Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/054867-14d4-4922-bf5f-6ddcfac970f7/1/icsvsPk4BgefPyHE0hDTiLFDKGw.roa
File: icsvsPk4BgefPyHE0hDTiLFDKGw.roa (raw, json)
Hash identifier: qnFygNzFdqK6XGc7qG5bm8SL258f2hni6VplgwG1Klo=
Subject key identifier: 89:CB:2F:B0:F9:38:06:07:9F:3F:21:C4:D2:10:D3:88:B1:43:28:6C
Certificate issuer: /CN=1e1c2357e70b97d03ed70c3d688ce507c6758d54
Certificate serial: 019CDF361BB756DD1123A3199FED52F7BE60
Authority key identifier: 1E:1C:23:57:E7:0B:97:D0:3E:D7:0C:3D:68:8C:E5:07:C6:75:8D:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HhwjV-cLl9A-1ww9aIzlB8Z1jVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/054867-14d4-4922-bf5f-6ddcfac970f7/1/icsvsPk4BgefPyHE0hDTiLFDKGw.roa
Signing time: Wed 11 Mar 2026 23:23:11 +0000
ROA not before: Wed 11 Mar 2026 23:23:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 15493
IP address blocks: 5.1.48.0/24 maxlen: 24
5.1.49.0/24 maxlen: 24
5.1.50.0/24 maxlen: 24
5.1.51.0/24 maxlen: 24
5.1.52.0/24 maxlen: 24
5.1.54.0/24 maxlen: 24
77.242.96.0/20 maxlen: 24
77.242.96.0/24 maxlen: 24
77.242.98.0/24 maxlen: 24
77.242.99.0/24 maxlen: 24
77.242.105.0/24 maxlen: 24
77.242.107.0/24 maxlen: 24
77.242.108.0/24 maxlen: 24
77.242.109.0/24 maxlen: 24
77.242.110.0/24 maxlen: 24
77.242.111.0/24 maxlen: 24
80.91.16.0/20 maxlen: 24
80.91.16.0/24 maxlen: 24
80.91.17.0/24 maxlen: 24
80.91.18.0/24 maxlen: 24
80.91.19.0/24 maxlen: 24
80.91.20.0/24 maxlen: 24
80.91.21.0/24 maxlen: 24
80.91.22.0/24 maxlen: 24
80.91.23.0/24 maxlen: 24
80.91.25.0/24 maxlen: 24
80.91.26.0/24 maxlen: 24
80.91.27.0/24 maxlen: 24
80.91.28.0/24 maxlen: 24
80.91.29.0/24 maxlen: 24
91.203.36.0/24 maxlen: 24
91.203.39.0/24 maxlen: 24
178.236.208.0/20 maxlen: 24
178.236.210.0/24 maxlen: 24
178.236.211.0/24 maxlen: 24
178.236.212.0/24 maxlen: 24
178.236.213.0/24 maxlen: 24
178.236.214.0/24 maxlen: 24
178.236.215.0/24 maxlen: 24
178.236.216.0/24 maxlen: 24
178.236.217.0/24 maxlen: 24
178.236.218.0/24 maxlen: 24
178.236.221.0/24 maxlen: 24
178.236.222.0/24 maxlen: 24
178.236.223.0/24 maxlen: 24
185.11.4.0/23 maxlen: 24
185.11.4.0/24 maxlen: 24
185.11.5.0/24 maxlen: 24
185.11.6.0/23 maxlen: 24
185.11.6.0/24 maxlen: 24
217.116.48.0/20 maxlen: 24
217.116.48.0/24 maxlen: 24
217.116.49.0/24 maxlen: 24
217.116.50.0/24 maxlen: 24
217.116.51.0/24 maxlen: 24
217.116.52.0/24 maxlen: 24
217.116.53.0/24 maxlen: 24
217.116.54.0/24 maxlen: 24
217.116.55.0/24 maxlen: 24
217.116.56.0/24 maxlen: 24
217.116.57.0/24 maxlen: 24
217.116.58.0/24 maxlen: 24
217.116.59.0/24 maxlen: 24
