Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/fe9d1d-4ade-4630-8aba-f8f0c7d662e7/1/74ri5VAPtEYbIFkUAco_bEsQJuU.roa
File: 74ri5VAPtEYbIFkUAco_bEsQJuU.roa (raw, json)
Hash identifier: qeWg+Tm7I22u7C/UPCp+9dWadkKcRINiEEPtWLne4Dk=
Subject key identifier: EF:8A:E2:E5:50:0F:B4:46:1B:20:59:14:01:CA:3F:6C:4B:10:26:E5
Certificate issuer: /CN=3edf7b2d68ba76a0bd1ba7e9d29fac5852316b9c
Certificate serial: 019DBE70A577EF7ACAF9FD0BE6FD1B0902BA
Authority key identifier: 3E:DF:7B:2D:68:BA:76:A0:BD:1B:A7:E9:D2:9F:AC:58:52:31:6B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pt97LWi6dqC9G6fp0p-sWFIxa5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/fe9d1d-4ade-4630-8aba-f8f0c7d662e7/1/74ri5VAPtEYbIFkUAco_bEsQJuU.roa
Signing time: Fri 24 Apr 2026 07:42:26 +0000
ROA not before: Fri 24 Apr 2026 07:42:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51420
IP address blocks: 109.164.64.0/19 maxlen: 19
109.164.64.0/20 maxlen: 20
109.164.80.0/20 maxlen: 20
109.164.83.0/24 maxlen: 24
109.164.84.0/24 maxlen: 24
109.164.85.0/24 maxlen: 24
109.164.87.0/24 maxlen: 24
109.164.88.0/24 maxlen: 24
109.164.89.0/24 maxlen: 24
109.164.90.0/24 maxlen: 24
109.164.91.0/24 maxlen: 24
109.164.92.0/24 maxlen: 24
109.164.93.0/24 maxlen: 24
109.164.94.0/24 maxlen: 24
109.164.95.0/24 maxlen: 24
109.164.96.0/23 maxlen: 23
109.164.96.0/24 maxlen: 24
109.164.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/fe9d1d-4ade-4630-8aba-f8f0c7d662e7/1/Pt97LWi6dqC9G6fp0p-sWFIxa5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/fe9d1d-4ade-4630-8aba-f8f0c7d662e7/1/Pt97LWi6dqC9G6fp0p-sWFIxa5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pt97LWi6dqC9G6fp0p-sWFIxa5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 10:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:be:70:a5:77:ef:7a:ca:f9:fd:0b:e6:fd:1b:09:02:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3edf7b2d68ba76a0bd1ba7e9d29fac5852316b9c
Validity
Not Before: Apr 24 07:42:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ef8ae2e5500fb4461b20591401ca3f6c4b1026e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:4e:71:37:47:e6:f6:7e:85:31:17:13:cf:96:
37:17:98:4b:a4:76:fe:11:48:c2:51:cf:83:8e:1c:
5d:1a:b1:7a:4b:a5:57:80:fe:89:7c:6b:e7:c2:92:
26:9e:a1:64:e4:f4:23:96:d5:3a:fc:a7:9f:28:04:
12:07:c1:ec:51:e9:57:b7:80:e9:e1:79:fc:fe:de:
a5:01:7a:74:48:58:15:31:95:c5:54:94:f9:c1:39:
da:76:40:d5:6d:0d:78:20:1f:66:9b:86:0d:3b:c1:
9b:8c:f0:04:10:8c:5f:32:68:1d:bc:13:0f:34:70:
ae:56:f0:47:04:b5:cc:6f:8f:bd:c6:a9:29:8f:d1:
f9:b5:06:d4:9c:b7:49:90:94:36:e3:ea:a7:11:51:
ad:9f:0d:6e:80:7b:fe:90:71:20:ec:c6:f4:1c:8a:
b2:16:34:94:3d:dd:53:30:ef:89:f2:71:2c:58:43:
85:95:28:25:9d:fc:68:8e:5c:33:dc:b2:ba:9f:5f:
e5:4b:dd:63:b5:fc:33:ed:a6:24:c9:29:09:df:18:
c7:12:38:1b:43:1b:a9:eb:56:24:20:50:71:f7:85:
7c:9c:42:ce:28:46:3e:15:09:a0:6b:ba:cb:59:f3:
a9:70:d8:b8:65:f7:29:6f:e5:5d:b0:39:51:c5:16:
23:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:8A:E2:E5:50:0F:B4:46:1B:20:59:14:01:CA:3F:6C:4B:10:26:E5
X509v3 Authority Key Identifier:
