Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/c27eec-7141-4575-9a6f-c45728c56f3b/1/u5FQBjQ8TGAOw1PdBvvxn8Cybhw.roa
File: u5FQBjQ8TGAOw1PdBvvxn8Cybhw.roa (raw, json)
Hash identifier: x/E32nuicoTl8vPe5LNlzciN/23Qza2+g16y+2v27pE=
Subject key identifier: BB:91:50:06:34:3C:4C:60:0E:C3:53:DD:06:FB:F1:9F:C0:B2:6E:1C
Certificate issuer: /CN=4c4e90a46cd92f8ffcb1924b93b71d1bad313012
Certificate serial: 019D1A037EA15EAE5D851626F9E23929EAB4
Authority key identifier: 4C:4E:90:A4:6C:D9:2F:8F:FC:B1:92:4B:93:B7:1D:1B:AD:31:30:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TE6QpGzZL4_8sZJLk7cdG60xMBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/c27eec-7141-4575-9a6f-c45728c56f3b/1/u5FQBjQ8TGAOw1PdBvvxn8Cybhw.roa
Signing time: Mon 23 Mar 2026 09:25:29 +0000
ROA not before: Mon 23 Mar 2026 09:25:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43717
IP address blocks: 91.198.122.0/24 maxlen: 24
91.216.140.0/24 maxlen: 24
178.248.192.0/21 maxlen: 21
2a00:1ff0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/c27eec-7141-4575-9a6f-c45728c56f3b/1/TE6QpGzZL4_8sZJLk7cdG60xMBI.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/c27eec-7141-4575-9a6f-c45728c56f3b/1/TE6QpGzZL4_8sZJLk7cdG60xMBI.mft
rsync://rpki.ripe.net/repository/DEFAULT/TE6QpGzZL4_8sZJLk7cdG60xMBI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1a:03:7e:a1:5e:ae:5d:85:16:26:f9:e2:39:29:ea:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c4e90a46cd92f8ffcb1924b93b71d1bad313012
Validity
Not Before: Mar 23 09:25:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bb915006343c4c600ec353dd06fbf19fc0b26e1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:42:72:39:2f:ca:9a:f9:47:6d:fd:53:56:0a:
1b:77:5c:a2:1e:47:34:9b:ec:48:b8:20:9a:a3:b6:
ac:f3:09:81:88:cf:65:ca:56:85:aa:43:f5:f9:b9:
0b:0e:2a:c3:01:85:a4:fe:f9:36:43:6e:a9:a0:d2:
af:ec:91:60:ba:d3:f3:e2:26:0a:ac:cc:f7:bf:ef:
2b:a5:0a:fd:e3:36:fb:10:24:9a:a7:d3:78:ac:9b:
f1:62:45:22:3a:04:e0:82:fe:50:8e:25:00:4a:c8:
5a:14:bb:d4:d3:61:1a:81:a3:98:27:53:2d:ec:af:
53:f4:11:9a:95:65:71:24:78:73:d1:c5:92:9e:e4:
67:82:dc:80:e6:b4:47:b9:f7:46:04:b5:5b:27:00:
0e:03:e7:d1:93:05:2d:0e:8e:7a:4f:25:c7:4f:8a:
3f:43:a1:83:03:7a:3e:35:98:9b:8f:fa:9c:72:3a:
7c:7f:4f:db:b1:ee:37:e5:3d:06:66:68:49:11:86:
57:d3:04:33:2a:cd:01:48:b9:53:5b:3c:4e:f6:df:
5b:58:f0:07:f8:24:b4:1b:54:2c:7a:82:1e:6a:da:
1b:82:8c:94:6b:77:21:64:21:94:41:30:3e:82:00:
d1:9e:07:93:ea:0d:8c:5c:59:c0:01:e4:5b:a1:22:
6e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:91:50:06:34:3C:4C:60:0E:C3:53:DD:06:FB:F1:9F:C0:B2:6E:1C
X509v3 Authority Key Identifier:
keyid:4C:4E:90:A4:6C:D9:2F:8F:FC:B1:92:4B:93:B7:1D:1B:AD:31:30:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TE6QpGzZL4_8sZJLk7cdG60xMBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/c27eec-7141-4575-9a6f-c45728c56f3b/1/u5FQBjQ8TGAOw1PdBvvxn8Cybhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/c27eec-7141-4575-9a6f-c45728c56f3b/1/TE6QpGzZL4_8sZJLk7cdG60xMBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.122.0/24
