Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/fg5DQWG7u5wnOMunM-jUQ-7qT2w.roa
File: fg5DQWG7u5wnOMunM-jUQ-7qT2w.roa (raw, json)
Hash identifier: LM7RxWBrFS25rPx4UzRlTNuZ/VgoDeJ+Tu9Rzj/nASE=
Subject key identifier: 7E:0E:43:41:61:BB:BB:9C:27:38:CB:A7:33:E8:D4:43:EE:EA:4F:6C
Certificate issuer: /CN=13932782ee7758990404fa1ccfb09ec23a86123f
Certificate serial: 019DF88C384DAF6B0261133EA96CF0774705
Authority key identifier: 13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/fg5DQWG7u5wnOMunM-jUQ-7qT2w.roa
Signing time: Tue 05 May 2026 14:30:32 +0000
ROA not before: Tue 05 May 2026 14:30:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 2856
IP address blocks: 46.248.96.0/22 maxlen: 22
46.248.102.0/23 maxlen: 24
46.248.104.0/23 maxlen: 24
46.248.106.0/23 maxlen: 23
46.248.108.0/22 maxlen: 22
46.248.112.0/22 maxlen: 22
46.248.116.0/22 maxlen: 22
46.248.120.0/22 maxlen: 24
46.248.124.0/23 maxlen: 23
46.248.126.0/23 maxlen: 23
82.136.26.0/24 maxlen: 24
82.136.30.0/23 maxlen: 24
82.136.43.0/24 maxlen: 24
82.136.47.0/24 maxlen: 24
82.136.48.0/22 maxlen: 24
82.136.52.0/24 maxlen: 24
82.136.54.0/23 maxlen: 24
82.136.56.0/22 maxlen: 24
85.116.0.0/23 maxlen: 23
85.116.2.0/23 maxlen: 23
85.116.4.0/23 maxlen: 23
85.116.6.0/23 maxlen: 23
85.116.11.0/24 maxlen: 24
85.116.16.0/21 maxlen: 21
85.116.24.0/24 maxlen: 24
85.116.25.0/24 maxlen: 24
85.116.26.0/24 maxlen: 24
85.116.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/E5Mngu53WJkEBPocz7CewjqGEj8.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/E5Mngu53WJkEBPocz7CewjqGEj8.mft
rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f8:8c:38:4d:af:6b:02:61:13:3e:a9:6c:f0:77:47:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13932782ee7758990404fa1ccfb09ec23a86123f
Validity
Not Before: May 5 14:30:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7e0e434161bbbb9c2738cba733e8d443eeea4f6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:0f:c9:61:b6:89:b2:af:a8:5f:94:9a:71:a4:
25:70:82:f3:85:55:4e:bf:b4:cb:98:2f:84:3a:58:
5f:04:12:31:f5:01:08:df:c2:19:90:42:44:1e:72:
b6:56:07:7e:06:ce:a1:e7:77:d5:2f:e9:c8:c8:af:
37:cf:4e:18:5e:48:3f:c7:35:aa:4e:72:19:12:89:
0b:2c:fa:72:db:e9:19:37:51:da:64:05:6c:b1:08:
20:17:29:1f:0e:3a:f4:18:d8:ab:8f:03:82:9e:95:
68:56:52:a4:29:3a:ba:e4:a8:53:eb:42:8e:04:6b:
f8:9b:54:b8:45:d5:8e:f2:62:8c:12:a6:1a:51:ad:
9c:a7:99:6c:df:70:4c:24:a5:26:e5:7d:9f:bd:65:
f5:1e:0f:28:2b:66:a7:15:4f:8f:ed:8c:54:45:35:
30:a9:41:fc:7e:9e:d8:26:d3:d5:fe:f4:76:a0:44:
62:d7:71:e8:18:55:e3:b6:63:b4:37:00:9c:85:5d:
d0:88:ce:eb:a3:99:aa:e0:73:95:d3:fa:73:05:6e:
3e:51:a9:0c:14:fa:0d:ea:e9:03:8b:1b:37:73:89:
93:f0:e1:18:79:5d:a4:c3:8c:1e:f5:bd:8f:fe:e6:
89:1e:e9:f4:bf:74:ee:8c:e8:9b:2f:63:51:06:1f:
c7:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:0E:43:41:61:BB:BB:9C:27:38:CB:A7:33:E8:D4:43:EE:EA:4F:6C
X509v3 Authority Key Identifier:
