Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/gh2KSlWeyC7yJQ-OWWobhRfkfKY.roa
File: gh2KSlWeyC7yJQ-OWWobhRfkfKY.roa (raw, json)
Hash identifier: WitH3bXHhV/BXgH0H56Weva5SywsO/s1gPriEARZEMc=
Subject key identifier: 82:1D:8A:4A:55:9E:C8:2E:F2:25:0F:8E:59:6A:1B:85:17:E4:7C:A6
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019E0929D6698FDA99F6673BDDE0400BDBA9
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/gh2KSlWeyC7yJQ-OWWobhRfkfKY.roa
Signing time: Fri 08 May 2026 19:56:37 +0000
ROA not before: Fri 08 May 2026 19:56:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9123
IP address blocks: 5.42.220.0/24 maxlen: 24
45.91.238.0/24 maxlen: 24
80.68.156.0/24 maxlen: 24
185.211.170.0/24 maxlen: 24
186.246.0.0/24 maxlen: 24
186.246.1.0/24 maxlen: 24
186.246.2.0/24 maxlen: 24
186.246.3.0/24 maxlen: 24
186.246.4.0/24 maxlen: 24
186.246.5.0/24 maxlen: 24
186.246.6.0/24 maxlen: 24
186.246.7.0/24 maxlen: 24
186.246.8.0/24 maxlen: 24
186.246.9.0/24 maxlen: 24
186.246.10.0/24 maxlen: 24
186.246.11.0/24 maxlen: 24
186.246.12.0/24 maxlen: 24
186.246.13.0/24 maxlen: 24
195.206.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:09:29:d6:69:8f:da:99:f6:67:3b:dd:e0:40:0b:db:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: May 8 19:56:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=821d8a4a559ec82ef2250f8e596a1b8517e47ca6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:84:b0:c4:0c:e5:52:9e:ce:92:df:d8:f9:6d:
63:80:07:21:28:bc:f5:ae:f0:c5:db:61:2e:15:b3:
6b:4f:bb:ad:04:9c:f1:f3:1a:dc:d9:22:4c:d2:e1:
7b:64:1e:fe:cc:a2:d6:db:37:96:fe:fa:70:b7:31:
6a:94:9f:ee:9d:d4:82:77:63:33:eb:17:d0:53:27:
89:12:42:81:55:92:93:ef:cd:f0:d1:61:b8:b3:8a:
3f:55:25:55:20:f1:77:75:56:90:c0:9d:ce:36:73:
0b:c2:6b:07:73:29:7c:51:99:92:fa:06:3e:d5:94:
d9:07:79:3f:e4:9c:67:54:2f:17:8f:1a:d4:cb:97:
84:bb:43:95:5f:18:27:f7:86:e0:c4:bf:d4:ae:1d:
5d:51:19:e5:f8:66:0a:2e:be:60:0e:38:9a:58:d3:
7d:f9:58:e2:6b:15:d0:f3:b6:eb:de:78:41:11:0c:
7e:17:0c:bd:0c:f5:51:83:0f:c9:21:b3:bb:f5:ea:
f2:ea:c4:7f:de:19:97:5d:44:83:01:d7:a5:d5:05:
dc:33:03:6f:b1:0c:93:98:b1:59:25:fd:1a:9b:af:
16:b6:65:f4:30:1a:5a:bf:f3:58:61:9c:2e:ba:58:
c2:43:39:38:f0:e0:4a:09:d6:f5:cd:cc:77:73:d4:
bd:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:1D:8A:4A:55:9E:C8:2E:F2:25:0F:8E:59:6A:1B:85:17:E4:7C:A6
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/gh2KSlWeyC7yJQ-OWWobhRfkfKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.220.0/24
