Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/5R1VIC-GYaVtzgcxGhCDSIzpeo0.roa
File: 5R1VIC-GYaVtzgcxGhCDSIzpeo0.roa (raw, json)
Hash identifier: h2Gafh6EJepX3iyE/CsZpFfAM5nn3HH+WtQCp0lGTYk=
Subject key identifier: E5:1D:55:20:2F:86:61:A5:6D:CE:07:31:1A:10:83:48:8C:E9:7A:8D
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019D2181ABEABC75BD4F8571B0C39FED359C
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/5R1VIC-GYaVtzgcxGhCDSIzpeo0.roa
Signing time: Tue 24 Mar 2026 20:20:39 +0000
ROA not before: Tue 24 Mar 2026 20:20:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212667
IP address blocks: 5.182.116.0/24 maxlen: 24
45.15.255.0/24 maxlen: 24
45.86.3.0/24 maxlen: 24
45.90.44.0/24 maxlen: 24
45.90.47.0/24 maxlen: 24
45.128.130.0/23 maxlen: 23
45.128.228.0/22 maxlen: 22
46.149.174.0/24 maxlen: 24
46.174.192.0/24 maxlen: 24
46.174.193.0/24 maxlen: 24
46.174.194.0/24 maxlen: 24
46.174.195.0/24 maxlen: 24
46.174.197.0/24 maxlen: 24
46.174.199.0/24 maxlen: 24
178.212.78.0/24 maxlen: 24
185.253.2.0/24 maxlen: 24
188.64.140.0/24 maxlen: 24
188.93.136.0/24 maxlen: 24
195.96.141.0/24 maxlen: 24
212.18.98.0/24 maxlen: 24
212.52.13.0/24 maxlen: 24
212.60.6.0/24 maxlen: 24
212.107.24.0/24 maxlen: 24
212.115.48.0/24 maxlen: 24
212.115.50.0/24 maxlen: 24
213.166.92.0/24 maxlen: 24
213.166.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:21:81:ab:ea:bc:75:bd:4f:85:71:b0:c3:9f:ed:35:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Mar 24 20:20:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e51d55202f8661a56dce07311a1083488ce97a8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:01:de:6c:47:d4:33:51:8e:24:95:34:48:f9:
d9:20:09:0a:34:3e:06:9d:16:1e:6e:b5:36:99:94:
b6:87:4f:69:f8:06:26:49:a1:a9:e1:20:f0:fb:8f:
d6:69:3f:e4:cb:ac:79:16:45:3b:20:fd:c8:4d:6a:
76:b3:ba:61:61:a0:c0:c4:21:1c:75:c1:7d:46:52:
dc:96:f1:f8:2d:99:ec:2a:63:08:d7:52:42:be:5d:
93:e6:08:ea:71:0a:6e:86:e1:dc:dc:de:41:e9:5a:
2f:41:12:83:7b:27:c2:17:e0:e7:b9:ee:2d:d2:bc:
58:79:4c:0e:7a:d1:70:4c:5f:f0:22:6a:43:db:7d:
69:02:7e:e0:fb:84:59:84:96:a2:53:e9:68:64:2e:
2c:c5:74:34:f3:ee:0f:dc:0b:66:d8:d7:61:73:ac:
35:9e:95:36:27:6f:68:d4:5e:79:0a:3f:f4:71:27:
67:f7:65:91:1f:18:5f:85:74:c1:e5:10:50:1a:53:
cf:a1:ff:c0:49:6d:2b:2f:98:f3:72:33:f0:5f:03:
52:3a:96:5f:b5:1c:3f:6a:63:fa:5e:78:4a:9c:4c:
a7:ef:b6:5e:5d:e4:39:0a:6e:1c:65:22:5e:fd:8a:
09:eb:21:3b:25:7e:5a:ff:b3:b0:68:52:ed:37:cd:
ba:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:1D:55:20:2F:86:61:A5:6D:CE:07:31:1A:10:83:48:8C:E9:7A:8D
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/5R1VIC-GYaVtzgcxGhCDSIzpeo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.116.0/24
45.15.255.0/24