keyid:3E:DF:7B:2D:68:BA:76:A0:BD:1B:A7:E9:D2:9F:AC:58:52:31:6B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pt97LWi6dqC9G6fp0p-sWFIxa5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/fe9d1d-4ade-4630-8aba-f8f0c7d662e7/1/74ri5VAPtEYbIFkUAco_bEsQJuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/fe9d1d-4ade-4630-8aba-f8f0c7d662e7/1/Pt97LWi6dqC9G6fp0p-sWFIxa5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.164.64.0-109.164.97.255
Signature Algorithm: sha256WithRSAEncryption
6b:b3:9d:06:12:54:05:60:fb:16:8a:22:21:2d:a3:24:43:7c:
ff:37:ee:7c:81:10:a8:a9:f5:e3:ea:36:0d:6e:fa:56:b9:4d:
cd:ad:f8:ee:29:c8:ea:54:1d:4a:e2:b9:53:e4:aa:59:00:8c:
8e:7c:27:f8:cb:c0:53:f8:98:45:8d:22:af:3c:0b:58:42:a1:
f7:1f:ac:50:25:c5:4d:d7:cf:63:ac:87:62:73:71:1f:a2:79:
39:95:9b:bc:ab:79:16:b4:a6:3d:e4:97:35:c7:1d:51:90:c0:
92:5a:6c:3b:74:45:af:a7:af:00:bf:3e:27:48:0d:66:8a:b4:
72:09:c3:86:77:8e:8e:97:67:c9:e9:c0:d1:01:ee:4e:b5:7d:
e6:ed:ad:4a:e3:b6:d7:a3:7b:e1:95:bd:79:b3:e5:0c:5e:d7:
ed:4a:b5:a2:fe:21:08:c9:46:d3:e8:92:33:a7:2c:65:4d:de:
e6:12:5c:f2:52:d2:ad:7b:cd:f9:26:79:d0:c1:15:a4:a6:49:
77:38:8d:7c:6d:c8:4d:7d:99:82:7d:5c:83:23:a6:57:ea:dd:
57:6b:3b:bd:f5:ec:a2:76:12:af:45:d1:38:5d:da:1b:3f:a9:
81:87:46:9f:68:1d:7e:30:8b:c7:de:15:ec:64:28:75:eb:8c:
9e:28:2d:34
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZ2+cKV373rK+f0L5v0bCQK6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZGY3YjJkNjhiYTc2YTBiZDFiYTdlOWQyOWZhYzU4NTIz
MTZiOWMwHhcNMjYwNDI0MDc0MjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjhhZTJlNTUwMGZiNDQ2MWIyMDU5MTQwMWNhM2Y2YzRiMTAyNmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArk5xN0fm9n6FMRcTz5Y3F5hLpHb+
EUjCUc+DjhxdGrF6S6VXgP6JfGvnwpImnqFk5PQjltU6/KefKAQSB8HsUelXt4Dp
4Xn8/t6lAXp0SFgVMZXFVJT5wTnadkDVbQ14IB9mm4YNO8GbjPAEEIxfMmgdvBMP
NHCuVvBHBLXMb4+9xqkpj9H5tQbUnLdJkJQ24+qnEVGtnw1ugHv+kHEg7Mb0HIqy
FjSUPd1TMO+J8nEsWEOFlSglnfxojlwz3LK6n1/lS91jtfwz7aYkySkJ3xjHEjgb
Qxup61YkIFBx94V8nELOKEY+FQmga7rLWfOpcNi4Zfcpb+VdsDlRxRYj8QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFO+K4uVQD7RGGyBZFAHKP2xLECblMB8GA1UdIwQY
MBaAFD7fey1ounagvRun6dKfrFhSMWucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHQ5N0xXaTZkcUM5RzZmcDBwLXNXRkl4YTV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9mZTlkMWQtNGFkZS00NjMwLThhYmEt
ZjhmMGM3ZDY2MmU3LzEvNzRyaTVWQVB0RVliSUZrVUFjb19iRXNRSnVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9mZTlkMWQtNGFkZS00NjMwLThhYmEtZjhmMGM3ZDY2MmU3
LzEvUHQ5N0xXaTZkcUM5RzZmcDBwLXNXRkl4YTV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAZtpEAD
BAFtpGAwDQYJKoZIhvcNAQELBQADggEBAGuznQYSVAVg+xaKIiEtoyRDfP837nyB
EKip9ePqNg1u+la5Tc2t+O4pyOpUHUriuVPkqlkAjI58J/jLwFP4mEWNIq88C1hC
ofcfrFAlxU3Xz2Osh2JzcR+ieTmVm7yreRa0pj3klzXHHVGQwJJabDt0Ra+nrwC/
PidIDWaKtHIJw4Z3jo6XZ8npwNEB7k61febtrUrjtteje+GVvXmz5Qxe1+1KtaL+
IQjJRtPokjOnLGVN3uYSXPJS0q17zfkmedDBFaSmSXc4jXxtyE19mYJ9XIMjplfq
3VdrO7317KJ2Eq9F0Thd2hs/qYGHRp9oHX4wi8feFexkKHXrjJ4oLTQ=
-----END CERTIFICATE-----
Generated at Wed May 13 19:33:08 2026 by rpki-client