45.91.238.0/24
80.68.156.0/24
185.211.170.0/24
186.246.0.0-186.246.13.255
195.206.243.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:35:2f:63:8d:4f:2c:70:c2:19:58:55:8b:3a:dc:8f:7f:32:
0a:1c:c8:f7:5b:98:f6:49:c5:3f:51:3c:21:08:47:c0:ec:8f:
9c:1a:46:e7:3e:e7:33:52:8a:1e:80:c5:8d:6c:b0:c5:3d:bf:
f1:02:82:6b:69:e0:b2:ea:30:32:76:4e:39:cd:2b:c3:6e:02:
3c:e5:52:19:43:af:6c:40:9a:02:6f:29:5c:fc:e5:72:ee:7a:
20:e0:ff:cd:2f:21:12:9e:d9:7b:9d:55:c9:53:0a:4e:02:7a:
46:f6:43:3e:35:35:85:d9:ee:e1:32:4f:68:ae:e1:91:9a:fc:
72:f8:ed:2f:86:13:a2:6f:64:7f:25:45:67:d6:e5:2b:5b:a3:
03:1f:ba:95:7b:e4:8c:51:77:b7:3f:4f:89:c6:74:52:04:6c:
1b:dd:5c:79:91:d4:52:1c:91:a2:bd:e5:a6:a6:4c:a9:28:15:
5a:e7:d5:cb:6a:13:c1:51:05:41:80:b7:f8:a9:b5:e3:98:73:
b6:20:dd:ff:d2:97:be:54:79:a3:e9:3b:4c:c8:a9:3b:28:b6:
58:9d:47:8f:4c:28:16:06:8e:ac:22:3e:a3:d3:6a:6d:ce:82:
e8:d9:68:3d:18:c0:4f:dc:99:a9:7b:a8:a1:67:71:5a:7d:d7:
14:3a:a3:d2
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZ4JKdZpj9qZ9mc73eBAC9upMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwNTA4MTk1NjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjFkOGE0YTU1OWVjODJlZjIyNTBmOGU1OTZhMWI4NTE3ZTQ3Y2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroSwxAzlUp7Okt/Y+W1jgAchKLz1
rvDF22EuFbNrT7utBJzx8xrc2SJM0uF7ZB7+zKLW2zeW/vpwtzFqlJ/undSCd2Mz
6xfQUyeJEkKBVZKT783w0WG4s4o/VSVVIPF3dVaQwJ3ONnMLwmsHcyl8UZmS+gY+
1ZTZB3k/5JxnVC8XjxrUy5eEu0OVXxgn94bgxL/Urh1dURnl+GYKLr5gDjiaWNN9
+VjiaxXQ87br3nhBEQx+Fwy9DPVRgw/JIbO79ery6sR/3hmXXUSDAdel1QXcMwNv
sQyTmLFZJf0am68WtmX0MBpav/NYYZwuuljCQzk48OBKCdb1zcx3c9S9QwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFIIdikpVnsgu8iUPjllqG4UX5HymMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvZ2gyS1NsV2V5Qzd5SlEtT1dXb2JoUmZrZktZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAxBAIAATArAwQABSrcAwQA
LVvuAwQAUEScAwQAudOqMAsDAwG69gMEAbr2DAMEAMPO8zANBgkqhkiG9w0BAQsF
AAOCAQEALDUvY41PLHDCGVhVizrcj38yChzI91uY9knFP1E8IQhHwOyPnBpG5z7n
M1KKHoDFjWywxT2/8QKCa2ngsuowMnZOOc0rw24CPOVSGUOvbECaAm8pXPzlcu56
IOD/zS8hEp7Ze51VyVMKTgJ6RvZDPjU1hdnu4TJPaK7hkZr8cvjtL4YTom9kfyVF
Z9blK1ujAx+6lXvkjFF3tz9PicZ0UgRsG91ceZHUUhyRor3lpqZMqSgVWufVy2oT
wVEFQYC3+Km145hztiDd/9KXvlR5o+k7TMipOyi2WJ1Hj0woFgaOrCI+o9Nqbc6C
6NloPRjAT9yZqXuooWdxWn3XFDqj0g==
-----END CERTIFICATE-----
Generated at Wed May 13 01:38:11 2026 by rpki-client