Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/R5pzlcYLmm00OeDBY2AdET0Wb1k.roa
File: R5pzlcYLmm00OeDBY2AdET0Wb1k.roa (raw, json)
Hash identifier: xiJIdXt0KmJ/0CjuwN0kq1hka28S9GJuEKhJVLZ1i5s=
Subject key identifier: 47:9A:73:95:C6:0B:9A:6D:34:39:E0:C1:63:60:1D:11:3D:16:6F:59
Certificate issuer: /CN=be604ff35a29c91156be4bd229b3baf77c8397bd
Certificate serial: 019D06AB676295DC22B42ECF4147BDDDD2AD
Authority key identifier: BE:60:4F:F3:5A:29:C9:11:56:BE:4B:D2:29:B3:BA:F7:7C:83:97:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/R5pzlcYLmm00OeDBY2AdET0Wb1k.roa
Signing time: Thu 19 Mar 2026 15:16:29 +0000
ROA not before: Thu 19 Mar 2026 15:16:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215013
IP address blocks: 94.131.190.0/24 maxlen: 24
94.131.191.0/24 maxlen: 24
2a07:aa40:40::/48 maxlen: 48
2a07:aa40:41::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.mft
rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:06:ab:67:62:95:dc:22:b4:2e:cf:41:47:bd:dd:d2:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be604ff35a29c91156be4bd229b3baf77c8397bd
Validity
Not Before: Mar 19 15:16:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=479a7395c60b9a6d3439e0c163601d113d166f59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7d:05:56:60:b1:78:b3:62:49:03:12:40:79:
df:1b:85:a5:1e:3e:b9:ba:d8:bd:d0:dd:5a:56:eb:
ac:3b:c4:26:14:99:5b:0e:ef:38:0f:3e:cd:b0:d7:
d3:cf:03:32:ef:40:4a:51:b7:36:02:f5:70:49:cf:
ad:b6:b1:61:d8:de:4a:db:5c:a6:22:f7:e7:75:39:
64:e4:04:9c:cd:35:e2:b1:6e:b0:4e:ba:56:4f:0e:
c6:ef:f6:96:57:97:dd:d1:dd:7d:04:81:f4:c0:ed:
26:f7:a4:2b:5b:1a:7f:33:90:98:ef:e1:6b:7f:e5:
8e:b8:73:94:36:38:93:d1:31:79:c0:05:7b:38:bc:
be:ef:50:48:e3:33:32:47:c4:06:6c:ae:0d:7c:70:
9c:c6:c5:69:6f:a0:dd:4e:a4:62:65:a6:2d:32:4f:
37:58:5b:0d:d9:72:d9:aa:c7:a5:39:ba:d9:0d:93:
e9:4d:31:c5:ea:d2:3d:01:c2:e6:b5:55:7b:57:e6:
df:0e:d6:02:b1:55:24:45:a5:5d:d1:58:10:18:b8:
51:54:cc:89:6f:50:0a:4c:a8:6d:af:04:82:5f:5b:
b7:a4:56:b6:cb:66:18:70:4f:6b:86:4c:0b:de:c3:
b0:f2:bb:7c:bb:f8:da:87:bb:f0:f2:d3:2a:63:77:
78:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:9A:73:95:C6:0B:9A:6D:34:39:E0:C1:63:60:1D:11:3D:16:6F:59
X509v3 Authority Key Identifier:
keyid:BE:60:4F:F3:5A:29:C9:11:56:BE:4B:D2:29:B3:BA:F7:7C:83:97:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/R5pzlcYLmm00OeDBY2AdET0Wb1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.190.0/23
IPv6:
2a07:aa40:40::/47
Signature Algorithm: sha256WithRSAEncryption
