Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/X-dBUFR4Gx83V5HKnlgW83J6GX8.roa
File: X-dBUFR4Gx83V5HKnlgW83J6GX8.roa (raw, json)
Hash identifier: txp92p4UYWBbE8ANzoYkOgANv7C2nXynQoM54I8Kwds=
Subject key identifier: 5F:E7:41:50:54:78:1B:1F:37:57:91:CA:9E:58:16:F3:72:7A:19:7F
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 019D28A2509C8EC4937C1D2E6388D1170365
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/X-dBUFR4Gx83V5HKnlgW83J6GX8.roa
Signing time: Thu 26 Mar 2026 05:33:39 +0000
ROA not before: Thu 26 Mar 2026 05:33:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 52468
IP address blocks: 31.15.0.0/24 maxlen: 24
31.15.5.0/24 maxlen: 24
31.15.7.0/24 maxlen: 24
45.10.107.0/24 maxlen: 24
45.130.160.0/24 maxlen: 24
45.130.161.0/24 maxlen: 24
45.150.85.0/24 maxlen: 24
45.150.86.0/24 maxlen: 24
45.150.87.0/24 maxlen: 24
46.29.28.0/24 maxlen: 24
94.125.137.0/24 maxlen: 24
194.32.112.0/24 maxlen: 24
201.77.48.0/24 maxlen: 24
201.77.53.0/24 maxlen: 24
217.76.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 08:18:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:a2:50:9c:8e:c4:93:7c:1d:2e:63:88:d1:17:03:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Mar 26 05:33:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5fe7415054781b1f375791ca9e5816f3727a197f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7f:3a:66:85:81:01:ac:f2:c5:d9:d6:ec:7e:
d8:cb:34:b3:99:ab:32:16:a6:85:e5:35:35:d2:ab:
ae:24:bc:5d:e1:e3:15:2c:92:8c:3e:8c:e4:fe:7a:
9c:c5:74:48:54:f6:79:4f:a1:40:38:03:85:b2:5f:
21:92:f3:2d:c1:d1:44:1b:20:ea:c8:74:66:b2:e1:
93:6f:9f:72:bc:5b:d5:77:a4:66:23:80:ab:5e:95:
f0:80:ac:c8:b2:db:7c:05:fe:5e:4a:7b:08:31:75:
87:4f:bb:14:8c:66:55:22:c6:36:c7:13:46:d5:06:
3f:17:58:ad:5e:51:f6:b9:f8:6a:11:7e:8e:79:ae:
d1:ad:81:78:9e:58:ce:75:0f:7a:03:bc:f9:6b:60:
7e:5f:58:7b:36:75:29:ae:89:a4:a7:17:9d:16:d8:
a2:8e:c7:a7:d2:34:ea:0a:43:d2:67:03:fa:d4:1b:
c6:cc:f8:2d:be:7f:15:db:d2:64:d6:ae:d2:7a:f9:
85:7a:06:8c:73:09:cb:ac:42:39:d7:9e:5a:d9:6b:
7a:34:37:ed:e8:03:be:66:a2:3d:6e:2a:25:27:7b:
ca:5c:0a:6a:ec:bf:39:b0:d3:b2:67:a9:87:2f:cb:
1d:ad:68:4f:20:cf:e9:c6:69:ff:72:6d:6b:68:59:
79:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:E7:41:50:54:78:1B:1F:37:57:91:CA:9E:58:16:F3:72:7A:19:7F
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/X-dBUFR4Gx83V5HKnlgW83J6GX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.0.0/24
31.15.5.0/24
31.15.7.0/24
