Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/5cP6cbnajpCwbGvranWyeD_fF90.roa
File: 5cP6cbnajpCwbGvranWyeD_fF90.roa (raw, json)
Hash identifier: SqYwOONSyQvVoQhI2z3VeWEdZR6qwZ2kZcw9E1PtkTw=
Subject key identifier: E5:C3:FA:71:B9:DA:8E:90:B0:6C:6B:EB:6A:75:B2:78:3F:DF:17:DD
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 019EA6E69710E0E188EE4D3833C0F242FC69
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/5cP6cbnajpCwbGvranWyeD_fF90.roa
Signing time: Mon 08 Jun 2026 11:03:10 +0000
ROA not before: Mon 08 Jun 2026 11:03:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
85.115.210.0/23 maxlen: 24
213.145.68.0/23 maxlen: 23
213.145.70.0/23 maxlen: 24
213.145.70.0/24 maxlen: 24
213.145.72.0/21 maxlen: 24
213.145.72.0/23 maxlen: 24
213.145.84.0/23 maxlen: 23
213.145.86.0/23 maxlen: 23
213.145.88.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.mft
rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 23:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a6:e6:97:10:e0:e1:88:ee:4d:38:33:c0:f2:42:fc:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jun 8 11:03:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e5c3fa71b9da8e90b06c6beb6a75b2783fdf17dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:42:d2:dd:62:89:4e:e2:2f:56:50:a9:60:08:
6e:c6:c3:72:ae:9b:3f:3d:c3:a1:c1:cd:e0:e9:c0:
60:e1:76:14:66:12:d9:43:66:94:a9:37:54:d3:d3:
ad:36:12:cd:ac:86:f7:7a:52:83:a5:79:2d:19:56:
ee:24:02:94:7b:5b:c0:5d:d9:a2:5c:6a:80:04:0d:
2a:21:6f:2a:70:15:32:e4:aa:87:b5:3f:43:66:27:
5d:f5:5a:a4:79:65:da:1e:c0:f8:17:50:2a:fe:1d:
cb:63:2c:db:2b:21:bf:5b:76:88:bc:03:de:60:58:
7f:a0:a4:f4:be:91:99:42:7e:d8:a8:ab:9a:b2:75:
16:7b:1f:f9:4d:69:da:8f:9a:b8:4f:b1:d5:d7:07:
fe:99:98:28:37:03:a5:f8:3e:cf:1c:b6:d5:cd:28:
3c:89:55:8a:92:65:e1:c9:c0:92:1c:67:1b:70:6f:
f7:10:3b:6f:54:28:29:98:b9:17:74:85:01:c7:5c:
94:31:d8:76:17:97:29:9f:62:90:32:0c:25:46:64:
82:33:30:83:99:53:b2:b0:1c:fe:05:3c:af:c3:04:
53:54:96:0d:64:6b:f0:52:36:aa:e9:50:ee:63:3f:
d9:eb:4a:32:45:8c:b2:9b:37:4b:22:8d:cc:b3:69:
f6:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:C3:FA:71:B9:DA:8E:90:B0:6C:6B:EB:6A:75:B2:78:3F:DF:17:DD
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/5cP6cbnajpCwbGvranWyeD_fF90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/22
213.145.68.0-213.145.79.255
213.145.84.0-213.145.89.255
Signature Algorithm: sha256WithRSAEncryption
10:53:15:d3:da:13:74:c0:b9:94:5e:5e:97:d5:6a:5a:c4:1d:
27:11:c6:0b:21:7e:f7:63:ee:63:45:61:42:38:63:09:ef:98:
0e:ec:5b:c6:e5:48:03:92:bb:ac:7d:2e:78:59:33:fb:80:4e:
e2:a2:e7:e4:1c:10:24:95:3e:4e:b1:8b:25:8f:c8:81:f3:f0:
b7:bb:48:5a:cb:71:72:b0:45:05:92:7c:c1:84:5c:28:4e:cf:
1d:17:43:6d:2b:76:f0:35:bd:82:0e:ac:2a:01:9e:92:42:e1:
e2:ad:55:20:60:66:1b:5a:8a:45:c2:e5:6a:85:e2:d0:53:ca:
82:8d:ef:d1:eb:97:4e:83:23:49:f7:7d:2b:90:1d:f8:ee:55:
e5:48:f7:97:a2:61:fb:5b:f2:0d:78:97:5f:fa:ec:94:07:1d:
7c:41:16:88:47:ea:9a:c3:46:eb:4e:05:13:97:4f:20:21:df:
be:65:68:15:16:db:15:74:1b:c9:6f:00:a5:ca:3a:ac:af:7f:
a0:a3:38:a0:32:fb:88:69:01:2a:7d:e5:d6:7a:63:cf:f8:10:
ac:bb:51:b5:af:65:05:66:8c:40:14:ed:a5:0d:85:0e:1c:d4:
05:98:f4:76:a6:bc:32:ab:9f:1d:1f:25:22:26:53:e9:46:d5:
94:45:a5:53
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZ6m5pcQ4OGI7k04M8DyQvxpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjYwNjA4MTEwMzEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWMzZmE3MWI5ZGE4ZTkwYjA2YzZiZWI2YTc1YjI3ODNmZGYxN2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0LS3WKJTuIvVlCpYAhuxsNyrps/
PcOhwc3g6cBg4XYUZhLZQ2aUqTdU09OtNhLNrIb3elKDpXktGVbuJAKUe1vAXdmi
XGqABA0qIW8qcBUy5KqHtT9DZidd9VqkeWXaHsD4F1Aq/h3LYyzbKyG/W3aIvAPe
YFh/oKT0vpGZQn7YqKuasnUWex/5TWnaj5q4T7HV1wf+mZgoNwOl+D7PHLbVzSg8
iVWKkmXhycCSHGcbcG/3EDtvVCgpmLkXdIUBx1yUMdh2F5cpn2KQMgwlRmSCMzCD
mVOysBz+BTyvwwRTVJYNZGvwUjaq6VDuYz/Z60oyRYyymzdLIo3Ms2n2nQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOXD+nG52o6QsGxr62p1sng/3xfdMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvNWNQNmNibmFqcEN3Ykd2cmFuV3llRF9mRjkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQCVXPQMAwD
BALVkUQDBATVkUAwDAMEAtWRVAMEAdWRWDANBgkqhkiG9w0BAQsFAAOCAQEAEFMV
09oTdMC5lF5el9VqWsQdJxHGCyF+92PuY0VhQjhjCe+YDuxbxuVIA5K7rH0ueFkz
+4BO4qLn5BwQJJU+TrGLJY/IgfPwt7tIWstxcrBFBZJ8wYRcKE7PHRdDbSt28DW9
gg6sKgGekkLh4q1VIGBmG1qKRcLlaoXi0FPKgo3v0euXToMjSfd9K5Ad+O5V5Uj3
l6Jh+1vyDXiXX/rslAcdfEEWiEfqmsNG604FE5dPICHfvmVoFRbbFXQbyW8Apco6
rK9/oKM4oDL7iGkBKn3l1npjz/gQrLtRta9lBWaMQBTtpQ2FDhzUBZj0dqa8Mquf
HR8lIiZT6UbVlEWlUw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:38:36 2026 by rpki-client