91.216.140.0/24
178.248.192.0/21
IPv6:
2a00:1ff0::/32
Signature Algorithm: sha256WithRSAEncryption
8a:2a:c6:df:22:55:75:a8:8d:d5:a5:3c:9f:6d:ef:2a:fe:ff:
e9:fb:d0:8d:06:d9:f0:92:1f:4a:42:17:42:ab:fb:f3:fc:64:
37:c3:64:11:70:67:e2:e2:a4:d8:6b:77:bd:e2:89:09:a3:e5:
bd:b9:5a:83:ba:51:96:bd:59:54:cd:71:b1:97:33:10:a3:02:
66:57:62:b9:3b:65:ac:70:d1:f9:17:9b:6d:72:6f:79:29:22:
db:98:32:e9:53:bd:3a:c4:28:d1:aa:ab:21:03:2f:ca:78:98:
1f:8c:2f:ac:25:c4:bf:08:41:30:39:40:f4:aa:4a:c1:c0:f7:
e8:e0:0f:5b:18:77:8d:66:ef:6e:37:8f:e2:22:99:f4:ec:d5:
a1:cf:fb:cc:24:1f:e5:02:24:11:bc:b3:bd:3b:63:28:2e:bd:
84:c7:3b:11:a7:db:40:34:45:6c:54:5e:4d:d7:5c:a1:3e:8f:
46:8f:03:92:62:2f:cd:20:5e:82:4d:2a:b3:3e:17:1a:2d:34:
51:4c:6d:4e:e5:dc:f9:88:dd:a6:fd:15:4d:95:a7:f8:0d:83:
92:27:cf:28:71:de:c4:6d:46:f9:af:17:9d:81:c2:23:24:d6:
ab:7b:ac:ec:0e:13:14:fa:59:8b:d2:d2:98:c0:1b:2d:16:37:
e7:98:c5:97
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZ0aA36hXq5dhRYm+eI5Keq0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNGU5MGE0NmNkOTJmOGZmY2IxOTI0YjkzYjcxZDFiYWQz
MTMwMTIwHhcNMjYwMzIzMDkyNTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjkxNTAwNjM0M2M0YzYwMGVjMzUzZGQwNmZiZjE5ZmMwYjI2ZTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0JyOS/KmvlHbf1TVgobd1yiHkc0
m+xIuCCao7as8wmBiM9lylaFqkP1+bkLDirDAYWk/vk2Q26poNKv7JFgutPz4iYK
rMz3v+8rpQr94zb7ECSap9N4rJvxYkUiOgTggv5QjiUASshaFLvU02EagaOYJ1Mt
7K9T9BGalWVxJHhz0cWSnuRngtyA5rRHufdGBLVbJwAOA+fRkwUtDo56TyXHT4o/
Q6GDA3o+NZibj/qccjp8f0/bse435T0GZmhJEYZX0wQzKs0BSLlTWzxO9t9bWPAH
+CS0G1QseoIeatobgoyUa3chZCGUQTA+ggDRngeT6g2MXFnAAeRboSJu1QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLuRUAY0PExgDsNT3Qb78Z/Asm4cMB8GA1UdIwQY
MBaAFExOkKRs2S+P/LGSS5O3HRutMTASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEU2UXBHelpMNF84c1pKTGs3Y2RHNjB4TUJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9jMjdlZWMtNzE0MS00NTc1LTlhNmYt
YzQ1NzI4YzU2ZjNiLzEvdTVGUUJqUThUR0FPdzFQZEJ2dnhuOEN5Ymh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9jMjdlZWMtNzE0MS00NTc1LTlhNmYtYzQ1NzI4YzU2ZjNi
LzEvVEU2UXBHelpMNF84c1pKTGs3Y2RHNjB4TUJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW8Z6AwQA
W9iMAwQDsvjAMA0EAgACMAcDBQAqAB/wMA0GCSqGSIb3DQEBCwUAA4IBAQCKKsbf
IlV1qI3VpTyfbe8q/v/p+9CNBtnwkh9KQhdCq/vz/GQ3w2QRcGfi4qTYa3e94okJ
o+W9uVqDulGWvVlUzXGxlzMQowJmV2K5O2WscNH5F5ttcm95KSLbmDLpU706xCjR
qqshAy/KeJgfjC+sJcS/CEEwOUD0qkrBwPfo4A9bGHeNZu9uN4/iIpn07NWhz/vM
JB/lAiQRvLO9O2MoLr2ExzsRp9tANEVsVF5N11yhPo9GjwOSYi/NIF6CTSqzPhca
LTRRTG1O5dz5iN2m/RVNlaf4DYOSJ88ocd7EbUb5rxedgcIjJNare6zsDhMU+lmL
0tKYwBstFjfnmMWX
-----END CERTIFICATE-----
Generated at Wed Mar 25 21:18:04 2026 by rpki-client