Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/cfea9e-bee2-4bcb-8def-3e4b74dd058d/1/5H5HvQv575nFSmKSZOWkpoNmJa4.roa
File: 5H5HvQv575nFSmKSZOWkpoNmJa4.roa (raw, json)
Hash identifier: C7AqddrBTGFSdtwcxzGRSd2Sbb+zBQZFF1QXO0RlcUs=
Subject key identifier: E4:7E:47:BD:0B:F9:EF:99:C5:4A:62:92:64:E5:A4:A6:83:66:25:AE
Certificate issuer: /CN=0e298900355fdf4254c20831f2d7ee3bec429bdb
Certificate serial: 019DDE217D3488EA59909A1590BBE02CB06A
Authority key identifier: 0E:29:89:00:35:5F:DF:42:54:C2:08:31:F2:D7:EE:3B:EC:42:9B:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DimJADVf30JUwggx8tfuO-xCm9s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/cfea9e-bee2-4bcb-8def-3e4b74dd058d/1/5H5HvQv575nFSmKSZOWkpoNmJa4.roa
Signing time: Thu 30 Apr 2026 11:23:49 +0000
ROA not before: Thu 30 Apr 2026 11:23:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60458
IP address blocks: 45.146.188.0/22 maxlen: 22
45.151.192.0/22 maxlen: 22
185.37.231.0/24 maxlen: 24
185.100.72.0/22 maxlen: 22
185.125.78.0/24 maxlen: 24
185.156.219.0/24 maxlen: 24
185.162.168.0/23 maxlen: 23
185.162.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/cfea9e-bee2-4bcb-8def-3e4b74dd058d/1/DimJADVf30JUwggx8tfuO-xCm9s.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/cfea9e-bee2-4bcb-8def-3e4b74dd058d/1/DimJADVf30JUwggx8tfuO-xCm9s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DimJADVf30JUwggx8tfuO-xCm9s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:de:21:7d:34:88:ea:59:90:9a:15:90:bb:e0:2c:b0:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e298900355fdf4254c20831f2d7ee3bec429bdb
Validity
Not Before: Apr 30 11:23:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e47e47bd0bf9ef99c54a629264e5a4a6836625ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a4:4f:d1:7d:cd:9d:c0:be:a8:8c:72:1a:f3:
f5:34:7a:8f:bd:30:5f:12:30:69:2c:f6:4c:7f:a4:
a3:f0:a6:d4:50:8c:f3:b4:4f:56:4d:b3:ac:fa:39:
1e:47:ed:fa:55:6d:ad:bc:f2:e1:4a:ae:3e:97:f0:
fa:19:7b:3c:c9:86:0b:34:24:9e:b2:25:89:e9:28:
74:69:c5:f1:09:d9:be:1c:17:eb:5f:fd:a3:72:73:
88:15:ea:c2:e7:02:b1:a7:45:79:d8:7d:61:54:63:
d6:bf:50:bf:b9:4d:5d:12:47:a0:ef:16:6a:97:76:
71:b1:f8:c2:21:e3:58:06:f8:d1:29:12:17:b0:ea:
05:ea:2c:19:c0:44:45:bf:cb:16:29:e0:1e:6b:16:
33:45:a5:b9:65:ea:0c:20:03:83:0a:e0:19:fa:de:
e4:13:9d:48:77:84:32:75:64:95:3c:19:90:71:f0:
2e:ce:c5:38:ba:2e:54:92:ba:72:8e:c2:d9:b7:ac:
20:86:61:13:17:5e:3a:e7:54:76:f6:72:f1:ec:a7:
f5:3a:3d:a3:7c:1a:25:9e:5d:50:69:86:93:a4:e4:
98:53:87:34:81:f6:0b:84:9d:71:72:28:1e:bd:56:
c0:05:14:4a:0d:8d:7c:b0:14:d2:9a:05:09:d3:eb:
9b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:7E:47:BD:0B:F9:EF:99:C5:4A:62:92:64:E5:A4:A6:83:66:25:AE
X509v3 Authority Key Identifier:
keyid:0E:29:89:00:35:5F:DF:42:54:C2:08:31:F2:D7:EE:3B:EC:42:9B:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DimJADVf30JUwggx8tfuO-xCm9s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/cfea9e-bee2-4bcb-8def-3e4b74dd058d/1/5H5HvQv575nFSmKSZOWkpoNmJa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/cfea9e-bee2-4bcb-8def-3e4b74dd058d/1/DimJADVf30JUwggx8tfuO-xCm9s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.188.0/22