217.116.60.0/24 maxlen: 24
217.116.61.0/24 maxlen: 24
217.116.62.0/24 maxlen: 24
217.116.63.0/24 maxlen: 24
2a02:dc00:1::/48 maxlen: 48
2a02:dc00:2::/48 maxlen: 48
2a02:dc00:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/054867-14d4-4922-bf5f-6ddcfac970f7/1/HhwjV-cLl9A-1ww9aIzlB8Z1jVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/054867-14d4-4922-bf5f-6ddcfac970f7/1/HhwjV-cLl9A-1ww9aIzlB8Z1jVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/HhwjV-cLl9A-1ww9aIzlB8Z1jVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:df:36:1b:b7:56:dd:11:23:a3:19:9f:ed:52:f7:be:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e1c2357e70b97d03ed70c3d688ce507c6758d54
Validity
Not Before: Mar 11 23:23:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=89cb2fb0f93806079f3f21c4d210d388b143286c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:db:23:f1:ba:88:a0:19:29:f3:3e:be:d1:23:
a3:e5:87:7b:03:f5:71:c7:be:0e:9d:c3:02:2b:bb:
eb:e4:94:f2:54:82:b6:a7:9b:d2:bf:a3:32:bb:88:
8e:9d:90:e6:6d:84:58:52:66:5b:12:6c:5a:18:91:
82:e2:87:ee:df:76:a2:28:1f:01:47:a5:29:38:64:
3e:b3:77:4a:03:52:f6:ea:21:20:cf:de:aa:45:cd:
9c:7b:ec:8e:e7:26:59:08:06:db:22:3b:db:27:ef:
36:e7:0b:7f:76:ca:ec:a8:bc:10:53:e3:99:c2:6b:
ec:97:eb:2c:dc:04:02:80:bd:1b:77:17:6d:ce:81:
ae:86:d6:b0:a2:ae:80:09:07:c2:94:8c:cf:c3:b1:
dd:6c:bf:7f:28:c5:90:ff:87:8e:39:e9:e2:0e:35:
42:8b:a9:9e:4c:f0:d6:aa:51:86:2f:cb:57:b2:58:
d9:13:2b:2c:5c:ff:23:80:d5:22:fa:ef:f7:2a:2e:
80:67:35:61:ba:f4:b4:8f:f5:42:8f:8c:0e:94:5e:
c4:03:70:96:01:31:4e:ac:58:1d:33:34:60:0a:7d:
1e:44:41:9a:51:9f:4a:ab:c2:e4:bf:83:3d:1b:38:
70:3f:73:73:93:9f:04:04:f6:b7:18:fc:54:2f:d3:
e4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:CB:2F:B0:F9:38:06:07:9F:3F:21:C4:D2:10:D3:88:B1:43:28:6C
X509v3 Authority Key Identifier:
keyid:1E:1C:23:57:E7:0B:97:D0:3E:D7:0C:3D:68:8C:E5:07:C6:75:8D:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhwjV-cLl9A-1ww9aIzlB8Z1jVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/054867-14d4-4922-bf5f-6ddcfac970f7/1/icsvsPk4BgefPyHE0hDTiLFDKGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/054867-14d4-4922-bf5f-6ddcfac970f7/1/HhwjV-cLl9A-1ww9aIzlB8Z1jVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.48.0-5.1.52.255
5.1.54.0/24
77.242.96.0/20
80.91.16.0/20
91.203.36.0/24
91.203.39.0/24
178.236.208.0/20
185.11.4.0/22
217.116.48.0/20
IPv6:
2a02:dc00:1::-2a02:dc00:2:ffff:ffff:ffff:ffff:ffff
2a02:dc00:100::/48
Signature Algorithm: sha256WithRSAEncryption
8a:81:28:cd:63:24:55:07:1d:34:18:f0:58:3b:46:e9:35:5b:
1f:5f:05:28:e9:cb:6f:b6:ff:41:dc:13:85:cb:9f:1b:0c:8f:
