Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/558348-4912-4bc1-8e58-f92d7dc37d2e/1/1ePW4VmnzO6-96SmvZyxG-AnxF4.roa
File: 1ePW4VmnzO6-96SmvZyxG-AnxF4.roa (raw, json)
Hash identifier: sykaMsKzVQXHiTsfS0iJPbpUu1ltRj/tiFcskP2lBo8=
Subject key identifier: D5:E3:D6:E1:59:A7:CC:EE:BE:F7:A4:A6:BD:9C:B1:1B:E0:27:C4:5E
Certificate issuer: /CN=8d3402eae027abcd926090cc0ddeff80aab92c35
Certificate serial: 019DE0C60D5A867683312B7B98E4A3039324
Authority key identifier: 8D:34:02:EA:E0:27:AB:CD:92:60:90:CC:0D:DE:FF:80:AA:B9:2C:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jTQC6uAnq82SYJDMDd7_gKq5LDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/558348-4912-4bc1-8e58-f92d7dc37d2e/1/1ePW4VmnzO6-96SmvZyxG-AnxF4.roa
Signing time: Thu 30 Apr 2026 23:42:49 +0000
ROA not before: Thu 30 Apr 2026 23:42:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 136258
IP address blocks: 86.54.82.0/24 maxlen: 24
86.54.83.0/24 maxlen: 24
168.222.244.0/24 maxlen: 24
168.222.245.0/24 maxlen: 24
168.222.247.0/24 maxlen: 24
185.186.76.0/24 maxlen: 24
185.186.77.0/24 maxlen: 24
185.186.78.0/24 maxlen: 24
185.186.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/558348-4912-4bc1-8e58-f92d7dc37d2e/1/jTQC6uAnq82SYJDMDd7_gKq5LDU.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/558348-4912-4bc1-8e58-f92d7dc37d2e/1/jTQC6uAnq82SYJDMDd7_gKq5LDU.mft
rsync://rpki.ripe.net/repository/DEFAULT/jTQC6uAnq82SYJDMDd7_gKq5LDU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e0:c6:0d:5a:86:76:83:31:2b:7b:98:e4:a3:03:93:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d3402eae027abcd926090cc0ddeff80aab92c35
Validity
Not Before: Apr 30 23:42:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d5e3d6e159a7cceebef7a4a6bd9cb11be027c45e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:86:9c:a8:bf:6d:ee:eb:13:9a:f8:23:18:78:
10:70:2b:ed:a1:13:79:81:60:e7:9a:19:53:7c:2c:
df:6a:85:c6:c3:57:ce:74:8b:86:59:1f:0a:f0:dd:
b0:b3:01:37:52:f2:6e:de:3e:66:92:6d:dd:c3:07:
68:d9:d3:19:f5:c0:8e:46:1d:d8:47:11:84:4e:e3:
d3:71:d2:9b:4c:93:db:ea:5a:c5:82:23:aa:a1:0f:
aa:82:fa:83:ea:4d:3b:e4:13:2e:16:ab:a1:55:9a:
e0:3c:5c:f9:07:61:d3:ad:02:b4:65:d7:1b:48:7e:
82:a0:cc:d0:6b:16:ee:f8:8e:ed:15:74:95:fb:9b:
bd:1a:a7:f7:50:65:5a:e7:d0:a4:4a:93:df:c8:fe:
70:78:ae:98:ea:2f:31:95:82:59:44:d0:49:e6:47:
00:1a:33:84:a0:94:00:a2:9a:7b:5f:04:c7:e0:ed:
8e:64:7c:d9:63:ce:22:8d:9f:72:4f:79:5c:66:98:
ed:58:77:39:6e:4f:61:69:17:00:61:1c:3d:92:4c:
63:f5:16:c1:47:d5:a6:10:ca:3a:a0:1c:67:24:09:
5c:81:38:79:32:73:eb:c8:72:81:47:95:be:68:32:
61:87:cc:44:f6:81:e8:1f:7f:30:47:dc:c2:f4:ff:
a5:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:E3:D6:E1:59:A7:CC:EE:BE:F7:A4:A6:BD:9C:B1:1B:E0:27:C4:5E
X509v3 Authority Key Identifier:
