Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/F8M54O5wll-yLxey7uvIxtXUF2s.roa
File: F8M54O5wll-yLxey7uvIxtXUF2s.roa (raw, json)
Hash identifier: CzG1Px07BMNstG1/2FWzPXBHxNra8Xo78zL25Hk6SX4=
Subject key identifier: 17:C3:39:E0:EE:70:96:5F:B2:2F:17:B2:EE:EB:C8:C6:D5:D4:17:6B
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 019CFCFEE725372178EA838A18433C10FD58
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/F8M54O5wll-yLxey7uvIxtXUF2s.roa
Signing time: Tue 17 Mar 2026 18:11:29 +0000
ROA not before: Tue 17 Mar 2026 18:11:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 30938
IP address blocks: 5.39.248.0/24 maxlen: 24
5.144.176.0/21 maxlen: 24
5.178.97.0/24 maxlen: 24
31.192.240.0/21 maxlen: 24
45.12.216.0/24 maxlen: 24
103.136.68.0/22 maxlen: 24
185.5.36.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Mar 2026 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:fc:fe:e7:25:37:21:78:ea:83:8a:18:43:3c:10:fd:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Mar 17 18:11:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=17c339e0ee70965fb22f17b2eeebc8c6d5d4176b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:7d:e0:ea:3a:17:f5:d4:ab:08:f8:e3:67:c1:
37:d3:f8:40:19:86:e4:51:ea:d7:10:dc:bc:0b:35:
58:e4:82:df:bc:f0:38:62:72:4b:7c:9f:33:4a:2e:
06:ef:9f:a2:0f:9d:38:85:e0:43:2c:23:3a:5e:9d:
a9:f2:55:70:55:3b:34:e8:45:fc:5d:f2:99:be:87:
5f:6b:c6:ac:f6:17:d5:ff:14:6b:f1:3a:21:cd:e8:
a4:86:b1:50:6c:16:e5:b2:56:db:30:e5:6e:5e:94:
9f:bf:58:34:47:7f:45:ed:35:d9:9c:65:b7:63:ed:
6d:ca:0a:83:8d:57:b6:b3:25:e9:16:05:f4:c7:ee:
3d:41:19:42:11:10:f2:ca:5b:f1:b6:12:47:51:71:
cf:0f:43:ad:8a:b0:8c:c3:3c:cf:a8:e5:ca:e6:9e:
2a:eb:8a:28:02:c2:85:7b:5a:e3:8b:25:10:2c:9a:
ad:01:29:12:12:86:32:1f:a7:6d:41:50:34:9b:75:
1d:80:f9:f8:21:c0:85:e6:08:89:04:68:e5:b8:51:
86:5b:b9:fb:cd:14:29:54:fe:bc:82:87:71:18:57:
87:4a:01:3e:c8:36:ec:ac:62:00:30:9e:1e:c7:bf:
60:44:12:1a:53:a4:c1:f0:f5:5e:89:28:e7:f1:d2:
b1:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:C3:39:E0:EE:70:96:5F:B2:2F:17:B2:EE:EB:C8:C6:D5:D4:17:6B
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/F8M54O5wll-yLxey7uvIxtXUF2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.248.0/24
5.144.176.0/21
5.178.97.0/24
31.192.240.0/21
45.12.216.0/24
103.136.68.0/22
185.5.36.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:f9:1f:2c:c0:c2:9d:2e:0c:46:67:5d:ba:ab:51:5e:b1:d0:
fc:57:34:21:3b:f5:7f:0b:9f:f8:b4:43:28:f1:f5:1b:e3:80:
8f:fc:a7:5d:9c:a4:49:51:b1:3b:d9:b9:2b:6f:68:12:b7:40:
ea:eb:61:99:96:f2:6a:c0:8a:4b:52:32:d9:41:06:b0:b1:b9:
54:6e:17:e9:04:ef:85:be:35:ee:de:78:32:e5:e8:92:f8:0c:
e8:99:be:a0:db:9d:7b:52:d7:8b:2e:3e:f7:45:15:96:1e:40:
4f:34:17:75:5f:81:34:e6:9b:e5:96:0d:49:be:75:df:cb:1a:
18:8b:f9:28:0a:f7:2b:61:15:a0:81:b4:03:8b:27:5a:63:5a:
28:11:d5:3f:6f:0b:64:74:cf:89:1e:e1:45:ec:9c:de:4c:fd:
96:f7:f6:60:e6:0f:04:9c:9c:34:e8:55:f2:da:bf:07:2b:e8:
7e:22:f2:18:ae:d1:5e:48:c8:a2:a1:97:f8:28:42:c5:4f:81:
e6:62:cb:37:f0:40:9b:2f:e5:10:29:7a:be:70:58:62:e6:d0:
7a:78:31:e3:ba:81:3d:48:12:bd:32:7a:30:00:c9:e2:94:97:
ba:4b:c3:66:f6:99:c1:19:4c:d2:cb:4a:d2:b5:ef:f0:59:ee:
31:79:9e:09
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZz8/uclNyF46oOKGEM8EP1YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjYwMzE3MTgxMTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2MzMzllMGVlNzA5NjVmYjIyZjE3YjJlZWViYzhjNmQ1ZDQxNzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0n3g6joX9dSrCPjjZ8E30/hAGYbk
UerXENy8CzVY5ILfvPA4YnJLfJ8zSi4G75+iD504heBDLCM6Xp2p8lVwVTs06EX8
XfKZvodfa8as9hfV/xRr8TohzeikhrFQbBblslbbMOVuXpSfv1g0R39F7TXZnGW3
Y+1tygqDjVe2syXpFgX0x+49QRlCERDyylvxthJHUXHPD0OtirCMwzzPqOXK5p4q
64ooAsKFe1rjiyUQLJqtASkSEoYyH6dtQVA0m3UdgPn4IcCF5giJBGjluFGGW7n7
zRQpVP68godxGFeHSgE+yDbsrGIAMJ4ex79gRBIaU6TB8PVeiSjn8dKxiwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBfDOeDucJZfsi8Xsu7ryMbV1BdrMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvRjhNNTRPNXdsbC15THhleTd1dkl4dFhVRjJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABSf4AwQD
BZCwAwQABbJhAwQDH8DwAwQALQzYAwQCZ4hEAwQCuQUkMA0GCSqGSIb3DQEBCwUA
A4IBAQB9+R8swMKdLgxGZ126q1FesdD8VzQhO/V/C5/4tEMo8fUb44CP/KddnKRJ
UbE72bkrb2gSt0Dq62GZlvJqwIpLUjLZQQawsblUbhfpBO+FvjXu3ngy5eiS+Azo
mb6g2517UteLLj73RRWWHkBPNBd1X4E05pvllg1JvnXfyxoYi/koCvcrYRWggbQD
iydaY1ooEdU/bwtkdM+JHuFF7JzeTP2W9/Zg5g8EnJw06FXy2r8HK+h+IvIYrtFe
SMiioZf4KELFT4HmYss38ECbL+UQKXq+cFhi5tB6eDHjuoE9SBK9MnowAMnilJe6
S8Nm9pnBGUzSy0rSte/wWe4xeZ4J
-----END CERTIFICATE-----
Generated at Fri Mar 27 10:03:39 2026 by rpki-client