Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/5g1swI8SqyqhndQn2HJUZ-2l-lI.roa
File: 5g1swI8SqyqhndQn2HJUZ-2l-lI.roa (raw, json)
Hash identifier: GBs/TAy8kUg/eyFVU/5qG1VqNcpJX0KNDjRsTJG4Kcs=
Subject key identifier: E6:0D:6C:C0:8F:12:AB:2A:A1:9D:D4:27:D8:72:54:67:ED:A5:FA:52
Certificate issuer: /CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Certificate serial: 019D8B2179EEE5DB7EEF0DCF94332692F6D8
Authority key identifier: 36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/5g1swI8SqyqhndQn2HJUZ-2l-lI.roa
Signing time: Tue 14 Apr 2026 08:35:20 +0000
ROA not before: Tue 14 Apr 2026 08:35:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198250
IP address blocks: 151.123.179.0/24 maxlen: 24
151.123.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.mft
rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8b:21:79:ee:e5:db:7e:ef:0d:cf:94:33:26:92:f6:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Validity
Not Before: Apr 14 08:35:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e60d6cc08f12ab2aa19dd427d8725467eda5fa52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9e:44:aa:d4:ef:01:f6:44:2b:9d:81:e2:1f:
d4:58:94:b5:69:46:5a:b4:60:89:59:ad:5e:95:cc:
23:e9:70:1c:a4:69:47:d9:92:fa:ef:63:cc:5c:15:
e3:cb:c0:f7:08:34:ce:ad:27:c1:32:f9:0f:20:14:
bc:d4:a9:b7:a3:e4:47:8c:88:ac:2f:b2:c1:9f:95:
8b:f1:55:5d:8c:ad:01:d3:fa:05:30:53:fe:6a:12:
3e:eb:92:d9:e7:93:0d:8c:ac:18:24:01:8d:c3:f3:
72:04:0b:e7:34:aa:f8:e4:db:a7:e9:5e:7d:8a:48:
a7:6c:78:86:4a:7f:55:cd:cf:27:27:1e:b1:65:f4:
8f:24:e8:49:7d:12:c9:94:b3:1a:0e:93:0f:59:b6:
aa:9f:ec:c8:9a:e7:f3:64:e5:95:a9:45:4c:df:9c:
2c:ae:59:f6:7e:41:21:59:70:b1:83:9c:7a:cb:5f:
52:f0:c5:07:d1:a1:b1:d9:b2:26:9e:53:e3:7a:be:
46:dc:95:06:74:84:d3:d9:b8:2e:af:85:41:80:73:
74:53:7d:95:b9:d3:07:74:f8:46:5a:05:eb:44:5c:
52:f0:55:d7:d2:01:6b:ac:ab:a4:8f:d6:77:c5:d2:
3c:d6:3c:1e:f4:46:0c:1a:69:08:ee:72:c6:5b:aa:
a3:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:0D:6C:C0:8F:12:AB:2A:A1:9D:D4:27:D8:72:54:67:ED:A5:FA:52
X509v3 Authority Key Identifier:
keyid:36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/5g1swI8SqyqhndQn2HJUZ-2l-lI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.123.179.0/24
151.123.181.0/24
Signature Algorithm: sha256WithRSAEncryption
93:d8:38:f8:85:7b:9f:a3:37:df:fd:c5:ba:f0:e6:77:72:74:
0f:4b:d1:53:77:1f:f4:db:ea:d9:b1:e6:3a:22:d0:e2:77:3c:
64:6f:75:23:d2:3c:a6:69:b1:1f:2b:06:af:87:df:02:5e:cc:
48:6a:45:9f:f2:ff:e7:44:d4:c4:4f:85:a5:16:87:19:2d:e0:
88:83:25:ba:2a:35:7f:ed:7d:56:38:8c:1a:90:6a:5a:8c:91:
e6:b5:b6:1d:fe:b9:60:ba:18:52:80:43:cc:b9:f2:b2:3a:37:
37:4c:5c:d6:38:9b:00:be:ea:27:44:e4:26:f3:46:19:a0:a9:
2a:be:81:bd:5c:01:47:60:9b:5b:1d:37:67:37:13:06:44:bb:
22:40:75:5d:fe:76:5a:17:46:a0:da:a2:5e:5d:03:29:10:67:
12:bf:ac:d1:cf:0b:18:6f:af:9a:89:bd:77:82:ca:ab:27:17:
bd:90:30:52:48:1b:60:2a:19:0c:4f:79:5a:2a:38:c0:9e:0c:
d3:a2:15:2f:31:b2:9b:f3:5b:06:ff:ce:15:77:d7:05:49:fd:
9f:b0:4f:63:c8:31:0b:12:90:bd:2a:cc:d0:d9:41:f5:39:94:
32:5a:92:b3:49:04:0e:ee:d4:66:09:15:21:e9:5b:f6:c1:02:
1c:0c:05:5e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ2LIXnu5dt+7w3PlDMmkvbYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MjJmYzJmOGFkOGIwMDgzNTdkYmU2ZjAxOTU5NjBjOWRl
NjFiZDUwHhcNMjYwNDE0MDgzNTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjBkNmNjMDhmMTJhYjJhYTE5ZGQ0MjdkODcyNTQ2N2VkYTVmYTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZ5EqtTvAfZEK52B4h/UWJS1aUZa
tGCJWa1elcwj6XAcpGlH2ZL672PMXBXjy8D3CDTOrSfBMvkPIBS81Km3o+RHjIis
L7LBn5WL8VVdjK0B0/oFMFP+ahI+65LZ55MNjKwYJAGNw/NyBAvnNKr45Nun6V59
ikinbHiGSn9Vzc8nJx6xZfSPJOhJfRLJlLMaDpMPWbaqn+zImufzZOWVqUVM35ws
rln2fkEhWXCxg5x6y19S8MUH0aGx2bImnlPjer5G3JUGdITT2bgur4VBgHN0U32V
udMHdPhGWgXrRFxS8FXX0gFrrKukj9Z3xdI81jwe9EYMGmkI7nLGW6qjwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOYNbMCPEqsqoZ3UJ9hyVGftpfpSMB8GA1UdIwQY
MBaAFDYi/C+K2LAINX2+bwGVlgyd5hvVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmIt
MDg4MzVkZmY2YzRmLzEvNWcxc3dJOFNxeXFobmRRbjJISlVaLTJsLWxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmItMDg4MzVkZmY2YzRm
LzEvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl3uzAwQA
l3u1MA0GCSqGSIb3DQEBCwUAA4IBAQCT2Dj4hXufozff/cW68OZ3cnQPS9FTdx/0
2+rZseY6ItDidzxkb3Uj0jymabEfKwavh98CXsxIakWf8v/nRNTET4WlFocZLeCI
gyW6KjV/7X1WOIwakGpajJHmtbYd/rlguhhSgEPMufKyOjc3TFzWOJsAvuonROQm
80YZoKkqvoG9XAFHYJtbHTdnNxMGRLsiQHVd/nZaF0ag2qJeXQMpEGcSv6zRzwsY
b6+aib13gsqrJxe9kDBSSBtgKhkMT3laKjjAngzTohUvMbKb81sG/84Vd9cFSf2f
sE9jyDELEpC9KszQ2UH1OZQyWpKzSQQO7tRmCRUh6Vv2wQIcDAVe
-----END CERTIFICATE-----
Generated at Sun Apr 19 12:10:24 2026 by rpki-client