45.86.3.0/24
45.90.44.0/24
45.90.47.0/24
45.128.130.0/23
45.128.228.0/22
46.149.174.0/24
46.174.192.0/22
46.174.197.0/24
46.174.199.0/24
178.212.78.0/24
185.253.2.0/24
188.64.140.0/24
188.93.136.0/24
195.96.141.0/24
212.18.98.0/24
212.52.13.0/24
212.60.6.0/24
212.107.24.0/24
212.115.48.0/24
212.115.50.0/24
213.166.92.0/24
213.166.95.0/24
Signature Algorithm: sha256WithRSAEncryption
91:75:ed:c5:34:b5:47:5f:19:3c:b0:e8:f3:28:f0:99:1d:18:
68:2e:eb:67:04:87:26:b6:23:98:b0:9c:20:b8:de:ee:5a:c7:
3e:0f:25:c1:54:f8:27:e2:d7:44:67:14:f8:81:95:63:ff:b3:
44:e4:6b:1e:7c:ff:af:78:52:05:a4:cb:b3:87:4a:51:84:f8:
f2:67:02:6c:32:5e:2e:28:06:74:79:d0:8c:a4:2a:32:e4:ba:
fe:c7:69:5e:59:53:32:d2:39:ed:64:b6:b8:ba:64:67:e4:ab:
3b:42:14:ea:52:64:71:96:9d:f3:40:ee:b2:c8:2f:ae:8f:a0:
4b:bf:da:6e:3c:a4:50:5e:3e:e6:80:45:21:6b:a9:b0:cc:2c:
c6:55:8f:58:c8:65:0d:cb:6b:35:10:ef:f4:2f:d5:2a:67:85:
ca:24:7c:dd:88:5d:d6:4f:e8:fe:87:6c:d2:78:95:24:4c:ce:
d5:68:75:69:3e:95:56:c6:d9:0a:70:d3:4e:d3:48:b1:ce:6d:
bc:be:9e:ed:6c:4b:28:b9:0c:51:fd:38:4c:b5:17:69:af:05:
11:8d:0a:d2:0f:56:1c:e1:84:27:32:46:3b:66:2f:40:1b:ea:
2f:14:a7:56:a4:3b:ae:51:8d:2c:3d:7f:ea:02:6c:46:33:cb:
5e:ca:87:f0
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZ0hgavqvHW9T4VxsMOf7TWcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwMzI0MjAyMDM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTFkNTUyMDJmODY2MWE1NmRjZTA3MzExYTEwODM0ODhjZTk3YThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQHebEfUM1GOJJU0SPnZIAkKND4G
nRYebrU2mZS2h09p+AYmSaGp4SDw+4/WaT/ky6x5FkU7IP3ITWp2s7phYaDAxCEc
dcF9RlLclvH4LZnsKmMI11JCvl2T5gjqcQpuhuHc3N5B6VovQRKDeyfCF+Dnue4t
0rxYeUwOetFwTF/wImpD231pAn7g+4RZhJaiU+loZC4sxXQ08+4P3Atm2Ndhc6w1
npU2J29o1F55Cj/0cSdn92WRHxhfhXTB5RBQGlPPof/ASW0rL5jzcjPwXwNSOpZf
tRw/amP6XnhKnEyn77ZeXeQ5Cm4cZSJe/YoJ6yE7JX5a/7OwaFLtN826OwIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFOUdVSAvhmGlbc4HMRoQg0iM6XqNMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvNVIxVklDLUdZYVZ0emdjeEdoQ0RTSXpwZW8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAAF
tnQDBAAtD/8DBAAtVgMDBAAtWiwDBAAtWi8DBAEtgIIDBAItgOQDBAAula4DBAIu
rsADBAAursUDBAAurscDBACy1E4DBAC5/QIDBAC8QIwDBAC8XYgDBADDYI0DBADU
EmIDBADUNA0DBADUPAYDBADUaxgDBADUczADBADUczIDBADVplwDBADVpl8wDQYJ
KoZIhvcNAQELBQADggEBAJF17cU0tUdfGTyw6PMo8JkdGGgu62cEhya2I5iwnCC4
3u5axz4PJcFU+Cfi10RnFPiBlWP/s0Tkax58/694UgWky7OHSlGE+PJnAmwyXi4o
BnR50IykKjLkuv7HaV5ZUzLSOe1ktri6ZGfkqztCFOpSZHGWnfNA7rLIL66PoEu/
2m48pFBePuaARSFrqbDMLMZVj1jIZQ3LazUQ7/Qv1SpnhcokfN2IXdZP6P6HbNJ4
lSRMztVodWk+lVbG2Qpw007TSLHObby+nu1sSyi5DFH9OEy1F2mvBRGNCtIPVhzh
hCcyRjtmL0Ab6i8Up1akO65RjSw9f+oCbEYzy17Kh/A=
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:01:11 2026 by rpki-client