Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/e-5TSb_mYHCdIuOD8vrCl1XPRAk.roa
File: e-5TSb_mYHCdIuOD8vrCl1XPRAk.roa (raw, json)
Hash identifier: MQEDBz7zEe5IyXk9VD7pLY8AZKLie90h1keE21n1bzQ=
Subject key identifier: 7B:EE:53:49:BF:E6:60:70:9D:22:E3:83:F2:FA:C2:97:55:CF:44:09
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 019CE69FFECC54AA92FA50959AA899C604B1
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/e-5TSb_mYHCdIuOD8vrCl1XPRAk.roa
Signing time: Fri 13 Mar 2026 09:56:11 +0000
ROA not before: Fri 13 Mar 2026 09:56:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34471
IP address blocks: 2.59.108.0/22 maxlen: 24
2.59.111.0/24 maxlen: 24
31.25.176.0/21 maxlen: 24
37.122.219.0/24 maxlen: 24
45.92.132.0/22 maxlen: 24
46.28.160.0/21 maxlen: 24
46.28.163.0/24 maxlen: 24
89.40.84.0/22 maxlen: 24
89.44.36.0/22 maxlen: 24
91.242.148.0/22 maxlen: 24
109.235.16.0/21 maxlen: 24
176.56.64.0/19 maxlen: 24
185.4.32.0/22 maxlen: 24
185.5.84.0/22 maxlen: 24
185.70.152.0/22 maxlen: 24
185.85.255.0/24 maxlen: 24
185.102.204.0/22 maxlen: 24
185.103.148.0/22 maxlen: 24
185.110.212.0/22 maxlen: 24
185.142.44.0/22 maxlen: 24
185.153.16.0/22 maxlen: 24
185.176.104.0/22 maxlen: 24
185.205.253.0/24 maxlen: 24
185.205.254.0/24 maxlen: 24
185.223.216.0/22 maxlen: 24
185.228.124.0/22 maxlen: 24
185.239.160.0/22 maxlen: 24
185.243.136.0/22 maxlen: 24
193.108.206.0/23 maxlen: 24
193.108.230.0/23 maxlen: 24
193.246.156.0/23 maxlen: 24
194.156.72.0/22 maxlen: 24
2a02:5dc0::/32 maxlen: 32
2a02:5fc0::/32 maxlen: 48
2a03:440::/32 maxlen: 32
2a05:9b00::/29 maxlen: 29
2a05:a800::/29 maxlen: 29
2a06:3c00::/29 maxlen: 29
2a09:eac0::/29 maxlen: 29
2a0a:1280::/29 maxlen: 29
2a0b:c40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e6:9f:fe:cc:54:aa:92:fa:50:95:9a:a8:99:c6:04:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Mar 13 09:56:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7bee5349bfe660709d22e383f2fac29755cf4409
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:99:82:51:ee:44:99:3b:ab:fd:80:f2:82:bd:
95:cd:59:52:01:05:ff:f0:a7:0e:2f:78:3f:72:f1:
cb:08:f8:2a:1c:bc:22:2c:1e:12:6d:32:6d:2c:f2:
b5:99:c5:98:f1:a8:db:cd:58:1b:b4:2c:d7:ee:d3:
ca:16:5e:43:5b:76:a7:32:11:d7:df:aa:e5:21:61:
cc:b3:a4:26:8c:8a:3c:6d:47:3c:a1:eb:a9:09:47:
06:e3:1a:81:4a:33:e7:4c:b8:dc:84:e0:65:3c:b8:
e5:a7:9d:01:de:e7:4c:cf:f6:39:ba:06:81:2d:88:
06:d9:18:41:01:d9:67:f7:05:ed:d6:88:10:0b:4a:
98:1a:bd:d8:3d:50:52:5a:8b:9b:21:74:a0:92:84:
05:b5:31:7c:98:57:6c:bf:63:e1:9b:1d:cc:35:24:
ca:07:81:28:a5:ef:af:fe:34:d2:aa:32:95:3c:23:
8c:c2:19:e1:fe:28:e5:88:36:85:be:b7:86:ce:f8:
c5:bc:66:2a:47:16:dc:b9:08:53:b6:51:f5:e9:58:
a9:82:58:0e:3d:92:94:42:9e:84:67:70:a3:1e:c6:
ca:37:fd:0a:9f:e1:f2:67:22:f0:29:2d:68:8a:47:
1b:24:45:5a:4a:aa:81:d5:d9:7c:47:39:55:74:16:
f2:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:EE:53:49:BF:E6:60:70:9D:22:E3:83:F2:FA:C2:97:55:CF:44:09
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/e-5TSb_mYHCdIuOD8vrCl1XPRAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.108.0/22
31.25.176.0/21
37.122.219.0/24
