Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/5Rn1RAOss5QRo2nXIX6C-Rbfd9o.roa
File: 5Rn1RAOss5QRo2nXIX6C-Rbfd9o.roa (raw, json)
Hash identifier: FiZwjSG8YgcEqrITJJIdRm7Vzqa1sJ3XlnJTDKYCv2g=
Subject key identifier: E5:19:F5:44:03:AC:B3:94:11:A3:69:D7:21:7E:82:F9:16:DF:77:DA
Certificate issuer: /CN=b62d4cec783305923e3497ed884f1c445b4e78fb
Certificate serial: 019D25B2A8B4B7826F76DB86B653E11D5568
Authority key identifier: B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/5Rn1RAOss5QRo2nXIX6C-Rbfd9o.roa
Signing time: Wed 25 Mar 2026 15:52:38 +0000
ROA not before: Wed 25 Mar 2026 15:52:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44901
IP address blocks: 46.253.4.0/24 maxlen: 24
91.92.247.0/24 maxlen: 24
91.132.60.0/24 maxlen: 24
91.132.61.0/24 maxlen: 24
91.132.62.0/24 maxlen: 24
91.132.63.0/24 maxlen: 24
93.94.140.0/24 maxlen: 24
93.94.142.0/24 maxlen: 24
95.169.196.0/24 maxlen: 24
95.169.202.0/24 maxlen: 24
185.1.156.0/24 maxlen: 24
185.7.219.0/24 maxlen: 24
185.243.212.0/24 maxlen: 24
185.243.213.0/24 maxlen: 24
2a09:be80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ti1M7HgzBZI-NJftiE8cRFtOePs.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ti1M7HgzBZI-NJftiE8cRFtOePs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:b2:a8:b4:b7:82:6f:76:db:86:b6:53:e1:1d:55:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b62d4cec783305923e3497ed884f1c445b4e78fb
Validity
Not Before: Mar 25 15:52:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e519f54403acb39411a369d7217e82f916df77da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:de:35:65:af:de:02:83:5b:22:54:78:d5:08:
c5:2e:06:5b:2d:5c:3d:ca:f1:0b:12:26:fd:8c:8f:
17:79:1f:80:de:a3:4a:e8:d9:4e:96:27:54:27:e2:
92:9f:c7:8f:2f:0c:b0:e6:97:48:f0:71:0e:00:ed:
84:ed:88:06:59:52:50:aa:07:ba:90:5e:36:56:24:
f8:4b:47:77:a1:dd:10:47:f4:7f:de:54:20:a7:c6:
0a:2b:40:d0:b3:2d:ad:c1:60:9e:2e:da:0f:10:c1:
43:fc:27:f2:a4:20:b2:21:5d:7f:46:24:46:a9:63:
0c:04:2c:15:91:04:d3:93:f1:ac:e4:90:7f:d1:b2:
99:b9:7f:34:81:0b:6f:d2:18:2f:8b:4d:9c:70:22:
b0:82:76:90:a1:7c:37:13:17:9b:e3:50:2c:9d:2e:
4e:f3:c5:e1:5a:1d:f4:d4:7c:13:6d:07:07:42:ee:
31:8d:92:8f:c6:19:bd:db:d4:00:34:aa:8b:cf:9f:
5a:33:a3:7d:63:ae:d7:90:d1:50:8d:69:d0:e5:f5:
d9:f2:f9:53:7d:76:50:cb:7c:d6:76:c4:ed:76:dd:
16:6d:c2:c5:1b:60:48:3a:1a:8e:26:3e:57:fc:19:
6b:48:07:6f:34:0c:87:5d:49:35:3f:f8:01:aa:02:
be:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:19:F5:44:03:AC:B3:94:11:A3:69:D7:21:7E:82:F9:16:DF:77:DA
X509v3 Authority Key Identifier:
keyid:B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/5Rn1RAOss5QRo2nXIX6C-Rbfd9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ti1M7HgzBZI-NJftiE8cRFtOePs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.4.0/24
