Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/l5RDKpATTQ84v4ze9nOyrm-D2JQ.roa
File: l5RDKpATTQ84v4ze9nOyrm-D2JQ.roa (raw, json)
Hash identifier: piUrQ5KlinsVw8wD3PyCL+U42E4J1cOA4jhvyBneEJE=
Subject key identifier: 97:94:43:2A:90:13:4D:0F:38:BF:8C:DE:F6:73:B2:AE:6F:83:D8:94
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 019DF2D1CE560B5C17D14A15EE58BD28EF00
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/l5RDKpATTQ84v4ze9nOyrm-D2JQ.roa
Signing time: Mon 04 May 2026 11:48:49 +0000
ROA not before: Mon 04 May 2026 11:48:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 5650
IP address blocks: 64.43.104.0/22 maxlen: 22
64.43.112.0/22 maxlen: 22
64.43.124.0/22 maxlen: 22
77.36.120.0/22 maxlen: 22
176.102.124.0/22 maxlen: 22
176.116.232.0/22 maxlen: 22
178.212.184.0/21 maxlen: 21
178.212.184.0/22 maxlen: 22
178.212.188.0/22 maxlen: 22
185.55.4.0/22 maxlen: 22
185.55.4.0/23 maxlen: 23
185.55.6.0/23 maxlen: 23
185.55.140.0/22 maxlen: 22
185.55.140.0/23 maxlen: 23
185.55.142.0/23 maxlen: 23
193.36.204.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f2:d1:ce:56:0b:5c:17:d1:4a:15:ee:58:bd:28:ef:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: May 4 11:48:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9794432a90134d0f38bf8cdef673b2ae6f83d894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7e:d8:9f:6f:c6:b2:a8:3b:f2:3f:68:31:c4:
f1:47:ef:c1:8c:29:05:7b:fc:88:9b:fa:fe:e5:20:
61:83:96:06:b3:6c:dd:bb:b6:c0:cd:57:97:dc:83:
6a:5c:84:31:40:85:60:35:dc:e3:5b:56:e4:eb:8f:
27:33:25:50:20:2a:b4:ef:df:dc:be:22:20:42:86:
16:f4:6a:5e:fc:c9:53:6a:8f:de:91:e5:33:4b:35:
c0:0f:48:e9:e0:1e:14:c4:c9:84:03:9d:88:04:26:
bf:fa:5b:bb:78:9a:8c:f8:02:16:8e:3a:20:63:6b:
8d:4e:9f:5f:35:9a:b8:fa:c3:b5:36:0f:f9:0d:91:
0e:88:71:3b:05:a8:f5:40:b2:2a:aa:11:38:39:a7:
98:61:cc:bc:5a:d8:5b:f8:c8:f6:5c:9a:fc:36:a6:
0d:59:8b:85:80:28:d3:d2:5f:82:55:4d:24:7d:a6:
ef:5c:cb:31:3f:45:d3:e2:9c:72:b6:1c:d1:2c:78:
70:38:01:3d:30:f4:fa:df:13:33:b4:12:b9:61:c0:
8e:6d:f3:dc:60:c1:88:31:e3:89:d2:71:0d:45:b3:
be:d6:5b:49:16:1d:b0:e2:2a:ba:35:6d:97:81:38:
72:80:d4:af:ac:21:f9:cc:16:e3:6c:08:c1:df:1d:
01:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:94:43:2A:90:13:4D:0F:38:BF:8C:DE:F6:73:B2:AE:6F:83:D8:94
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/l5RDKpATTQ84v4ze9nOyrm-D2JQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.104.0/22
