Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/6f385e-7fe1-49ad-81fb-1882f4c276cd/1/IaXoeRFo8oZIZuTY3duOe59BUCc.roa
File: IaXoeRFo8oZIZuTY3duOe59BUCc.roa (raw, json)
Hash identifier: 8fZ9vrPYI8jxQ4Q3pQ1/ew70xq1NmBM7Qvx8mbUZu5w=
Subject key identifier: 21:A5:E8:79:11:68:F2:86:48:66:E4:D8:DD:DB:8E:7B:9F:41:50:27
Certificate issuer: /CN=8829792e3ff21fc35827f68a78c8050015c66a72
Certificate serial: 019CE641B1D5E6AB533F1BBD8EE35B2FDD83
Authority key identifier: 88:29:79:2E:3F:F2:1F:C3:58:27:F6:8A:78:C8:05:00:15:C6:6A:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iCl5Lj_yH8NYJ_aKeMgFABXGanI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/6f385e-7fe1-49ad-81fb-1882f4c276cd/1/IaXoeRFo8oZIZuTY3duOe59BUCc.roa
Signing time: Fri 13 Mar 2026 08:13:10 +0000
ROA not before: Fri 13 Mar 2026 08:13:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 5413
IP address blocks: 5.252.36.0/22 maxlen: 22
5.252.36.0/24 maxlen: 24
2a0f:cac0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/6f385e-7fe1-49ad-81fb-1882f4c276cd/1/iCl5Lj_yH8NYJ_aKeMgFABXGanI.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/6f385e-7fe1-49ad-81fb-1882f4c276cd/1/iCl5Lj_yH8NYJ_aKeMgFABXGanI.mft
rsync://rpki.ripe.net/repository/DEFAULT/iCl5Lj_yH8NYJ_aKeMgFABXGanI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e6:41:b1:d5:e6:ab:53:3f:1b:bd:8e:e3:5b:2f:dd:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8829792e3ff21fc35827f68a78c8050015c66a72
Validity
Not Before: Mar 13 08:13:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=21a5e8791168f2864866e4d8dddb8e7b9f415027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c0:e8:9d:cc:c1:46:cf:b6:08:5b:34:74:8d:
8e:63:12:90:5f:40:25:05:c0:ee:d8:09:af:5a:9c:
46:b7:e0:bb:05:d5:3e:4d:4b:a5:65:6e:fd:0c:2c:
9d:70:75:eb:12:c5:3d:4d:01:c2:e0:ad:19:53:0a:
d4:8a:13:30:1e:d7:00:c7:fb:78:8b:8d:3b:db:77:
0c:52:13:fb:50:d5:cb:5f:9e:31:25:b0:d7:39:18:
34:24:c0:04:d7:55:35:ff:ce:9c:28:ca:32:64:f6:
aa:25:d1:b8:69:ea:3f:14:7d:90:f8:42:fa:dc:b4:
c4:ac:a4:8f:6d:8b:4d:7f:af:a7:6b:1a:96:3d:65:
40:36:2f:38:4d:83:6c:ea:ed:aa:90:43:1c:7f:78:
a3:1e:b7:3f:83:a7:fb:82:fb:23:d3:37:20:c6:3e:
60:fa:24:ff:4a:9c:84:55:19:aa:bc:f1:b6:a9:c3:
48:00:55:15:6a:be:37:0d:7d:bd:a6:df:b7:a6:0a:
fc:30:bf:56:1e:0f:37:5f:2a:81:8e:31:76:46:1e:
07:ec:4b:26:b3:55:3e:1d:3c:2a:0d:36:ba:21:87:
5e:40:b2:09:d4:66:ca:0c:3d:aa:54:5b:54:83:a9:
d0:a6:8c:12:f9:4b:1b:e1:e6:92:ca:f0:44:36:c2:
17:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:A5:E8:79:11:68:F2:86:48:66:E4:D8:DD:DB:8E:7B:9F:41:50:27
X509v3 Authority Key Identifier:
keyid:88:29:79:2E:3F:F2:1F:C3:58:27:F6:8A:78:C8:05:00:15:C6:6A:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iCl5Lj_yH8NYJ_aKeMgFABXGanI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/6f385e-7fe1-49ad-81fb-1882f4c276cd/1/IaXoeRFo8oZIZuTY3duOe59BUCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/6f385e-7fe1-49ad-81fb-1882f4c276cd/1/iCl5Lj_yH8NYJ_aKeMgFABXGanI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.36.0/22
