Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/nFyN-ptamRmcdnuqyi6zn2Q097U.roa
File: nFyN-ptamRmcdnuqyi6zn2Q097U.roa (raw, json)
Hash identifier: HAKMJDx55YclCFLSNlNj682x77+ElstqJrsvd8bsK8A=
Subject key identifier: 9C:5C:8D:FA:9B:5A:99:19:9C:76:7B:AA:CA:2E:B3:9F:64:34:F7:B5
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 019DFF2848189E40DFE9314C6E75AC7D56B0
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/nFyN-ptamRmcdnuqyi6zn2Q097U.roa
Signing time: Wed 06 May 2026 21:18:43 +0000
ROA not before: Wed 06 May 2026 21:18:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60631
IP address blocks: 5.159.49.0/24 maxlen: 24
45.94.213.0/24 maxlen: 24
45.94.214.0/24 maxlen: 24
109.122.246.0/24 maxlen: 24
185.239.0.0/24 maxlen: 24
185.239.3.0/24 maxlen: 24
188.212.96.0/24 maxlen: 24
188.240.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ff:28:48:18:9e:40:df:e9:31:4c:6e:75:ac:7d:56:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: May 6 21:18:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9c5c8dfa9b5a99199c767baaca2eb39f6434f7b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:48:b0:32:1f:6c:13:99:ad:1d:e5:9c:43:14:
20:d2:66:ce:28:5e:3b:76:3c:d3:95:1f:05:f5:eb:
62:57:95:c8:c6:5a:cd:75:27:c5:e8:74:d6:c1:76:
7a:3b:0a:43:54:5f:43:d7:10:7c:75:da:76:51:84:
fb:c7:6f:b7:fb:9a:39:d1:d0:e8:2d:d9:88:48:ac:
6a:55:45:5f:06:4b:cf:e7:7b:cf:87:12:4e:39:7d:
9d:88:09:5e:b1:d0:1a:80:fc:50:86:1c:26:13:90:
29:74:d6:a1:d5:43:84:30:3c:46:53:07:c3:fa:c5:
56:48:69:0b:e1:f2:72:83:48:ff:57:c7:5a:56:f3:
ce:22:3d:96:00:4c:68:e5:b5:fa:80:43:64:79:81:
46:6b:5f:4c:a6:a0:2e:ca:16:9e:f0:21:e5:c3:4a:
b5:53:24:aa:e2:de:75:e3:67:f8:0c:43:25:fa:b3:
b8:3b:c2:9b:59:cf:53:c7:bb:1c:a0:cf:96:df:c2:
64:0b:c0:b8:e6:95:96:74:de:d4:ac:67:72:98:9c:
31:ab:a3:36:ac:25:20:b0:86:ca:ba:33:be:5d:d7:
14:67:a1:41:7b:ce:cf:92:6f:60:24:a9:64:a8:37:
25:96:19:ab:24:72:6a:46:06:c1:12:c2:a0:fc:66:
fd:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:5C:8D:FA:9B:5A:99:19:9C:76:7B:AA:CA:2E:B3:9F:64:34:F7:B5
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/nFyN-ptamRmcdnuqyi6zn2Q097U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.49.0/24
45.94.213.0-45.94.214.255
109.122.246.0/24
185.239.0.0/24
185.239.3.0/24
188.212.96.0/24
188.240.196.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:56:b2:7e:fc:9c:71:e5:24:7c:56:b1:72:f4:62:29:a0:0d:
2e:d3:3e:9e:0b:23:c6:fb:46:5a:a7:cc:67:39:26:ad:d2:f8:
75:72:27:23:01:48:78:44:a3:e2:b3:dc:b3:86:46:7c:86:76:
8d:5d:5f:4f:3b:bc:8e:ad:be:7f:2e:2c:43:5c:39:c3:42:a5:
11:ac:04:12:4d:68:af:f2:60:8c:48:d9:f2:73:da:de:98:35:
c8:a8:14:bc:86:56:db:2e:24:74:83:92:f7:13:bf:31:bd:04:
34:29:22:65:3c:f1:3b:ba:c6:50:4a:14:c8:1b:93:f5:f5:f2:
8c:6a:05:62:6a:e6:71:1a:45:d0:a2:c2:f3:09:43:a5:25:42:
d4:77:6e:6d:ac:b3:5f:8b:c7:4d:3d:24:ae:d5:fb:c7:e1:29:
b1:e4:de:2d:5e:ae:12:2a:9d:34:90:c2:9e:59:18:56:a2:78:
ce:48:4f:68:94:93:ed:00:7e:38:bb:3d:dc:53:71:22:57:4d:
b7:0b:32:c0:7b:3d:0d:86:8b:d1:c5:52:bc:d2:74:ad:f1:ee:
c0:77:07:6f:56:14:63:23:f0:d5:f8:b1:7e:9d:da:3d:87:1c:
0f:f9:d4:c1:5f:67:4a:32:58:27:29:d7:37:46:bd:38:51:ce:
0f:d0:f1:0d
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZ3/KEgYnkDf6TFMbnWsfVawMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjYwNTA2MjExODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzVjOGRmYTliNWE5OTE5OWM3NjdiYWFjYTJlYjM5ZjY0MzRmN2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0iwMh9sE5mtHeWcQxQg0mbOKF47
djzTlR8F9etiV5XIxlrNdSfF6HTWwXZ6OwpDVF9D1xB8ddp2UYT7x2+3+5o50dDo
LdmISKxqVUVfBkvP53vPhxJOOX2diAlesdAagPxQhhwmE5ApdNah1UOEMDxGUwfD
+sVWSGkL4fJyg0j/V8daVvPOIj2WAExo5bX6gENkeYFGa19MpqAuyhae8CHlw0q1
UySq4t5142f4DEMl+rO4O8KbWc9Tx7scoM+W38JkC8C45pWWdN7UrGdymJwxq6M2
rCUgsIbKujO+XdcUZ6FBe87Pkm9gJKlkqDcllhmrJHJqRgbBEsKg/Gb9TQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFJxcjfqbWpkZnHZ7qsous59kNPe1MB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvbkZ5Ti1wdGFtUm1jZG51cXlpNnpuMlEwOTdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQABZ8xMAwD
BAAtXtUDBAAtXtYDBABtevYDBAC57wADBAC57wMDBAC81GADBAC88MQwDQYJKoZI
hvcNAQELBQADggEBALJWsn78nHHlJHxWsXL0YimgDS7TPp4LI8b7RlqnzGc5Jq3S
+HVyJyMBSHhEo+Kz3LOGRnyGdo1dX087vI6tvn8uLENcOcNCpRGsBBJNaK/yYIxI
2fJz2t6YNcioFLyGVtsuJHSDkvcTvzG9BDQpImU88Tu6xlBKFMgbk/X18oxqBWJq
5nEaRdCiwvMJQ6UlQtR3bm2ss1+Lx009JK7V+8fhKbHk3i1erhIqnTSQwp5ZGFai
eM5IT2iUk+0Afji7PdxTcSJXTbcLMsB7PQ2Gi9HFUrzSdK3x7sB3B29WFGMj8NX4
sX6d2j2HHA/51MFfZ0oyWCcp1zdGvThRzg/Q8Q0=
-----END CERTIFICATE-----
Generated at Tue May 12 21:44:40 2026 by rpki-client