Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/34649e-9bc4-4018-b3a0-756f3cc3ec33/1/tYPo-JdyPV4KdsNSD7TTp6b2_Fs.roa
File: tYPo-JdyPV4KdsNSD7TTp6b2_Fs.roa (raw, json)
Hash identifier: pzKU3jxLQB7XiHy47QsandSzoGrUadAqBIVU3KmApNo=
Subject key identifier: B5:83:E8:F8:97:72:3D:5E:0A:76:C3:52:0F:B4:D3:A7:A6:F6:FC:5B
Certificate issuer: /CN=6daacc448c4a23afc94a45a79b76dfbe830b2598
Certificate serial: 019DEA7F908D5F44BA8C20B5C7AD38DEFD4C
Authority key identifier: 6D:AA:CC:44:8C:4A:23:AF:C9:4A:45:A7:9B:76:DF:BE:83:0B:25:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/barMRIxKI6_JSkWnm3bfvoMLJZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/34649e-9bc4-4018-b3a0-756f3cc3ec33/1/tYPo-JdyPV4KdsNSD7TTp6b2_Fs.roa
Signing time: Sat 02 May 2026 21:02:01 +0000
ROA not before: Sat 02 May 2026 21:02:01 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199046
IP address blocks: 5.133.24.0/21 maxlen: 24
5.253.68.0/22 maxlen: 22
5.253.68.0/24 maxlen: 24
5.253.69.0/24 maxlen: 24
5.253.70.0/24 maxlen: 24
5.253.71.0/24 maxlen: 24
45.146.12.0/22 maxlen: 24
45.146.12.0/24 maxlen: 24
45.146.13.0/24 maxlen: 24
45.146.14.0/24 maxlen: 24
45.146.15.0/24 maxlen: 24
185.132.248.0/22 maxlen: 22
185.132.248.0/24 maxlen: 24
185.132.249.0/24 maxlen: 24
185.132.250.0/24 maxlen: 24
185.132.251.0/24 maxlen: 24
193.7.220.0/22 maxlen: 22
193.7.220.0/24 maxlen: 24
193.7.221.0/24 maxlen: 24
193.7.222.0/24 maxlen: 24
193.7.223.0/24 maxlen: 24
2a09:9900::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/34649e-9bc4-4018-b3a0-756f3cc3ec33/1/barMRIxKI6_JSkWnm3bfvoMLJZg.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/34649e-9bc4-4018-b3a0-756f3cc3ec33/1/barMRIxKI6_JSkWnm3bfvoMLJZg.mft
rsync://rpki.ripe.net/repository/DEFAULT/barMRIxKI6_JSkWnm3bfvoMLJZg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ea:7f:90:8d:5f:44:ba:8c:20:b5:c7:ad:38:de:fd:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6daacc448c4a23afc94a45a79b76dfbe830b2598
Validity
Not Before: May 2 21:02:01 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b583e8f897723d5e0a76c3520fb4d3a7a6f6fc5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:66:ae:dc:15:96:8a:4b:72:f0:e4:a2:19:13:
1d:b7:59:ff:28:ed:06:16:e2:b6:22:96:da:88:ea:
18:6d:b2:c0:08:10:b9:90:70:88:b0:7f:a8:80:5d:
ef:7e:36:69:13:50:ed:9c:90:e0:fb:09:01:3b:27:
e3:d3:dd:8c:c7:f0:4a:a2:6c:56:44:04:a0:48:8c:
fe:af:fd:a0:9a:b2:e1:85:15:b7:92:6a:53:91:bb:
de:82:9d:e7:26:4c:00:dd:cf:4e:9b:08:10:df:a3:
86:bb:61:df:aa:c0:77:cc:fe:2c:47:b2:e6:60:10:
a2:46:aa:17:77:2d:67:4f:bb:b3:8d:a2:0b:09:39:
30:c0:7f:78:e9:64:15:49:1d:af:6f:da:b3:95:96:
1c:ac:dc:75:66:b7:35:c6:47:80:ba:60:2d:b9:69:
e3:cc:76:80:8a:25:4f:fe:ed:91:f3:e5:9c:f9:2f:
d9:5e:43:c8:eb:4e:fa:1c:dc:37:5a:f2:5d:41:35:
39:ac:ef:81:c0:1a:1a:bd:d3:19:74:df:59:58:73:
23:4a:66:48:fb:6a:c2:d6:a3:05:b8:8b:f0:cd:27:
1a:00:da:a1:58:c0:57:6f:ce:fc:dd:5b:de:51:9d:
49:a2:53:56:d6:54:e2:82:2f:bf:98:2d:a9:b4:3e:
64:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:83:E8:F8:97:72:3D:5E:0A:76:C3:52:0F:B4:D3:A7:A6:F6:FC:5B
X509v3 Authority Key Identifier:
