Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/Fk_uxWdkQeYx2z70vxU8pKeQvYc.roa
File: Fk_uxWdkQeYx2z70vxU8pKeQvYc.roa (raw, json)
Hash identifier: ktKC7e3hjBfZooC8pVGtH47x/POHGeRio9bH7/rdzsY=
Subject key identifier: 16:4F:EE:C5:67:64:41:E6:31:DB:3E:F4:BF:15:3C:A4:A7:90:BD:87
Certificate issuer: /CN=3545a7200164912041bb931efb1feac123b43a18
Certificate serial: 019E975BB4B82305C1C52BD64CB32A282855
Authority key identifier: 35:45:A7:20:01:64:91:20:41:BB:93:1E:FB:1F:EA:C1:23:B4:3A:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/Fk_uxWdkQeYx2z70vxU8pKeQvYc.roa
Signing time: Fri 05 Jun 2026 10:37:09 +0000
ROA not before: Fri 05 Jun 2026 10:37:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 24768
IP address blocks: 5.253.181.0/24 maxlen: 24
5.253.182.0/24 maxlen: 24
5.253.183.0/24 maxlen: 24
82.102.7.0/24 maxlen: 24
94.46.12.0/22 maxlen: 22
94.46.12.0/24 maxlen: 24
94.46.13.0/24 maxlen: 24
94.46.14.0/24 maxlen: 24
94.46.15.0/24 maxlen: 24
94.46.16.0/22 maxlen: 22
94.46.16.0/24 maxlen: 24
94.46.20.0/22 maxlen: 22
94.46.20.0/24 maxlen: 24
94.46.21.0/24 maxlen: 24
94.46.22.0/24 maxlen: 24
94.46.23.0/24 maxlen: 24
94.46.25.0/24 maxlen: 24
94.46.26.0/24 maxlen: 24
94.46.27.0/24 maxlen: 24
94.46.28.0/22 maxlen: 22
94.46.28.0/24 maxlen: 24
94.46.29.0/24 maxlen: 24
94.46.30.0/24 maxlen: 24
94.46.31.0/24 maxlen: 24
94.46.128.0/21 maxlen: 21
94.46.132.0/24 maxlen: 24
94.46.133.0/24 maxlen: 24
94.46.160.0/20 maxlen: 24
94.46.176.0/21 maxlen: 21
94.46.179.0/24 maxlen: 24
94.46.182.0/24 maxlen: 24
109.71.40.0/21 maxlen: 21
109.71.40.0/24 maxlen: 24
109.71.41.0/24 maxlen: 24
109.71.42.0/24 maxlen: 24
109.71.43.0/24 maxlen: 24
109.71.44.0/24 maxlen: 24
109.71.45.0/24 maxlen: 24
109.71.46.0/24 maxlen: 24
109.71.47.0/24 maxlen: 24
130.185.80.0/21 maxlen: 21
130.185.81.0/24 maxlen: 24
130.185.82.0/24 maxlen: 24
130.185.83.0/24 maxlen: 24
130.185.84.0/24 maxlen: 24
130.185.85.0/24 maxlen: 24
130.185.86.0/24 maxlen: 24
130.185.87.0/24 maxlen: 24
185.15.20.0/22 maxlen: 22
185.15.20.0/24 maxlen: 24
185.15.22.0/24 maxlen: 24
185.15.23.0/24 maxlen: 24
2a00:1650::/33 maxlen: 33
2a00:1650:0:1000::/64 maxlen: 64
2a00:1650:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.mft
rsync://rpki.ripe.net/repository/DEFAULT/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 22:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:97:5b:b4:b8:23:05:c1:c5:2b:d6:4c:b3:2a:28:28:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3545a7200164912041bb931efb1feac123b43a18
Validity
Not Before: Jun 5 10:37:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=164feec5676441e631db3ef4bf153ca4a790bd87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:44:d7:eb:94:cc:f7:70:65:88:d3:47:83:08:
5b:e7:41:d0:63:df:fa:a2:04:c8:85:ea:7a:1b:e7:
c1:2f:a4:4f:d1:c1:3c:17:b8:46:b0:14:93:75:77:
7d:b6:4a:99:e8:8c:f4:92:1d:26:6e:cc:6f:45:ab:
31:0f:6f:5a:a6:ef:40:7a:fb:c2:48:b6:db:9f:b0:
87:48:02:98:c7:e0:7b:13:92:79:1a:26:29:b0:60:
e4:4d:45:ca:30:07:16:e1:e9:94:63:dc:46:d4:d0:
1d:40:8e:fc:55:57:8c:b1:3d:87:f2:69:e0:32:ab:
60:55:2a:60:92:5d:4b:e1:9e:d8:d7:af:f1:e9:98:
0b:eb:0e:a8:57:ac:b1:64:23:2f:85:80:59:48:e6:
5d:4a:b5:16:eb:cf:44:1c:bc:b9:ab:b4:76:5f:e4:
78:76:e1:20:88:db:76:b5:d2:86:54:a3:6b:5c:60:
93:ff:6b:11:af:c1:3b:fa:86:5d:67:ec:d8:d8:9c:
df:5e:b6:e4:86:de:63:2d:0a:2f:a0:c7:bb:e5:b3:
