Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/kPVG6cPLK385eUlMDmiAxXqbtx0.roa
File: kPVG6cPLK385eUlMDmiAxXqbtx0.roa (raw, json)
Hash identifier: UGNLinTxRLwxETzX3mC667ZG9nOC1HS2com0f+4zDag=
Subject key identifier: 90:F5:46:E9:C3:CB:2B:7F:39:79:49:4C:0E:68:80:C5:7A:9B:B7:1D
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019D037C986F5085FA19904F7BE4E5353865
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/kPVG6cPLK385eUlMDmiAxXqbtx0.roa
Signing time: Thu 19 Mar 2026 00:26:30 +0000
ROA not before: Thu 19 Mar 2026 00:26:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49581
IP address blocks: 5.231.26.0/24 maxlen: 24
5.231.242.0/24 maxlen: 24
89.106.69.0/24 maxlen: 24
89.106.71.0/24 maxlen: 24
94.249.230.0/24 maxlen: 24
2a02:2fc0:11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 06:18:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:03:7c:98:6f:50:85:fa:19:90:4f:7b:e4:e5:35:38:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 19 00:26:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=90f546e9c3cb2b7f3979494c0e6880c57a9bb71d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c6:a4:b9:a4:f3:33:81:fd:06:42:83:0f:c1:
35:b9:2c:b8:71:f2:6d:38:2e:23:88:47:34:02:00:
bb:d7:70:89:22:ab:7f:4a:0d:22:f1:5a:92:f4:2d:
06:c7:f1:3d:11:94:73:e6:ea:d7:71:17:66:c3:4d:
f9:91:bc:54:49:8c:a5:82:08:aa:93:b7:95:e5:30:
75:e2:05:ff:b9:ec:1f:e8:2e:b6:5b:d7:25:41:10:
86:cd:20:64:2a:98:2a:63:f5:15:f6:c0:73:2d:85:
19:71:70:75:ed:a2:72:0f:b6:4c:4d:9b:7c:e6:88:
90:ed:4f:43:81:5c:08:a0:0a:58:96:55:3b:f5:be:
65:e4:7d:d6:e6:40:e9:f9:66:6d:24:a1:56:d8:bb:
64:7a:8f:9d:36:7a:55:0d:19:7a:06:f8:32:76:be:
0b:1b:d0:74:93:c0:7a:82:b5:d8:ba:1e:53:85:9a:
0c:07:38:94:a0:08:d9:64:8a:22:a4:04:57:d8:2d:
e3:05:e8:51:fe:fb:d7:07:7f:8a:b8:d1:87:82:3e:
5f:36:19:7f:b1:9a:46:50:5d:40:58:15:54:38:4d:
64:ff:e7:dd:c8:c7:0d:64:ea:26:2f:0a:56:86:92:
7b:ba:40:4d:06:c3:a7:ed:56:f6:cb:94:5f:21:b0:
e0:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:F5:46:E9:C3:CB:2B:7F:39:79:49:4C:0E:68:80:C5:7A:9B:B7:1D
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/kPVG6cPLK385eUlMDmiAxXqbtx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.26.0/24
5.231.242.0/24
89.106.69.0/24
89.106.71.0/24
94.249.230.0/24
IPv6:
2a02:2fc0:11::/48
Signature Algorithm: sha256WithRSAEncryption
90:ca:95:4c:d0:9b:ca:b9:b9:37:0e:b1:7b:75:fd:db:a0:22:
4f:90:1b:c9:f2:9b:e7:a5:78:42:ac:dc:bd:75:04:8f:e4:b2:
84:44:ed:c3:fb:f0:06:97:86:73:02:b7:ac:d9:e1:d5:f5:33:
3f:33:20:ab:85:78:33:11:bb:bd:ed:34:0b:2a:bd:19:47:80:
8f:9e:94:64:09:51:6f:e0:f5:97:5b:64:43:02:1b:b3:8e:8d:
3d:6f:f5:a0:e4:e6:fb:10:0d:9d:c7:0f:2c:84:7e:78:44:54:
5c:0a:4c:ad:05:03:c9:5f:d4:f4:63:f6:da:73:e8:d3:f8:49:
23:d8:d7:59:9a:0b:79:c0:8a:80:60:42:b7:41:ec:c7:47:a3:
52:d5:16:86:27:37:3d:68:40:e2:87:81:d2:3a:cb:66:51:0d:
bc:1a:6f:aa:a3:37:d2:46:ed:f8:5d:4b:b5:c0:e0:e7:a6:88:
42:32:b3:46:b1:be:75:b4:a5:43:9a:5c:c6:01:9f:f3:3d:a3:
66:c6:96:af:fb:d9:0f:38:29:81:1e:1a:a7:73:18:ff:de:e2:
d9:ae:b9:e7:4a:66:96:a4:4f:d9:7f:5a:f7:23:ef:11:26:98:
b4:52:0a:0c:60:85:1e:a9:36:2a:f2:c1:83:bb:5b:ad:bf:e4:
16:89:87:e6
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZ0DfJhvUIX6GZBPe+TlNThlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwMzE5MDAyNjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGY1NDZlOWMzY2IyYjdmMzk3OTQ5NGMwZTY4ODBjNTdhOWJiNzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMakuaTzM4H9BkKDD8E1uSy4cfJt
OC4jiEc0AgC713CJIqt/Sg0i8VqS9C0Gx/E9EZRz5urXcRdmw035kbxUSYylggiq
k7eV5TB14gX/uewf6C62W9clQRCGzSBkKpgqY/UV9sBzLYUZcXB17aJyD7ZMTZt8
5oiQ7U9DgVwIoApYllU79b5l5H3W5kDp+WZtJKFW2Ltkeo+dNnpVDRl6Bvgydr4L
G9B0k8B6grXYuh5ThZoMBziUoAjZZIoipARX2C3jBehR/vvXB3+KuNGHgj5fNhl/
sZpGUF1AWBVUOE1k/+fdyMcNZOomLwpWhpJ7ukBNBsOn7Vb2y5RfIbDgRwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFJD1RunDyyt/OXlJTA5ogMV6m7cdMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEva1BWRzZjUExLMzg1ZVVsTURtaUF4WHFidHgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQABecaAwQA
BefyAwQAWWpFAwQAWWpHAwQAXvnmMA8EAgACMAkDBwAqAi/AABEwDQYJKoZIhvcN
AQELBQADggEBAJDKlUzQm8q5uTcOsXt1/dugIk+QG8nym+eleEKs3L11BI/ksoRE
7cP78AaXhnMCt6zZ4dX1Mz8zIKuFeDMRu73tNAsqvRlHgI+elGQJUW/g9ZdbZEMC
G7OOjT1v9aDk5vsQDZ3HDyyEfnhEVFwKTK0FA8lf1PRj9tpz6NP4SSPY11maC3nA
ioBgQrdB7MdHo1LVFoYnNz1oQOKHgdI6y2ZRDbwab6qjN9JG7fhdS7XA4OemiEIy
s0axvnW0pUOaXMYBn/M9o2bGlq/72Q84KYEeGqdzGP/e4tmuuedKZpakT9l/Wvcj
7xEmmLRSCgxghR6pNirywYO7W62/5BaJh+Y=
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:04:24 2026 by rpki-client