23:5b:e3:13:06:7b:3b:ee:9b:f5:5e:f6:55:28:
27:14:59:c2:ad:21:38:7c:a2:de:19:0d:3b:7c:7b:17:1c:99:
02:6a:ac:34:a8:bc:19:fd:14:0d:32:6b:aa:1a:47:c7:db:cc:
53:3e:62:df:2f:12:b0:dc:53:20:89:12:ae:8e:b8:89:ea:1c:
d0:0e:e3:a2:71:1b:b7:4e:ae:f3:a0:37:1e:b8:36:49:1f:2f:
72:0b:fa:96:87:41:42:46:b2:65:70:19:20:23:d3:49:6d:a6:
20:ed:bc:03:4e:3f:46:9e:ea:d9:0b:ec:c0:cb:ba:99:87:8a:
ab:db:25:a4:6b:04:60:80:a3:c4:35:90:98:ed:0c:f7:65:1a:
d1:3e:b0:e7:5f:6c:47:e4:c6:c9:6a:a1:b9:96:13:68:c8:95:
77:d6:aa:33:23:47:d8:b1:b1:19:66:32:ff:42:48:3b:f6:a0:
31:a2:5b:8c:cf:bf:ea:fc:a4:21:c7:fd:26:98:62:fc:b9:fa:
b5:e2:0f:97:71:db:8a:95:64:7a:67:1e:ae:4e:10:40:9f:1c:
f2:6e:ea:3a
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAZ1IeQ7KkqR3bjFXZ8cW0v/gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjYwNDAxMDk1NjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjJhNjhiOGIxNWE2Njc1OTRlYTQzMWNkNTZkYzgxN2ExOThmMjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFsVsn3R4eciDCDUPfoLa1rWz8jp
QyrHu5vLtDEjC84SxxyIYrykqnw6857nZblHO4Q/oZN7qnmGg7uK6r1iMidvdz3k
SZdLdibmXQ3NiVwSa+o+s9j+fARw9vzJ0VT5cuiaZCN0ueyJxINs+E3h92m4mWfQ
Omf77l9Ae6NgnYg2+oHlG0meBDizFZFqo7ynj2jhyWGrCPXBGzfdO3cYx/uvvzko
q8Q3JPaOz4ZdDsJMSoJZDbw+/YgNjFK5G69t9bJaQFSSQrSQHT6UaEQx+/xCKDRY
kqYAPvRGuS8BTX+1bU7HksnOPEfhgryYLOs8Yyry1k+1A3MXAeVrptZN5wIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFLIqaLixWmZ1lOpDHNVtyBehmPKPMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvc2lwb3VMRmFabldVNmtNYzFXM0lGNkdZOG84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCBnQQCAAEwgZYDBAIt
hgwDBAJQTCADBAFZLFQDBAFbyA4DBAFcdggDBABfUU0wDAMEAF9RXQMEBV9RQAME
AV9RcDAMAwQAX1F3AwQAX1F4AwQBZ1VwAwQCZ/mEAwQAaICDAwQBaICKAwQBaICO
AwQCbUU4MAwDBAGHiLYDBAGHiLgDBACHiL0DBAK5Z/wDBAG5ckgDBAHB76ADBAHB
76YwPgQCAAIwOAMHACoMXQAwAgMHASoMXQAwBDASAwcAKgxdADAHAwcAKgxdADAI
AwcAKgxdADAQAwcAKgxdADASMA0GCSqGSIb3DQEBCwUAA4IBAQAHbnQv8f+FNQxt
o6b6ZKhNLAp4OlbTJ08+whiSbGzo/D0PB+WOUHQJI1vjEwZ7O+6b9V72VSgnFFnC
rSE4fKLeGQ07fHsXHJkCaqw0qLwZ/RQNMmuqGkfH28xTPmLfLxKw3FMgiRKujriJ
6hzQDuOicRu3Tq7zoDceuDZJHy9yC/qWh0FCRrJlcBkgI9NJbaYg7bwDTj9GnurZ
C+zAy7qZh4qr2yWkawRggKPENZCY7Qz3ZRrRPrDnX2xH5MbJaqG5lhNoyJV31qoz
I0fYsbEZZjL/Qkg79qAxoluMz7/q/KQhx/0mmGL8ufq14g+XcduKlWR6Zx6uThBA
nxzybuo6
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:42:35 2026 by rpki-client