92:9d:ea:b7:fc:36:3f:60:03:08:d0:ad:5c:5d:d6:
cd:a7:78:92:01:a2:3f:d2:73:c0:7d:50:e3:68:eb:
e5:e3:bb:10:9d:cb:aa:5e:15:dd:c0:32:96:94:ea:
61:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:4F:EE:C5:67:64:41:E6:31:DB:3E:F4:BF:15:3C:A4:A7:90:BD:87
X509v3 Authority Key Identifier:
keyid:35:45:A7:20:01:64:91:20:41:BB:93:1E:FB:1F:EA:C1:23:B4:3A:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/Fk_uxWdkQeYx2z70vxU8pKeQvYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.181.0-5.253.183.255
82.102.7.0/24
94.46.12.0-94.46.23.255
94.46.25.0-94.46.31.255
94.46.128.0/21
94.46.160.0-94.46.183.255
109.71.40.0/21
130.185.80.0/21
185.15.20.0/22
IPv6:
2a00:1650::/32
Signature Algorithm: sha256WithRSAEncryption
89:b1:1e:17:60:6b:24:ac:b4:96:6b:40:4b:ca:a1:44:b8:4e:
ff:8d:3e:0e:21:37:8a:af:91:76:2e:35:b3:0c:6b:3f:cd:ca:
04:7b:94:e0:d4:ad:e6:56:d8:ad:7f:ec:a9:5b:7b:cd:ce:d1:
8d:50:13:3a:14:0a:94:32:4b:49:4f:2b:3b:41:06:3c:26:35:
d3:e5:a3:ba:46:96:f1:c3:77:9f:bf:78:c3:9d:a2:40:0b:8c:
b8:02:2f:7b:6a:84:60:e8:45:23:ad:5d:ed:00:03:75:e1:5d:
5d:27:90:09:6c:a4:9e:03:97:6f:a9:2e:c6:06:d9:28:71:8f:
60:65:b6:22:68:27:30:93:4d:ce:f2:82:cf:dc:68:f8:1f:78:
55:62:51:a0:b2:53:f3:f0:6c:79:26:d3:f1:6e:8d:f8:3b:87:
0f:4e:ef:e1:f5:eb:7f:54:c6:87:65:5b:8e:2a:59:76:ad:37:
4b:04:78:66:63:ed:a3:bc:03:0a:d1:41:1d:80:5b:a6:40:cc:
b9:bc:dc:57:39:a4:06:ba:83:54:d1:c7:31:04:cd:34:f9:f0:
1c:23:3b:38:73:6b:6e:fe:7a:fd:43:50:05:ef:00:6f:bc:1c:
a0:ee:e0:09:22:98:ac:6f:6c:49:a9:37:39:7f:66:f9:21:0e:
b2:1e:f5:39
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAZ6XW7S4IwXBxSvWTLMqKChVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDVhNzIwMDE2NDkxMjA0MWJiOTMxZWZiMWZlYWMxMjNi
NDNhMTgwHhcNMjYwNjA1MTAzNzA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjRmZWVjNTY3NjQ0MWU2MzFkYjNlZjRiZjE1M2NhNGE3OTBiZDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwETX65TM93BliNNHgwhb50HQY9/6
ogTIhep6G+fBL6RP0cE8F7hGsBSTdXd9tkqZ6Iz0kh0mbsxvRasxD29apu9AevvC
SLbbn7CHSAKYx+B7E5J5GiYpsGDkTUXKMAcW4emUY9xG1NAdQI78VVeMsT2H8mng
MqtgVSpgkl1L4Z7Y16/x6ZgL6w6oV6yxZCMvhYBZSOZdSrUW689EHLy5q7R2X+R4
duEgiNt2tdKGVKNrXGCT/2sRr8E7+oZdZ+zY2JzfXrbkht5jLQovoMe75bOSneq3
/DY/YAMI0K1cXdbNp3iSAaI/0nPAfVDjaOvl47sQncuqXhXdwDKWlOphvQIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFBZP7sVnZEHmMds+9L8VPKSnkL2HMB8GA1UdIwQY
MBaAFDVFpyABZJEgQbuTHvsf6sEjtDoYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVXbklBRmtrU0JCdTVNZS14X3F3U08wT2hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy81OWM0YjgtODdmNC00ZjJmLWE0NDkt
YWFiYjA2MmU0MGRiLzEvRmtfdXhXZGtRZVl4Mno3MHZ4VThwS2VRdlljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy81OWM0YjgtODdmNC00ZjJmLWE0NDktYWFiYjA2MmU0MGRi
LzEvTlVXbklBRmtrU0JCdTVNZS14X3F3U08wT2hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBcBAIAATBWMAwDBAAF/bUD
BAMF/bADBABSZgcwDAMEAl4uDAMEA14uEDAMAwQAXi4ZAwQFXi4AAwQDXi6AMAwD
BAVeLqADBANeLrADBANtRygDBAOCuVADBAK5DxQwDQQCAAIwBwMFACoAFlAwDQYJ
KoZIhvcNAQELBQADggEBAImxHhdgaySstJZrQEvKoUS4Tv+NPg4hN4qvkXYuNbMM
az/NygR7lODUreZW2K1/7Klbe83O0Y1QEzoUCpQyS0lPKztBBjwmNdPlo7pGlvHD
d5+/eMOdokALjLgCL3tqhGDoRSOtXe0AA3XhXV0nkAlspJ4Dl2+pLsYG2Shxj2Bl
tiJoJzCTTc7ygs/caPgfeFViUaCyU/PwbHkm0/Fujfg7hw9O7+H1639UxodlW44q
WXatN0sEeGZj7aO8AwrRQR2AW6ZAzLm83Fc5pAa6g1TRxzEEzTT58BwjOzhza27+
ev1DUAXvAG+8HKDu4AkimKxvbEmpNzl/ZvkhDrIe9Tk=
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:23:34 2026 by rpki-client