45.151.192.0/22
185.37.231.0/24
185.100.72.0/22
185.125.78.0/24
185.156.219.0/24
185.162.168.0/23
185.162.171.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:54:0f:e6:9f:0d:6c:74:84:fc:af:7b:77:21:25:c7:ed:06:
fc:e0:11:09:ab:2e:0b:d3:f1:8d:39:28:11:8d:1a:55:76:e3:
a1:00:d9:c7:93:4b:52:ee:48:7b:81:c6:9b:67:f2:5a:6b:48:
92:27:9c:25:6e:71:87:90:f3:08:28:56:aa:ea:cb:73:b8:43:
84:79:61:b1:73:48:be:31:e0:44:90:23:2a:81:12:5f:6f:38:
d3:da:0b:15:ba:a4:57:08:bc:46:49:eb:fb:23:7a:7c:07:ec:
37:6f:6d:58:1d:59:08:4f:5b:92:2d:81:01:61:b3:1c:b2:de:
ac:b6:b8:dc:7d:d2:e7:35:22:f3:0c:47:6a:91:40:92:6d:a6:
4d:6e:7b:16:9b:9d:a5:11:0c:80:d1:2e:49:9e:00:89:40:b3:
9b:a3:b8:d7:b7:48:ef:38:ea:87:3a:41:d2:1d:bc:c6:07:cc:
d2:e3:88:52:5c:25:56:2a:85:71:16:95:c6:6e:e1:76:06:3a:
83:16:bf:d0:9a:6a:2a:53:d6:e4:09:1c:51:6d:e1:b4:9f:b6:
7b:43:81:37:53:9b:89:e7:3a:8e:8f:c6:5e:4a:df:0c:0c:38:
6c:4a:15:1b:50:9b:aa:14:28:6b:5d:b9:da:a7:4b:f4:df:ce:
58:c8:82:e2
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZ3eIX00iOpZkJoVkLvgLLBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMjk4OTAwMzU1ZmRmNDI1NGMyMDgzMWYyZDdlZTNiZWM0
MjliZGIwHhcNMjYwNDMwMTEyMzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDdlNDdiZDBiZjllZjk5YzU0YTYyOTI2NGU1YTRhNjgzNjYyNWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqRP0X3NncC+qIxyGvP1NHqPvTBf
EjBpLPZMf6Sj8KbUUIzztE9WTbOs+jkeR+36VW2tvPLhSq4+l/D6GXs8yYYLNCSe
siWJ6Sh0acXxCdm+HBfrX/2jcnOIFerC5wKxp0V52H1hVGPWv1C/uU1dEkeg7xZq
l3ZxsfjCIeNYBvjRKRIXsOoF6iwZwERFv8sWKeAeaxYzRaW5ZeoMIAODCuAZ+t7k
E51Id4QydWSVPBmQcfAuzsU4ui5UkrpyjsLZt6wghmETF14651R29nLx7Kf1Oj2j
fBolnl1QaYaTpOSYU4c0gfYLhJ1xcigevVbABRRKDY18sBTSmgUJ0+ubBQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOR+R70L+e+ZxUpikmTlpKaDZiWuMB8GA1UdIwQY
MBaAFA4piQA1X99CVMIIMfLX7jvsQpvbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGltSkFEVmYzMEpVd2dneDh0ZnVPLXhDbTlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9jZmVhOWUtYmVlMi00YmNiLThkZWYt
M2U0Yjc0ZGQwNThkLzEvNUg1SHZRdjU3NW5GU21LU1pPV2twb05tSmE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9jZmVhOWUtYmVlMi00YmNiLThkZWYtM2U0Yjc0ZGQwNThk
LzEvRGltSkFEVmYzMEpVd2dneDh0ZnVPLXhDbTlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCLZK8AwQC
LZfAAwQAuSXnAwQCuWRIAwQAuX1OAwQAuZzbAwQBuaKoAwQAuaKrMA0GCSqGSIb3
DQEBCwUAA4IBAQCwVA/mnw1sdIT8r3t3ISXH7Qb84BEJqy4L0/GNOSgRjRpVduOh
ANnHk0tS7kh7gcabZ/Jaa0iSJ5wlbnGHkPMIKFaq6stzuEOEeWGxc0i+MeBEkCMq
gRJfbzjT2gsVuqRXCLxGSev7I3p8B+w3b21YHVkIT1uSLYEBYbMcst6strjcfdLn
NSLzDEdqkUCSbaZNbnsWm52lEQyA0S5JngCJQLObo7jXt0jvOOqHOkHSHbzGB8zS
44hSXCVWKoVxFpXGbuF2BjqDFr/QmmoqU9bkCRxRbeG0n7Z7Q4E3U5uJ5zqOj8Ze
St8MDDhsShUbUJuqFChrXbnap0v0385YyILi
-----END CERTIFICATE-----
Generated at Tue May 12 22:56:31 2026 by rpki-client