91.92.247.0/24
91.132.60.0/22
93.94.140.0/24
93.94.142.0/24
95.169.196.0/24
95.169.202.0/24
185.1.156.0/24
185.7.219.0/24
185.243.212.0/23
IPv6:
2a09:be80::/32
Signature Algorithm: sha256WithRSAEncryption
49:29:5f:e4:56:e9:27:30:04:86:c7:1a:07:61:06:49:ff:c2:
c5:b8:61:b5:6e:5b:b3:50:7c:62:d1:56:0d:3f:69:81:46:45:
7f:e7:eb:5a:78:9a:fa:e0:6a:31:29:ac:75:f2:fb:a1:e1:5b:
1c:1a:a0:a0:49:a9:2a:e9:45:e9:d7:ad:32:3b:dc:30:57:73:
75:b8:30:ae:7b:7f:03:c6:bc:33:9a:d1:30:4f:7a:cc:02:37:
d4:96:c4:e5:c8:ac:bf:f3:37:2a:5b:2e:50:29:4f:5d:17:0f:
8f:ba:1b:4c:80:95:db:6b:66:41:d3:6b:99:36:d6:e4:c7:bf:
c1:76:d4:23:6e:3d:66:aa:83:d3:e9:05:9f:7a:12:b7:8b:d0:
54:40:65:dc:55:d2:c0:39:4a:bf:b5:dd:74:2c:35:2c:c3:30:
97:96:ef:7e:85:43:2e:03:6d:d6:f7:9a:5a:70:ad:6f:8f:28:
58:99:c6:40:13:d7:e9:17:8e:bf:12:83:81:41:9e:12:5f:1e:
f3:63:bf:6d:84:8b:85:ee:6f:c7:a1:e3:ba:a5:4d:3c:b6:ce:
d6:74:fd:9d:b7:d9:26:ae:5a:87:e6:df:25:66:47:a7:7d:50:
6e:d4:1b:76:4d:81:08:69:c8:c9:f6:de:88:1e:7c:7b:cb:e7:
68:27:d6:31
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZ0lsqi0t4JvdtuGtlPhHVVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MmQ0Y2VjNzgzMzA1OTIzZTM0OTdlZDg4NGYxYzQ0NWI0
ZTc4ZmIwHhcNMjYwMzI1MTU1MjM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTE5ZjU0NDAzYWNiMzk0MTFhMzY5ZDcyMTdlODJmOTE2ZGY3N2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArd41Za/eAoNbIlR41QjFLgZbLVw9
yvELEib9jI8XeR+A3qNK6NlOlidUJ+KSn8ePLwyw5pdI8HEOAO2E7YgGWVJQqge6
kF42ViT4S0d3od0QR/R/3lQgp8YKK0DQsy2twWCeLtoPEMFD/CfypCCyIV1/RiRG
qWMMBCwVkQTTk/Gs5JB/0bKZuX80gQtv0hgvi02ccCKwgnaQoXw3Exeb41AsnS5O
88XhWh301HwTbQcHQu4xjZKPxhm929QANKqLz59aM6N9Y67XkNFQjWnQ5fXZ8vlT
fXZQy3zWdsTtdt0WbcLFG2BIOhqOJj5X/BlrSAdvNAyHXUk1P/gBqgK+rwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFOUZ9UQDrLOUEaNp1yF+gvkW33faMB8GA1UdIwQY
MBaAFLYtTOx4MwWSPjSX7YhPHERbTnj7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTIt
ZDMyZTI3ZmI3ZTU5LzEvNVJuMVJBT3NzNVFSbzJuWElYNkMtUmJmZDlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTItZDMyZTI3ZmI3ZTU5
LzEvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQALv0EAwQA
W1z3AwQCW4Q8AwQAXV6MAwQAXV6OAwQAX6nEAwQAX6nKAwQAuQGcAwQAuQfbAwQB
ufPUMA0EAgACMAcDBQAqCb6AMA0GCSqGSIb3DQEBCwUAA4IBAQBJKV/kVuknMASG
xxoHYQZJ/8LFuGG1bluzUHxi0VYNP2mBRkV/5+taeJr64GoxKax18vuh4VscGqCg
Sakq6UXp160yO9wwV3N1uDCue38DxrwzmtEwT3rMAjfUlsTlyKy/8zcqWy5QKU9d
Fw+PuhtMgJXba2ZB02uZNtbkx7/BdtQjbj1mqoPT6QWfehK3i9BUQGXcVdLAOUq/
td10LDUswzCXlu9+hUMuA23W95pacK1vjyhYmcZAE9fpF46/EoOBQZ4SXx7zY79t
hIuF7m/HoeO6pU08ts7WdP2dt9kmrlqH5t8lZkenfVBu1Bt2TYEIacjJ9t6IHnx7
y+doJ9Yx
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:33:10 2026 by rpki-client