45.10.107.0/24
45.130.160.0/23
45.150.85.0-45.150.87.255
46.29.28.0/24
94.125.137.0/24
194.32.112.0/24
201.77.48.0/24
201.77.53.0/24
217.76.240.0/24
Signature Algorithm: sha256WithRSAEncryption
99:46:15:4d:d3:80:f3:91:9c:0f:da:be:0b:d0:40:2c:81:58:
3e:64:62:f3:bd:f4:90:e2:a1:86:62:8d:41:22:ec:c0:2f:01:
15:71:5c:3f:26:75:e1:ed:d5:08:a1:6c:a4:92:40:e8:09:e5:
0a:3c:9e:68:8c:ba:b4:62:7d:ec:e0:76:e4:9c:6f:77:b0:64:
03:90:f4:81:4d:8b:99:a9:cb:e4:cb:a9:38:c4:fe:b4:06:9a:
02:79:fa:c5:08:bb:79:5e:59:0e:39:dd:de:6c:76:ac:8f:e6:
b4:95:27:82:6b:77:91:68:46:1d:43:11:e4:3f:92:d7:d2:d5:
15:5a:76:45:5d:50:1b:f6:43:86:47:c5:85:b0:29:54:74:7b:
57:e0:d7:53:c6:c0:ea:42:3e:4c:ee:d6:ca:5f:81:22:62:f6:
18:6b:38:32:77:6b:8c:b3:e3:50:64:aa:5d:fe:79:a2:9e:ce:
e2:11:2e:b9:ac:a6:c0:f5:25:e0:ee:9f:74:49:b7:11:15:9f:
f4:28:10:0a:1f:55:e1:44:e1:8d:ba:af:89:45:c8:98:7f:22:
e2:45:69:17:2a:0a:ac:fa:a3:89:7e:d0:0b:5b:8d:ab:93:0b:
ae:0a:62:04:a8:f7:a7:c8:16:a6:6f:82:89:f7:f0:8e:4d:1e:
f8:3b:d7:6f
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZ0oolCcjsSTfB0uY4jRFwNlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjYwMzI2MDUzMzM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmU3NDE1MDU0NzgxYjFmMzc1NzkxY2E5ZTU4MTZmMzcyN2ExOTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvX86ZoWBAazyxdnW7H7YyzSzmasy
FqaF5TU10quuJLxd4eMVLJKMPozk/nqcxXRIVPZ5T6FAOAOFsl8hkvMtwdFEGyDq
yHRmsuGTb59yvFvVd6RmI4CrXpXwgKzIstt8Bf5eSnsIMXWHT7sUjGZVIsY2xxNG
1QY/F1itXlH2ufhqEX6Oea7RrYF4nljOdQ96A7z5a2B+X1h7NnUpromkpxedFtii
jsen0jTqCkPSZwP61BvGzPgtvn8V29Jk1q7SevmFegaMcwnLrEI5155a2Wt6NDft
6AO+ZqI9biolJ3vKXApq7L85sNOyZ6mHL8sdrWhPIM/pxmn/cm1raFl59QIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFF/nQVBUeBsfN1eRyp5YFvNyehl/MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvWC1kQlVGUjRHeDgzVjVIS25sZ1c4M0o2R1g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAHw8AAwQA
Hw8FAwQAHw8HAwQALQprAwQBLYKgMAwDBAAtllUDBAMtllADBAAuHRwDBABefYkD
BADCIHADBADJTTADBADJTTUDBADZTPAwDQYJKoZIhvcNAQELBQADggEBAJlGFU3T
gPORnA/avgvQQCyBWD5kYvO99JDioYZijUEi7MAvARVxXD8mdeHt1QihbKSSQOgJ
5Qo8nmiMurRifezgduScb3ewZAOQ9IFNi5mpy+TLqTjE/rQGmgJ5+sUIu3leWQ45
3d5sdqyP5rSVJ4Jrd5FoRh1DEeQ/ktfS1RVadkVdUBv2Q4ZHxYWwKVR0e1fg11PG
wOpCPkzu1spfgSJi9hhrODJ3a4yz41Bkql3+eaKezuIRLrmspsD1JeDun3RJtxEV
n/QoEAofVeFE4Y26r4lFyJh/IuJFaRcqCqz6o4l+0AtbjauTC64KYgSo96fIFqZv
gon38I5NHvg7128=
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:15:34 2026 by rpki-client