Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/tbdaBfEdC2g4j5awlEN4zMAkaHQ.roa
File: tbdaBfEdC2g4j5awlEN4zMAkaHQ.roa (raw, json)
Hash identifier: do9qwHU9rPws34K9e7M1l81/QvXBkYAmJ01DjPdwuoA=
Subject key identifier: B5:B7:5A:05:F1:1D:0B:68:38:8F:96:B0:94:43:78:CC:C0:24:68:74
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 019D012EFCC2B14F3F227E1E5BDC20420E3D
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/tbdaBfEdC2g4j5awlEN4zMAkaHQ.roa
Signing time: Wed 18 Mar 2026 13:42:29 +0000
ROA not before: Wed 18 Mar 2026 13:42:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 10753
IP address blocks: 205.188.6.0/23 maxlen: 23
205.188.62.0/23 maxlen: 23
205.188.148.0/22 maxlen: 22
205.188.152.0/22 maxlen: 22
205.188.228.0/22 maxlen: 22
205.188.250.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:01:2e:fc:c2:b1:4f:3f:22:7e:1e:5b:dc:20:42:0e:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: Mar 18 13:42:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b5b75a05f11d0b68388f96b0944378ccc0246874
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ea:bf:10:b2:0a:ea:a1:c9:74:5f:2e:56:5f:
4b:64:ca:eb:0b:0d:85:50:d0:e0:20:59:89:e6:94:
18:ea:12:1f:7e:83:ff:3d:a5:ae:b6:69:80:83:96:
22:ce:ab:b4:cc:e2:59:29:f0:74:2c:de:d0:12:18:
7b:1b:99:07:55:45:0d:f5:b1:b6:b3:86:35:e4:26:
fd:3b:b8:7d:d6:31:12:ef:ec:76:38:58:bc:27:12:
d7:8f:2a:77:e7:e1:e9:18:6c:01:63:b8:65:ce:1b:
b0:7b:0b:e1:f8:b9:5d:94:44:7a:30:0f:64:c4:d0:
81:90:62:26:1b:98:fb:f5:a1:88:8b:c8:24:20:eb:
b4:c2:45:6b:a1:ba:7d:53:30:d6:0f:08:f5:8f:38:
81:8f:d6:97:b5:0f:be:56:9e:5c:dc:fc:16:ec:ec:
00:10:3b:b8:50:9e:e8:e5:80:7f:52:a3:f6:74:0b:
21:e4:88:ce:86:90:2c:a2:cf:12:cb:a8:d8:0a:37:
16:31:f7:fb:99:be:b5:c2:15:6f:78:f4:d9:f8:9e:
74:63:a3:fa:94:63:5a:7e:8b:40:c4:b0:67:11:fc:
c4:72:fb:33:66:45:01:ab:47:1d:a0:35:17:47:dd:
a2:b3:5e:18:d0:94:87:3a:87:39:13:d2:1d:c9:9b:
89:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B7:5A:05:F1:1D:0B:68:38:8F:96:B0:94:43:78:CC:C0:24:68:74
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/tbdaBfEdC2g4j5awlEN4zMAkaHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
205.188.6.0/23
205.188.62.0/23
205.188.148.0-205.188.155.255
205.188.228.0/22
205.188.250.0/23
Signature Algorithm: sha256WithRSAEncryption
94:07:73:f5:12:97:95:41:94:60:eb:fe:c0:c2:4e:ee:4f:b0:
4a:54:df:c2:b2:ac:5d:f9:00:9c:39:7f:0c:23:50:f3:a1:c5:
4f:64:3a:27:d2:8a:d3:f6:b3:6e:55:e0:48:e9:9d:15:26:c9:
7b:eb:97:05:0a:d4:ab:13:2b:4e:48:7c:2b:57:db:22:c3:23:
48:86:4c:b2:f4:f3:07:8d:3a:a5:78:f5:50:c3:a0:77:23:04:
e3:81:5c:ff:84:a0:75:ec:32:e6:e2:52:33:de:95:ff:bd:87:
d9:87:5c:d9:4b:16:e8:b2:2c:de:84:95:3a:e0:07:d8:39:c5:
67:a1:59:e6:a8:5b:e2:6a:fe:25:ea:c4:79:24:10:2f:d7:64:
cc:4f:d7:f1:68:33:df:d3:71:4a:ba:5b:ee:e5:3b:ec:93:da:
91:65:d4:64:13:eb:7b:bb:1c:15:3d:23:75:2c:91:09:e0:2e:
a9:3b:ab:29:27:15:2e:fb:8d:f2:02:db:77:d0:f9:8a:57:ce:
07:b2:18:81:b4:0a:2f:b8:a3:6e:da:0e:d3:b8:ee:d3:3e:a2:
d2:6e:9e:51:77:51:f5:be:20:8b:36:f3:44:af:58:2a:03:27:
30:b1:9a:d9:ae:ad:70:19:6c:1e:e9:15:a2:47:a4:be:2e:5d:
97:13:c0:aa
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ0BLvzCsU8/In4eW9wgQg49MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjYwMzE4MTM0MjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWI3NWEwNWYxMWQwYjY4Mzg4Zjk2YjA5NDQzNzhjY2MwMjQ2ODc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuq/ELIK6qHJdF8uVl9LZMrrCw2F
UNDgIFmJ5pQY6hIffoP/PaWutmmAg5Yizqu0zOJZKfB0LN7QEhh7G5kHVUUN9bG2
s4Y15Cb9O7h91jES7+x2OFi8JxLXjyp35+HpGGwBY7hlzhuwewvh+LldlER6MA9k
xNCBkGImG5j79aGIi8gkIOu0wkVrobp9UzDWDwj1jziBj9aXtQ++Vp5c3PwW7OwA
EDu4UJ7o5YB/UqP2dAsh5IjOhpAsos8Sy6jYCjcWMff7mb61whVvePTZ+J50Y6P6
lGNafotAxLBnEfzEcvszZkUBq0cdoDUXR92is14Y0JSHOoc5E9IdyZuJTwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLW3WgXxHQtoOI+WsJRDeMzAJGh0MB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvdGJkYUJmRWRDMmc0ajVhd2xFTjR6TUFrYUhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBzbwGAwQB
zbw+MAwDBALNvJQDBALNvJgDBALNvOQDBAHNvPowDQYJKoZIhvcNAQELBQADggEB
AJQHc/USl5VBlGDr/sDCTu5PsEpU38KyrF35AJw5fwwjUPOhxU9kOifSitP2s25V
4EjpnRUmyXvrlwUK1KsTK05IfCtX2yLDI0iGTLL08weNOqV49VDDoHcjBOOBXP+E
oHXsMubiUjPelf+9h9mHXNlLFuiyLN6ElTrgB9g5xWehWeaoW+Jq/iXqxHkkEC/X
ZMxP1/FoM9/TcUq6W+7lO+yT2pFl1GQT63u7HBU9I3UskQngLqk7qyknFS77jfIC
23fQ+YpXzgeyGIG0Ci+4o27aDtO47tM+otJunlF3UfW+IIs280SvWCoDJzCxmtmu
rXAZbB7pFaJHpL4uXZcTwKo=
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:49:28 2026 by rpki-client