64.43.112.0/22
64.43.124.0/22
77.36.120.0/22
176.102.124.0/22
176.116.232.0/22
178.212.184.0/21
185.55.4.0/22
185.55.140.0/22
193.36.204.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:1f:d0:41:b7:64:93:6f:c4:e1:b4:81:1a:b4:c2:82:b5:11:
6e:37:27:e4:6d:7b:e0:bd:a1:bd:c7:c0:40:58:09:53:b3:93:
5f:d3:f9:a3:16:21:c3:d2:c5:09:af:3a:5a:1c:d0:29:d0:44:
3b:c8:57:aa:3c:6e:d2:df:fe:c3:07:22:bb:73:5b:a5:9b:bc:
fb:ec:08:d3:31:49:e8:4c:d9:1c:f0:8d:af:be:ac:43:87:26:
0c:c1:93:7d:6d:e0:e9:8f:5e:de:cb:ae:99:d7:ae:36:23:d3:
d9:2a:c0:62:1c:d2:9c:91:cd:fd:2d:ed:06:31:f4:c3:81:e0:
16:6b:5b:29:38:2a:6e:05:b3:69:ec:f4:df:21:87:af:a8:83:
f5:0b:99:c0:42:a3:3d:07:c7:24:68:fc:89:27:e7:eb:9d:22:
f3:2e:a0:10:82:3d:45:e2:9a:2f:05:3a:cd:6f:87:27:77:5c:
f2:27:fb:1d:db:a8:19:6b:5b:1a:2c:a4:83:83:f2:f1:1a:48:
61:75:d1:72:e3:88:e1:82:32:ce:81:b6:f2:cd:5e:f5:97:3f:
e0:3f:e9:1b:fb:86:54:b5:0c:e8:55:71:7e:27:33:72:c4:b6:
00:84:48:c5:a2:9c:e6:ee:36:ce:59:a3:aa:0f:1a:49:0d:d6:
03:be:3e:4a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZ3y0c5WC1wX0UoV7li9KO8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjYwNTA0MTE0ODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Nzk0NDMyYTkwMTM0ZDBmMzhiZjhjZGVmNjczYjJhZTZmODNkODk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw37Yn2/Gsqg78j9oMcTxR+/BjCkF
e/yIm/r+5SBhg5YGs2zdu7bAzVeX3INqXIQxQIVgNdzjW1bk648nMyVQICq079/c
viIgQoYW9Gpe/MlTao/ekeUzSzXAD0jp4B4UxMmEA52IBCa/+lu7eJqM+AIWjjog
Y2uNTp9fNZq4+sO1Ng/5DZEOiHE7Baj1QLIqqhE4OaeYYcy8Wthb+Mj2XJr8NqYN
WYuFgCjT0l+CVU0kfabvXMsxP0XT4pxythzRLHhwOAE9MPT63xMztBK5YcCObfPc
YMGIMeOJ0nENRbO+1ltJFh2w4iq6NW2XgThygNSvrCH5zBbjbAjB3x0BiwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFJeUQyqQE00POL+M3vZzsq5vg9iUMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvbDVSREtwQVRUUTg0djR6ZTluT3lybS1EMkpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCQCtoAwQC
QCtwAwQCQCt8AwQCTSR4AwQCsGZ8AwQCsHToAwQDstS4AwQCuTcEAwQCuTeMAwQC
wSTMMA0GCSqGSIb3DQEBCwUAA4IBAQAcH9BBt2STb8ThtIEatMKCtRFuNyfkbXvg
vaG9x8BAWAlTs5Nf0/mjFiHD0sUJrzpaHNAp0EQ7yFeqPG7S3/7DByK7c1ulm7z7
7AjTMUnoTNkc8I2vvqxDhyYMwZN9beDpj17ey66Z1642I9PZKsBiHNKckc39Le0G
MfTDgeAWa1spOCpuBbNp7PTfIYevqIP1C5nAQqM9B8ckaPyJJ+frnSLzLqAQgj1F
4povBTrNb4cnd1zyJ/sd26gZa1saLKSDg/LxGkhhddFy44jhgjLOgbbyzV71lz/g
P+kb+4ZUtQzoVXF+JzNyxLYAhEjFopzm7jbOWaOqDxpJDdYDvj5K
-----END CERTIFICATE-----
Generated at Wed May 13 04:19:26 2026 by rpki-client