45.92.132.0/22
46.28.160.0/21
89.40.84.0/22
89.44.36.0/22
91.242.148.0/22
109.235.16.0/21
176.56.64.0/19
185.4.32.0/22
185.5.84.0/22
185.70.152.0/22
185.85.255.0/24
185.102.204.0/22
185.103.148.0/22
185.110.212.0/22
185.142.44.0/22
185.153.16.0/22
185.176.104.0/22
185.205.253.0-185.205.254.255
185.223.216.0/22
185.228.124.0/22
185.239.160.0/22
185.243.136.0/22
193.108.206.0/23
193.108.230.0/23
193.246.156.0/23
194.156.72.0/22
IPv6:
2a02:5dc0::/32
2a02:5fc0::/32
2a03:440::/32
2a05:9b00::/29
2a05:a800::/29
2a06:3c00::/29
2a09:eac0::/29
2a0a:1280::/29
2a0b:c40::/29
Signature Algorithm: sha256WithRSAEncryption
55:ef:3a:5b:b6:80:09:3b:51:1e:61:9d:9e:77:cf:13:38:8a:
06:5f:1c:f3:06:e5:38:fa:13:df:64:27:20:1e:fe:98:f7:36:
26:8b:bd:d2:e6:4f:e4:21:5d:df:f0:fc:9b:99:3f:67:7d:de:
31:59:25:fe:ff:ba:23:dd:21:48:d1:0f:93:6a:a1:62:21:78:
ed:45:0d:2c:57:1f:5a:90:0a:e2:ae:a3:ec:a7:e3:46:12:e2:
84:dc:80:86:56:b6:d4:33:50:54:d2:1b:c4:29:72:b4:96:62:
30:ec:67:0b:5d:a8:0d:fc:d5:4b:23:ca:f5:73:26:4d:7f:30:
45:93:a2:76:62:17:ed:67:04:5a:3b:cb:ed:b8:cc:a0:0b:94:
4a:c9:46:51:22:a6:60:d0:a7:57:a1:dd:d9:97:83:20:1b:91:
04:1c:b0:c4:62:16:f7:58:3a:f7:12:d6:63:52:c1:66:f9:c1:
fa:fb:35:6e:34:07:eb:52:ef:d6:b5:48:0d:82:1b:76:2f:a5:
38:41:b7:90:48:57:ca:2a:37:e0:05:cc:a7:ac:68:15:ff:d8:
1c:bd:87:e3:09:5c:55:0c:1d:b5:10:52:dd:39:90:c9:8b:8b:
cc:e0:93:bd:42:01:e9:b7:68:25:bc:47:70:a6:d7:88:7b:51:
c6:76:54:6d
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgISAZzmn/7MVKqS+lCVmqiZxgSxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjYwMzEzMDk1NjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmVlNTM0OWJmZTY2MDcwOWQyMmUzODNmMmZhYzI5NzU1Y2Y0NDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypmCUe5EmTur/YDygr2VzVlSAQX/
8KcOL3g/cvHLCPgqHLwiLB4SbTJtLPK1mcWY8ajbzVgbtCzX7tPKFl5DW3anMhHX
36rlIWHMs6QmjIo8bUc8oeupCUcG4xqBSjPnTLjchOBlPLjlp50B3udMz/Y5ugaB
LYgG2RhBAdln9wXt1ogQC0qYGr3YPVBSWoubIXSgkoQFtTF8mFdsv2Phmx3MNSTK
B4Eope+v/jTSqjKVPCOMwhnh/ijliDaFvreGzvjFvGYqRxbcuQhTtlH16VipglgO
PZKUQp6EZ3CjHsbKN/0Kn+HyZyLwKS1oikcbJEVaSqqB1dl8RzlVdBbypQIDAQAB
o4IDCDCCAwQwHQYDVR0OBBYEFHvuU0m/5mBwnSLjg/L6wpdVz0QJMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvZS01VFNiX21ZSENkSXVPRDh2ckNsMVhQUkFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHAYIKwYBBQUHAQcBAf8EggELMIIBBzCBvQQCAAEwgbYD
BAICO2wDBAMfGbADBAAletsDBAItXIQDBAMuHKADBAJZKFQDBAJZLCQDBAJb8pQD
BANt6xADBAWwOEADBAK5BCADBAK5BVQDBAK5RpgDBAC5Vf8DBAK5ZswDBAK5Z5QD
BAK5btQDBAK5jiwDBAK5mRADBAK5sGgwDAMEALnN/QMEALnN/gMEArnf2AMEArnk
fAMEArnvoAMEArnziAMEAcFszgMEAcFs5gMEAcH2nAMEAsKcSDBFBAIAAjA/AwUA
KgJdwAMFACoCX8ADBQAqAwRAAwUDKgWbAAMFAyoFqAADBQMqBjwAAwUDKgnqwAMF
AyoKEoADBQMqCwxAMA0GCSqGSIb3DQEBCwUAA4IBAQBV7zpbtoAJO1EeYZ2ed88T
OIoGXxzzBuU4+hPfZCcgHv6Y9zYmi73S5k/kIV3f8PybmT9nfd4xWSX+/7oj3SFI
0Q+TaqFiIXjtRQ0sVx9akArirqPsp+NGEuKE3ICGVrbUM1BU0hvEKXK0lmIw7GcL
XagN/NVLI8r1cyZNfzBFk6J2YhftZwRaO8vtuMygC5RKyUZRIqZg0KdXod3Zl4Mg
G5EEHLDEYhb3WDr3EtZjUsFm+cH6+zVuNAfrUu/WtUgNght2L6U4QbeQSFfKKjfg
BcynrGgV/9gcvYfjCVxVDB21EFLdOZDJi4vM4JO9QgHpt2glvEdwpteIe1HGdlRt
-----END CERTIFICATE-----
Generated at Fri Mar 27 02:10:13 2026 by rpki-client