Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/tgjKVgdreDgH98fm3mvdInCY-dE.roa
File: tgjKVgdreDgH98fm3mvdInCY-dE.roa (raw, json)
Hash identifier: PtWMSKCH02DrVmdm767GlTkBTh3rdD6dH4AcGww0wiA=
Subject key identifier: B6:08:CA:56:07:6B:78:38:07:F7:C7:E6:DE:6B:DD:22:70:98:F9:D1
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019CE5D780FC4B5A635B030C915988EA0263
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/tgjKVgdreDgH98fm3mvdInCY-dE.roa
Signing time: Fri 13 Mar 2026 06:17:11 +0000
ROA not before: Fri 13 Mar 2026 06:17:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213495
IP address blocks: 5.175.183.0/24 maxlen: 24
5.175.188.0/24 maxlen: 24
5.231.56.0/24 maxlen: 24
5.231.106.0/24 maxlen: 24
77.90.40.0/24 maxlen: 24
89.144.47.0/24 maxlen: 24
94.249.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e5:d7:80:fc:4b:5a:63:5b:03:0c:91:59:88:ea:02:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 13 06:17:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b608ca56076b783807f7c7e6de6bdd227098f9d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:bb:bc:c6:76:a4:4d:2b:a9:d7:30:e3:9d:15:
fb:1a:2b:38:87:d0:87:b5:7f:08:ca:56:97:ad:26:
5c:8c:f2:e1:d5:02:b6:30:54:a2:37:a6:11:cd:1c:
45:6c:c4:ef:9f:17:c0:27:c6:30:68:bc:7f:44:a3:
9d:01:a8:8f:97:5a:89:31:4e:cb:02:60:e8:48:81:
6f:dc:91:ec:00:73:b6:1d:17:ce:29:c6:6e:2a:12:
75:1f:28:9d:75:8d:6f:e9:81:0f:c5:4d:bc:5a:14:
ed:47:35:cd:fa:bc:08:88:b4:cc:de:a0:6f:00:c1:
6f:b1:e9:24:94:7c:72:04:92:dc:ed:ca:6e:c2:da:
31:67:40:99:35:d4:02:24:50:3f:15:8f:ac:58:f0:
c6:e9:1a:7e:8d:aa:8a:ab:09:de:8c:f7:0f:9d:07:
60:57:ae:34:3b:96:42:6d:22:9e:0c:62:0e:62:43:
53:e7:4d:33:da:f3:d6:0c:ae:1c:9c:ef:f9:71:65:
88:46:74:78:15:e8:3c:79:42:91:91:f2:0c:27:b1:
53:46:01:85:2f:4e:04:b9:60:ec:2b:90:75:bb:50:
5d:e0:d6:cc:b7:28:2a:f0:ad:80:4d:f4:d0:42:9e:
8f:c1:07:15:f2:75:54:d2:cf:53:08:33:67:1b:b1:
96:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:08:CA:56:07:6B:78:38:07:F7:C7:E6:DE:6B:DD:22:70:98:F9:D1
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/tgjKVgdreDgH98fm3mvdInCY-dE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.183.0/24
5.175.188.0/24
5.231.56.0/24
5.231.106.0/24
77.90.40.0/24
89.144.47.0/24
94.249.207.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:5f:58:d1:ec:83:65:78:fa:f3:93:ec:4c:5e:17:f8:47:c1:
e8:db:a0:4d:81:3d:c4:a4:4c:0f:ff:e0:22:a5:cb:f0:a6:82:
d5:74:fd:23:0a:1b:11:7e:da:15:4f:6b:23:06:ed:b3:63:80:
d7:61:a5:a4:18:eb:23:09:4f:c7:53:5f:31:76:60:53:b3:b9:
b8:8b:be:b4:15:6e:2c:e0:00:8b:99:29:d7:0f:3b:a6:67:4c:
3f:95:14:9c:71:f5:d6:7e:a3:7d:3b:07:f9:53:32:81:26:fc:
45:46:13:f7:9f:54:5c:7b:64:fd:2c:4b:a4:45:d3:fc:3c:d0:
5b:ae:32:d2:0f:9f:5a:2f:85:bc:ba:00:84:b8:0e:52:db:6a:
f3:1c:34:38:20:36:07:cf:d7:5f:6f:04:5b:48:fa:c8:5f:6e:
63:94:4b:01:4b:ba:bb:90:5f:a3:26:59:c3:d2:c2:5d:66:0e:
ae:ac:8c:d9:d6:52:39:16:6d:a0:fe:25:1b:55:37:17:39:74:
6e:a3:0e:80:d5:b3:dd:7b:4b:ff:48:bc:d7:0f:d4:13:73:0b:
ec:b4:10:bb:33:05:a6:63:c6:99:69:60:b2:d6:3c:fd:8e:a0:
0a:b4:29:4c:78:e5:6e:74:3e:f3:43:ca:44:20:eb:3a:d9:33:
c1:10:89:03
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZzl14D8S1pjWwMMkVmI6gJjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwMzEzMDYxNzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjA4Y2E1NjA3NmI3ODM4MDdmN2M3ZTZkZTZiZGQyMjcwOThmOWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Lu8xnakTSup1zDjnRX7Gis4h9CH
tX8IylaXrSZcjPLh1QK2MFSiN6YRzRxFbMTvnxfAJ8YwaLx/RKOdAaiPl1qJMU7L
AmDoSIFv3JHsAHO2HRfOKcZuKhJ1HyiddY1v6YEPxU28WhTtRzXN+rwIiLTM3qBv
AMFvsekklHxyBJLc7cpuwtoxZ0CZNdQCJFA/FY+sWPDG6Rp+jaqKqwnejPcPnQdg
V640O5ZCbSKeDGIOYkNT500z2vPWDK4cnO/5cWWIRnR4Feg8eUKRkfIMJ7FTRgGF
L04EuWDsK5B1u1Bd4NbMtygq8K2ATfTQQp6PwQcV8nVU0s9TCDNnG7GWrwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLYIylYHa3g4B/fH5t5r3SJwmPnRMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvdGdqS1ZnZHJlRGdIOThmbTNtdmRJbkNZLWRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABa+3AwQA
Ba+8AwQABec4AwQABedqAwQATVooAwQAWZAvAwQAXvnPMA0GCSqGSIb3DQEBCwUA
A4IBAQCNX1jR7INlePrzk+xMXhf4R8Ho26BNgT3EpEwP/+AipcvwpoLVdP0jChsR
ftoVT2sjBu2zY4DXYaWkGOsjCU/HU18xdmBTs7m4i760FW4s4ACLmSnXDzumZ0w/
lRSccfXWfqN9Owf5UzKBJvxFRhP3n1Rce2T9LEukRdP8PNBbrjLSD59aL4W8ugCE
uA5S22rzHDQ4IDYHz9dfbwRbSPrIX25jlEsBS7q7kF+jJlnD0sJdZg6urIzZ1lI5
Fm2g/iUbVTcXOXRuow6A1bPde0v/SLzXD9QTcwvstBC7MwWmY8aZaWCy1jz9jqAK
tClMeOVudD7zQ8pEIOs62TPBEIkD
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:13:15 2026 by rpki-client