keyid:6D:AA:CC:44:8C:4A:23:AF:C9:4A:45:A7:9B:76:DF:BE:83:0B:25:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/barMRIxKI6_JSkWnm3bfvoMLJZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/34649e-9bc4-4018-b3a0-756f3cc3ec33/1/tYPo-JdyPV4KdsNSD7TTp6b2_Fs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/34649e-9bc4-4018-b3a0-756f3cc3ec33/1/barMRIxKI6_JSkWnm3bfvoMLJZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.24.0/21
5.253.68.0/22
45.146.12.0/22
185.132.248.0/22
193.7.220.0/22
IPv6:
2a09:9900::/32
Signature Algorithm: sha256WithRSAEncryption
04:bb:16:01:dc:99:4c:d5:80:41:e6:53:0a:72:03:b4:a4:1c:
b5:11:57:32:62:12:f6:1b:da:1c:53:b6:0a:fc:66:c8:a7:a1:
30:4f:f9:84:9b:ec:77:0d:c5:05:67:7a:97:ae:c7:88:a7:fc:
a7:82:f4:1a:1b:0c:fa:8d:1c:85:dd:eb:69:5a:fd:51:bc:4b:
3f:be:8a:32:bf:87:83:f8:ad:87:d8:2c:08:42:be:9f:2b:f8:
d3:7a:72:57:79:da:4c:9e:7d:1c:52:7f:f8:85:8a:44:a7:c3:
e2:a6:71:13:ac:67:4d:0c:0f:9f:6f:74:cf:3c:9b:7d:64:d8:
56:2d:dc:d3:e4:da:35:b7:c6:c1:32:c1:63:a5:c7:3f:c9:c6:
00:25:4f:6b:53:d3:30:f2:b4:6f:bb:3e:9d:75:50:aa:72:10:
5b:ca:e8:f1:de:97:87:f5:b6:05:81:3d:44:77:b3:c7:a5:87:
5c:a7:9d:d1:a1:7e:eb:af:99:ce:2a:71:83:d4:d9:d8:5a:b5:
6f:f4:79:e0:7d:cd:b1:a3:bb:09:a1:df:ef:bf:f9:10:f8:a5:
a1:7f:07:b7:af:d8:2d:2d:d2:fb:13:75:80:62:2b:33:2a:fa:
b9:ac:b1:ec:24:53:95:08:4e:35:bd:59:b0:10:b7:35:a2:a8:
a0:91:11:cc
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZ3qf5CNX0S6jCC1x6043v1MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYWFjYzQ0OGM0YTIzYWZjOTRhNDVhNzliNzZkZmJlODMw
YjI1OTgwHhcNMjYwNTAyMjEwMjAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTgzZThmODk3NzIzZDVlMGE3NmMzNTIwZmI0ZDNhN2E2ZjZmYzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2au3BWWikty8OSiGRMdt1n/KO0G
FuK2IpbaiOoYbbLACBC5kHCIsH+ogF3vfjZpE1DtnJDg+wkBOyfj092Mx/BKomxW
RASgSIz+r/2gmrLhhRW3kmpTkbvegp3nJkwA3c9OmwgQ36OGu2HfqsB3zP4sR7Lm
YBCiRqoXdy1nT7uzjaILCTkwwH946WQVSR2vb9qzlZYcrNx1Zrc1xkeAumAtuWnj
zHaAiiVP/u2R8+Wc+S/ZXkPI6076HNw3WvJdQTU5rO+BwBoavdMZdN9ZWHMjSmZI
+2rC1qMFuIvwzScaANqhWMBXb8783VveUZ1JolNW1lTigi+/mC2ptD5kqwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLWD6PiXcj1eCnbDUg+006em9vxbMB8GA1UdIwQY
MBaAFG2qzESMSiOvyUpFp5t2376DCyWYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmFyTVJJeEtJNl9KU2tXbm0zYmZ2b01MSlpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zNDY0OWUtOWJjNC00MDE4LWIzYTAt
NzU2ZjNjYzNlYzMzLzEvdFlQby1KZHlQVjRLZHNOU0Q3VFRwNmIyX0ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zNDY0OWUtOWJjNC00MDE4LWIzYTAtNzU2ZjNjYzNlYzMz
LzEvYmFyTVJJeEtJNl9KU2tXbm0zYmZ2b01MSlpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBYUYAwQC
Bf1EAwQCLZIMAwQCuYT4AwQCwQfcMA0EAgACMAcDBQAqCZkAMA0GCSqGSIb3DQEB
CwUAA4IBAQAEuxYB3JlM1YBB5lMKcgO0pBy1EVcyYhL2G9ocU7YK/GbIp6EwT/mE
m+x3DcUFZ3qXrseIp/yngvQaGwz6jRyF3etpWv1RvEs/vooyv4eD+K2H2CwIQr6f
K/jTenJXedpMnn0cUn/4hYpEp8PipnETrGdNDA+fb3TPPJt9ZNhWLdzT5No1t8bB
MsFjpcc/ycYAJU9rU9Mw8rRvuz6ddVCqchBbyujx3peH9bYFgT1Ed7PHpYdcp53R
oX7rr5nOKnGD1NnYWrVv9Hngfc2xo7sJod/vv/kQ+KWhfwe3r9gtLdL7E3WAYisz
Kvq5rLHsJFOVCE41vVmwELc1oqigkRHM
-----END CERTIFICATE-----
Generated at Wed May 13 12:25:41 2026 by rpki-client