IPv6:
2a0f:cac0::/48
Signature Algorithm: sha256WithRSAEncryption
91:05:05:ce:31:f2:21:7f:d4:c5:f4:fe:be:e2:ff:41:40:56:
c1:9e:87:76:26:1a:29:90:b8:96:29:7a:05:8d:6a:e9:c7:64:
aa:8f:83:49:76:d8:41:93:bb:a9:45:6c:39:b5:7f:a9:a0:16:
4a:ce:98:b8:4e:f8:85:97:0c:80:9b:34:37:87:aa:c5:dc:87:
d9:7a:e2:f6:95:97:d0:39:1c:f6:d4:e9:5c:4c:ee:fb:4a:2a:
53:d8:80:77:50:e9:e8:81:f5:87:3a:3b:19:f2:8b:e0:8d:f9:
46:8c:ab:e2:5f:7d:e7:6c:00:76:d4:c7:97:08:51:73:41:35:
2d:13:f0:49:b8:e5:19:be:72:8c:ae:6a:6c:16:2f:f5:d6:47:
17:49:d2:06:e9:89:dd:15:3d:2b:02:f7:87:a5:b9:d3:1e:32:
cc:a2:5e:37:6c:ae:c9:3a:d4:6d:7d:58:98:77:93:ba:e2:7f:
a2:f3:0b:ff:29:35:d1:0d:41:e9:d8:0d:f3:0b:99:be:9e:74:
53:cc:b7:a1:a5:bf:2e:c1:c3:11:34:c3:59:13:ff:5d:4e:52:
18:e8:25:80:03:8b:68:58:ce:eb:f9:83:0f:36:b2:f8:ee:1b:
19:61:c6:65:a0:29:58:81:da:3f:9c:c8:41:3e:62:39:5d:ed:
ec:14:4d:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZzmQbHV5qtTPxu9juNbL92DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4Mjk3OTJlM2ZmMjFmYzM1ODI3ZjY4YTc4YzgwNTAwMTVj
NjZhNzIwHhcNMjYwMzEzMDgxMzEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWE1ZTg3OTExNjhmMjg2NDg2NmU0ZDhkZGRiOGU3YjlmNDE1MDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMDonczBRs+2CFs0dI2OYxKQX0Al
BcDu2AmvWpxGt+C7BdU+TUulZW79DCydcHXrEsU9TQHC4K0ZUwrUihMwHtcAx/t4
i40723cMUhP7UNXLX54xJbDXORg0JMAE11U1/86cKMoyZPaqJdG4aeo/FH2Q+EL6
3LTErKSPbYtNf6+naxqWPWVANi84TYNs6u2qkEMcf3ijHrc/g6f7gvsj0zcgxj5g
+iT/SpyEVRmqvPG2qcNIAFUVar43DX29pt+3pgr8ML9WHg83XyqBjjF2Rh4H7Esm
s1U+HTwqDTa6IYdeQLIJ1GbKDD2qVFtUg6nQpowS+Usb4eaSyvBENsIXJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCGl6HkRaPKGSGbk2N3bjnufQVAnMB8GA1UdIwQY
MBaAFIgpeS4/8h/DWCf2injIBQAVxmpyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUNsNUxqX3lIOE5ZSl9hS2VNZ0ZBQlhHYW5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC82ZjM4NWUtN2ZlMS00OWFkLTgxZmIt
MTg4MmY0YzI3NmNkLzEvSWFYb2VSRm84b1pJWnVUWTNkdU9lNTlCVUNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC82ZjM4NWUtN2ZlMS00OWFkLTgxZmItMTg4MmY0YzI3NmNk
LzEvaUNsNUxqX3lIOE5ZSl9hS2VNZ0ZBQlhHYW5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCBfwkMA8E
AgACMAkDBwAqD8rAAAAwDQYJKoZIhvcNAQELBQADggEBAJEFBc4x8iF/1MX0/r7i
/0FAVsGeh3YmGimQuJYpegWNaunHZKqPg0l22EGTu6lFbDm1f6mgFkrOmLhO+IWX
DICbNDeHqsXch9l64vaVl9A5HPbU6VxM7vtKKlPYgHdQ6eiB9Yc6Oxnyi+CN+UaM
q+JffedsAHbUx5cIUXNBNS0T8Em45Rm+coyuamwWL/XWRxdJ0gbpid0VPSsC94el
udMeMsyiXjdsrsk61G19WJh3k7rif6LzC/8pNdENQenYDfMLmb6edFPMt6Glvy7B
wxE0w1kT/11OUhjoJYADi2hYzuv5gw82svjuGxlhxmWgKViB2j+cyEE+Yjld7ewU
Tcs=
-----END CERTIFICATE-----
Generated at Sat Mar 28 12:15:30 2026 by rpki-client