57:fe:b9:b6:65:4f:7b:4b:f5:c7:9d:ab:2a:8f:ef:13:73:b9:
39:1a:1b:92:d0:e4:de:3a:4a:e3:f9:89:d2:a7:aa:f0:81:69:
65:da:63:ca:99:cc:32:10:9d:73:86:4d:a0:c1:b0:b8:a2:22:
7c:8a:46:9c:06:a6:66:e8:32:03:2d:93:0a:ac:7e:ba:78:ca:
a3:97:2f:77:e5:7a:b1:92:f3:db:a0:14:c0:85:8a:96:6b:cc:
28:8b:e3:d6:51:1b:96:8a:fc:e6:ef:f7:14:61:32:21:39:e0:
df:03:18:ef:79:68:e1:38:ef:15:bf:4b:4f:99:a6:c8:a4:8a:
6d:2a:a2:73:53:38:b7:d6:6e:b2:40:85:2e:98:15:4b:5c:cc:
e8:fe:7d:73:da:27:46:7e:d7:35:63:3d:5e:d2:57:7b:01:79:
32:19:bb:23:c0:c8:33:c2:ff:be:35:26:97:00:bd:86:e3:c1:
6a:c7:01:9a:34:04:71:a2:5e:ce:e3:b1:df:7f:6b:d9:d6:0a:
28:27:72:e5:d0:f9:5b:e1:d1:75:d0:c4:9d:b0:92:33:c4:13:
22:58:30:ee:09:61:b4:90:a8:f5:0a:e8:9a:cd:01:a0:2f:aa:
94:79:8b:e8:c9:f2:66:ea:cd:b1:2a:ce:04:33:69:48:6e:58:
bc:fb:6a:45
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZ0Gq2dildwitC7PQUe93dKtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNjA0ZmYzNWEyOWM5MTE1NmJlNGJkMjI5YjNiYWY3N2M4
Mzk3YmQwHhcNMjYwMzE5MTUxNjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzlhNzM5NWM2MGI5YTZkMzQzOWUwYzE2MzYwMWQxMTNkMTY2ZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn30FVmCxeLNiSQMSQHnfG4WlHj65
uti90N1aVuusO8QmFJlbDu84Dz7NsNfTzwMy70BKUbc2AvVwSc+ttrFh2N5K21ym
IvfndTlk5ASczTXisW6wTrpWTw7G7/aWV5fd0d19BIH0wO0m96QrWxp/M5CY7+Fr
f+WOuHOUNjiT0TF5wAV7OLy+71BI4zMyR8QGbK4NfHCcxsVpb6DdTqRiZaYtMk83
WFsN2XLZqselObrZDZPpTTHF6tI9AcLmtVV7V+bfDtYCsVUkRaVd0VgQGLhRVMyJ
b1AKTKhtrwSCX1u3pFa2y2YYcE9rhkwL3sOw8rt8u/jah7vw8tMqY3d4iwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEeac5XGC5ptNDngwWNgHRE9Fm9ZMB8GA1UdIwQY
MBaAFL5gT/NaKckRVr5L0imzuvd8g5e9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm1CUDgxb3B5UkZXdmt2U0tiTzY5M3lEbDcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lODQ5YmItMTMwNC00NGVhLTgzOGYt
MWEzOWMzZDM0ZjA4LzEvUjVwemxjWUxtbTAwT2VEQlkyQWRFVDBXYjFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lODQ5YmItMTMwNC00NGVhLTgzOGYtMWEzOWMzZDM0ZjA4
LzEvdm1CUDgxb3B5UkZXdmt2U0tiTzY5M3lEbDcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBXoO+MA8E
AgACMAkDBwEqB6pAAEAwDQYJKoZIhvcNAQELBQADggEBAFf+ubZlT3tL9cedqyqP
7xNzuTkaG5LQ5N46SuP5idKnqvCBaWXaY8qZzDIQnXOGTaDBsLiiInyKRpwGpmbo
MgMtkwqsfrp4yqOXL3flerGS89ugFMCFipZrzCiL49ZRG5aK/Obv9xRhMiE54N8D
GO95aOE47xW/S0+Zpsikim0qonNTOLfWbrJAhS6YFUtczOj+fXPaJ0Z+1zVjPV7S
V3sBeTIZuyPAyDPC/741JpcAvYbjwWrHAZo0BHGiXs7jsd9/a9nWCigncuXQ+Vvh
0XXQxJ2wkjPEEyJYMO4JYbSQqPUK6JrNAaAvqpR5i+jJ8mbqzbEqzgQzaUhuWLz7
akU=
-----END CERTIFICATE-----
Generated at Fri Mar 27 00:07:34 2026 by rpki-client