1d:94:a3:6a:9b:a5:0a:fa:0c:f6:d9:fc:72:ce:59:fb:9b:1e:
8c:a8:b0:15:43:50:47:ae:c1:76:c8:44:f9:ce:3c:54:7a:52:
14:c9:f2:4c:99:0a:1d:57:cb:5e:27:45:36:eb:23:3a:25:99:
42:df:c2:e3:e8:d5:d6:1e:4d:92:46:fc:de:a1:d0:80:c8:19:
54:6b:0d:98:99:6f:04:9b:ae:54:7c:0f:0b:75:9f:26:37:87:
50:5a:bf:45:61:4f:d5:52:d2:21:53:d4:b5:0c:00:10:bb:56:
72:12:eb:69:9c:f5:26:a7:fa:57:ef:54:aa:96:ee:65:8c:b7:
c7:5f:75:0d:e2:1b:40:0f:48:b8:ad:7c:ce:7c:0b:90:6a:f8:
79:c8:15:ce:50:11:95:b9:fc:78:ab:61:2c:2d:fd:c6:a4:a4:
9a:2c:70:6e:f4:76:04:d6:3f:e7:be:4c:2f:93:d5:86:e5:c0:
b0:f3:e0:0f:6b:c7:61:a4:65:60:ae:48:1b:4b:d8:e4:a8:a8:
05:f4:9f:38:71:db:1b:9e:e8:56:6e:0e:63:3b:04:5c:13:41:
32:9e:73:de
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZzfNhu3Vt0RI6MZn+1S975gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMWMyMzU3ZTcwYjk3ZDAzZWQ3MGMzZDY4OGNlNTA3YzY3
NThkNTQwHhcNMjYwMzExMjMyMzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWNiMmZiMGY5MzgwNjA3OWYzZjIxYzRkMjEwZDM4OGIxNDMyODZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNsj8bqIoBkp8z6+0SOj5Yd7A/Vx
x74OncMCK7vr5JTyVIK2p5vSv6Myu4iOnZDmbYRYUmZbEmxaGJGC4ofu33aiKB8B
R6UpOGQ+s3dKA1L26iEgz96qRc2ce+yO5yZZCAbbIjvbJ+825wt/dsrsqLwQU+OZ
wmvsl+ss3AQCgL0bdxdtzoGuhtawoq6ACQfClIzPw7HdbL9/KMWQ/4eOOeniDjVC
i6meTPDWqlGGL8tXsljZEyssXP8jgNUi+u/3Ki6AZzVhuvS0j/VCj4wOlF7EA3CW
ATFOrFgdMzRgCn0eREGaUZ9Kq8Lkv4M9GzhwP3Nzk58EBPa3GPxUL9PkSwIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFInLL7D5OAYHnz8hxNIQ04ixQyhsMB8GA1UdIwQY
MBaAFB4cI1fnC5fQPtcMPWiM5QfGdY1UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGh3alYtY0xsOUEtMXd3OWFJemxCOFoxalZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8wNTQ4NjctMTRkNC00OTIyLWJmNWYt
NmRkY2ZhYzk3MGY3LzEvaWNzdnNQazRCZ2VmUHlIRTBoRFRpTEZES0d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8wNTQ4NjctMTRkNC00OTIyLWJmNWYtNmRkY2ZhYzk3MGY3
LzEvSGh3alYtY0xsOUEtMXd3OWFJemxCOFoxalZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBEBAIAATA+MAwDBAQFATAD
BAAFATQDBAAFATYDBARN8mADBARQWxADBABbyyQDBABbyycDBASy7NADBAK5CwQD
BATZdDAwIwQCAAIwHTASAwcAKgLcAAABAwcAKgLcAAACAwcAKgLcAAEAMA0GCSqG
SIb3DQEBCwUAA4IBAQCKgSjNYyRVBx00GPBYO0bpNVsfXwUo6ctvtv9B3BOFy58b
DI8dlKNqm6UK+gz22fxyzln7mx6MqLAVQ1BHrsF2yET5zjxUelIUyfJMmQodV8te
J0U26yM6JZlC38Lj6NXWHk2SRvzeodCAyBlUaw2YmW8Em65UfA8LdZ8mN4dQWr9F
YU/VUtIhU9S1DAAQu1ZyEutpnPUmp/pX71Sqlu5ljLfHX3UN4htAD0i4rXzOfAuQ
avh5yBXOUBGVufx4q2EsLf3GpKSaLHBu9HYE1j/nvkwvk9WG5cCw8+APa8dhpGVg
rkgbS9jkqKgF9J84cdsbnuhWbg5jOwRcE0EynnPe
-----END CERTIFICATE-----
Generated at Fri Mar 27 00:27:06 2026 by rpki-client