Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/c4lsPyd4cpFicIZwKU98w85IpDQ.roa
File: c4lsPyd4cpFicIZwKU98w85IpDQ.roa (raw, json)
Hash identifier: ThB884jtXpAlh0hhjP2oM0ayjGvDeFAGZKTVyOttja4=
Subject key identifier: 73:89:6C:3F:27:78:72:91:62:70:86:70:29:4F:7C:C3:CE:48:A4:34
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 019DDF78A42D01C3AE410F6B8659547362CA
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/c4lsPyd4cpFicIZwKU98w85IpDQ.roa
Signing time: Thu 30 Apr 2026 17:38:38 +0000
ROA not before: Thu 30 Apr 2026 17:38:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198154
IP address blocks: 5.57.38.0/24 maxlen: 24
37.32.47.0/24 maxlen: 24
178.239.145.0/24 maxlen: 24
185.215.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:df:78:a4:2d:01:c3:ae:41:0f:6b:86:59:54:73:62:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Apr 30 17:38:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=73896c3f2778729162708670294f7cc3ce48a434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:84:f3:72:9c:4b:56:0e:55:3c:23:8e:83:d7:
ea:41:82:f7:58:74:b8:ad:d7:04:7d:d0:27:65:11:
e0:64:d3:af:42:13:e6:72:8b:75:61:d8:33:ea:69:
54:0e:ad:de:23:a7:24:e9:9e:9e:29:4c:73:ae:f2:
06:ff:32:f4:a3:c0:03:ce:c1:cb:e2:2f:32:2b:a0:
35:2f:8a:e1:84:7a:d9:58:2d:9f:10:73:e3:ea:05:
01:83:eb:f1:d9:4c:ce:3f:cd:37:e4:89:05:8b:ae:
43:4b:ca:bb:4d:89:b0:e8:4f:9e:66:46:0b:a6:58:
02:94:0e:b8:e4:fc:93:5c:12:95:b4:25:e5:cb:ae:
af:be:52:ae:b0:fe:bc:f8:18:13:11:7c:ca:ae:ed:
2a:5d:e7:f0:c2:43:05:40:9e:53:95:dd:bb:e0:ca:
56:2f:e4:84:f9:3f:9c:08:79:bd:a9:97:f5:5d:8b:
e5:6b:bc:6a:95:df:33:ee:8b:eb:7e:9f:cd:9c:39:
28:cf:a5:96:d4:4e:81:96:3f:4d:51:ba:d6:2f:20:
2f:54:2a:e2:df:04:82:87:df:72:9b:81:a8:86:4a:
2c:55:a4:15:42:36:f3:93:bc:eb:8d:b2:0c:ea:9b:
03:a1:c0:ab:14:cc:cb:38:87:99:b9:a0:1f:b1:39:
85:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:89:6C:3F:27:78:72:91:62:70:86:70:29:4F:7C:C3:CE:48:A4:34
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/c4lsPyd4cpFicIZwKU98w85IpDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.38.0/24
37.32.47.0/24
178.239.145.0/24
185.215.231.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:71:65:fa:8b:89:05:b7:10:a2:9e:41:e7:b8:00:32:2e:bb:
04:e3:51:b1:91:c0:04:32:10:70:06:98:a7:9f:9d:59:1f:08:
1c:86:9d:2d:9d:9d:14:63:4c:4b:ce:41:77:14:00:bd:55:a1:
bb:a5:60:af:20:6b:a6:75:fe:0d:fe:23:61:1f:01:b0:ae:45:
5b:bd:f8:90:ec:38:dd:5b:ae:72:56:ad:d1:3d:2b:17:df:92:
12:3d:61:76:f5:9b:2e:64:87:c6:66:22:d0:32:e4:1c:6d:fb:
b4:21:aa:a7:2c:b7:04:2f:61:15:43:c0:9b:12:bf:35:bb:cb:
2d:81:88:82:77:fb:91:5c:7d:bc:a2:9b:37:7e:28:d5:e3:5c:
d6:35:5c:ba:fc:a8:59:ca:0f:4d:0a:24:28:d3:8b:a4:a7:aa:
86:ae:d3:89:2e:30:fa:02:07:7e:2c:3f:6c:78:2f:21:49:f6:
d7:44:cb:7e:f5:53:52:d0:1e:b6:6e:cb:21:c1:da:1f:31:06:
28:70:8c:03:40:14:95:66:d3:35:dd:c0:e9:82:4d:47:16:cf:
ea:fa:9a:67:24:49:f9:0d:0d:70:50:0a:55:ea:88:1a:8a:a3:
9e:b9:94:3c:37:8f:c0:a0:cf:e5:68:28:49:8e:29:44:f7:7a:
e9:25:a1:d2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ3feKQtAcOuQQ9rhllUc2LKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjYwNDMwMTczODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mzg5NmMzZjI3Nzg3MjkxNjI3MDg2NzAyOTRmN2NjM2NlNDhhNDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApITzcpxLVg5VPCOOg9fqQYL3WHS4
rdcEfdAnZRHgZNOvQhPmcot1Ydgz6mlUDq3eI6ck6Z6eKUxzrvIG/zL0o8ADzsHL
4i8yK6A1L4rhhHrZWC2fEHPj6gUBg+vx2UzOP8035IkFi65DS8q7TYmw6E+eZkYL
plgClA645PyTXBKVtCXly66vvlKusP68+BgTEXzKru0qXefwwkMFQJ5Tld274MpW
L+SE+T+cCHm9qZf1XYvla7xqld8z7ovrfp/NnDkoz6WW1E6Blj9NUbrWLyAvVCri
3wSCh99ym4GohkosVaQVQjbzk7zrjbIM6psDocCrFMzLOIeZuaAfsTmF+QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHOJbD8neHKRYnCGcClPfMPOSKQ0MB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvYzRsc1B5ZDRjcEZpY0lad0tVOTh3ODVJcERRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABTkmAwQA
JSAvAwQAsu+RAwQAudfnMA0GCSqGSIb3DQEBCwUAA4IBAQCwcWX6i4kFtxCinkHn
uAAyLrsE41GxkcAEMhBwBpinn51ZHwgchp0tnZ0UY0xLzkF3FAC9VaG7pWCvIGum
df4N/iNhHwGwrkVbvfiQ7DjdW65yVq3RPSsX35ISPWF29ZsuZIfGZiLQMuQcbfu0
IaqnLLcEL2EVQ8CbEr81u8stgYiCd/uRXH28ops3fijV41zWNVy6/KhZyg9NCiQo
04ukp6qGrtOJLjD6Agd+LD9seC8hSfbXRMt+9VNS0B62bsshwdofMQYocIwDQBSV
ZtM13cDpgk1HFs/q+ppnJEn5DQ1wUApV6ogaiqOeuZQ8N4/AoM/laChJjilE93rp
JaHS
-----END CERTIFICATE-----
Generated at Tue May 12 21:53:08 2026 by rpki-client