keyid:8D:34:02:EA:E0:27:AB:CD:92:60:90:CC:0D:DE:FF:80:AA:B9:2C:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jTQC6uAnq82SYJDMDd7_gKq5LDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/558348-4912-4bc1-8e58-f92d7dc37d2e/1/1ePW4VmnzO6-96SmvZyxG-AnxF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/558348-4912-4bc1-8e58-f92d7dc37d2e/1/jTQC6uAnq82SYJDMDd7_gKq5LDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.54.82.0/23
168.222.244.0/23
168.222.247.0/24
185.186.76.0/22
Signature Algorithm: sha256WithRSAEncryption
d3:43:b2:2a:ad:58:62:06:61:30:31:fd:71:ff:b8:e2:4c:d3:
fc:12:88:cf:4d:92:fb:95:21:92:34:84:99:7d:eb:c5:62:45:
b8:8c:7f:15:52:3a:e6:36:d7:eb:cd:67:6e:ed:91:84:7e:de:
75:03:f2:1a:96:5f:27:43:84:d0:fb:5d:92:fa:84:1e:38:2a:
4a:47:20:c0:91:0b:db:11:ad:2e:25:c9:1c:04:5f:f9:b9:1f:
1d:e7:ae:de:95:1e:b7:b0:b2:4c:cf:a5:ae:67:26:c6:b8:64:
99:37:6b:9e:12:fe:b1:0d:4f:67:28:30:19:e7:f0:4f:84:de:
0e:e4:99:93:4f:46:94:51:d5:3e:c3:ff:c0:b8:3f:d7:e7:7a:
e7:bf:16:85:9e:51:e0:78:5f:26:98:7d:07:bd:39:cc:ba:44:
32:41:48:be:8e:73:ce:c5:b7:d7:6e:18:c5:39:f2:21:76:01:
60:b1:e8:21:c3:d7:38:71:f4:9e:8b:10:a0:64:b7:b2:f7:06:
0c:89:f3:7e:f4:68:0f:8b:de:d1:9d:4c:c4:98:0b:7e:a0:59:
db:1b:8b:6a:2f:96:47:fc:1f:5b:9e:7a:6c:3e:15:21:74:5f:
5f:42:09:62:18:3c:f7:59:f9:29:51:a3:ed:e0:86:7e:67:73:
74:89:f5:cb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ3gxg1ahnaDMSt7mOSjA5MkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMzQwMmVhZTAyN2FiY2Q5MjYwOTBjYzBkZGVmZjgwYWFi
OTJjMzUwHhcNMjYwNDMwMjM0MjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWUzZDZlMTU5YTdjY2VlYmVmN2E0YTZiZDljYjExYmUwMjdjNDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIacqL9t7usTmvgjGHgQcCvtoRN5
gWDnmhlTfCzfaoXGw1fOdIuGWR8K8N2wswE3UvJu3j5mkm3dwwdo2dMZ9cCORh3Y
RxGETuPTcdKbTJPb6lrFgiOqoQ+qgvqD6k075BMuFquhVZrgPFz5B2HTrQK0Zdcb
SH6CoMzQaxbu+I7tFXSV+5u9Gqf3UGVa59CkSpPfyP5weK6Y6i8xlYJZRNBJ5kcA
GjOEoJQAopp7XwTH4O2OZHzZY84ijZ9yT3lcZpjtWHc5bk9haRcAYRw9kkxj9RbB
R9WmEMo6oBxnJAlcgTh5MnPryHKBR5W+aDJhh8xE9oHoH38wR9zC9P+lEwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNXj1uFZp8zuvvekpr2csRvgJ8ReMB8GA1UdIwQY
MBaAFI00AurgJ6vNkmCQzA3e/4CquSw1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalRRQzZ1QW5xODJTWUpETURkN19nS3E1TERVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS81NTgzNDgtNDkxMi00YmMxLThlNTgt
ZjkyZDdkYzM3ZDJlLzEvMWVQVzRWbW56TzYtOTZTbXZaeXhHLUFueEY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS81NTgzNDgtNDkxMi00YmMxLThlNTgtZjkyZDdkYzM3ZDJl
LzEvalRRQzZ1QW5xODJTWUpETURkN19nS3E1TERVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBVjZSAwQB
qN70AwQAqN73AwQCubpMMA0GCSqGSIb3DQEBCwUAA4IBAQDTQ7IqrVhiBmEwMf1x
/7jiTNP8EojPTZL7lSGSNISZfevFYkW4jH8VUjrmNtfrzWdu7ZGEft51A/Iall8n
Q4TQ+12S+oQeOCpKRyDAkQvbEa0uJckcBF/5uR8d567elR63sLJMz6WuZybGuGSZ
N2ueEv6xDU9nKDAZ5/BPhN4O5JmTT0aUUdU+w//AuD/X53rnvxaFnlHgeF8mmH0H
vTnMukQyQUi+jnPOxbfXbhjFOfIhdgFgseghw9c4cfSeixCgZLey9wYMifN+9GgP
i97RnUzEmAt+oFnbG4tqL5ZH/B9bnnpsPhUhdF9fQgliGDz3WfkpUaPt4IZ+Z3N0
ifXL
-----END CERTIFICATE-----
Generated at Wed May 13 04:09:02 2026 by rpki-client