keyid:13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/fg5DQWG7u5wnOMunM-jUQ-7qT2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/E5Mngu53WJkEBPocz7CewjqGEj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.248.96.0/22
46.248.102.0-46.248.127.255
82.136.26.0/24
82.136.30.0/23
82.136.43.0/24
82.136.47.0-82.136.52.255
82.136.54.0-82.136.59.255
85.116.0.0/21
85.116.11.0/24
85.116.16.0-85.116.27.255
Signature Algorithm: sha256WithRSAEncryption
31:b7:64:3b:ab:75:dd:16:97:62:53:0f:8c:2a:b8:44:2c:9c:
7a:e8:3c:c4:7f:48:4a:91:07:f2:cd:f5:e3:d1:c4:be:4a:43:
3a:18:1d:af:4d:15:1a:02:62:1b:97:5a:e6:51:36:d0:30:91:
be:32:0d:a0:09:b8:d6:6f:a8:92:4a:d6:6b:a8:ae:80:4c:a4:
5d:ea:81:e7:25:45:ee:90:ec:b1:80:04:d1:85:f6:6d:1b:4b:
06:10:1d:c6:d3:78:3e:7e:9b:d5:45:1d:64:98:c7:f9:b3:c2:
2a:48:8c:d5:e1:ce:34:61:c5:31:3b:f6:b2:7b:a0:92:c6:48:
52:1a:c1:2a:dc:7a:a3:1c:e5:e4:64:d1:e9:e9:b0:74:e2:2e:
8f:3e:e3:98:cb:09:cf:d4:54:94:87:4b:16:9a:ff:7c:4c:10:
b9:12:cc:b5:ec:37:5a:9e:7c:37:21:90:db:a2:61:49:66:53:
5d:b7:36:44:bd:e0:ba:64:a8:16:26:83:72:c6:79:3b:1e:56:
a9:ee:c0:fe:28:ce:7f:2f:40:6d:1b:42:bb:97:27:42:89:75:
9c:d7:02:e8:da:c7:88:f7:a3:63:af:ed:98:62:14:58:73:aa:
60:b5:43:40:18:f9:dc:72:c3:b8:a1:76:45:af:e8:ab:00:61:
59:d8:3c:8d
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZ34jDhNr2sCYRM+qWzwd0cFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzOTMyNzgyZWU3NzU4OTkwNDA0ZmExY2NmYjA5ZWMyM2E4
NjEyM2YwHhcNMjYwNTA1MTQzMDMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTBlNDM0MTYxYmJiYjljMjczOGNiYTczM2U4ZDQ0M2VlZWE0ZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Q/JYbaJsq+oX5SacaQlcILzhVVO
v7TLmC+EOlhfBBIx9QEI38IZkEJEHnK2Vgd+Bs6h53fVL+nIyK83z04YXkg/xzWq
TnIZEokLLPpy2+kZN1HaZAVssQggFykfDjr0GNirjwOCnpVoVlKkKTq65KhT60KO
BGv4m1S4RdWO8mKMEqYaUa2cp5ls33BMJKUm5X2fvWX1Hg8oK2anFU+P7YxURTUw
qUH8fp7YJtPV/vR2oERi13HoGFXjtmO0NwCchV3QiM7ro5mq4HOV0/pzBW4+UakM
FPoN6ukDixs3c4mT8OEYeV2kw4we9b2P/uaJHun0v3TujOibL2NRBh/HeQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFH4OQ0Fhu7ucJzjLpzPo1EPu6k9sMB8GA1UdIwQY
MBaAFBOTJ4Lud1iZBAT6HM+wnsI6hhI/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTVNbmd1NTNXSmtFQlBvY3o3Q2V3anFHRWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84Mjg2NTItYWRkZi00ZmU4LTlmZTYt
NGIxZjYxNjUzZjNkLzEvZmc1RFFXRzd1NXduT011bk0talVRLTdxVDJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84Mjg2NTItYWRkZi00ZmU4LTlmZTYtNGIxZjYxNjUzZjNk
LzEvRTVNbmd1NTNXSmtFQlBvY3o3Q2V3anFHRWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQCLvhgMAwD
BAEu+GYDBAcu+AADBABSiBoDBAFSiB4DBABSiCswDAMEAFKILwMEAFKINDAMAwQB
Uog2AwQCUog4AwQDVXQAAwQAVXQLMAwDBARVdBADBAJVdBgwDQYJKoZIhvcNAQEL
BQADggEBADG3ZDurdd0Wl2JTD4wquEQsnHroPMR/SEqRB/LN9ePRxL5KQzoYHa9N
FRoCYhuXWuZRNtAwkb4yDaAJuNZvqJJK1muoroBMpF3qgeclRe6Q7LGABNGF9m0b
SwYQHcbTeD5+m9VFHWSYx/mzwipIjNXhzjRhxTE79rJ7oJLGSFIawSrceqMc5eRk
0enpsHTiLo8+45jLCc/UVJSHSxaa/3xMELkSzLXsN1qefDchkNuiYUlmU123NkS9
4LpkqBYmg3LGeTseVqnuwP4ozn8vQG0bQruXJ0KJdZzXAujax4j3o2Ov7ZhiFFhz
qmC1Q0AY+dxyw7ihdkWv6KsAYVnYPI0=
-----END CERTIFICATE-----
Generated at Wed May 13 09:08:44 2026 by rpki-client