Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/5Ql1DuHvDbOT4tt9jPjY3Yj4dk4.roa
File: 5Ql1DuHvDbOT4tt9jPjY3Yj4dk4.roa (raw, json)
Hash identifier: IaK+6glbfLn675Ana2ZWNnz6fJPNT0v9FztBnnlAGxw=
Subject key identifier: E5:09:75:0E:E1:EF:0D:B3:93:E2:DB:7D:8C:F8:D8:DD:88:F8:76:4E
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 019D1FAA2AC2ACD2A76208DB0FAC169C2DF4
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/5Ql1DuHvDbOT4tt9jPjY3Yj4dk4.roa
Signing time: Tue 24 Mar 2026 11:45:38 +0000
ROA not before: Tue 24 Mar 2026 11:45:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 109.229.223.0/24 maxlen: 24
185.253.61.0/24 maxlen: 24
213.110.68.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.mft
rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1f:aa:2a:c2:ac:d2:a7:62:08:db:0f:ac:16:9c:2d:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Mar 24 11:45:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e509750ee1ef0db393e2db7d8cf8d8dd88f8764e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:50:94:da:5b:08:d1:d5:42:23:0c:90:90:5b:
29:9d:a0:c9:7f:9b:9a:16:41:99:b4:94:a7:17:0b:
77:6d:fa:87:79:dc:c8:8c:b6:62:fb:f0:45:66:64:
01:36:8a:02:2c:f1:31:e7:85:68:30:1c:6d:a2:b5:
dc:fa:e0:5c:8e:43:27:85:34:d9:22:e5:9f:55:99:
ba:56:d7:a2:70:6c:99:00:b0:fb:ed:90:7d:f8:b3:
3c:9e:1e:ae:20:63:96:90:ff:b5:a1:c3:cc:1c:d5:
fd:c7:21:43:0e:62:b7:d7:51:a2:e9:b6:3c:e0:05:
d8:69:04:fd:c3:d4:59:14:c9:62:aa:12:78:da:35:
80:07:85:e6:24:74:c9:91:33:01:43:bd:f1:7c:75:
fe:37:0d:21:33:97:4f:98:f9:38:9d:40:e2:6e:da:
35:9f:bd:81:17:f1:bc:f7:bb:ba:39:16:5f:06:0c:
02:b7:19:7e:b3:2a:2c:b0:17:19:ec:9e:91:a9:8e:
b4:b8:b8:cf:5b:e6:46:42:51:38:60:5b:10:b3:ec:
c5:72:05:b5:a5:a0:91:ce:83:38:5b:27:a4:99:5b:
a2:e3:e7:6c:19:6f:ac:c7:94:84:9d:8b:df:75:a3:
d6:64:ef:24:83:dc:ba:cc:d0:2a:6a:fa:df:e0:fd:
29:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:09:75:0E:E1:EF:0D:B3:93:E2:DB:7D:8C:F8:D8:DD:88:F8:76:4E
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/5Ql1DuHvDbOT4tt9jPjY3Yj4dk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.229.223.0/24
185.253.61.0/24
213.110.68.0/22
Signature Algorithm: sha256WithRSAEncryption
62:bc:27:ea:b0:ce:6a:79:b9:1b:b6:f3:1f:5a:e1:be:e9:36:
2c:5c:e6:26:43:8d:a6:11:a0:da:cc:03:04:cb:94:1b:02:39:
f3:53:6d:fd:ce:ae:c0:a9:38:46:54:2e:90:38:3d:db:18:f8:
d5:1d:18:ff:6e:22:8a:ff:dc:87:33:07:1f:47:0c:2e:63:37:
3a:ca:e4:1b:97:f0:f0:7c:f8:9c:1f:dc:d8:c8:8b:15:b8:32:
96:75:7e:b8:66:0c:2f:ef:13:0f:48:4c:32:15:88:4d:b8:88:
4a:f3:b4:73:1a:f3:6d:11:97:d0:8c:b9:b5:49:6e:4c:4d:d3:
da:6f:46:1f:43:8b:e3:ce:a2:6e:51:ea:d5:4e:63:ec:af:50:
f5:29:c5:47:a8:48:2d:03:4e:b2:30:cf:a8:b2:ee:93:92:c6:
e8:09:b6:57:3a:d9:54:ff:d9:59:df:ff:9b:42:52:31:27:e0:
06:5b:49:bf:10:85:9a:03:e4:3f:fa:6b:93:1b:7e:7c:c6:2e:
fe:38:d4:45:96:47:34:45:a3:12:cd:3a:33:5e:71:53:ed:53:
75:9e:e4:bf:3d:a9:ee:50:2c:b5:d3:f3:3a:07:c9:2f:ca:e8:
ed:a1:f3:5d:72:27:e0:6d:1f:d1:e6:01:b0:e3:b6:fd:2a:94:
f6:c5:61:9b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ0fqirCrNKnYgjbD6wWnC30MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4
ZjY2Y2MwHhcNMjYwMzI0MTE0NTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTA5NzUwZWUxZWYwZGIzOTNlMmRiN2Q4Y2Y4ZDhkZDg4Zjg3NjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVCU2lsI0dVCIwyQkFspnaDJf5ua
FkGZtJSnFwt3bfqHedzIjLZi+/BFZmQBNooCLPEx54VoMBxtorXc+uBcjkMnhTTZ
IuWfVZm6VteicGyZALD77ZB9+LM8nh6uIGOWkP+1ocPMHNX9xyFDDmK311Gi6bY8
4AXYaQT9w9RZFMliqhJ42jWAB4XmJHTJkTMBQ73xfHX+Nw0hM5dPmPk4nUDibto1
n72BF/G897u6ORZfBgwCtxl+syossBcZ7J6RqY60uLjPW+ZGQlE4YFsQs+zFcgW1
paCRzoM4WyekmVui4+dsGW+sx5SEnYvfdaPWZO8kg9y6zNAqavrf4P0p4wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOUJdQ7h7w2zk+LbfYz42N2I+HZOMB8GA1UdIwQY
MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt
YTFiOTZiOWI3MGY4LzEvNVFsMUR1SHZEYk9UNHR0OWpQalkzWWo0ZGs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEtYTFiOTZiOWI3MGY4
LzEvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbeXfAwQA
uf09AwQC1W5EMA0GCSqGSIb3DQEBCwUAA4IBAQBivCfqsM5qebkbtvMfWuG+6TYs
XOYmQ42mEaDazAMEy5QbAjnzU239zq7AqThGVC6QOD3bGPjVHRj/biKK/9yHMwcf
RwwuYzc6yuQbl/DwfPicH9zYyIsVuDKWdX64Zgwv7xMPSEwyFYhNuIhK87RzGvNt
EZfQjLm1SW5MTdPab0YfQ4vjzqJuUerVTmPsr1D1KcVHqEgtA06yMM+osu6Tksbo
CbZXOtlU/9lZ3/+bQlIxJ+AGW0m/EIWaA+Q/+muTG358xi7+ONRFlkc0RaMSzToz
XnFT7VN1nuS/PanuUCy10/M6B8kvyujtofNdcifgbR/R5gGw47b9KpT2xWGb
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:37:22 2026 by rpki-client